diff options
1737 files changed, 64951 insertions, 132037 deletions
diff --git a/DocumentService/.gitignore b/DocumentService/.gitignore deleted file mode 100644 index ea8c4bf7f..000000000 --- a/DocumentService/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/target diff --git a/DocumentService/DBSQL/mysql-connector-java-5.1.27-bin.jar b/DocumentService/DBSQL/mysql-connector-java-5.1.27-bin.jar Binary files differdeleted file mode 100644 index a10268c92..000000000 --- a/DocumentService/DBSQL/mysql-connector-java-5.1.27-bin.jar +++ /dev/null diff --git a/DocumentService/DBSQL/tables.sql b/DocumentService/DBSQL/tables.sql deleted file mode 100644 index 3fa912357..000000000 --- a/DocumentService/DBSQL/tables.sql +++ /dev/null @@ -1,59 +0,0 @@ -CREATE DATABASE STORKTRANSFER; - -USE STORKTRANSFER; - -CREATE TABLE `document` ( - `DOCID` varchar(255) NOT NULL, - `DOCUMENT` longblob, - `FILENAME` varchar(255) DEFAULT NULL, - `MIMETYPE` longtext, - `CREATED` datetime DEFAULT NULL, - `UPDATED` datetime DEFAULT NULL, - `DELETED` datetime DEFAULT NULL, - `RECEIVERCERT` longtext, - `ENCKEY` longtext, - `ENCIV` longtext, - PRIMARY KEY (`DOCID`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; - - -CREATE TABLE `request` ( - `REQUESTID` varchar(255) NOT NULL, - `DOCID` varchar(255) DEFAULT NULL, - `DESTCOUNTRY` varchar(10) NOT NULL, - `SPCOUNTRY` varchar(10) NOT NULL, - `SPID` varchar(255) NOT NULL, - `XMLREQUEST` longtext, - `XMLRESPONSE` longtext, - `REQTIMESTAMP` datetime DEFAULT NULL, - `RESTIMESTAMP` datetime DEFAULT NULL, - PRIMARY KEY (`REQUESTID`), - KEY `docid_idx` (`DOCID`), - CONSTRAINT `docidindex` FOREIGN KEY (`DOCID`) REFERENCES `document` (`DOCID`) ON DELETE NO ACTION ON UPDATE NO ACTION -) ENGINE=InnoDB DEFAULT CHARSET=utf8; - -CREATE TABLE `spid` ( - `ID` int(11) NOT NULL AUTO_INCREMENT, - `SPID` varchar(45) NOT NULL, - `NAME` varchar(100) DEFAULT NULL, - `DESC` varchar(500) DEFAULT NULL, - PRIMARY KEY (`ID`) -) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; -SELECT * FROM STORKTRANSFER.spid; - -CREATE TABLE `temp_document` ( - `DOCID` varchar(255) NOT NULL, - `DOCUMENT` longblob, - `MIMETYPE` longtext, - `CREATED` datetime DEFAULT NULL, - `FETCHED` datetime DEFAULT NULL, - `DELETED` datetime DEFAULT NULL, - `RECEIVERCERT` longtext, - `ENCKEY` longtext, - `ENCIV` longtext, - `SPID` int(11) DEFAULT NULL, - PRIMARY KEY (`DOCID`), - KEY `SPconstraint_idx` (`SPID`), - CONSTRAINT `SPconstraint` FOREIGN KEY (`SPID`) REFERENCES `spid` (`ID`) ON DELETE NO ACTION ON UPDATE NO ACTION -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Temp table for SP documents'; - diff --git a/DocumentService/TomcatLibs/gmbal-api-only.jar b/DocumentService/TomcatLibs/gmbal-api-only.jar Binary files differdeleted file mode 100644 index b062fddaf..000000000 --- a/DocumentService/TomcatLibs/gmbal-api-only.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/ha-api.jar b/DocumentService/TomcatLibs/ha-api.jar Binary files differdeleted file mode 100644 index 4df68e112..000000000 --- a/DocumentService/TomcatLibs/ha-api.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/jaxb-impl-gae.jar b/DocumentService/TomcatLibs/jaxb-impl-gae.jar Binary files differdeleted file mode 100644 index e02f64839..000000000 --- a/DocumentService/TomcatLibs/jaxb-impl-gae.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/jaxb-impl.jar b/DocumentService/TomcatLibs/jaxb-impl.jar Binary files differdeleted file mode 100644 index 77481a426..000000000 --- a/DocumentService/TomcatLibs/jaxb-impl.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/jaxws-api.jar b/DocumentService/TomcatLibs/jaxws-api.jar Binary files differdeleted file mode 100644 index 17e7f04cf..000000000 --- a/DocumentService/TomcatLibs/jaxws-api.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/jaxws-rt.jar b/DocumentService/TomcatLibs/jaxws-rt.jar Binary files differdeleted file mode 100644 index 6290dd36c..000000000 --- a/DocumentService/TomcatLibs/jaxws-rt.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/management-api.jar b/DocumentService/TomcatLibs/management-api.jar Binary files differdeleted file mode 100644 index f7bbc69a7..000000000 --- a/DocumentService/TomcatLibs/management-api.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/policy.jar b/DocumentService/TomcatLibs/policy.jar Binary files differdeleted file mode 100644 index e688eea41..000000000 --- a/DocumentService/TomcatLibs/policy.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/stax-ex.jar b/DocumentService/TomcatLibs/stax-ex.jar Binary files differdeleted file mode 100644 index 1112e3228..000000000 --- a/DocumentService/TomcatLibs/stax-ex.jar +++ /dev/null diff --git a/DocumentService/TomcatLibs/streambuffer.jar b/DocumentService/TomcatLibs/streambuffer.jar Binary files differdeleted file mode 100644 index a0f6c985d..000000000 --- a/DocumentService/TomcatLibs/streambuffer.jar +++ /dev/null diff --git a/DocumentService/WebContent/WEB-INF/glassfish-web.xml b/DocumentService/WebContent/WEB-INF/glassfish-web.xml deleted file mode 100644 index 15746b989..000000000 --- a/DocumentService/WebContent/WEB-INF/glassfish-web.xml +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - -<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd"> -<glassfish-web-app> - <context-root>/DocumentService</context-root> -</glassfish-web-app>
\ No newline at end of file diff --git a/DocumentService/WebContent/WEB-INF/sun-jaxws.xml b/DocumentService/WebContent/WEB-INF/sun-jaxws.xml deleted file mode 100644 index 06b184d4f..000000000 --- a/DocumentService/WebContent/WEB-INF/sun-jaxws.xml +++ /dev/null @@ -1,4 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<endpoints xmlns="http://java.sun.com/xml/ns/jax-ws/ri/runtime" version="2.0"> - <endpoint name="DocumentService" implementation="eu.stork.documentservice.DocumentServiceImpl" url-pattern="/DocumentService" ></endpoint> -</endpoints>
\ No newline at end of file diff --git a/DocumentService/WebContent/WEB-INF/web.xml b/DocumentService/WebContent/WEB-INF/web.xml deleted file mode 100644 index 30edc9598..000000000 --- a/DocumentService/WebContent/WEB-INF/web.xml +++ /dev/null @@ -1,21 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" - xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" - id="WebApp_ID" version="2.5"> - <display-name>DocumentService</display-name> - <listener> - <listener-class>com.sun.xml.ws.transport.http.servlet.WSServletContextListener</listener-class> - </listener> - <servlet> - <servlet-name>DocumentService</servlet-name> - <servlet-class>com.sun.xml.ws.transport.http.servlet.WSServlet</servlet-class> - <load-on-startup>1</load-on-startup> - </servlet> - <servlet-mapping> - <servlet-name>DocumentService</servlet-name> - <url-pattern>/DocumentService</url-pattern> - </servlet-mapping> - <session-config> - <session-timeout>120</session-timeout> - </session-config> -</web-app>
\ No newline at end of file diff --git a/DocumentService/build.bat b/DocumentService/build.bat deleted file mode 100644 index 2319129b6..000000000 --- a/DocumentService/build.bat +++ /dev/null @@ -1 +0,0 @@ -mvn clean install -P embedded diff --git a/DocumentService/pom.xml b/DocumentService/pom.xml deleted file mode 100644 index 6baac7b46..000000000 --- a/DocumentService/pom.xml +++ /dev/null @@ -1,147 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>eu.stork</groupId> - <artifactId>DocumentService</artifactId> - <version>0.0.1-SNAPSHOT</version> - <name>DocumentService</name> - <description>DTL webservice</description> - <dependencies> - <!-- log4j --> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.17</version> - <exclusions> - <exclusion> - <groupId>javax.jms</groupId> - <artifactId>jms</artifactId> - </exclusion> - <exclusion> - <groupId>com.sun.jdmk</groupId> - <artifactId>jmxtools</artifactId> - </exclusion> - <exclusion> - <groupId>com.sun.jmx</groupId> - <artifactId>jmxri</artifactId> - </exclusion> - <exclusion> - <artifactId>mail</artifactId> - <groupId>javax.mail</groupId> - </exclusion> - </exclusions> - </dependency> - - - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.1</version> - </dependency> - <dependency> - <groupId>mysql</groupId> - <artifactId>mysql-connector-java</artifactId> - <version>5.1.27</version> - </dependency> - <dependency> - <groupId>org.glassfish.jersey.core</groupId> - <artifactId>jersey-common</artifactId> - <version>2.0-m03</version> - </dependency> - - <dependency> - <groupId>org.apache.axis</groupId> - <artifactId>axis</artifactId> - <version>1.4</version> - </dependency> -<!-- <dependency> --> -<!-- <groupId>com.sun.org.apache</groupId> --> -<!-- <artifactId>jaxp-ri</artifactId> --> -<!-- <version>1.4</version> --> -<!-- </dependency> --> - <dependency> - <groupId>com.sun.xml.ws</groupId> - <artifactId>jaxws-tools</artifactId> - <version>2.2.8</version> - </dependency> - <dependency> - <groupId>com.sun.xml.ws</groupId> - <artifactId>jaxws-rt</artifactId> - <version>2.2.8</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>xml-apis</groupId> - <artifactId>xml-apis</artifactId> - <version>1.4.01</version> -</dependency> -<!-- <dependency> --> -<!-- <groupId>org.opensaml</groupId> --> -<!-- <artifactId>opensaml</artifactId> --> -<!-- </dependency> --> - <dependency> - <groupId>javax.xml</groupId> - <artifactId>jaxrpc-api</artifactId> - <version>1.1</version> - </dependency> - <!-- Bouncy Castle --> - <dependency> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk16</artifactId> - <version>1.46</version> - </dependency> - <dependency> - <groupId>com.sun.xml.security</groupId> - <artifactId>xml-security-impl</artifactId> - <version>1.0</version> - </dependency> - <dependency> - <groupId>org.jvnet</groupId> - <artifactId>mimepull</artifactId> - <version>1.6</version> -</dependency> -<dependency> - <groupId>eu.stork</groupId> - <artifactId>SamlEngine</artifactId> - <version>1.4.0</version> - </dependency> - -<!-- <dependency> --> -<!-- <groupId>MOA.id.server</groupId> --> -<!-- <artifactId>moa-id-lib</artifactId> --> -<!-- <version>2.1.0-RC1</version> --> -<!-- <classifier>classes</classifier> --> -<!-- </dependency> --> - </dependencies> - <build> - <finalName>DocumentService</finalName> - <sourceDirectory>src</sourceDirectory> - <resources> - <resource> - <directory>src</directory> - <excludes> - <exclude>**/*.java</exclude> - </excludes> - </resource> - </resources> - <plugins> - <plugin> - <artifactId>maven-compiler-plugin</artifactId> - <version>3.1</version> - <configuration> - <source>1.6</source> - <target>1.6</target> - </configuration> - </plugin> - <plugin> - <artifactId>maven-war-plugin</artifactId> - <version>2.3</version> - <configuration> - <warSourceDirectory>WebContent</warSourceDirectory> - <failOnMissingWebXml>false</failOnMissingWebXml> - <attachClasses>true</attachClasses> - </configuration> - </plugin> - </plugins> - </build> - <packaging>war</packaging> -</project>
\ No newline at end of file diff --git a/DocumentService/src/eu/stork/documentservice/DocumentService.java b/DocumentService/src/eu/stork/documentservice/DocumentService.java deleted file mode 100644 index 9c539312e..000000000 --- a/DocumentService/src/eu/stork/documentservice/DocumentService.java +++ /dev/null @@ -1,83 +0,0 @@ -package eu.stork.documentservice; - -import javax.jws.WebMethod; -import javax.jws.WebService; -import javax.jws.soap.SOAPBinding; -import javax.jws.soap.SOAPBinding.Style; -import javax.jws.soap.SOAPBinding.Use; -import javax.xml.ws.soap.MTOM; - -@MTOM -@WebService(name = "DocumentService", targetNamespace = "http://stork.eu") -@SOAPBinding(style = Style.DOCUMENT, use = Use.LITERAL) -/** - * - * @author Advania - * - */ -public interface DocumentService { - - /** - * Add document to DTL layer - * @param document the document to add - * @param xmlRequest the original dss xml request - * @param country the destination country - * @param SpId the sp id - * @param mimeType the document mime type - * @param receiverCert the receiver certificate (for encryption, not implemented now) - * @return the document id (docId) - */ - @WebMethod(operationName = "addDocument") - public String addDocument(byte[] document, String xmlRequest, String country, String SpId, String mimeType, String receiverCert); - - /** - * Get document from DTL - * @param documentTransferRequest the document transfer request (attribute query saml) - * @param dtlUrl the url of dtl - * @return the document found - */ - @WebMethod(operationName = "getDocument") - public byte[] getDocument(String documentTransferRequest, String dtlUrl); - - /** - * Get document mime type of document - * @param docId the document id - * @param dtlUrl the url of dtl - * @return the document mime type - */ - @WebMethod(operationName = "getDocumentMime") - public String getDocumentMime(String docId, String dtlUrl); - - /** - * Update document in dtl - * @param docId the id of document (docId) - * @param xmlResponse the dss xml response - * @param document the document data - * @return true if successful - */ - @WebMethod(operationName = "updateDocument") - public boolean updateDocument(String docId, String xmlResponse, byte[] document); - - /** - * Add document to DTL layer which SP has uploaded - * @param docId the document ID of document - * @param xmlRequest the original dss xml request - * @param country the destination country - * @param SpId the sp id - * @param mimeType the document mime type - * @param receiverCert the receiver certificate (for encryption, not implemented now) - * @return the full document ID - */ - @WebMethod(operationName = "addSPDocument") - public String addSPDocument(String docId, String xmlRequest, String country, String SpId, String receiverCert); - - /** - * Update document in DTL and prepare for SP - * @param documentTransferRequest the document transfer request (attribute query saml) - * @param dtlUrl the url of the dtl - * @param xmlResponse the xml response - * @return true if successful - */ - @WebMethod(operationName = "updateSPDocument") - public boolean updateSPDocument(String documentTransferRequest, String dtlUrl, String xmlResponse); -} diff --git a/DocumentService/src/eu/stork/documentservice/DocumentServiceImpl.java b/DocumentService/src/eu/stork/documentservice/DocumentServiceImpl.java deleted file mode 100644 index 913c2f704..000000000 --- a/DocumentService/src/eu/stork/documentservice/DocumentServiceImpl.java +++ /dev/null @@ -1,522 +0,0 @@ -package eu.stork.documentservice; - -import java.util.Date; -import java.util.Properties; -import java.util.UUID; - -import javax.jws.WebService; -import javax.xml.ws.WebServiceException; -import javax.xml.ws.soap.MTOM; - -import org.apache.log4j.Logger; - -import com.sun.tools.ws.processor.model.ModelException; - -import eu.stork.documentservice.data.DatabaseConnector; -import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl; -import eu.stork.documentservice.model.DocumentModel; -import eu.stork.documentservice.model.RequestModel; -import eu.stork.documentservice.model.TempDocumentModel; -import eu.stork.documentservice.utils.ExternalDocservice; -import eu.stork.documentservice.utils.XmlHelper; - -@MTOM(threshold=500) -@WebService(endpointInterface = "eu.stork.documentservice.DocumentService", targetNamespace = "http://stork.eu", portName = "DocumentServicePort", serviceName = "DocumentService") -public class DocumentServiceImpl implements DocumentService -{ - //final static String PATH = "C:/Temp/upload/"; - static String COUNTRY; - private DatabaseConnector conn; - private Properties props = new Properties(); - private static final Logger LOG = Logger.getLogger(DocumentServiceImpl.class.getName()); - - @Override - public String addDocument(byte[] document, String xmlRequest, String destinationCountry, String SpId, String mimeType, String receiverCert) { - String returnMessage = ""; - if (document != null) - { - try - { - LOG.trace("Adding document starting, document size: " + Integer.toString(document.length) - + ", destination country: " + destinationCountry + ", SP Id: " + SpId - + ", mime type: " + mimeType + ", receiver cert: " + receiverCert); - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - COUNTRY = props.getProperty("peps.country"); - RequestModel request = new RequestModel(); - request.setDestcountry(destinationCountry); - request.setSpcountry(COUNTRY); - request.setSpid(SpId); - request.setRequestid(XmlHelper.getRequestId(xmlRequest)); - request.setXmlrequest(xmlRequest); - - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - boolean ok = conn.addRequest(request); - if (ok) - { - LOG.trace("Request added."); - DocumentModel doc = new DocumentModel(); - doc.setDocid(UUID.randomUUID().toString()); - doc.setDocument(document); - doc.setMimetype(mimeType); - doc.setReicevercert(receiverCert); - ok = conn.addDocument(doc); - if (ok) - { - LOG.trace("Document added."); - RequestModel req = conn.getRequest(request.getRequestid()); - if (req != null) - { - LOG.trace("Request found."); - req.setDocid(doc.getDocid()); - if (conn.updateRequest(req)) - returnMessage = req.getFullDocID(); - else - { - LOG.warn("Could not update request."); - throw new WebServiceException("Could not update request."); - } - } - } - else - { - LOG.warn("Could not add document."); - throw new WebServiceException("Could not add document."); - } - } - else - { - LOG.warn("Could not add request."); - throw new WebServiceException("Could not add request."); - } - } - catch (ModelException e) - { - LOG.error("Invalid model in input", e); - e.printStackTrace(); - throw new WebServiceException("Invalid input.", e); - } - catch (Exception e) - { - LOG.error("Exception in addDocument.", e); - e.printStackTrace(); - throw new WebServiceException("Upload Failed"); - } - LOG.trace("Add document ending, return message: " + returnMessage); - return returnMessage; - } - else - throw new WebServiceException("No document to upload."); - } - - @Override - public byte[] getDocument(String documentTransferRequest, String dtlUrl) - { - try - { - String docId = XmlHelper.verifyRequest(documentTransferRequest); - if (docId != null && !docId.isEmpty()) - { - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - String ownDtlUrl = props.getProperty("docservice.url"); - LOG.trace("Getting document starting for docId: " + docId); - if (dtlUrl != null && !dtlUrl.isEmpty() && !ownDtlUrl.equalsIgnoreCase(dtlUrl)) - { - LOG.trace("Getting document from external DTL for docId: " + docId); - byte[] documentData = ExternalDocservice.getDocument(documentTransferRequest, dtlUrl); - if (documentData != null) - { - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - DocumentModel doc = conn.getDocument(docId); - if (doc != null) - { - doc.setDocument(documentData); - conn.updateDocument(doc); - } - else - { - doc = new DocumentModel(); - doc.setDocid(docId); - doc.setDocument(documentData); - doc.setMimetype(ExternalDocservice.getDocumentMime(docId, dtlUrl)); - //TODO handle cert - doc.setReicevercert(""); - conn.addDocument(doc); - } - } - - LOG.trace("Getting document from external DTL ending."); - return documentData; - } - else - { - LOG.trace("Getting document from database for docId: " + docId); - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - DocumentModel doc = conn.getDocument(docId); - LOG.trace("Getting document from database ending."); - return doc.getDocument(); - } - } - else - { - LOG.warn("Document id is null"); - throw new WebServiceException("Document Id is null"); - } - } - catch (Exception e) - { - LOG.error("Exception in getDocument.", e); - e.printStackTrace(); - throw new WebServiceException("Download Failed", e); - } - } - - @Override - /** - * Get document mime type - */ - public String getDocumentMime(String docId, String dtlUrl) - { - try - { - if (docId != null && !docId.isEmpty()) - { - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - String ownDtlUrl = props.getProperty("docservice.url"); - docId = XmlHelper.StripDocId(docId); - LOG.trace("Getting mime starting for docId: " + docId); - if (dtlUrl != null && !dtlUrl.isEmpty() && !ownDtlUrl.equalsIgnoreCase(dtlUrl)) - { - LOG.trace("Getting mime from external DTL for docId: " + docId); - String documentMime = ExternalDocservice.getDocumentMime(docId, dtlUrl); - if (documentMime != null && !documentMime.isEmpty()) - { - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - DocumentModel doc = conn.getDocument(docId); - if (doc != null) - { - doc.setMimetype(documentMime); - conn.updateDocument(doc); - } - } - LOG.trace("Getting mime from external DTL ending, docId: " + docId + ", mime " + documentMime); - return documentMime; - } - else - { - LOG.trace("Getting mime from dabase for docId: " + docId); - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - DocumentModel doc = conn.getDocument(docId); - LOG.trace("Getting mime from database ending, docId: " + docId + ", mime " + doc.getMimetype()); - return doc.getMimetype(); - } - } - else - { - LOG.warn("Document id is null"); - throw new WebServiceException("Document Id is null"); - } - } - catch (Exception e) - { - LOG.error("Exception in getDocumentMime.", e); - e.printStackTrace(); - throw new WebServiceException("Download Failed", e); - } - } - - @Override - /** - * Update document in document service - */ - public boolean updateDocument(String docId, String xmlResponse, byte[] document) - { - boolean success = false; - if (docId != null && !docId.isEmpty()) - { - if (document != null) - { - try - { - docId = XmlHelper.StripDocId(docId); - LOG.trace("Starting document update for docId: " + docId); - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - DocumentModel doc = conn.getDocument(docId); - if(doc != null) - { - doc.setDocument(document); - success = conn.updateDocument(doc); - if (success && xmlResponse != null && !xmlResponse.isEmpty()) - { - RequestModel request = conn.getRequestByDocId(docId); - if (request != null) - { - request.setXmlresponse(xmlResponse); - request.setRestimestamp(new Date()); - success = conn.updateRequest(request); - } - } - LOG.trace("Document " + docId + " updated successfully: " + Boolean.toString(success)); - } - else - { - LOG.warn("No document found for docId: " + docId); - throw new WebServiceException("Document is null"); - } - } - catch (Exception e) - { - LOG.error("Exception in updateDocument.", e); - e.printStackTrace(); - throw new WebServiceException("Update Failed", e); - } - } - } - else - { - LOG.warn("Document id is null"); - throw new WebServiceException("Document Id is null"); - } - - return success; - } - - @Override - public String addSPDocument(String docId, String xmlRequest, String destinationCountry, String SpId, String receiverCert) - { - String returnMessage = ""; - if (docId != null && !docId.isEmpty()) - { - try - { - LOG.trace("Adding document starting, document ID: " + docId - + ", destination country: " + destinationCountry + ", SP Id: " + SpId - + ", receiver cert: " + receiverCert); - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - COUNTRY = props.getProperty("peps.country"); - RequestModel request = new RequestModel(); - request.setDestcountry(destinationCountry); - request.setSpcountry(COUNTRY); - request.setSpid(SpId); - request.setRequestid(XmlHelper.getRequestId(xmlRequest)); - request.setXmlrequest(xmlRequest); - - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - boolean ok = conn.addRequest(request); - if (ok) - { - LOG.trace("Request added."); - LOG.trace("Getting temp document."); - TempDocumentModel tempDoc = conn.getTempDocument(docId); - if (tempDoc != null) - { - LOG.trace("Got temp document."); - conn.updateTempDocument(tempDoc); - LOG.trace("Temp document updated."); - DocumentModel doc = new DocumentModel(); - doc.setDocid(tempDoc.getDocid()); - doc.setDocument(tempDoc.getDocument()); - doc.setMimetype(tempDoc.getMimetype()); - doc.setReicevercert(receiverCert); - ok = conn.addDocument(doc); - if (ok) - { - LOG.trace("Document added."); - RequestModel req = conn.getRequest(request.getRequestid()); - if (req != null) - { - LOG.trace("Request found."); - req.setDocid(doc.getDocid()); - if (conn.updateRequest(req)) - returnMessage = req.getFullDocID(); - else - { - LOG.warn("Could not update request."); - throw new WebServiceException("Could not update request."); - } - } - } - else - { - LOG.warn("Could not add document."); - throw new WebServiceException("Could not add document."); - } - } - else - { - LOG.warn("No document found with id " + docId); - throw new WebServiceException("No document found."); - } - } - else - { - LOG.warn("Could not add request."); - throw new WebServiceException("Could not add request."); - } - } - catch (ModelException e) - { - LOG.error("Invalid model in input", e); - e.printStackTrace(); - throw new WebServiceException("Invalid input.", e); - } - catch (Exception e) - { - LOG.error("Exception in addSPDocument.", e); - e.printStackTrace(); - throw new WebServiceException("Upload Failed"); - } - LOG.trace("Add SP document ending, return message: " + returnMessage); - } - else - { - LOG.warn("Document id is null"); - throw new WebServiceException("Document Id is null"); - } - - return returnMessage; - } - - @Override - public boolean updateSPDocument(String documentTransferRequest, String dtlUrl, String xmlResponse) - { - boolean success = false; - if (documentTransferRequest != null && !documentTransferRequest.isEmpty()) - { - if (xmlResponse != null && !xmlResponse.isEmpty()) - { - try - { - String docId = XmlHelper.verifyRequest(documentTransferRequest); - LOG.trace("Document transfer requst ok. Doc ID: " + docId); - if (dtlUrl == null || dtlUrl.isEmpty()) - { - LOG.trace("Starting SP document update from database for docId: " + docId); - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - DocumentModel doc = conn.getDocument(docId); - if(doc != null) - { - TempDocumentModel tempDoc = conn.getTempDocument(docId); - tempDoc.setDocument(doc.getDocument()); - success = conn.updateTempDocument(tempDoc); - if (success && xmlResponse != null && !xmlResponse.isEmpty()) - { - RequestModel request = conn.getRequestByDocId(docId); - if (request != null) - { - request.setXmlresponse(xmlResponse); - request.setRestimestamp(new Date()); - if (conn.updateRequest(request)) - { - LOG.trace("Request updated."); - success = true; - } - else - { - LOG.warn("Could not update request with id " + request.getRequestid()); - throw new WebServiceException("Update SP document failed"); - } - } - } - LOG.trace("Document " + docId + " updated successfully: " + Boolean.toString(success)); - } - else - { - LOG.warn("No document found for docId: " + docId); - throw new WebServiceException("Document is null"); - } - } - else - { - LOG.trace("Starting SP document update from external DTL for docId: " + docId); - byte[] documentData = ExternalDocservice.getDocument(documentTransferRequest, dtlUrl); - if (documentData != null) - { - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - DocumentModel doc = conn.getDocument(docId); - if (doc != null) - { - LOG.trace("Document found"); - doc.setDocument(documentData); - if (conn.updateDocument(doc)) - { - LOG.trace("Document updated"); - TempDocumentModel tempDoc = conn.getTempDocument(docId); - if (tempDoc != null) - { - LOG.trace("Temp document found"); - tempDoc.setDocument(documentData); - if (conn.updateTempDocument(tempDoc)) - { - LOG.trace("Temp document updated"); - RequestModel request = conn.getRequestByDocId(docId); - request.setXmlresponse(xmlResponse); - request.setRestimestamp(new Date()); - if (conn.updateRequest(request)) - { - LOG.trace("Request updated"); - success = true; - } - else - { - LOG.warn("Could not update request with doc id " + docId); - throw new WebServiceException("SP update failed"); - } - } - else - { - LOG.warn("Could not update temp document with id " + docId); - throw new WebServiceException("SP update failed"); - } - } - else - { - LOG.warn("Could not find temp document with id " + docId); - throw new WebServiceException("SP update failed"); - } - } - else - { - LOG.warn("Could not update document with id " + docId); - throw new WebServiceException("SP update failed"); - } - } - } - } - } - catch (Exception e) - { - LOG.error("Exception in updateSPDocument.", e); - e.printStackTrace(); - throw new WebServiceException("Update Failed", e); - } - } - else - { - LOG.warn("XML signing response is null or empty"); - throw new WebServiceException("XML signing response is null"); - } - } - else - { - LOG.warn("Document transfer request is null or empty"); - throw new WebServiceException("Document transfer request is null"); - } - - return success; - } -} diff --git a/DocumentService/src/eu/stork/documentservice/SPDocumentService.java b/DocumentService/src/eu/stork/documentservice/SPDocumentService.java deleted file mode 100644 index 35235c644..000000000 --- a/DocumentService/src/eu/stork/documentservice/SPDocumentService.java +++ /dev/null @@ -1,35 +0,0 @@ -package eu.stork.documentservice; - -import javax.jws.WebMethod; -import javax.jws.WebService; -import javax.jws.soap.SOAPBinding; -import javax.jws.soap.SOAPBinding.Style; -import javax.jws.soap.SOAPBinding.Use; -import javax.xml.ws.soap.MTOM; - -@MTOM -@WebService(name = "SPDocumentService", targetNamespace = "http://stork.eu") -@SOAPBinding(style = Style.DOCUMENT, use = Use.LITERAL) -/** - * - * @author Advania - * - */ -public interface SPDocumentService { - - /** - * Add document to temp layer - * @param document the document data to add - * @return the document temp id - */ - @WebMethod(operationName = "addSPSignDocument") - public String addSPSignDocument(byte[] document, String spId, String mimeType, String receiverCert); - - /** - * Get document from Temp layer - * @param docId the document id - * @return the document found - */ - @WebMethod(operationName = "getSPDocument") - public byte[] getSPDocument(String docId, String spId); -} diff --git a/DocumentService/src/eu/stork/documentservice/SPDocumentServiceImpl.java b/DocumentService/src/eu/stork/documentservice/SPDocumentServiceImpl.java deleted file mode 100644 index e89ed8c0c..000000000 --- a/DocumentService/src/eu/stork/documentservice/SPDocumentServiceImpl.java +++ /dev/null @@ -1,126 +0,0 @@ -package eu.stork.documentservice; - -import java.util.Properties; -import java.util.UUID; - -import javax.jws.WebService; -import javax.xml.ws.WebServiceException; -import javax.xml.ws.soap.MTOM; - -import org.apache.log4j.Logger; - -import com.sun.tools.ws.processor.model.ModelException; - -import eu.stork.documentservice.data.DatabaseConnector; -import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl; -import eu.stork.documentservice.model.TempDocumentModel; -import eu.stork.documentservice.utils.XmlHelper; - -@MTOM(threshold=500) -@WebService(endpointInterface = "eu.stork.documentservice.SPDocumentService", targetNamespace = "http://stork.eu", portName = "SPDocumentServicePort", serviceName = "SPDocumentService") -public class SPDocumentServiceImpl implements SPDocumentService { - - static String COUNTRY; - private DatabaseConnector conn; - private Properties props = new Properties(); - private static final Logger LOG = Logger.getLogger(DocumentServiceImpl.class.getName()); - - @Override - public String addSPSignDocument(byte[] document, String SpId, String mimeType, String receiverCert) - { - String returnMessage = ""; - if (document != null) - { - try - { - LOG.trace("Adding temp document starting, document size: " + Integer.toString(document.length) - + ", SP Id: " + SpId + ", mime type: " + mimeType + " receiver cert: " + receiverCert); - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - COUNTRY = props.getProperty("peps.country"); - - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - - TempDocumentModel doc = new TempDocumentModel(); - doc.setDocid(UUID.randomUUID().toString()); - doc.setDocument(document); - doc.setSpid(SpId); - doc.setMimetype(mimeType); - doc.setReicevercert(receiverCert); - if (conn.addTempDocument(doc)) - { - LOG.trace("Document added successfully. DocID: " + doc.getDocid()); - returnMessage = doc.getDocid(); - } - else - { - LOG.warn("Could not add document."); - throw new WebServiceException("Could not add document."); - } - } - catch (ModelException e) - { - LOG.error("Invalid model in input", e); - e.printStackTrace(); - throw new WebServiceException("Invalid input.", e); - } - catch (Exception e) - { - LOG.error("Exception in SP addDocument.", e); - e.printStackTrace(); - throw new WebServiceException("Upload Failed"); - } - LOG.trace("Add document ending, return message: " + returnMessage); - return returnMessage; - } - else - throw new WebServiceException("No document to upload."); - } - - @Override - public byte[] getSPDocument(String docId, String spId) - { - try - { - if (docId != null && !docId.isEmpty()) - { - LOG.trace("Getting temp document from database for docId: " + docId); - docId = XmlHelper.StripDocId(docId); - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - conn = new DatabaseConnectorMySQLImpl(props.getProperty("sql.user"), props.getProperty("sql.password"), - props.getProperty("sql.server"), props.getProperty("sql.database")); - TempDocumentModel doc = conn.getTempDocument(docId); - if (doc != null) - { - LOG.trace("Document found."); - if (doc.getSpid().equals(spId)) - { - LOG.trace("Getting document from database ending. Document supplied."); - return doc.getDocument(); - } - else - { - LOG.warn("Document SP ID of " + doc.getSpid() + " does not match sent SP ID of " + spId); - throw new WebServiceException("Incorrect SP ID."); - } - } - else - { - LOG.warn("Document is null"); - throw new WebServiceException("Document is null."); - } - } - else - { - LOG.warn("Document id is null or empty."); - throw new WebServiceException("Document Id is null"); - } - } - catch (Exception e) - { - LOG.error("Exception in SP getDocument.", e); - e.printStackTrace(); - throw new WebServiceException("Download Failed", e); - } - } -} diff --git a/DocumentService/src/eu/stork/documentservice/data/DatabaseConnector.java b/DocumentService/src/eu/stork/documentservice/data/DatabaseConnector.java deleted file mode 100644 index 26bd0c405..000000000 --- a/DocumentService/src/eu/stork/documentservice/data/DatabaseConnector.java +++ /dev/null @@ -1,117 +0,0 @@ -package eu.stork.documentservice.data; - -import eu.stork.documentservice.exceptions.DatabaseException; -import eu.stork.documentservice.model.DocumentModel; -import eu.stork.documentservice.model.RequestModel; -import eu.stork.documentservice.model.TempDocumentModel; - -public interface DatabaseConnector { - - /** - * Add document to database - * @param document The document model to add - * @return True if successful - * @throws DatabaseException - */ - public abstract boolean addDocument(DocumentModel document) - throws DatabaseException; - - /** - * Update document in database - * @param document The document model to update - * @return True if successful - * @throws DatabaseException - */ - public abstract boolean updateDocument(DocumentModel document) - throws DatabaseException; - - /** - * Get Document from database - * @param docId Document ID - * @return The document found - * @throws DatabaseException - */ - public abstract DocumentModel getDocument(String docId) - throws DatabaseException; - - /** - * Delete Document from database - * @param docId Document ID - * @return true if successful - * @throws DatabaseException - */ - public abstract boolean deleteDocument(String docId) - throws DatabaseException; - - /** - * Add request to database - * @param request The request to add - * @return True if successful - * @throws DatabaseException - */ - public abstract boolean addRequest(RequestModel request) - throws DatabaseException; - - /** - * Get request from database - * @param requestId The request id - * @return The request found - * @throws DatabaseException - */ - public abstract RequestModel getRequest(String requestId) - throws DatabaseException; - - /** - * Get request from database - * @param docId The document id - * @return The request found - * @throws DatabaseException - */ - public abstract RequestModel getRequestByDocId(String docId) - throws DatabaseException; - - /** - * Update request in database - * @param request The request to update - * @return True if successful - * @throws DatabaseException - */ - public abstract boolean updateRequest(RequestModel request) - throws DatabaseException; - - /** - * Add temp document to database - * @param document The document model to add - * @return True if successful - * @throws DatabaseException - */ - public abstract boolean addTempDocument(TempDocumentModel document) - throws DatabaseException; - - /** - * Get temp document from database - * @param docId Document ID - * @return The document found - * @throws DatabaseException - */ - public abstract TempDocumentModel getTempDocument(String docId) - throws DatabaseException; - - /** - * Update temp document in database - * @param document The document model to update - * @return True if successful - * @throws DatabaseException - */ - public abstract boolean updateTempDocument(TempDocumentModel document) - throws DatabaseException; - - /** - * Delete temp document from database - * @param docId Document ID - * @return true if successful - * @throws DatabaseException - */ - public abstract boolean deleteTempDocument(String docId) - throws DatabaseException; -}
\ No newline at end of file diff --git a/DocumentService/src/eu/stork/documentservice/data/DatabaseConnectorMySQLImpl.java b/DocumentService/src/eu/stork/documentservice/data/DatabaseConnectorMySQLImpl.java deleted file mode 100644 index e4506e17d..000000000 --- a/DocumentService/src/eu/stork/documentservice/data/DatabaseConnectorMySQLImpl.java +++ /dev/null @@ -1,725 +0,0 @@ -package eu.stork.documentservice.data; - -import java.sql.Connection; -import java.sql.DriverManager; -import java.sql.PreparedStatement; -import java.sql.ResultSet; -import java.sql.SQLException; - -import eu.stork.documentservice.exceptions.DatabaseException; -import eu.stork.documentservice.exceptions.ModelException; -import eu.stork.documentservice.model.DocumentModel; -import eu.stork.documentservice.model.RequestModel; -import eu.stork.documentservice.model.TempDocumentModel; - -public class DatabaseConnectorMySQLImpl implements DatabaseConnector { - - private String user; - private String password; - private String server; - private String database; - - /** - * The MYSQL connector constructor - * @author sveinbjorno - * @param _user the database user - * @param _password the users password - * @param _server the mysql server - * @param _database the mysql database - */ - public DatabaseConnectorMySQLImpl(String _user, String _password, String _server, String _database) - { - user = _user; - password = _password; - server = _server; - database = _database; - try { - Class.forName("com.mysql.jdbc.Driver").newInstance(); - } catch (InstantiationException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (IllegalAccessException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (ClassNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - /* (non-Javadoc) - * @see eu.stork.documentservice.data.DatabaseConnector#addDocument(eu.stork.documentservice.model.DocumentModel) - */ - @Override - public boolean addDocument(DocumentModel document) throws DatabaseException - { - boolean successful = false; - Connection con = null; - PreparedStatement pst = null; - - try - { - document.insertValidate(); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - - pst = con.prepareStatement("INSERT INTO document(DOCID, DOCUMENT, FILENAME, MIMETYPE, CREATED, RECEIVERCERT, " - + "ENCKEY, ENCIV) VALUES(?, ?, ?, ?, ?, ?, ?, ?)"); - pst.setString(1, document.getDocid()); - pst.setBlob(2, document.getDataStream()); - pst.setString(3, document.getFilename()); - pst.setString(4, document.getMimetype()); - pst.setTimestamp(5, DatabaseHelper.getSqlCurrentDate()); - pst.setString(6, document.getReicevercert()); - pst.setString(7, document.getEnckey()); - pst.setString(8, document.getEnciv()); - pst.executeUpdate(); - successful = true; - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - catch (ModelException mex) - { - throw new DatabaseException(mex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - return successful; - } - - /* (non-Javadoc) - * @see eu.stork.documentservice.data.DatabaseConnector#updateDocument(eu.stork.documentservice.model.DocumentModel) - */ - @Override - public boolean updateDocument(DocumentModel document) throws DatabaseException - { - boolean successful = false; - Connection con = null; - PreparedStatement pst = null; - - try - { - document.updateValidate(); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - - pst = con.prepareStatement("update document set DOCUMENT = ?, FILENAME = ?, MIMETYPE = ?, UPDATED = ?, " - + "RECEIVERCERT = ?, ENCKEY = ?, ENCIV = ? where DOCID = ?"); - pst.setBlob(1, document.getDataStream()); - pst.setString(2, document.getFilename()); - pst.setString(3, document.getMimetype()); - pst.setTimestamp(4, DatabaseHelper.getSqlCurrentDate()); - pst.setString(5, document.getReicevercert()); - pst.setString(6, document.getEnckey()); - pst.setString(7, document.getEnciv()); - pst.setString(8, document.getDocid()); - pst.executeUpdate(); - successful = true; - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - catch (ModelException mex) - { - throw new DatabaseException(mex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - return successful; - } - - /* (non-Javadoc) - * @see eu.stork.documentservice.data.DatabaseConnector#getDocument(java.lang.String) - */ - @Override - public DocumentModel getDocument(String docId) throws DatabaseException - { - DocumentModel document = null; - Connection con = null; - PreparedStatement pst = null; - - try - { - if (docId == null || docId.isEmpty()) - throw new DatabaseException("Document ID is null or empty."); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - String commandString = "select DOCUMENT, FILENAME, MIMETYPE, CREATED, UPDATED, DELETED, RECEIVERCERT, ENCKEY, ENCIV " - + "from document where DOCID = ?"; - - pst = con.prepareStatement(commandString); - pst.setString(1, docId); - - ResultSet set = pst.executeQuery(); - if (set.next()) - { - document = new DocumentModel(); - document.setDocid(docId); - document.setDataStream(set.getBinaryStream(1)); - document.setFilename(set.getString(2)); - document.setMimetype(set.getString(3)); - document.setCreated(DatabaseHelper.getUtilDate(set.getTimestamp(4))); - document.setUpdated(DatabaseHelper.getUtilDate(set.getTimestamp(5))); - document.setDeleted(DatabaseHelper.getUtilDate(set.getTimestamp(6))); - document.setReicevercert(set.getString(7)); - document.setEnckey(set.getString(8)); - document.setEnciv(set.getString(9)); - } - } - catch (ModelException mex) - { - throw new DatabaseException(mex); - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - - return document; - } - - /* (non-Javadoc) - * @see eu.stork.documentservice.data.DatabaseConnector#deleteDocument(java.lang.String) - */ - @Override - public boolean deleteDocument(String docId) throws DatabaseException - { - boolean successful = false; - Connection con = null; - PreparedStatement pst = null; - - try - { - if (docId == null || docId.isEmpty()) - throw new DatabaseException("Document ID is null or empty."); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - String commandString = "update document set document = null, deleted = ? where DOCID = ?"; - - pst = con.prepareStatement(commandString); - pst.setTimestamp(1, DatabaseHelper.getSqlCurrentDate()); - pst.setString(2, docId); - - pst.executeUpdate(); - successful = true; - - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - - return successful; - } - - /* (non-Javadoc) - * @see eu.stork.documentservice.data.DatabaseConnector#addRequest(eu.stork.documentservice.model.RequestModel) - */ - @Override - public boolean addRequest(RequestModel request) throws DatabaseException - { - boolean successful = false; - Connection con = null; - PreparedStatement pst = null; - - try - { - request.insertValidate(); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - - pst = con.prepareStatement("INSERT INTO request(REQUESTID, DOCID, DESTCOUNTRY, SPCOUNTRY, " - + "SPID, XMLREQUEST, REQTIMESTAMP) VALUES(?, ?, ?, ?, ?, ?, ?)"); - pst.setString(1, request.getRequestid()); - pst.setString(2, request.getDocid()); - pst.setString(3, request.getDestcountry()); - pst.setString(4, request.getSpcountry()); - pst.setString(5, request.getSpid()); - pst.setString(6, request.getXmlrequest()); - pst.setTimestamp(7, DatabaseHelper.getSqlCurrentDate()); - pst.executeUpdate(); - successful = true; - } - catch (ModelException mex) - { - throw new DatabaseException(mex); - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - return successful; - } - - /* (non-Javadoc) - * @see eu.stork.documentservice.data.DatabaseConnector#getRequest(java.lang.String) - */ - @Override - public RequestModel getRequest(String requestId) throws DatabaseException - { - RequestModel request = null; - Connection con = null; - PreparedStatement pst = null; - - try - { - if (requestId == null || requestId.isEmpty()) - throw new DatabaseException("Request ID is null or empty."); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - String commandString = "select DOCID, DESTCOUNTRY, SPCOUNTRY, SPID, XMLREQUEST, XMLRESPONSE, REQTIMESTAMP, " - + "RESTIMESTAMP from request where REQUESTID = ?"; - - pst = con.prepareStatement(commandString); - pst.setString(1, requestId); - - ResultSet set = pst.executeQuery(); - if (set.next()) - { - request = new RequestModel(); - request.setRequestid(requestId); - request.setDocid(set.getString(1)); - request.setDestcountry(set.getString(2)); - request.setSpcountry(set.getString(3)); - request.setSpid(set.getString(4)); - request.setXmlrequest(set.getString(5)); - request.setXmlresponse(set.getString(6)); - request.setReqtimestamp(DatabaseHelper.getUtilDate(set.getTimestamp(7))); - request.setRestimestamp(DatabaseHelper.getSqlDate(set.getTimestamp(8))); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - - return request; - } - - /* (non-Javadoc) - * @see eu.stork.documentservice.data.DatabaseConnector#getRequestByDocId(java.lang.String) - */ - @Override - public RequestModel getRequestByDocId(String docId) throws DatabaseException - { - RequestModel request = null; - Connection con = null; - PreparedStatement pst = null; - - try - { - if (docId == null || docId.isEmpty()) - throw new DatabaseException("Document ID is null or empty."); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - String commandString = "select REQUESTID, DESTCOUNTRY, SPCOUNTRY, SPID, XMLREQUEST, XMLRESPONSE, REQTIMESTAMP, " - + "RESTIMESTAMP from request where DOCID = ?"; - - pst = con.prepareStatement(commandString); - pst.setString(1, docId); - - ResultSet set = pst.executeQuery(); - if (set.next()) - { - request = new RequestModel(); - request.setDocid(docId); - request.setRequestid(set.getString(1)); - request.setDestcountry(set.getString(2)); - request.setSpcountry(set.getString(3)); - request.setSpid(set.getString(4)); - request.setXmlrequest(set.getString(5)); - request.setXmlresponse(set.getString(6)); - request.setReqtimestamp(DatabaseHelper.getUtilDate(set.getTimestamp(7))); - request.setRestimestamp(DatabaseHelper.getSqlDate(set.getTimestamp(8))); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - - return request; - } - - /* (non-Javadoc) - * @see eu.stork.documentservice.data.DatabaseConnector#updateRequest(eu.stork.documentservice.model.RequestModel) - */ - @Override - public boolean updateRequest(RequestModel request) throws DatabaseException - { - boolean successful = false; - Connection con = null; - PreparedStatement pst = null; - - try - { - request.updateValidate(); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - - pst = con.prepareStatement("update request set DOCID = ?, DESTCOUNTRY = ?, SPCOUNTRY = ?, SPID = ?, " - + "XMLREQUEST = ?, XMLRESPONSE = ?, RESTIMESTAMP = ? where REQUESTID = ?"); - pst.setString(1, request.getDocid()); - pst.setString(2, request.getDestcountry()); - pst.setString(3, request.getSpcountry()); - pst.setString(4, request.getSpid()); - pst.setString(5, request.getXmlrequest()); - pst.setString(6, request.getXmlresponse()); - pst.setTimestamp(7, DatabaseHelper.getSqlDate(request.getRestimestamp())); - pst.setString(8, request.getRequestid()); - pst.executeUpdate(); - successful = true; - } - catch (ModelException mex) - { - throw new DatabaseException(mex); - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - return successful; - } - - @Override - public boolean addTempDocument(TempDocumentModel document) throws DatabaseException - { - boolean successful = false; - Connection con = null; - PreparedStatement pst = null; - - try - { - document.insertValidate(); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - - pst = con.prepareStatement("INSERT INTO temp_document(DOCID, DOCUMENT, MIMETYPE, CREATED, RECEIVERCERT, " - + "ENCKEY, ENCIV, SPID) VALUES(?, ?, ?, ?, ?, ?, ?, (SELECT ID FROM spid where spid = ?))"); - pst.setString(1, document.getDocid()); - pst.setBlob(2, document.getDataStream()); - pst.setString(3, document.getMimetype()); - pst.setTimestamp(4, DatabaseHelper.getSqlCurrentDate()); - pst.setString(5, document.getReicevercert()); - pst.setString(6, document.getEnckey()); - pst.setString(7, document.getEnciv()); - pst.setString(8, document.getSpid()); - pst.executeUpdate(); - successful = true; - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - catch (ModelException mex) - { - throw new DatabaseException(mex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - return successful; - } - - @Override - public TempDocumentModel getTempDocument(String docId) throws DatabaseException - { - TempDocumentModel document = null; - Connection con = null; - PreparedStatement pst = null; - - try - { - if (docId == null || docId.isEmpty()) - throw new DatabaseException("Document ID is null or empty."); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - String commandString = "select temp.DOCUMENT, temp.MIMETYPE, temp.CREATED, temp.FETCHED, temp.DELETED, " - + "temp.RECEIVERCERT, temp.ENCKEY, temp.ENCIV, sp.SPID " - + "from temp_document temp inner join spid sp on sp.ID = temp.SPID where DOCID = ?"; - - pst = con.prepareStatement(commandString); - pst.setString(1, docId); - - ResultSet set = pst.executeQuery(); - if (set.next()) - { - document = new TempDocumentModel(); - document.setDocid(docId); - document.setDataStream(set.getBinaryStream(1)); - document.setMimetype(set.getString(2)); - document.setCreated(DatabaseHelper.getUtilDate(set.getTimestamp(3))); - document.setFetched(DatabaseHelper.getUtilDate(set.getTimestamp(4))); - document.setDeleted(DatabaseHelper.getUtilDate(set.getTimestamp(5))); - document.setReicevercert(set.getString(6)); - document.setEnckey(set.getString(7)); - document.setEnciv(set.getString(8)); - document.setSpid(set.getString(9)); - } - } - catch (ModelException mex) - { - throw new DatabaseException(mex); - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - return document; - } - - @Override - public boolean updateTempDocument(TempDocumentModel document) throws DatabaseException - { - boolean successful = false; - Connection con = null; - PreparedStatement pst = null; - - try - { - document.updateValidate(); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - - pst = con.prepareStatement("update temp_document set DOCUMENT = ?, MIMETYPE = ?, FETCHED = ?, " - + "RECEIVERCERT = ?, ENCKEY = ?, ENCIV = ? where DOCID = ?"); - pst.setBlob(1, document.getDataStream()); - pst.setString(2, document.getMimetype()); - pst.setTimestamp(3, DatabaseHelper.getSqlCurrentDate()); - pst.setString(4, document.getReicevercert()); - pst.setString(5, document.getEnckey()); - pst.setString(6, document.getEnciv()); - pst.setString(7, document.getDocid()); - pst.executeUpdate(); - successful = true; - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - catch (ModelException mex) - { - throw new DatabaseException(mex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - return successful; - } - - @Override - public boolean deleteTempDocument(String docId) throws DatabaseException - { - boolean successful = false; - Connection con = null; - PreparedStatement pst = null; - - try - { - if (docId == null || docId.isEmpty()) - throw new DatabaseException("Document ID is null or empty."); - String url = "jdbc:mysql://" + server + "/" + database; - con = DriverManager.getConnection(url, user, password); - String commandString = "update temp_document set document = null, deleted = ? where DOCID = ?"; - - pst = con.prepareStatement(commandString); - pst.setTimestamp(1, DatabaseHelper.getSqlCurrentDate()); - pst.setString(2, docId); - - pst.executeUpdate(); - successful = true; - - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - finally - { - try - { - if (pst != null) { - pst.close(); - } - if (con != null) { - con.close(); - } - } - catch (SQLException ex) - { - throw new DatabaseException(ex); - } - } - - return successful; - } -} diff --git a/DocumentService/src/eu/stork/documentservice/data/DatabaseHelper.java b/DocumentService/src/eu/stork/documentservice/data/DatabaseHelper.java deleted file mode 100644 index 07c25aeba..000000000 --- a/DocumentService/src/eu/stork/documentservice/data/DatabaseHelper.java +++ /dev/null @@ -1,37 +0,0 @@ -package eu.stork.documentservice.data; - -public class DatabaseHelper { - /** - * Get the current timestamp in SQL timestamp - * @return the current time in sql timestamp - */ - public static java.sql.Timestamp getSqlCurrentDate() { - java.util.Date today = new java.util.Date(); - return new java.sql.Timestamp(today.getTime()); - } - - /** - * Convert Java Date to SQL timestamp - * @param date the date to convert - * @return the date in sql timestamp - */ - public static java.sql.Timestamp getSqlDate(java.util.Date date) { - if (date != null) - return new java.sql.Timestamp(date.getTime()); - else - return null; - } - - /** - * Convert SQL timestamp to Java Date - * @param time the timestamp to concert - * @return the time in util date - */ - public static java.util.Date getUtilDate(java.sql.Timestamp time) { - if (time != null) - return new java.util.Date(time.getTime()); - else - return null; - } - -} diff --git a/DocumentService/src/eu/stork/documentservice/data/docservice.properties b/DocumentService/src/eu/stork/documentservice/data/docservice.properties deleted file mode 100644 index 4ca12d023..000000000 --- a/DocumentService/src/eu/stork/documentservice/data/docservice.properties +++ /dev/null @@ -1,12 +0,0 @@ -sql.server=localhost:3306 -sql.database=STORKTRANSFER -sql.user=stork -sql.password=stork - -peps.country=AT - -#not used -peps.url=http://mopsos.iaik.tugraz.at:8080/PEPS/GetDSSFileAction - -#docservice.url=http://mopsos.iaik.tugraz.at:8080/DocumentService/DocumentService -docservice.url=http://testvidp.buergerkarte.at/DocumentService/DocumentService
\ No newline at end of file diff --git a/DocumentService/src/eu/stork/documentservice/exceptions/DatabaseException.java b/DocumentService/src/eu/stork/documentservice/exceptions/DatabaseException.java deleted file mode 100644 index bacca1ded..000000000 --- a/DocumentService/src/eu/stork/documentservice/exceptions/DatabaseException.java +++ /dev/null @@ -1,8 +0,0 @@ -package eu.stork.documentservice.exceptions; - -public class DatabaseException extends Exception { - public DatabaseException() { super(); } - public DatabaseException(String message) { super(message); } - public DatabaseException(String message, Throwable cause) { super(message, cause); } - public DatabaseException(Throwable cause) { super(cause); } -} diff --git a/DocumentService/src/eu/stork/documentservice/exceptions/DocumentServiceException.java b/DocumentService/src/eu/stork/documentservice/exceptions/DocumentServiceException.java deleted file mode 100644 index e77da437c..000000000 --- a/DocumentService/src/eu/stork/documentservice/exceptions/DocumentServiceException.java +++ /dev/null @@ -1,9 +0,0 @@ -package eu.stork.documentservice.exceptions; - -public class DocumentServiceException extends Exception { - public DocumentServiceException() { super(); } - public DocumentServiceException(String message) { super(message); } - public DocumentServiceException(String message, Throwable cause) { super(message, cause); } - public DocumentServiceException(Throwable cause) { super(cause); } - -} diff --git a/DocumentService/src/eu/stork/documentservice/exceptions/EncryptionException.java b/DocumentService/src/eu/stork/documentservice/exceptions/EncryptionException.java deleted file mode 100644 index b7557ea96..000000000 --- a/DocumentService/src/eu/stork/documentservice/exceptions/EncryptionException.java +++ /dev/null @@ -1,9 +0,0 @@ -package eu.stork.documentservice.exceptions; - -public class EncryptionException extends Exception { - public EncryptionException() { super(); } - public EncryptionException(String message) { super(message); } - public EncryptionException(String message, Throwable cause) { super(message, cause); } - public EncryptionException(Throwable cause) { super(cause); } - -} diff --git a/DocumentService/src/eu/stork/documentservice/exceptions/ModelException.java b/DocumentService/src/eu/stork/documentservice/exceptions/ModelException.java deleted file mode 100644 index b85f1579b..000000000 --- a/DocumentService/src/eu/stork/documentservice/exceptions/ModelException.java +++ /dev/null @@ -1,8 +0,0 @@ -package eu.stork.documentservice.exceptions; - -public class ModelException extends Exception { - public ModelException() { super(); } - public ModelException(String message) { super(message); } - public ModelException(String message, Throwable cause) { super(message, cause); } - public ModelException(Throwable cause) { super(cause); } -} diff --git a/DocumentService/src/eu/stork/documentservice/model/DocumentModel.java b/DocumentService/src/eu/stork/documentservice/model/DocumentModel.java deleted file mode 100644 index 10ae8a189..000000000 --- a/DocumentService/src/eu/stork/documentservice/model/DocumentModel.java +++ /dev/null @@ -1,122 +0,0 @@ -package eu.stork.documentservice.model; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.Date; - -import eu.stork.documentservice.exceptions.ModelException; - -/** - * The document model class - * @author sveinbjorno - * - */ -public class DocumentModel { - private String docid; - private byte[] document; - private String filename; - private String mimetype; - private String reicevercert; - private String enckey; - private String enciv; - private Date created; - private Date updated; - private Date deleted; - - public String getDocid() { - return docid; - } - public void setDocid(String docid) { - this.docid = docid; - } - public byte[] getDocument() { - return document; - } - public void setDocument(byte[] document) { - this.document = document; - } - public String getFilename() { - return filename; - } - public void setFilename(String filename) { - this.filename = filename; - } - public String getMimetype() { - return mimetype; - } - public void setMimetype(String mimetype) { - this.mimetype = mimetype; - } - public String getReicevercert() { - return reicevercert; - } - public void setReicevercert(String reicevercert) { - this.reicevercert = reicevercert; - } - public String getEnckey() { - return enckey; - } - public void setEnckey(String enckey) { - this.enckey = enckey; - } - public String getEnciv() { - return enciv; - } - public void setEnciv(String enciv) { - this.enciv = enciv; - } - public Date getCreated() { - return created; - } - public void setCreated(Date created) { - this.created = created; - } - public Date getUpdated() { - return updated; - } - public void setUpdated(Date updated) { - this.updated = updated; - } - public Date getDeleted() { - return deleted; - } - public void setDeleted(Date deleted) { - this.deleted = deleted; - } - - public InputStream getDataStream() - { - if (this.document != null) - return new ByteArrayInputStream(this.document); - else - return null; - } - - public void setDataStream(InputStream stream) throws ModelException - { - try { - this.document = new byte[stream.available()]; - stream.read(this.document); - } catch (IOException e) { - throw new ModelException("Unable to parse stream.", e); - } - } - - public void insertValidate() throws ModelException - { - if (this.docid == null || this.docid.isEmpty()) - throw new ModelException("Document ID is null or empty"); - if (this.document == null) - throw new ModelException("Document is null"); - if (this.mimetype == null || this.mimetype.isEmpty()) - throw new ModelException("MIME type is null or empty."); - } - - public void updateValidate() throws ModelException - { - this.insertValidate(); - if (this.created == null) - throw new ModelException("Created is null"); - } -} diff --git a/DocumentService/src/eu/stork/documentservice/model/RequestModel.java b/DocumentService/src/eu/stork/documentservice/model/RequestModel.java deleted file mode 100644 index 638af419e..000000000 --- a/DocumentService/src/eu/stork/documentservice/model/RequestModel.java +++ /dev/null @@ -1,106 +0,0 @@ -package eu.stork.documentservice.model; - -import java.util.Date; - -import eu.stork.documentservice.exceptions.ModelException; - -/** - * The request model class - * @author sveinbjorno - * - */ -public class RequestModel { - - private String requestid; - private String docid; - private String destcountry; - private String spcountry; - private String spid; - private String xmlrequest; - private String xmlresponse; - private Date reqtimestamp; - private Date restimestamp; - - public String getRequestid() { - return requestid; - } - public void setRequestid(String requestid) { - this.requestid = requestid; - } - public String getDocid() { - return docid; - } - public void setDocid(String docid) { - this.docid = docid; - } - public String getDestcountry() { - return destcountry; - } - public void setDestcountry(String destcountry) { - this.destcountry = destcountry; - } - public String getSpcountry() { - return spcountry; - } - public void setSpcountry(String spcountry) { - this.spcountry = spcountry; - } - public String getSpid() { - return spid; - } - public void setSpid(String spid) { - this.spid = spid; - } - public String getXmlrequest() { - return xmlrequest; - } - public void setXmlrequest(String xmlrequest) { - this.xmlrequest = xmlrequest; - } - public String getXmlresponse() { - return xmlresponse; - } - public void setXmlresponse(String xmlresponse) { - this.xmlresponse = xmlresponse; - } - public Date getReqtimestamp() { - return reqtimestamp; - } - public void setReqtimestamp(Date reqtimestamp) { - this.reqtimestamp = reqtimestamp; - } - public Date getRestimestamp() { - return restimestamp; - } - public void setRestimestamp(Date restimestamp) { - this.restimestamp = restimestamp; - } - - public String getFullDocID() - { - return this.spcountry + "/" + this.destcountry + "/" + this.docid; - } - - public void insertValidate() throws ModelException - { - if (this.requestid == null || this.requestid.isEmpty()) - throw new ModelException("Request ID is null or empty"); - if (this.destcountry == null || this.destcountry.isEmpty()) - throw new ModelException("Destination country is null or empty."); - if (this.spcountry == null || this.spcountry.isEmpty()) - throw new ModelException("SP country is null or empty."); - if (this.destcountry == null || this.destcountry.isEmpty()) - throw new ModelException("Destination country is null or empty."); - if (this.xmlrequest== null || this.xmlrequest.isEmpty()) - throw new ModelException("XML request is null or empty."); - } - - public void updateValidate() throws ModelException - { - this.insertValidate(); - if (this.docid == null || this.docid.isEmpty()) - throw new ModelException("Document ID is null or empty"); - if (this.reqtimestamp == null) - throw new ModelException("Request timestamp is null or empty"); - } -} diff --git a/DocumentService/src/eu/stork/documentservice/model/TempDocumentModel.java b/DocumentService/src/eu/stork/documentservice/model/TempDocumentModel.java deleted file mode 100644 index 7c28cc0f7..000000000 --- a/DocumentService/src/eu/stork/documentservice/model/TempDocumentModel.java +++ /dev/null @@ -1,118 +0,0 @@ -package eu.stork.documentservice.model; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.Date; - -import eu.stork.documentservice.exceptions.ModelException; - -public class TempDocumentModel { - private String docid; - private byte[] document; - private String spid; - private String mimetype; - private String reicevercert; - private String enckey; - private String enciv; - private Date created; - private Date fetched; - private Date deleted; - - public String getDocid() { - return docid; - } - public void setDocid(String docid) { - this.docid = docid; - } - public byte[] getDocument() { - return document; - } - public void setDocument(byte[] document) { - this.document = document; - } - public String getSpid() { - return spid; - } - public void setSpid(String spid) { - this.spid = spid; - } - public String getMimetype() { - return mimetype; - } - public void setMimetype(String mimetype) { - this.mimetype = mimetype; - } - - public String getReicevercert() { - return reicevercert; - } - public void setReicevercert(String reicevercert) { - this.reicevercert = reicevercert; - } - public String getEnckey() { - return enckey; - } - public void setEnckey(String enckey) { - this.enckey = enckey; - } - public String getEnciv() { - return enciv; - } - public void setEnciv(String enciv) { - this.enciv = enciv; - } - public Date getCreated() { - return created; - } - public void setCreated(Date created) { - this.created = created; - } - public Date getFetched() { - return fetched; - } - public void setFetched(Date fetched) { - this.fetched = fetched; - } - public Date getDeleted() { - return deleted; - } - public void setDeleted(Date deleted) { - this.deleted = deleted; - } - - public InputStream getDataStream() - { - if (this.document != null) - return new ByteArrayInputStream(this.document); - else - return null; - } - - public void setDataStream(InputStream stream) throws ModelException - { - try { - this.document = new byte[stream.available()]; - stream.read(this.document); - } catch (IOException e) { - throw new ModelException("Unable to parse stream.", e); - } - } - - public void insertValidate() throws ModelException - { - if (this.docid == null || this.docid.isEmpty()) - throw new ModelException("Document ID is null or empty"); - if (this.document == null) - throw new ModelException("Document is null"); - if (this.spid == null || this.spid.isEmpty()) - throw new ModelException("SPId is null or empty."); - } - - public void updateValidate() throws ModelException - { - this.insertValidate(); - if (this.created == null) - throw new ModelException("Created is null"); - } -} diff --git a/DocumentService/src/eu/stork/documentservice/tests/AttrQueryRequestSdoc.xml b/DocumentService/src/eu/stork/documentservice/tests/AttrQueryRequestSdoc.xml deleted file mode 100644 index 01dbf7317..000000000 --- a/DocumentService/src/eu/stork/documentservice/tests/AttrQueryRequestSdoc.xml +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_502bc4db31bb07e54a8b59c6b738dcfc" IssueInstant="2014-01-29T14:04:32.188Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="#_502bc4db31bb07e54a8b59c6b738dcfc"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>3F4d8+UWhFgV+WjA3SnBH1xp3k8=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>elOYmXMcuith/nZoqF7NNpBNt8KbUHBVleRcxgMEQwqn4fsebriUFhlbesnIWmJcSKSJetlsVNm+1ZydGjxasTAsz1Nm3K9IVm2gyhXWOqisTfSRcGavJzJuS2MpLvz+O3aa/RbNvDJvDqTD3eGhvfBB/8M/eWNhgQFI5xFFH2DcsW96YtMNafaocHt4lh35+8C4htV3bd8AAD6jzVwN1itBOKivlB048OA3BI9PXdnzLKOfBOXH3TrXpqI06BJpBITFB/teOWLys4p7YH+FejQZgo0mS8+srrRbx+eILqXy+GCujJ8eCJXo2d3JQMcMLqoHaT0Jgj18+QagVkWmiA==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDIjCCAgqgAwIBAgIES6idsjANBgkqhkiG9w0BAQUFADBTMQswCQYDVQQGEwJFUzEOMAwGA1UE -CAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxvY2Fs -LWRlbW8wHhcNMTMwODI4MTY0NzM1WhcNMTUwODI4MTY0NzM1WjBTMQswCQYDVQQGEwJFUzEOMAwG -A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxv -Y2FsLWRlbW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+7zEQUbt8Ot9dByR5TuY -NPmTwaKhECtnkxYAx9tl+Ga3kFiv+dOSeDoQOhxkICG1ZMaG0Gtk0EQWjscC1cLwDXpAOdhOm5xh -ndFHxa3V3Y3zomFZA7A3nwP8wt17wDrc1xi2Ye8VrwO7Vjb/F8Rgutlcrvq+LF4g9nQLoRiKUq8w -NFvDlvhBbLr8hMVBMY/jY7tSQ85qLqKUkWRcoDttJjgWZoO1vpBS4m+FywtYdOoHnN6fv4Dvf1r2 -rNLgebgBvSfwznxiulwW6FBLasYX0rYKP7RfwG8TJ+FumOgAjADj2LdwK25RZNg44XU2V1z1Fp37 -fNXhfo08LpdD1ueFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADMRGTWOmadZyCoJNluV+M7LopjC -9WpFUj76X0cAoNXmt12zYqYe8hjRmBr6l2V/FXT3/TyWET1nILG46zwwAxslw3b2LvkhU+9QcuB8 -yC8TCJJ0kgsTZ/EUZPSbwUG7Nn2jkMiyjlyKcjSCQOzEKQyR1xYwyZG40+BPeGbYjmRgm6kcmCxY -USWoPwNyfke9gNT80f0pUj7wJ9YwWbTIz1rhf/h7rxoMYypXo+JXwaXW/Ra8v1uDcwfKpE5ZgwAU -nubLXF4A+H7/N7ZvB5XDwJ4W+99nuPsKfwacD8m1sflTXcEPzzhOq6iQ9anJT94/pMctnp827zXA -y66jvDrin5I=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><stork:spCountry>IS</stork:spCountry><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/docRequest" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">IS/IS/fbea6e68-0393-401b-b616-f767fff9418c</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/></saml2:Subject></saml2p:AttributeQuery>
\ No newline at end of file diff --git a/DocumentService/src/eu/stork/documentservice/tests/DatabaseTests.java b/DocumentService/src/eu/stork/documentservice/tests/DatabaseTests.java deleted file mode 100644 index a888f0737..000000000 --- a/DocumentService/src/eu/stork/documentservice/tests/DatabaseTests.java +++ /dev/null @@ -1,265 +0,0 @@ -package eu.stork.documentservice.tests; - -import static org.junit.Assert.*; - -import java.util.Date; -import java.util.UUID; - -import org.junit.Test; - -import eu.stork.documentservice.data.DatabaseConnector; -import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl; -import eu.stork.documentservice.exceptions.DatabaseException; -import eu.stork.documentservice.model.DocumentModel; -import eu.stork.documentservice.model.RequestModel; -import eu.stork.documentservice.model.TempDocumentModel; -import eu.stork.documentservice.utils.Utils; - -public class DatabaseTests { - - private String user = "stork"; - private String password = "stork"; - private String database = "stork"; - private String server = "localhost:3306"; - private String pdfLoc = "C:/Temp/temp.pdf"; - private String destCountry = "AT"; - private String spCountry = "IS"; - private String spId = "Demo-SP"; - private String xmlrequest = "<xml><data>foo</data>"; - private String xmlresponse = "<xml><data>foo_signed</data>"; - private static String docId = ""; - private static String docId2 = ""; - private static String reqId = ""; - - public DatabaseTests() - { - if (docId.isEmpty()) - docId = UUID.randomUUID().toString(); - if (docId2.isEmpty()) - docId2 = UUID.randomUUID().toString(); - if (reqId.isEmpty()) - reqId = UUID.randomUUID().toString(); - } - - @Test - //Test adding document - public void test1() { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - DocumentModel document = new DocumentModel(); - document.setDocid(docId); - document.setDocument(Utils.readData(pdfLoc)); - document.setFilename("pdfdoc.pdf"); - document.setMimetype("application/pdf"); - - try - { - boolean ok = conn.addDocument(document); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test getting document - public void test2() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - try - { - DocumentModel document = conn.getDocument(docId); - assertNotNull(document); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test updating document - public void test3() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - try - { - DocumentModel document = conn.getDocument(docId); - boolean ok = conn.updateDocument(document); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test deleting document - public void test4() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - try - { - boolean ok = conn.deleteDocument(docId); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test adding new request - public void test5() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - RequestModel request = new RequestModel(); - request.setRequestid(reqId); - request.setDestcountry(destCountry); - request.setSpcountry(spCountry); - request.setSpid(spId); - request.setXmlrequest(xmlrequest); - - try - { - boolean ok = conn.addRequest(request); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test getting request - public void test6() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - - try - { - RequestModel request = conn.getRequest(reqId); - assertNotNull(request); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test updating request - public void test7() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - - try - { - RequestModel request = conn.getRequest(reqId); - request.setDocid(docId); - boolean ok = conn.updateRequest(request); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test getting new request - public void test8() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - - try - { - RequestModel request = conn.getRequest(reqId); - request.setXmlresponse(xmlresponse); - request.setRestimestamp(new Date()); - boolean ok = conn.updateRequest(request); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - - @Test - //Test add temp document - public void test10() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - TempDocumentModel document = new TempDocumentModel(); - document.setDocid(docId2); - document.setDocument(Utils.readData(pdfLoc)); - document.setSpid(spId); - //document.setFilename("pdfdoc.pdf"); - document.setMimetype("application/pdf"); - - try - { - boolean ok = conn.addTempDocument(document); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test getting temp document - public void test11() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - try - { - TempDocumentModel document = conn.getTempDocument(docId2); - assertNotNull(document); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test updating temp document - public void test12() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - try - { - TempDocumentModel document = conn.getTempDocument(docId2); - boolean ok = conn.updateTempDocument(document); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } - - @Test - //Test delete temp document - public void test13() - { - DatabaseConnector conn = new DatabaseConnectorMySQLImpl(user, password, server, database); - try - { - boolean ok = conn.deleteTempDocument(docId2); - assertTrue(ok); - } - catch (DatabaseException ex) - { - ex.printStackTrace(); - } - } -} diff --git a/DocumentService/src/eu/stork/documentservice/tests/DocumentServiceTests.java b/DocumentService/src/eu/stork/documentservice/tests/DocumentServiceTests.java deleted file mode 100644 index 0d27cf044..000000000 --- a/DocumentService/src/eu/stork/documentservice/tests/DocumentServiceTests.java +++ /dev/null @@ -1,123 +0,0 @@ -package eu.stork.documentservice.tests; - -import static org.junit.Assert.*; - -import java.net.MalformedURLException; -import java.net.URL; - -import javax.xml.namespace.QName; -import javax.xml.ws.BindingProvider; -import javax.xml.ws.Service; -import javax.xml.ws.soap.SOAPBinding; - -import org.junit.Test; - -import eu.stork.documentservice.DocumentService; -import eu.stork.documentservice.exceptions.DocumentServiceException; -import eu.stork.documentservice.utils.Utils; -import eu.stork.documentservice.utils.XmlHelper; - -public class DocumentServiceTests { - - private static String xmlrequest = "<dss:SignRequest xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"_d96b62a87d18f1095180b1f44c90b5fd\"><dss:InputDocuments><dss:Document><dss:Base64Data MimeType=\"text/plain\">VGVzdCB0ZXh0</dss:Base64Data></dss:Document></dss:InputDocuments></dss:SignRequest>"; - private static String docRequstLoc = "C:/Temp/AttrQueryRequestSdoc.xml"; - private static String docRequstLocMod = "C:/Temp/AttrQueryRequestSdocMod.xml"; - private static String destCountry = "AT"; - private static String spID ="DEMO-SP"; - - @Test - public void testXmlParsing() { - String reqId = null; - try { - reqId = XmlHelper.getRequestId(xmlrequest); - } catch (DocumentServiceException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - assertNotNull(reqId); - } - - @Test - public void testXmlParsingDocument() { - String doc = null; - try { - doc = XmlHelper.getRequestDocumentData(xmlrequest); - } catch (DocumentServiceException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - assertNotNull(doc); - } - - @Test - public void testXmlParsingDocumentMime() { - String mime = null; - try { - mime = XmlHelper.getRequestDocumentMime(xmlrequest); - } catch (DocumentServiceException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - assertNotNull(mime); - } - - @Test - public void testCheckTransferrequest() - { - byte[] docBytes = Utils.readData(docRequstLoc); - try { - String docId = XmlHelper.verifyRequestByte(docBytes); - assertTrue(!docId.isEmpty()); - } catch (DocumentServiceException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - @Test - public void testCheckTransferrequestMod() - { - byte[] docBytes = Utils.readData(docRequstLocMod); - try { - XmlHelper.verifyRequestByte(docBytes); - fail("testCheckTransferrequestMod(...) should've thrown an DocumentServiceException!"); - } catch (DocumentServiceException e) { - e.printStackTrace(); - //success("Exception thrown."); - } - } - - @Test - public void testAddDocument() - { - URL url = null; - try { - url = new URL("http://localhost:8080/DocumentService/DocumentService?wsdl"); - } catch (MalformedURLException e) { - e.printStackTrace(); - } - QName qname = new QName("http://stork.eu", - "DocumentService"); - - Service service = Service.create(url, qname); - DocumentService docservice = service.getPort(DocumentService.class); - - BindingProvider bp = (BindingProvider) docservice; - SOAPBinding binding = (SOAPBinding) bp.getBinding(); - binding.setMTOMEnabled(true); - - try - { - String doc = XmlHelper.getRequestDocumentData(xmlrequest); - byte[] docData = Utils.decodeBase64String(doc, false); - String mime = XmlHelper.getRequestDocumentMime(xmlrequest); - String docid = docservice.addDocument(docData, xmlrequest, destCountry, spID, mime, ""); - assertNotNull(docid); - } - catch (Exception ex) - { - ex.printStackTrace(); - } - } - -} diff --git a/DocumentService/src/eu/stork/documentservice/tests/EncryptionTests.java b/DocumentService/src/eu/stork/documentservice/tests/EncryptionTests.java deleted file mode 100644 index 9ac0862cf..000000000 --- a/DocumentService/src/eu/stork/documentservice/tests/EncryptionTests.java +++ /dev/null @@ -1,63 +0,0 @@ -package eu.stork.documentservice.tests; - -import static org.junit.Assert.*; - -import java.util.Arrays; - -import org.junit.Test; - -import eu.stork.documentservice.exceptions.EncryptionException; -import eu.stork.documentservice.utils.EncryptionHelper; -import eu.stork.documentservice.utils.Utils; - -public class EncryptionTests { - - private String pdfLoc = "C:/Temp/temp.pdf"; - private String certLocation = "C:/Temp/testcert.pem"; - private static String encKey; - private static String encIv; - - @Test - //Test encrypting some data - public void test1() { - try { - EncryptionHelper enc = new EncryptionHelper(); - byte[] data = (Utils.readData(pdfLoc)); - byte[] encdata = enc.encrypt(data); - assertNotNull(encdata); - } catch (EncryptionException e) { - e.printStackTrace(); - } - } - - @Test - //Test encrypting and decrypting some data - public void test2() { - try { - EncryptionHelper enc = new EncryptionHelper(); - byte[] data = (Utils.readData(pdfLoc)); - byte[] encdata = enc.encrypt(data); - encKey = enc.getKey(); - encIv = enc.getIv(); - - EncryptionHelper enc1 = new EncryptionHelper(encKey, encIv); - byte[] decdata = enc1.decrypt(encdata); - assertTrue(Arrays.equals(data, decdata)); - } catch (EncryptionException e) { - e.printStackTrace(); - } - } - - @Test - //Test encrypting with a certificate - public void test3() { - try { - EncryptionHelper enc = new EncryptionHelper(encKey, encIv); - String certString = Utils.readString(certLocation); - String secret = enc.encryptWithCert(certString, encKey); - assertTrue((secret != null && !secret.isEmpty())); - } catch (EncryptionException e) { - e.printStackTrace(); - } - } -} diff --git a/DocumentService/src/eu/stork/documentservice/utils/Bootstrap.java b/DocumentService/src/eu/stork/documentservice/utils/Bootstrap.java deleted file mode 100644 index 72da74e52..000000000 --- a/DocumentService/src/eu/stork/documentservice/utils/Bootstrap.java +++ /dev/null @@ -1,31 +0,0 @@ -package eu.stork.documentservice.utils; - -import org.opensaml.DefaultBootstrap; -import org.opensaml.xml.ConfigurationException; - -public class Bootstrap extends DefaultBootstrap { - - static boolean initializied = false; - public static synchronized void bootstrap() throws ConfigurationException { - - if(!initializied) - { - initializeXMLSecurity(); - - initializeXMLTooling(); - -// initializeArtifactBuilderFactories(); -// -// initializeGlobalSecurityConfiguration(); -// -// initializeParserPool(); -// -// initializeESAPI(); - } - else - { - System.out.println("Skipping initialization..."); - } - } - -} diff --git a/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java b/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java deleted file mode 100644 index 1c55e59e3..000000000 --- a/DocumentService/src/eu/stork/documentservice/utils/EncryptionHelper.java +++ /dev/null @@ -1,182 +0,0 @@ -package eu.stork.documentservice.utils; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; -import java.security.AlgorithmParameters; -import java.security.PublicKey; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; - -import javax.crypto.*; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.SecretKeySpec; - -import com.sun.org.apache.xml.internal.security.utils.Base64; - -import eu.stork.documentservice.exceptions.EncryptionException; - -public class EncryptionHelper { - - private static String key; - private static String iv; - private static Cipher cipher; - - public EncryptionHelper() throws EncryptionException - { - this.generateKeys(); - } - - public EncryptionHelper(String inKey, String inIv) throws EncryptionException - { - this.initKeys(inKey, inIv); - } - - /** - * Generate new symmetric keys - * @throws EncryptionException - */ - public void generateKeys() throws EncryptionException - { - try - { - KeyGenerator keyGen = KeyGenerator.getInstance("AES"); - keyGen.init(256); - SecretKey secretKey = keyGen.generateKey(); - cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); - cipher.init(Cipher.ENCRYPT_MODE, secretKey); - AlgorithmParameters params = cipher.getParameters(); - key = Base64.encode(secretKey.getEncoded()); - iv = Base64.encode(params.getParameterSpec(IvParameterSpec.class).getIV()); - } - catch (Exception e) - { - e.printStackTrace(); - throw new EncryptionException("Unable to generate encryption key.", e); - } - } - - /** - * Initialize keys with specified keys - * @param inKey the key to use - * @param inIv the IV to use - * @throws EncryptionException the exception thrown - */ - public void initKeys(String inKey, String inIv) throws EncryptionException - { - try - { - key = inKey; - iv = inIv; - SecretKeySpec skeySpec = new SecretKeySpec(Base64.decode(inKey), "AES"); - cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); - cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(Base64.decode(inIv))); - } - catch (Exception e) - { - e.printStackTrace(); - throw new EncryptionException("Unable to initialize encryption key.", e); - } - } - - /** - * Encrypt data with key - * @param clearData the clear data - * @return the encrypted data - * @throws EncryptionException the exception thrown - */ - public byte[] encrypt(byte[] clearData) throws EncryptionException - { - if (clearData != null) - { - try - { - return cipher.doFinal(clearData); - } - catch (Exception ex) - { - throw new EncryptionException("Could not decrypt data.", ex); - } - } - else - throw new EncryptionException("Clear data is null."); - } - - /** - * Decrypt data with keys - * @param encData the encrypted data - * @return decrypted data - * @throws EncryptionException the exception thrown - */ - public byte[] decrypt(byte[] encData) throws EncryptionException - { - if (encData != null) - { - try - { - return cipher.doFinal(encData); - } - catch (Exception ex) - { - throw new EncryptionException("Could not encrypt data.", ex); - } - } - else - throw new EncryptionException("Encrypted data is null."); - } - - /** - * Get the key string - * @return the key - */ - public String getKey() - { - return key; - } - - /** - * Get the IV string - * @return the iv - */ - public String getIv() - { - return iv; - } - - /** - * Encrypt string with certificate - * @param certString the PEM formated certificate - * @param input the string to encrypt - * @return encrypted string - * @throws EncryptionException the exception thrown - */ - public String encryptWithCert(String certString, String input) throws EncryptionException - { - if (certString != null && !certString.isEmpty()) - { - if (input != null && !input.isEmpty()) - { - try { - certString = certString.replace("-----BEGIN CERTIFICATE-----", ""); - certString = certString.replace("-----END CERTIFICATE-----", ""); - InputStream inStream = new ByteArrayInputStream(Base64.decode(certString)); - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream); - PublicKey pk = cert.getPublicKey(); - Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); - rsaCipher.init(Cipher.ENCRYPT_MODE, pk); - byte[] encrypted = rsaCipher.doFinal(input.getBytes("UTF-8")); - return Base64.encode(encrypted); - } - catch (Exception e) { - e.printStackTrace(); - throw new EncryptionException("Unabled to encrypt string.", e); - } - } - else - throw new EncryptionException("Input is null or empty."); - } - else - throw new EncryptionException("Certificate is null or empty."); - } - -} diff --git a/DocumentService/src/eu/stork/documentservice/utils/ExternalDocservice.java b/DocumentService/src/eu/stork/documentservice/utils/ExternalDocservice.java deleted file mode 100644 index 821d636a2..000000000 --- a/DocumentService/src/eu/stork/documentservice/utils/ExternalDocservice.java +++ /dev/null @@ -1,105 +0,0 @@ -package eu.stork.documentservice.utils; - -import java.net.MalformedURLException; -import java.net.URL; - -import javax.xml.namespace.QName; -import javax.xml.ws.BindingProvider; -import javax.xml.ws.Service; -import javax.xml.ws.soap.SOAPBinding; - -import eu.stork.documentservice.DocumentService; -import eu.stork.documentservice.exceptions.DocumentServiceException; - -public class ExternalDocservice { - - /** - * Get document from external DTL - * @param documentTransferRequest the document transfer request (attribute query) - * @param dtlUrl the URL of external DTL - * @return the document found - * @throws DocumentServiceException - */ - public static byte[] getDocument(String documentTransferRequest, String dtlUrl) throws DocumentServiceException - { - if (documentTransferRequest != null && !documentTransferRequest.isEmpty()) - { - if (dtlUrl != null && !dtlUrl.isEmpty()) - { - try - { - URL url = new URL(dtlUrl); - - QName qname = new QName("http://stork.eu", - "DocumentService"); - - Service service = Service.create(url, qname); - DocumentService docservice = service.getPort(DocumentService.class); - - BindingProvider bp = (BindingProvider) docservice; - SOAPBinding binding = (SOAPBinding) bp.getBinding(); - binding.setMTOMEnabled(true); - - return docservice.getDocument(documentTransferRequest, dtlUrl); - } - catch (MalformedURLException e) { - e.printStackTrace(); - throw new DocumentServiceException("DTL url is invalid.", e); - } - catch (Exception e) { - e.printStackTrace(); - throw new DocumentServiceException(e); - } - } - else - throw new DocumentServiceException("DTL url is empty."); - } - else - throw new DocumentServiceException("Document transfer request is empty."); - } - - /** - * Get document mime from external DTL - * @param docId the document id - * @param dtlUrl the URL of external DTL - * @return the document mime found - * @throws DocumentServiceException - */ - public static String getDocumentMime(String docId, String dtlUrl) throws DocumentServiceException - { - if (docId != null && !docId.isEmpty()) - { - if (dtlUrl != null && !dtlUrl.isEmpty()) - { - try - { - URL url = new URL(dtlUrl); - - QName qname = new QName("http://stork.eu", - "DocumentService"); - - Service service = Service.create(url, qname); - DocumentService docservice = service.getPort(DocumentService.class); - - BindingProvider bp = (BindingProvider) docservice; - SOAPBinding binding = (SOAPBinding) bp.getBinding(); - binding.setMTOMEnabled(true); - - return docservice.getDocumentMime(docId, dtlUrl); - } - catch (MalformedURLException e) { - e.printStackTrace(); - throw new DocumentServiceException("DTL url is invalid.", e); - } - catch (Exception e) { - e.printStackTrace(); - throw new DocumentServiceException(e); - } - } - else - throw new DocumentServiceException("DTL url is empty."); - } - else - throw new DocumentServiceException("Document Id is empty."); - } -} diff --git a/DocumentService/src/eu/stork/documentservice/utils/GetDSSFileAction.java b/DocumentService/src/eu/stork/documentservice/utils/GetDSSFileAction.java deleted file mode 100644 index 2fce0165d..000000000 --- a/DocumentService/src/eu/stork/documentservice/utils/GetDSSFileAction.java +++ /dev/null @@ -1,93 +0,0 @@ -package eu.stork.documentservice.utils; -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - - -import org.apache.log4j.Logger; -import org.bouncycastle.util.encoders.UrlBase64; -import org.opensaml.xml.ConfigurationException; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; - -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; - -//import eu.stork.peps.auth.cpeps.AUCPEPS; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * This Action will be invoked by file transfer in order to validate saml - * - * @author Advania - * - * @version $Revision: $, $Date: $ - * - */ -public final class GetDSSFileAction { - /** - * Unique identifier. - */ - private static final long serialVersionUID = 6233180247896844849L; - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(GetDSSFileAction.class.getName()); -// public String SAMLRequest; -// public String docId; - private static final String SAML_INSTANCE = "VIDP"; - - public static String processDocRequest(String samlRequest) - { - String result = ""; - //final Map<String, String> parameters = getHttpRequestParameters(); - STORKAttrQueryRequest request; - try { - request = processDocRequest_(samlRequest); - final IPersonalAttributeList pal = request.getPersonalAttributeList(); - final PersonalAttribute sdoc = pal.get("docRequest"); - if (sdoc != null) - { - String docId = sdoc.getValue().get(0);//remove countries from beginning - docId = docId.substring(docId.indexOf("/")+1); - docId = docId.substring(docId.indexOf('/')+1); - return docId.replace("/", ""); - } - } catch (final STORKSAMLEngineException e) { - e.printStackTrace(); - } - return null; - } - - private static STORKAttrQueryRequest processDocRequest_(String samlRequest) - throws STORKSAMLEngineException{ - - // fetch the samlToken from the request - final byte[] samlToken = UrlBase64.decode(samlRequest); - //System.out.println("SAML Engine DokumentService init"); - try { - Bootstrap.bootstrap(); - } catch (ConfigurationException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - final STORKSAMLEngine engine = STORKSAMLEngine.getInstance(SAML_INSTANCE); - - final STORKAttrQueryRequest attrData= engine.validateSTORKAttrQueryRequest(samlToken); - //SAMLRequest = new String(samlToken); - LOG.trace("Processing doc request done. SAML: " + new String(samlToken)); - return attrData; - } -} diff --git a/DocumentService/src/eu/stork/documentservice/utils/Utils.java b/DocumentService/src/eu/stork/documentservice/utils/Utils.java deleted file mode 100644 index 45072a0be..000000000 --- a/DocumentService/src/eu/stork/documentservice/utils/Utils.java +++ /dev/null @@ -1,172 +0,0 @@ -package eu.stork.documentservice.utils; - -import java.io.BufferedReader; -import java.io.ByteArrayInputStream; -import java.io.DataOutputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.FileReader; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.UnsupportedEncodingException; -import java.net.HttpURLConnection; -import java.net.URL; - -import org.bouncycastle.util.encoders.Base64; -import org.bouncycastle.util.encoders.UrlBase64; - -public class Utils { - - public static boolean saveData(byte[] data, String PATH, String fileName) - { - boolean ok = false; - if (data != null) - { - try - { - FileOutputStream fos; - File outputDir = new File(PATH); - File saveFile = new File(outputDir, fileName); - fos = new FileOutputStream(saveFile); - fos.write(data); - fos.flush(); - fos.close(); - ok = true; - } - catch (Exception e) - { - e.printStackTrace(); - } - } - return ok; - } - - public static byte[] readData(String fileName) - { - byte[] data = null; - - if (fileName != "") - { - try - { - FileInputStream fis; - File inputDir = new File(fileName); - fis = new FileInputStream(inputDir); - data = new byte[(int)inputDir.length()]; - fis.read(data); - fis.close(); - } - catch (Exception e) - { - e.printStackTrace(); - } - } - - return data; - } - - public static String readString(String fileName) - { - File file = new File(fileName); - StringBuilder text = new StringBuilder(); - - try { - BufferedReader br = new BufferedReader(new FileReader(file)); - String line; - - while ((line = br.readLine()) != null) { - text.append(line); - } - br.close(); - } - catch (Exception e) { - e.printStackTrace(); - } - return text.toString(); - } - - public static InputStream getStream(String string, String codePage) throws UnsupportedEncodingException - { - return new ByteArrayInputStream(string.getBytes(codePage)); - } - - public static String encodeBase64bytes(final byte[] bytes, boolean urlSafe) { - try { - if (urlSafe) - return new String(UrlBase64.encode(bytes), "UTF8"); - else - return new String(Base64.encode(bytes), "UTF8"); - } catch (UnsupportedEncodingException e) { - return null; - } - } - - public static byte[] decodeBase64String(final String base64string, boolean urlSave) { - if (urlSave) - return UrlBase64.decode(base64string); - else - return Base64.decode(base64string); - } - - // HTTP GET request - public static String sendGet(String url) throws Exception - { - URL obj = new URL(url); - HttpURLConnection con = (HttpURLConnection) obj.openConnection(); - - // optional default is GET - con.setRequestMethod("GET"); - - //add request header - con.setRequestProperty("User-Agent", "unknown"); - - //int responseCode = con.getResponseCode(); - - BufferedReader in = new BufferedReader( - new InputStreamReader(con.getInputStream())); - String inputLine; - StringBuffer response = new StringBuffer(); - - while ((inputLine = in.readLine()) != null) { - response.append(inputLine); - } - in.close(); - - return response.toString(); - - } - - // HTTP POST request - public static String sendPost(String url, String urlParameters) throws Exception - { - URL obj = new URL(url); - HttpURLConnection con = (HttpURLConnection) obj.openConnection(); - - //add request header - con.setRequestMethod("POST"); - con.setRequestProperty("User-Agent", "unknown"); - con.setRequestProperty("Accept-Language", "en-US,en;q=0.5"); - - // Send post request - con.setDoOutput(true); - DataOutputStream wr = new DataOutputStream(con.getOutputStream()); - wr.writeBytes(urlParameters); - wr.flush(); - wr.close(); - - //int responseCode = con.getResponseCode(); - - BufferedReader in = new BufferedReader( - new InputStreamReader(con.getInputStream())); - String inputLine; - StringBuffer response = new StringBuffer(); - - while ((inputLine = in.readLine()) != null) { - response.append(inputLine); - } - in.close(); - - return response.toString(); - } -} diff --git a/DocumentService/src/eu/stork/documentservice/utils/XmlHelper.java b/DocumentService/src/eu/stork/documentservice/utils/XmlHelper.java deleted file mode 100644 index cd325db2e..000000000 --- a/DocumentService/src/eu/stork/documentservice/utils/XmlHelper.java +++ /dev/null @@ -1,224 +0,0 @@ -package eu.stork.documentservice.utils; - -import java.io.InputStream; -import java.util.Properties; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.xpath.XPath; -import javax.xml.xpath.XPathFactory; - -import org.w3c.dom.Document; -import org.w3c.dom.NodeList; -import org.w3c.dom.Node; -import org.w3c.dom.Element; - -//import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.GetDSSFileAction; - -import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl; -import eu.stork.documentservice.exceptions.DocumentServiceException; - -public class XmlHelper { - - private static Properties props = new Properties(); - - public static String getRequestId(String xmlRequest) throws DocumentServiceException - { - if (xmlRequest == null || xmlRequest.isEmpty()) - throw new DocumentServiceException("XML request is empty"); - else - { - try - { - InputStream is = Utils.getStream(xmlRequest, "UTF-8"); - DocumentBuilder dBuilder = DocumentBuilderFactory.newInstance() - .newDocumentBuilder(); - Document doc = dBuilder.parse(is); - Element reqElement = doc.getDocumentElement(); - String reqId = reqElement.getAttribute("RequestID"); - return reqId.replace("_", ""); - } - catch (Exception ex) - { - throw new DocumentServiceException("Unabled to parse xml.", ex); - } - } - } - - public static String getRequestDocument(String xmlRequest) throws DocumentServiceException - { - if (xmlRequest == null || xmlRequest.isEmpty()) - throw new DocumentServiceException("XML request is empty"); - else - { - try - { - InputStream is = Utils.getStream(xmlRequest, "UTF-8"); - DocumentBuilder dBuilder = DocumentBuilderFactory.newInstance() - .newDocumentBuilder(); - Document doc = dBuilder.parse(is); - String document = ""; - Element req = doc.getDocumentElement(); - NodeList nList0 = req.getChildNodes(); - for (int i = 0; i < nList0.getLength(); i++) - { - Node node = nList0.item(i); - NodeList nList1 = node.getChildNodes(); - for (int j = 0; j < nList1.getLength(); j++) - { - NodeList nList2 = nList1.item(j).getChildNodes(); - for (int k = 0; k < nList2.getLength(); k++) - { - Node docNode =nList2.item(k); - document = docNode.getTextContent(); - } - } - } - return document; - } - catch (Exception ex) - { - throw new DocumentServiceException("Unabled to parse xml.", ex); - } - } - } - - public static String getRequestDocumentData(String xmlRequest) throws DocumentServiceException - { - if (xmlRequest == null || xmlRequest.isEmpty()) - throw new DocumentServiceException("XML request is empty"); - else - { - try - { - InputStream is = Utils.getStream(xmlRequest, "UTF-8"); - DocumentBuilderFactory xmlFactory = DocumentBuilderFactory.newInstance(); - DocumentBuilder docBuilder = xmlFactory.newDocumentBuilder(); - Document xmlDoc = docBuilder.parse(is); - XPathFactory xpathFact = XPathFactory.newInstance(); - XPath xpath = xpathFact.newXPath(); - return xpath.evaluate("/SignRequest/InputDocuments/Document/Base64Data/text()", xmlDoc); - - } - catch (Exception ex) - { - throw new DocumentServiceException("Unabled to parse xml.", ex); - } - } - } - - public static String getRequestDocumentMime(String xmlRequest) throws DocumentServiceException - { - if (xmlRequest == null || xmlRequest.isEmpty()) - throw new DocumentServiceException("XML request is empty"); - else - { - try - { - InputStream is = Utils.getStream(xmlRequest, "UTF-8"); - DocumentBuilderFactory xmlFactory = DocumentBuilderFactory.newInstance(); - DocumentBuilder docBuilder = xmlFactory.newDocumentBuilder(); - Document xmlDoc = docBuilder.parse(is); - XPathFactory xpathFact = XPathFactory.newInstance(); - XPath xpath = xpathFact.newXPath(); - return xpath.evaluate("/SignRequest/InputDocuments/Document/Base64Data/@MimeType", xmlDoc); - - } - catch (Exception ex) - { - throw new DocumentServiceException("Unabled to parse xml.", ex); - } - } - } - - private static String getDocId(String response) throws DocumentServiceException - { - if (response == null || response.isEmpty()) - throw new DocumentServiceException("Response is empty"); - else - { - if (response.contains("docId")) - { - int index = response.indexOf("docId"); - String docText = response.substring(response.indexOf(">" ,index), response.indexOf("<", index)); - String docId = docText.replaceAll("[<>]", ""); //s:label name="docId" value="%{docId}"/ - docId = docId.substring(docId.indexOf("/")+1); - docId = docId.substring(docId.indexOf('/')+1); - return docId.replace("/", ""); - } - else - throw new DocumentServiceException("No document ID in response."); - } - } - - /** - * String the document id - * @param docId the document id to strip - * @return the stripped ID - * @throws DocumentServiceException - */ - public static String StripDocId(String docId) throws DocumentServiceException - { - if (docId == null || docId.isEmpty()) - throw new DocumentServiceException("Doc ID is empty"); - else - { - docId = docId.substring(docId.indexOf("/")+1); - docId = docId.substring(docId.indexOf('/')+1); - return docId.replace("/", ""); - } - } - - public static String verifyRequest(String transferRequest) throws DocumentServiceException - { - if (transferRequest == null || transferRequest.isEmpty()) - throw new DocumentServiceException("Transfer request is empty"); - else - { - try { - String docId=""; - try{ - -// props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); -// System.out.println("url:"+props.getProperty("peps.url")); - -// final byte[] samlToken = PEPSUtil.decodeSAMLTokenUrlSafe(parameters -// .get(PEPSParameters.SAML_REQUEST.toString())); -// -// final STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); -// -// final STORKAttrQueryRequest attrData= engine.validateSTORKAttrQueryRequest(samlToken); - -// String response = Utils.sendPost(props.getProperty("peps.url"), "SAMLRequest=" + transferRequest); -// docId=getDocId(response);; - docId = GetDSSFileAction.processDocRequest(transferRequest); - }catch(Exception e){e.printStackTrace();} - return docId; - //FIXME -// String response = Utils.sendPost(props.getProperty("peps.url"), "SAMLRequest=" + transferRequest); -// return getDocId(response); - } catch (Exception e) { - e.printStackTrace(); - throw new DocumentServiceException("Could verify request.", e); - } - } - } - - public static String verifyRequestByte(byte[] transferRequest) throws DocumentServiceException - { - if (transferRequest == null) - throw new DocumentServiceException("Transfer request is empty"); - else - { - try { - props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); - String response = Utils.sendPost(props.getProperty("peps.url"),"SAMLRequest=" + Utils.encodeBase64bytes(transferRequest, true)); - return getDocId(response); - } catch (Exception e) { - e.printStackTrace(); - throw new DocumentServiceException("Could not read properties.", e); - } - - } - } -} diff --git a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java index 7cb2e7daf..3730b36ce 100644 --- a/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java +++ b/common/src/main/java/at/gv/egovernment/moa/logging/Logger.java @@ -168,6 +168,17 @@ public class Logger { } /** + * Info. + * + * @param string the string + * @param args the objects + */ + public static void info(String message, Object[] args) { + org.slf4j.Logger logger = getLogger(); + logger.info(prepareMessage(message), args); + } + + /** * Log a warning message. * * @param message The message to log. @@ -210,6 +221,17 @@ public class Logger { } /** + * Log an error message with additional information. + * + * @param message The message to log. + * @param variables The values to substitute {} of the logmessage with. + */ + public static void error(Object message, Object[] variables) { + org.slf4j.Logger logger = getLogger(); + logger.error(prepareMessage(message), variables); + } + + /** * Log a fatal error message. * * @param message The message to log. diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java index 5d12691f8..5a5f4edac 100644 --- a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java +++ b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java @@ -443,6 +443,10 @@ public interface Constants { /** URN prefix for context dependent id (stork). */ public static final String URN_PREFIX_STORK = URN_PREFIX + ":storkid"; + + //TODO: update to eIDAS prefix + /** URN prefix for context dependent id (eIDAS). */ + public static final String URN_PREFIX_EIDAS = URN_PREFIX + ":storkid"; /** URN prefix for context dependent id. */ public static final String URN_PREFIX_BASEID = URN_PREFIX + ":baseid"; diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java index 2b816ed4c..0a07fc4a7 100644 --- a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java +++ b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java @@ -246,6 +246,10 @@ public class DOMUtils { parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false); parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false); parser.setFeature(EXTERNAL_PARAMETER_ENTITIES_FEATURE, false); + + //fix XXE problem + parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + if (validating) { if (externalSchemaLocations != null) { diff --git a/common/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd b/common/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd new file mode 100644 index 000000000..4af373cf0 --- /dev/null +++ b/common/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd @@ -0,0 +1,35 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 119 612. In the event that any +part of this document in conflict with the text of TS 119 612 +then that text shall prevail as the authoritative source +--> +<xsd:schema targetNamespace="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tslx="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xsd:import namespace="http://uri.etsi.org/02231/v2#" schemaLocation="http://uri.etsi.org/19612/v1.2.1/tsl.xsd"/> + <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> + <xsd:element name="MimeType" type="xsd:string"/> + <xsd:element name="X509CertificateLocation" type="tsl:NonEmptyURIType"/> + <xsd:element name="PublicKeyLocation" type="tsl:NonEmptyURIType"/> + <xsd:element name="ExtendedKeyUsage" type="tslx:ExtendedKeyUsageType"/> + <xsd:complexType name="ExtendedKeyUsageType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="KeyPurposeId" type="xades:ObjectIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="TakenOverBy" type="tslx:TakenOverByType"/> + <xsd:complexType name="TakenOverByType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType"/> + <xsd:element name="TSPName" type="tsl:InternationalNamesType"/> + <xsd:element ref="tsl:SchemeOperatorName"/> + <xsd:element ref="tsl:SchemeTerritory"/> + <xsd:element name="OtherQualifier" type="tsl:AnyType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="CertSubjectDNAttribute" type="tslx:CertSubjectDNAttributeType"/> + <xsd:complexType name="CertSubjectDNAttributeType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="AttributeOID" type="xades:ObjectIdentifierType"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd b/common/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd new file mode 100644 index 000000000..42a96b78c --- /dev/null +++ b/common/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd @@ -0,0 +1,81 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 119 612. In the event that any +part of this document in conflict with the text of TS 119 612 +then that text shall prevail as the authoritative source +--> +<xsd:schema targetNamespace="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> + <xsd:element name="Qualifications" type="tns:QualificationsType"/> + <xsd:complexType name="QualificationsType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="QualificationElement" type="tns:QualificationElementType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="QualificationElementType"> + <xsd:sequence> + <xsd:element name="Qualifiers" type="tns:QualifiersType"/> + <xsd:element name="CriteriaList" type="tns:CriteriaListType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CriteriaListType"> + <xsd:annotation> + <xsd:documentation>Please first try to use the CriteriaList before doing the OtherCriteria extension point.</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="KeyUsage" type="tns:KeyUsageType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="PolicySet" type="tns:PoliciesListType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CriteriaList" type="tns:CriteriaListType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:element name="otherCriteriaList" type="xades:AnyType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="assert"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + <xsd:enumeration value="atLeastOne"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="QualifiersType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="Qualifier" type="tns:QualifierType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="QualifierType"> + <xsd:attribute name="uri" type="anyURI"/> + </xsd:complexType> + <xsd:complexType name="PoliciesListType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="PolicyIdentifier" type="xades:ObjectIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="KeyUsageType"> + <xsd:sequence maxOccurs="9"> + <xsd:element name="KeyUsageBit" type="tns:KeyUsageBitType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="KeyUsageBitType"> + <xsd:simpleContent> + <xsd:extension base="xsd:boolean"> + <xsd:attribute name="name"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="digitalSignature"/> + <xsd:enumeration value="nonRepudiation"/> + <xsd:enumeration value="keyEncipherment"/> + <xsd:enumeration value="dataEncipherment"/> + <xsd:enumeration value="keyAgreement"/> + <xsd:enumeration value="keyCertSign"/> + <xsd:enumeration value="crlSign"/> + <xsd:enumeration value="encipherOnly"/> + <xsd:enumeration value="decipherOnly"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> +</xsd:schema> diff --git a/common/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd b/common/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd new file mode 100644 index 000000000..fb1852ec0 --- /dev/null +++ b/common/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd @@ -0,0 +1,337 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 119 612. In the event that any +part of this document in conflict with the text of TS 119 612 +then that text shall prevail as the authoritative source + +This is a review done in October 2013 as a result of mismatches between the XML Schema and the specification of some data types within TS 119 612, +--> +<xsd:schema targetNamespace="http://uri.etsi.org/02231/v2#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <!-- Imports --> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> + <!-- Begin auxiliary types --> + <!--InternationalNamesType--> + <xsd:complexType name="InternationalNamesType"> + <xsd:sequence> + <xsd:element name="Name" type="tsl:MultiLangNormStringType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="MultiLangNormStringType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyNormalizedString"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="MultiLangStringType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyString"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:simpleType name="NonEmptyString"> + <xsd:restriction base="xsd:string"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="NonEmptyNormalizedString"> + <xsd:restriction base="xsd:normalizedString"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <!-- AddressType --> + <xsd:complexType name="AddressType"> + <xsd:sequence> + <xsd:element ref="tsl:PostalAddresses"/> + <xsd:element ref="tsl:ElectronicAddress"/> + </xsd:sequence> + </xsd:complexType> + <!--PostalAddressList Type--> + <xsd:element name="PostalAddresses" type="tsl:PostalAddressListType"/> + <xsd:complexType name="PostalAddressListType"> + <xsd:sequence> + <xsd:element ref="tsl:PostalAddress" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--PostalAddress Type--> + <xsd:element name="PostalAddress" type="tsl:PostalAddressType"/> + <xsd:complexType name="PostalAddressType"> + <xsd:sequence> + <xsd:element name="StreetAddress" type="tsl:NonEmptyString"/> + <xsd:element name="Locality" type="tsl:NonEmptyString"/> + <xsd:element name="StateOrProvince" type="tsl:NonEmptyString" minOccurs="0"/> + <xsd:element name="PostalCode" type="tsl:NonEmptyString" minOccurs="0"/> + <xsd:element name="CountryName" type="tsl:NonEmptyString"/> + </xsd:sequence> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:complexType> + <!--ElectronicAddressType--> + <!-- 2013-10. XML Schema CHANGE--> + <!-- ElectronicAddress changed to include MultilLan URIs for e-mails and web sites URIs as specified in TS 119 612--> + <xsd:element name="ElectronicAddress" type="tsl:ElectronicAddressType"/> + <xsd:complexType name="ElectronicAddressType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- Types for extensions in TSL --> + <xsd:complexType name="AnyType" mixed="true"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="Extension" type="tsl:ExtensionType"/> + <xsd:complexType name="ExtensionType"> + <xsd:complexContent> + <xsd:extension base="tsl:AnyType"> + <xsd:attribute name="Critical" type="xsd:boolean" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ExtensionsListType"> + <xsd:sequence> + <xsd:element ref="tsl:Extension" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--NonEmptyURIType--> + <xsd:simpleType name="NonEmptyURIType"> + <xsd:restriction base="xsd:anyURI"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <!--NonEmptyURIType with language indication--> + <xsd:complexType name="NonEmptyMultiLangURIType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyURIType"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!--List of NonEmptyURIType with language indication--> + <xsd:complexType name="NonEmptyMultiLangURIListType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--List of NonEmptyURIType--> + <xsd:complexType name="NonEmptyURIListType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- End auxiliary types --> + <!-- ROOT Element --> + <xsd:element name="TrustServiceStatusList" type="tsl:TrustStatusListType"/> + <!-- Trust Status List Type Definition --> + <!-- 2013-10. XML Schema CHANGE--> + <!-- Attribute TSLTag declared as xsd:anyURI --> + <xsd:complexType name="TrustStatusListType"> + <xsd:sequence> + <xsd:element ref="tsl:SchemeInformation"/> + <xsd:element ref="tsl:TrustServiceProviderList" minOccurs="0"/> + <xsd:element ref="ds:Signature" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="TSLTag" type="xsd:anyURI" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- 2013-10. XML Schema CHANGE--> + <!-- Supressed the type TSLTagType that served to restrict the value of TSLTag by XML Schema--> + <!-- In this way, the XML Schema is independent of the TSLTag value and this may change from version to version--> + <!-- TrustServiceProviderListType--> + <xsd:element name="TrustServiceProviderList" type="tsl:TrustServiceProviderListType"/> + <xsd:complexType name="TrustServiceProviderListType"> + <xsd:sequence> + <xsd:element ref="tsl:TrustServiceProvider" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSL Scheme Information --> + <xsd:element name="SchemeInformation" type="tsl:TSLSchemeInformationType"/> + <xsd:complexType name="TSLSchemeInformationType"> + <xsd:sequence> + <xsd:element name="TSLVersionIdentifier" type="xsd:integer"/> + <xsd:element name="TSLSequenceNumber" type="xsd:positiveInteger"/> + <xsd:element ref="tsl:TSLType"/> + <xsd:element ref="tsl:SchemeOperatorName"/> + <xsd:element name="SchemeOperatorAddress" type="tsl:AddressType"/> + <xsd:element ref="tsl:SchemeName"/> + <xsd:element ref="tsl:SchemeInformationURI"/> + <xsd:element name="StatusDeterminationApproach" type="tsl:NonEmptyURIType"/> + <xsd:element ref="tsl:SchemeTypeCommunityRules" minOccurs="0"/> + <xsd:element ref="tsl:SchemeTerritory" minOccurs="0"/> + <xsd:element ref="tsl:PolicyOrLegalNotice" minOccurs="0"/> + <xsd:element name="HistoricalInformationPeriod" type="xsd:nonNegativeInteger"/> + <xsd:element ref="tsl:PointersToOtherTSL" minOccurs="0"/> + <xsd:element name="ListIssueDateTime" type="xsd:dateTime"/> + <xsd:element ref="tsl:NextUpdate"/> + <xsd:element ref="tsl:DistributionPoints" minOccurs="0"/> + <xsd:element name="SchemeExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="TSLType" type="tsl:NonEmptyURIType"/> + <xsd:element name="SchemeOperatorName" type="tsl:InternationalNamesType"/> + <xsd:element name="SchemeName" type="tsl:InternationalNamesType"/> + <xsd:element name="SchemeInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> + <!-- 2013-10. XML Schema CHANGE--> + <!-- SchemeTypeCommunityRules changed to include MultilLang URIs for e-mails and web sites URIs as specified in TS 119 612--> + <xsd:element name="SchemeTypeCommunityRules" type="tsl:NonEmptyMultiLangURIListType"/> + <!-- SchemeTerritory --> + <!-- 2014-04. XML Schema CHANGE--> + <!-- element SchemeTerritory is now of type xsd:string. Suppressed the restriction of having only 2 characters, + as this element may contain other values than the country codes--> + <xsd:element name="SchemeTerritory" type="xsd:string"/> + <!-- Policy or Legal Notice --> + <xsd:element name="PolicyOrLegalNotice" type="tsl:PolicyOrLegalnoticeType"/> + <xsd:complexType name="PolicyOrLegalnoticeType"> + <xsd:choice> + <xsd:element name="TSLPolicy" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> + <xsd:element name="TSLLegalNotice" type="tsl:MultiLangStringType" maxOccurs="unbounded"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="NextUpdate" type="tsl:NextUpdateType"/> + <xsd:complexType name="NextUpdateType"> + <xsd:sequence> + <xsd:element name="dateTime" type="xsd:dateTime" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!--OtherTSLPointersType--> + <xsd:element name="PointersToOtherTSL" type="tsl:OtherTSLPointersType"/> + <xsd:complexType name="OtherTSLPointersType"> + <xsd:sequence> + <xsd:element ref="tsl:OtherTSLPointer" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="OtherTSLPointer" type="tsl:OtherTSLPointerType"/> + <xsd:complexType name="OtherTSLPointerType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceDigitalIdentities" minOccurs="0"/> + <xsd:element name="TSLLocation" type="tsl:NonEmptyURIType"/> + <xsd:element ref="tsl:AdditionalInformation" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="ServiceDigitalIdentities" type="tsl:ServiceDigitalIdentityListType"/> + <xsd:complexType name="ServiceDigitalIdentityListType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceDigitalIdentity" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="AdditionalInformation" type="tsl:AdditionalInformationType"/> + <xsd:complexType name="AdditionalInformationType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="TextualInformation" type="tsl:MultiLangStringType"/> + <xsd:element name="OtherInformation" type="tsl:AnyType"/> + </xsd:choice> + </xsd:complexType> + <!--DistributionPoints element--> + <!-- 2013-10. XML Schema CHANGE--> + <!-- DistributionPointschanged from ElectronicAddress to nonEmptyURIListType as ElectronicAddress does + now contain a list of multilang URIs, which is not required for distribution points--> + <xsd:element name="DistributionPoints" type="tsl:NonEmptyURIListType"/> + <!-- TSPType --> + <xsd:element name="TrustServiceProvider" type="tsl:TSPType"/> + <xsd:complexType name="TSPType"> + <xsd:sequence> + <xsd:element ref="tsl:TSPInformation"/> + <xsd:element ref="tsl:TSPServices"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPInformationType --> + <xsd:element name="TSPInformation" type="tsl:TSPInformationType"/> + <xsd:complexType name="TSPInformationType"> + <xsd:sequence> + <xsd:element name="TSPName" type="tsl:InternationalNamesType"/> + <xsd:element name="TSPTradeName" type="tsl:InternationalNamesType" minOccurs="0"/> + <xsd:element name="TSPAddress" type="tsl:AddressType"/> + <xsd:element name="TSPInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> + <xsd:element name="TSPInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSP Services--> + <xsd:element name="TSPServices" type="tsl:TSPServicesListType"/> + <xsd:complexType name="TSPServicesListType"> + <xsd:sequence> + <xsd:element ref="tsl:TSPService" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="TSPService" type="tsl:TSPServiceType"/> + <xsd:complexType name="TSPServiceType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceInformation"/> + <xsd:element ref="tsl:ServiceHistory" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPServiceInformationType --> + <xsd:element name="ServiceInformation" type="tsl:TSPServiceInformationType"/> + <xsd:complexType name="TSPServiceInformationType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceTypeIdentifier"/> + <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> + <xsd:element ref="tsl:ServiceDigitalIdentity"/> + <xsd:element ref="tsl:ServiceStatus"/> + <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> + <xsd:element name="SchemeServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> + <xsd:element ref="tsl:ServiceSupplyPoints" minOccurs="0"/> + <xsd:element name="TSPServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> + <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- Service status --> + <xsd:element name="ServiceStatus" type="tsl:NonEmptyURIType"/> + <!-- Type for Service Supply Points --> + <xsd:element name="ServiceSupplyPoints" type="tsl:ServiceSupplyPointsType"/> + <xsd:complexType name="ServiceSupplyPointsType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="ServiceSupplyPoint" type="tsl:NonEmptyURIType"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPServiceIdentifier --> + <xsd:element name="ServiceTypeIdentifier" type="tsl:NonEmptyURIType"/> + <!-- DigitalIdentityType --> + <xsd:element name="ServiceDigitalIdentity" type="tsl:DigitalIdentityListType"/> + <xsd:complexType name="DigitalIdentityListType"> + <xsd:sequence> + <xsd:element name="DigitalId" type="tsl:DigitalIdentityType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="DigitalIdentityType"> + <xsd:choice> + <xsd:element name="X509Certificate" type="xsd:base64Binary"/> + <xsd:element name="X509SubjectName" type="xsd:string"/> + <xsd:element ref="ds:KeyValue"/> + <xsd:element name="X509SKI" type="xsd:base64Binary"/> + <xsd:element name="Other" type="tsl:AnyType" minOccurs="0"/> + </xsd:choice> + </xsd:complexType> + <!-- ServiceHistory element--> + <xsd:element name="ServiceHistory" type="tsl:ServiceHistoryType"/> + <xsd:complexType name="ServiceHistoryType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceHistoryInstance" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="ServiceHistoryInstance" type="tsl:ServiceHistoryInstanceType"/> + <xsd:complexType name="ServiceHistoryInstanceType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceTypeIdentifier"/> + <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> + <xsd:element ref="tsl:ServiceDigitalIdentity"/> + <xsd:element ref="tsl:ServiceStatus"/> + <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> + <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- Elements and types for Extensions --> + <!-- Extensions children of tsl:VaExtension--> + <!-- Element ExpiredCertsRevocationInfo --> + <xsd:element name="ExpiredCertsRevocationInfo" type="xsd:dateTime"/> + <!-- Element additionalServiceInformation --> + <xsd:element name="AdditionalServiceInformation" type="tsl:AdditionalServiceInformationType"/> + <xsd:complexType name="AdditionalServiceInformationType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType"/> + <xsd:element name="InformationValue" type="xsd:string" minOccurs="0"/> + <xsd:element name="OtherInformation" type="tsl:AnyType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index 51bb941a4..c672d32a6 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -57,17 +57,19 @@ </dependency> <dependency> <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> + <artifactId>javax.servlet-api</artifactId> <scope>provided</scope> </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-commons</artifactId> + <exclusions> + <exclusion> + <artifactId>hibernate-c3p0</artifactId> + <groupId>org.hibernate</groupId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -76,6 +78,11 @@ <version>1.0</version> </dependency> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-frontend-resources</artifactId> + </dependency> + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-lib</artifactId> @@ -92,10 +99,10 @@ <artifactId>moa-id-module-openID</artifactId> </dependency> - <dependency> +<!-- <dependency> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-module-stork</artifactId> - </dependency> + </dependency> --> <dependency> <groupId>org.apache.commons</groupId> @@ -170,17 +177,12 @@ <groupId>xalan</groupId> <artifactId>*</artifactId> </exclusion> - <exclusion> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk15on</artifactId> - </exclusion> </exclusions> </dependency> <dependency> <groupId>org.opensaml</groupId> <artifactId>openws</artifactId> - <!-- <version>${openws-version}</version> --> - <version>1.5.4</version> + <version>1.5.6</version> <exclusions> <exclusion> <artifactId>log4j-over-slf4j</artifactId> @@ -188,10 +190,6 @@ </exclusion> </exclusions> </dependency> - <dependency> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk16</artifactId> - </dependency> <dependency> <groupId>javax.mail</groupId> @@ -201,16 +199,23 @@ <dependency> <groupId>org.apache.struts</groupId> <artifactId>struts2-core</artifactId> + <exclusions> + <exclusion> + <artifactId>javassist</artifactId> + <groupId>javassist</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.apache.struts</groupId> <artifactId>struts2-json-plugin</artifactId> </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> +<!-- <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + </dependency> --> + <dependency> <groupId>commons-lang</groupId> <artifactId>commons-lang</artifactId> diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java index 12016a2bf..e3de84b0b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java @@ -30,7 +30,7 @@ import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.xml.XMLObject; import org.opensaml.xml.security.x509.BasicX509Credential; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java index ecf0d19d7..80800543b 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java @@ -36,6 +36,7 @@ import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; +import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BKUSelectionCustomizationType; @@ -50,7 +51,6 @@ import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation; -import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.util.MiscUtil; public class FormularCustomization implements IOnlineApplicationData { @@ -177,47 +177,47 @@ public class FormularCustomization implements IOnlineApplicationData { if (MiscUtil.isNotEmpty(formcustom.getBackGroundColor())) { backGroundColor = formcustom.getBackGroundColor(); - map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor()); + map.put(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR, formcustom.getBackGroundColor()); } if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColor())) { button_BackGroundColor = formcustom.getButtonBackGroundColor(); - map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor()); + map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR, formcustom.getButtonBackGroundColor()); } if (MiscUtil.isNotEmpty(formcustom.getButtonBackGroundColorFocus())) { button_BackGroundColorFocus = formcustom.getButtonBackGroundColorFocus(); - map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus()); + map.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, formcustom.getButtonBackGroundColorFocus()); } if (MiscUtil.isNotEmpty(formcustom.getButtonFontColor())) { button_FrontColor = formcustom.getButtonFontColor(); - map.put(FormBuildUtils.BUTTON_COLOR, formcustom.getButtonFontColor()); + map.put(FormBuildUtils.PARAM_BUTTON_COLOR, formcustom.getButtonFontColor()); } if (MiscUtil.isNotEmpty(formcustom.getFontType())) { fontType = formcustom.getFontType(); - map.put(FormBuildUtils.FONTFAMILY, formcustom.getFontType()); + map.put(FormBuildUtils.PARAM_FONTFAMILY, formcustom.getFontType()); } if (MiscUtil.isNotEmpty(formcustom.getFrontColor())) { frontColor = formcustom.getFrontColor(); - map.put(FormBuildUtils.MAIN_COLOR, formcustom.getFrontColor()); + map.put(FormBuildUtils.PARAM_MAIN_COLOR, formcustom.getFrontColor()); } if (MiscUtil.isNotEmpty(formcustom.getHeaderBackGroundColor())) { header_BackGroundColor = formcustom.getHeaderBackGroundColor(); - map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor()); + map.put(FormBuildUtils.PARAM_HEADER_BACKGROUNDCOLOR, formcustom.getHeaderBackGroundColor()); } if (MiscUtil.isNotEmpty(formcustom.getHeaderFrontColor())) { header_FrontColor = formcustom.getHeaderFrontColor(); - map.put(FormBuildUtils.HEADER_COLOR, formcustom.getHeaderFrontColor()); + map.put(FormBuildUtils.PARAM_HEADER_COLOR, formcustom.getHeaderFrontColor()); } if (MiscUtil.isNotEmpty(formcustom.getHeaderText())) { header_text = formcustom.getHeaderText(); - map.put(FormBuildUtils.HEADER_TEXT, formcustom.getHeaderText()); + map.put(FormBuildUtils.PARAM_HEADER_TEXT, formcustom.getHeaderText()); } } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index d8bb0179c..e71bad299 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.configuration.data; import java.util.ArrayList; import java.util.List; +import org.apache.log4j.Logger; + import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.ForeignIdentities; @@ -34,8 +36,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; -import org.apache.log4j.Logger; - public class GeneralStorkConfig { private List<CPEPS> cpepslist; @@ -61,7 +61,9 @@ public class GeneralStorkConfig { public void parse(MOAIDConfiguration config) { log.info("Initializing general Stork config"); - + + cpepslist = new ArrayList<CPEPS>(); + attributes = new ArrayList<StorkAttribute>(); if (config != null) { AuthComponentGeneral auth = config.getAuthComponentGeneral(); @@ -71,15 +73,14 @@ public class GeneralStorkConfig { if (foreign != null) { STORK stork = foreign.getSTORK(); - cpepslist = new ArrayList<CPEPS>(); - attributes = new ArrayList<StorkAttribute>(); - + if (stork != null) { // deep clone all the things - // to foreclose lazyloading session timeouts - - for(CPEPS current : stork.getCPEPS()) { - cpepslist.add(current); + // to foreclose lazyloading session timeouts + if (stork.getCPEPS() != null) { + for(CPEPS current : stork.getCPEPS()) { + cpepslist.add(current); + } } List<StorkAttribute> tmp = stork.getAttributes(); @@ -91,19 +92,26 @@ public class GeneralStorkConfig { try { qaa = stork.getQualityAuthenticationAssuranceLevel(); + } catch(NullPointerException e) { qaa = 4; } } - if (cpepslist.isEmpty()) - cpepslist = null; - - if(attributes.isEmpty()) - attributes.add(new StorkAttribute()); } } } + + if (cpepslist.isEmpty()) { + CPEPS defaultCPEPS = new CPEPS(); + defaultCPEPS.setCountryCode("CC"); + defaultCPEPS.setURL("http://"); + defaultCPEPS.setSupportsXMLSignature(true); + cpepslist.add(defaultCPEPS ); + + } + if(attributes.isEmpty()) + attributes.add(new StorkAttribute()); } public List<CPEPS> getRawCPEPSList() { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java index 58b0b9d17..b2cd18c26 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java @@ -36,12 +36,12 @@ import org.apache.commons.lang.SerializationUtils; import org.apache.log4j.Logger; import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.commons.api.data.BPKDecryptionParameters; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.BPKDecryption; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.EncBPKInformation; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; -import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index 22a978014..4cb7eba2d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -42,9 +42,7 @@ public class OAGeneralConfig implements IOnlineApplicationData{ private static final Logger log = Logger.getLogger(OAGeneralConfig.class); private boolean isActive = false; - - private String dbID = null; - + private String identifier = null; private String friendlyName = null; private boolean businessService = false; @@ -67,7 +65,7 @@ public class OAGeneralConfig implements IOnlineApplicationData{ friendlyName = dbOAConfig.getFriendlyName(); identifier = dbOAConfig.getPublicURLPrefix(); - + if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_BUSINESSSERVICE)) businessService = true; else @@ -163,27 +161,5 @@ public class OAGeneralConfig implements IOnlineApplicationData{ public void setActive(boolean isActive) { this.isActive = isActive; - } - - /** - * @return the dbID - */ - public String getDbID() { - return dbID; - } - - - /** - * @param dbID the dbID to set - */ - public void setDbID(long dbID) { - this.dbID = String.valueOf(dbID); - } - - /** - * @param dbID the dbID to set - */ - public void setDbID(String dbID) { - this.dbID = dbID; - } + } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java index d26fe8a89..c0e1eaaf7 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASTORKConfig.java @@ -41,7 +41,8 @@ import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation; -import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory; +import at.gv.egovernment.moa.util.MiscUtil; +//import at.gv.egovernment.moa.id.protocols.stork2.AttributeProviderFactory; public class OASTORKConfig implements IOnlineApplicationData{ @@ -120,8 +121,10 @@ public class OASTORKConfig implements IOnlineApplicationData{ enabledCitizenCountries = new ArrayList<String>(); - for(CPEPS current : config.getCPEPS()) - enabledCitizenCountries.add(current.getCountryCode()); + if (config.getCPEPS() != null) { + for(CPEPS current : config.getCPEPS()) + enabledCitizenCountries.add(current.getCountryCode()); + } // prepare attribute helper list attributes = new ArrayList<AttributeHelper>(); @@ -130,9 +133,11 @@ public class OASTORKConfig implements IOnlineApplicationData{ for(StorkAttribute current : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) { AttributeHelper tmp = null; - for(OAStorkAttribute sepp : config.getOAAttributes()) - if(sepp.getName().equals(current.getName())) - tmp = new AttributeHelper(sepp); + if (config.getOAAttributes() != null) { + for(OAStorkAttribute sepp : config.getOAAttributes()) + if(sepp.getName() != null && sepp.getName().equals(current.getName())) + tmp = new AttributeHelper(sepp); + } if(null == tmp) tmp = new AttributeHelper(current); @@ -237,16 +242,29 @@ public class OASTORKConfig implements IOnlineApplicationData{ return result; for(AttributeHelper current : getHelperAttributes()) { - for(StorkAttribute currentAttribute : dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes()) - if(currentAttribute.getName().equals(current.getName())) { - if(current.isUsed() || currentAttribute.isMandatory()) { - OAStorkAttribute tmp = new OAStorkAttribute(); - tmp.setName(current.getName()); - tmp.setMandatory(current.isMandatory()); - result.add(tmp); + List<StorkAttribute> generalConfStorkAttr = null; + try { + generalConfStorkAttr = dbconfig.getAuthComponentGeneral().getForeignIdentities().getSTORK().getAttributes(); + + } catch (NullPointerException e) { + log.trace("No STORK attributes in 'General Configuration'"); + + } + + if (generalConfStorkAttr != null) { + for(StorkAttribute currentAttribute : generalConfStorkAttr) + if(MiscUtil.isNotEmpty(currentAttribute.getName()) && + currentAttribute.getName().equals(current.getName())) { + if(current.isUsed() || currentAttribute.isMandatory()) { + OAStorkAttribute tmp = new OAStorkAttribute(); + tmp.setName(current.getName()); + tmp.setMandatory(current.isMandatory()); + result.add(tmp); + + } + break; } - break; - } + } } return result; @@ -293,7 +311,10 @@ public class OASTORKConfig implements IOnlineApplicationData{ } public List<String> getAvailableAttributeProviderPlugins() { - return AttributeProviderFactory.getAvailablePlugins(); + //TODO: remove in final version + + return new ArrayList<String>(); + //return AttributeProviderFactory.getAvailablePlugins(); } public List<AttributeProviderPlugin> getAttributeProviderPlugins() { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java index 9ddb41d83..c80bc1925 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -22,22 +22,29 @@ */ package at.gv.egovernment.moa.id.configuration.struts.action; -import iaik.utils.URLDecoder; - +import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.StringWriter; import java.util.ArrayList; import java.util.Arrays; +import java.util.Iterator; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; +import java.util.Map.Entry; import org.apache.log4j.Logger; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException; -import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder; +import at.gv.egovernment.moa.id.auth.frontend.builder.ServiceProviderSpecificGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; +import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; @@ -57,9 +64,9 @@ import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; -import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.utils.URLDecoder; /** * @author tlenz @@ -255,25 +262,8 @@ public class BasicOAAction extends BasicAction { OnlineApplication onlineapplication = null; - Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); - Long oaid = (long) -1; - - if (oadbid != null) { - try { - oaid = (Long) oadbid; - if (oaid < 0 || oaid > Long.MAX_VALUE) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); - } - - } catch (Throwable t) { - throw new BasicOAActionException( - LanguageHelper.getErrorString("errors.edit.oa.oaid", request), - Constants.STRUTS_ERROR); - } - } - + Long oaid = getOAIDFromSession(); + // valid DBID and check entry OAGeneralConfig oaGeneralForm = ((OAGeneralConfig)formList.get(new OAGeneralConfig().getName())); String oaidentifier = oaGeneralForm.getIdentifier(); @@ -309,14 +299,15 @@ public class BasicOAAction extends BasicAction { onlineapplication = configuration.getDbRead().getOnlineApplication(oaidentifier); } - setNewOA(true); + if (onlineapplication != null) { log.info("The OAIdentifier is not unique"); throw new BasicOAActionException( LanguageHelper.getErrorString("validation.general.oaidentifier.notunique", request), Constants.STRUTS_ERROR_VALIDATION); - } + } else + setNewOA(true); } else { onlineapplication = configuration.getDbRead().getOnlineApplication(oaid); @@ -355,6 +346,29 @@ public class BasicOAAction extends BasicAction { } + protected Long getOAIDFromSession() throws BasicOAActionException { + Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); + Long oaid = (long) -1; + + if (oadbid != null) { + try { + oaid = (Long) oadbid; + if (oaid < 0 || oaid > Long.MAX_VALUE) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + + } catch (Throwable t) { + throw new BasicOAActionException( + LanguageHelper.getErrorString("errors.edit.oa.oaid", request), + Constants.STRUTS_ERROR); + } + } + + return oaid; + } + protected String preProcessDeleteOnlineApplication() throws BasicOAActionException { try { Object formidobj = session.getAttribute(Constants.SESSION_FORMID); @@ -582,15 +596,16 @@ public class BasicOAAction extends BasicAction { log.info("NO MOA-ID instance URL configurated."); input.close(); throw new ConfigurationException("No MOA-ID instance configurated"); + } - - preview = LoginFormBuilder.getTemplate(input); - preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath); - - Map<String, String> map = (Map<String, String>) mapobj; - + + //set parameters + Map<String, Object> params = (Map<String, Object>) mapobj; + params.put( + ServiceProviderSpecificGUIFormBuilderConfiguration.PARAM_AUTHCONTEXT, + contextpath); + request.setCharacterEncoding("UTF-8"); - String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE); String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE); @@ -599,24 +614,36 @@ public class BasicOAAction extends BasicAction { value = query[1].substring("value=".length()); } - synchronized (map) { - + synchronized (params) { if (MiscUtil.isNotEmpty(module)) { - if (map.containsKey("#" + module + "#")) { + if (params.containsKey(module)) { if (MiscUtil.isNotEmpty(value)) { - if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module) + if (FormBuildUtils.PARAM_FONTFAMILY.contains(module) || FormBuildUtils.PARAM_HEADER_TEXT.contains(module) || value.startsWith("#")) - map.put("#" + module + "#", value); + params.put(module, value); else - map.put("#" + module + "#", "#" + value); + params.put(module, "#" + value); } else { - map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#")); + params.put(module, FormBuildUtils.getDefaultMap().get(module)); } } } - preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map, true); } + + //write preview + VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); + VelocityContext context = new VelocityContext(); + Iterator<Entry<String, Object>> interator = params.entrySet().iterator(); + while (interator.hasNext()) { + Entry<String, Object> el = interator.next(); + context.put(el.getKey(), el.getValue()); + + } + StringWriter writer = new StringWriter(); + engine.evaluate(context, writer, "BKUSelection_preview", + new BufferedReader(new InputStreamReader(input))); + stream = new ByteArrayInputStream(writer.toString().getBytes("UTF-8")); } else { preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible", request); @@ -629,7 +656,7 @@ public class BasicOAAction extends BasicAction { } - stream = new ByteArrayInputStream(preview.getBytes()); + return Constants.STRUTS_SUCCESS; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java index 504b598c0..40e9b1a90 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditGeneralConfigAction.java @@ -542,42 +542,71 @@ public class EditGeneralConfigAction extends BasicAction { forcon.setURL(moaconfig.getSzrgwURL()); } - ForeignIdentities foreign = dbauth.getForeignIdentities(); - if (foreign != null) { - STORK stork = foreign.getSTORK(); - if (stork == null) { - stork = new STORK(); - foreign.setSTORK(stork); - - } - - try { - log.error("QAAAA " + storkconfig.getDefaultQaa()); - stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa()); + ForeignIdentities foreign = dbauth.getForeignIdentities(); + if (foreign != null) { + STORK stork = foreign.getSTORK(); + if (stork == null) { + stork = new STORK(); + foreign.setSTORK(stork); - if (storkconfig.getAttributes() != null) - stork.setAttributes(storkconfig.getAttributes()); - - else + } + + try { + log.error("QAAAA " + storkconfig.getDefaultQaa()); + stork.setQualityAuthenticationAssuranceLevel(storkconfig.getDefaultQaa()); + + if (storkconfig.getAttributes() != null) { + List<StorkAttribute> dbStorkAttr = new ArrayList<StorkAttribute>(); + stork.setAttributes(dbStorkAttr); + + + for (StorkAttribute attr : storkconfig.getAttributes()) { + if (attr != null && MiscUtil.isNotEmpty(attr.getName())) + dbStorkAttr.add(attr); + + else + log.info("Remove null or empty STORK attribute"); + } + + } else stork.setAttributes((List<StorkAttribute>) (new ArrayList<StorkAttribute>())); - if (storkconfig.getCpepslist() != null) - - stork.setCPEPS(storkconfig.getCpepslist()); - else - stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>())); + if (storkconfig.getCpepslist() != null) { + List<CPEPS> dbStorkCPEPS = new ArrayList<CPEPS>(); + stork.setCPEPS(dbStorkCPEPS); + + for (CPEPS cpeps : storkconfig.getCpepslist()) { + if (cpeps != null && MiscUtil.isNotEmpty(cpeps.getURL()) && + MiscUtil.isNotEmpty(cpeps.getCountryCode())) { + + if (cpeps.getCountryCode().equals("CC") && + cpeps.getURL().equals("http://")) + log.info("Remove dummy STORK CPEPS entry."); + + else + dbStorkCPEPS.add(cpeps); + + } else + log.info("Remove null or emtpy STORK CPEPS configuration"); + } - } catch (Exception e) { - e.printStackTrace(); - } - - try{ - log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() ); - log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL()); - } catch (Exception ex) { - log.info("CPEPS LIST is null"); - } - } + } else + stork.setCPEPS((List<CPEPS>) (new ArrayList<CPEPS>())); + + } catch (Exception e) { + e.printStackTrace(); + + } + + try{ + log.info("CPEPS LIST: " + storkconfig.getCpepslist().size() ); + log.trace("CPEPS 1:" + storkconfig.getCpepslist().get(0).getCountryCode() +storkconfig.getCpepslist().get(0).getURL()); + + } catch (Exception ex) { + log.info("CPEPS LIST is null"); + + } + } if (MiscUtil.isNotEmpty(moaconfig.getMandateURL())) { OnlineMandates dbmandate = dbauth.getOnlineMandates(); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 1079932b9..85b8a8ea0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -22,6 +22,14 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.struts.action; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.StorkAttribute; @@ -29,17 +37,22 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; -import at.gv.egovernment.moa.id.configuration.data.oa.*; +import at.gv.egovernment.moa.id.configuration.data.oa.AttributeHelper; +import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; +import at.gv.egovernment.moa.id.configuration.data.oa.OABPKEncryption; +import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config; +import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; +import at.gv.egovernment.moa.id.configuration.data.oa.OARevisionsLogData; +import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; +import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; import at.gv.egovernment.moa.id.configuration.exception.BasicActionException; import at.gv.egovernment.moa.id.configuration.exception.BasicOAActionException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; -import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.util.MiscUtil; -import org.apache.log4j.Logger; - -import java.util.*; public class EditOAAction extends BasicOAAction { @@ -74,7 +87,7 @@ public class EditOAAction extends BasicOAAction { OASTORKConfig storkOA = new OASTORKConfig(); formList.put(storkOA.getName(), storkOA); - + Map<String, String> map = new HashMap<String, String>(); map.putAll(FormBuildUtils.getDefaultMap()); FormularCustomization formOA = new FormularCustomization(map); @@ -331,9 +344,35 @@ public class EditOAAction extends BasicOAAction { } oaidentifier = preProcessDeleteOnlineApplication(); - OnlineApplication onlineapplication = configuration.getDbRead() - .getOnlineApplication(oaidentifier); - + List<OnlineApplication> onlineapplications = configuration.getDbRead() + .getOnlineApplications(oaidentifier); + + Long oaid = getOAIDFromSession(); + + OnlineApplication onlineapplication = null; + + if (onlineapplications != null && onlineapplications.size() > 1) { + log.info("Found more then one OA with PublicURLPrefix in configuration. " + + "Select OA with DB Id ..."); + + for (OnlineApplication oa : onlineapplications) { + if (oa.getHjid().equals(oaid)) { + if (onlineapplication == null) + onlineapplication = oa; + + else { + log.error("Found more then one OA with same PublicURLPrefix and same DBID."); + new BasicOAActionException( + "Found more then one OA with same PublicURLPrefix and same DBID.", + Constants.STRUTS_SUCCESS); + + } + } + } + + } else if (onlineapplications != null && onlineapplications.size() == 1) + onlineapplication = onlineapplications.get(0); + request.getSession().setAttribute(Constants.SESSION_OAID, null); // try { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java index 8588dd286..c00eb46a5 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/VIDPAction.java @@ -26,12 +26,12 @@ import java.util.HashMap; import java.util.LinkedHashMap; import java.util.Map; +import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; import at.gv.egovernment.moa.id.configuration.data.oa.IOnlineApplicationData; import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; import at.gv.egovernment.moa.id.configuration.data.oa.OATargetConfiguration; -import at.gv.egovernment.moa.id.util.FormBuildUtils; /** * @author tlenz diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index d4e8e957d..617e9cf51 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -367,7 +367,7 @@ public class MOAConfigValidator { check = form.getSsoTarget(); if (MiscUtil.isEmpty(check)) { log.info("Empty SSO Target"); - errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); + //errors.add(LanguageHelper.getErrorString("validation.general.sso.target.empty", request)); } else { if (!ValidationHelper.isValidAdminTarget(check)) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index b69d37d57..6b5c51e3f 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -47,31 +47,33 @@ public class StorkConfigValidator { errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", new Object[] {check}, request )); } + + // check url + check = current.getURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("CPEPS config URL is invalid : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request)); + } + } else { + log.warn("CPEPS config url is empty : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {check}, request )); + } + } else { log.warn("CPEPS config countrycode is empty : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check}, request )); +// errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", +// new Object[] {check}, request )); } - // check url - check = current.getURL(); - if (MiscUtil.isNotEmpty(check)) { - if (!ValidationHelper.validateURL(check)) { - log.info("CPEPS config URL is invalid : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url", request)); - } - } else { - log.warn("CPEPS config url is empty : " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {check}, request )); - } } if (form.getCpepslist() != null) { // ensure uniqueness of country code for (CPEPS one : form.getCpepslist()) for (CPEPS another : form.getCpepslist()) - if (null != one && null != another) + if (null != one && null != another && one.getCountryCode() != null) if (!one.equals(another) && one.getCountryCode().equals(another.getCountryCode())) { errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.duplicate", request)); break; @@ -90,16 +92,20 @@ public class StorkConfigValidator { // check attributes if (MiscUtil.isNotEmpty(form.getAttributes())) { for(StorkAttribute check : form.getAttributes()) { - if (ValidationHelper.containsPotentialCSSCharacter(check.getName(), true)) { - log.warn("default attributes contains potentail XSS characters: " + check); - errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); - } - if(!check.getName().toLowerCase().matches("^[a-z0-9]*$")) { - log.warn("default attributes do not match the requested format : " + check); + if (check != null && MiscUtil.isNotEmpty(check.getName())) { + String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? + if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) { + log.warn("default attributes contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {check}, request )); - } + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + } + if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) { + log.warn("default attributes do not match the requested format : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {check}, request )); + } + + } } //TODO: STORK attributes check if no attribute is set diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java index fd4226c5b..47c8f23b4 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java @@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml index f978e9385..6182a30ce 100644 --- a/id/ConfigWebTool/src/main/resources/struts.xml +++ b/id/ConfigWebTool/src/main/resources/struts.xml @@ -115,8 +115,9 @@ </action> <action name="main" method="generateMainFrame" class="at.gv.egovernment.moa.id.configuration.struts.action.MainAction"> + <result name="input">/jsp/mainpage.jsp</result> <result name="success">/jsp/mainpage.jsp</result> - <result name="error">/error.jsp</result> + <result name="error">/error.jsp</result> <result name="reauthentication" type="redirectAction"> <param name="actionName">logout</param> <param name="namespace">/</param> diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css index 00a2fa851..6b4d310ef 100644 --- a/id/ConfigWebTool/src/main/webapp/css/index.css +++ b/id/ConfigWebTool/src/main/webapp/css/index.css @@ -69,11 +69,11 @@ h5{ #menu_area { margin-top: 25px; width: 300px; - margin-left: 0px; - position: absolute; + margin-left: 0px; padding-left: 0px; padding-top: 3px; float: left; + clear: both; } .menu_element { margin-top: 5px; diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp index ac2c8de5a..45ea159e4 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editMOAConfig.jsp @@ -288,7 +288,12 @@ <s:iterator value="storkconfig.cpepslist" status="stat"> <tr> <td style="display:none;"><s:textfield name="storkconfig.cpepslist[%{#stat.index}].hjid" value="%{hjid}" cssStyle="display:none;"/></td> - <td><s:property value="%{countryCode}" /></td> + <s:if test="%{countryCode == 'CC'}"> + <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].countryCode" value="%{countryCode}" cssClass="textfield_short"/></td> + </s:if> + <s:else> + <td><s:property value="%{countryCode}" /></td> + </s:else> <td><s:textfield name="storkconfig.cpepslist[%{#stat.index}].URL" value="%{URL}" cssClass="textfield_long"/></td> <td><s:checkbox name="storkconfig.cpepslist[%{#stat.index}].supportsXMLSignature" value="%{supportsXMLSignature}" /></td> <td><input class="button_narrow" type="button" value="<%=LanguageHelper.getGUIString("webpages.moaconfig.stork.removepeps", request) %>" onclick='this.parentNode.parentNode.parentNode.removeChild(this.parentNode.parentNode);'/></td> diff --git a/id/assembly-auth-edu.xml b/id/assembly-auth-edu.xml new file mode 100644 index 000000000..c11f790e4 --- /dev/null +++ b/id/assembly-auth-edu.xml @@ -0,0 +1,191 @@ +<assembly> + <id>id-auth-edu-${moa-id-version}</id> + + <formats> + <format>dir</format> + <format>zip</format> + <!-- <format>tar.gz</format> --> + </formats> + + <baseDirectory>moa-id-auth-edu-${moa-id-version}</baseDirectory> + + <fileSets> + <fileSet> + <directory>${basedir}/id/server/data/deploy</directory> + <outputDirectory>/</outputDirectory> + <excludes> + <exclude>**/conf/Catalina/**</exclude> + <exclude>${basedir}/id/server/data/deploy/conf/moa-id-proxy/**</exclude> + </excludes> + </fileSet> + <fileSet> + <directory>${basedir}/spss/handbook/conf/moa-spss/certstore</directory> + <outputDirectory>/conf/moa-id/certs/certstore</outputDirectory> + <includes> + <include>**/*</include> + </includes> + </fileSet> + <fileSet> + <directory>${basedir}/spss/handbook/conf/moa-spss/certstore</directory> + <outputDirectory>/conf/moa-spss/certstore</outputDirectory> + <includes> + <include>**/*</include> + </includes> + </fileSet> + <fileSet> + <directory>${basedir}/id/server/doc</directory> + <outputDirectory>/doc</outputDirectory> + <excludes> + <exclude>${basedir}/id/server/doc/proxy/**</exclude> + </excludes> + </fileSet> + <fileSet> + <directory>${basedir}/id/server/data/deploy/conf</directory> + <outputDirectory>/doc/conf</outputDirectory> + <excludes> + <exclude>${basedir}/id/server/data/deploy/conf/moa-id-proxy/**</exclude> + </excludes> + </fileSet> + <fileSet> + <directory>${basedir}/id</directory> + <outputDirectory>/</outputDirectory> + <includes> + <include>history.txt</include> + <include>readme_${moa-id-version}.txt</include> + </includes> + </fileSet> + <fileSet> + <directory>${basedir}</directory> + <outputDirectory>/</outputDirectory> + <includes> + <include>LICENSE-2.0.txt</include> + <include>NOTICE.txt</include> + <include>IAIK-LICENSE.txt</include> + <include>EUPL v.1.1 - Licence.pdf</include> + <include>SIC_LICENSE.txt</include> + </includes> + </fileSet> + </fileSets> + + <moduleSets> + <moduleSet> + <includes> + <include>MOA.id.server:moa-id-auth-edu</include> + </includes> + <binaries> + <includeDependencies>true</includeDependencies> + <outputDirectory>/</outputDirectory> + <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping> + <dependencySets> + <dependencySet> + <includes> + <include>xalan-bin-dist:xalan</include> + <include>xerces:xercesImpl</include> + <include>xalan-bin-dist:xml-apis</include> + <include>xalan-bin-dist:serializer</include> + </includes> + <outputDirectory>/endorsed</outputDirectory> + <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping> + </dependencySet> + <dependencySet> + <includes> + <include>iaik.prod:iaik_ecc</include> + <include>iaik.prod:iaik_jce_full</include> + <include>iaik.prod:iaik_Pkcs11Provider</include> + <include>iaik.prod:iaik_Pkcs11Wrapper:jar</include> + </includes> + <outputDirectory>/ext</outputDirectory> + <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping> + </dependencySet> + </dependencySets> + <unpack>false</unpack> + </binaries> + </moduleSet> + + <moduleSet> + <includes> + <include>MOA.id.server:moa-id-lib</include> + </includes> + <binaries> + <attachmentClassifier>javadoc</attachmentClassifier> + <includeDependencies>false</includeDependencies> + <outputFileNameMapping>api-doc</outputFileNameMapping> + <outputDirectory>/doc</outputDirectory> + <unpack>true</unpack> + </binaries> + </moduleSet> + + <moduleSet> + <includes> + <include>MOA.id:moa-id-configuration</include> + </includes> + <binaries> + <includeDependencies>false</includeDependencies> + <outputDirectory>/</outputDirectory> + <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping> + <unpack>false</unpack> + </binaries> + </moduleSet> + + <moduleSet> + <includes> + <include>MOA.id.server:moa-id-commons</include> + </includes> + <binaries> + <includeDependencies>false</includeDependencies> + <outputDirectory>/migration/</outputDirectory> + <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping> + <unpack>false</unpack> + <dependencySets> + <dependencySet> + <outputDirectory>/migration/dependency-jars</outputDirectory> + <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping> + </dependencySet> + </dependencySets> + </binaries> + </moduleSet> + + <moduleSet> + <includes> + <include>MOA.id:moa-id-oa</include> + </includes> + <sources> + <useDefaultExcludes>true</useDefaultExcludes> + <outputDirectory>../</outputDirectory> + <includeModuleDirectory>true</includeModuleDirectory> + <outputDirectoryMapping>/source/${artifactId}/src</outputDirectoryMapping> + <excludes> + <exclude>**/target/**</exclude> + <exclude>**/bin/**</exclude> + <exclude>**/.settings/**</exclude> + <exclude>.*</exclude> + </excludes> + <includes> + <include>pom.xml</include> + </includes> + </sources> + <binaries> + <includeDependencies>false</includeDependencies> + <outputDirectory>/</outputDirectory> + <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping> + <unpack>false</unpack> + <dependencySets> + <dependencySet> + <includes> + <include>iaik:commons-iaik</include> + <include>MOA:moa-common</include> + </includes> + <outputDirectory>/source/repositority</outputDirectory> + <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping> + </dependencySet> + </dependencySets> + </binaries> + </moduleSet> + + </moduleSets> + + <componentDescriptors> + <componentDescriptor>component-pkcs11libs.xml</componentDescriptor> + </componentDescriptors> + +</assembly> diff --git a/id/assembly-auth-final.xml b/id/assembly-auth-final.xml new file mode 100644 index 000000000..504f5620a --- /dev/null +++ b/id/assembly-auth-final.xml @@ -0,0 +1,191 @@ +<assembly>
+ <id>id-auth-final-${moa-id-version}</id>
+
+ <formats>
+ <format>dir</format>
+ <format>zip</format>
+ <!-- <format>tar.gz</format> -->
+ </formats>
+
+ <baseDirectory>moa-id-auth-final-${moa-id-version}</baseDirectory>
+
+ <fileSets>
+ <fileSet>
+ <directory>${basedir}/id/server/data/deploy</directory>
+ <outputDirectory>/</outputDirectory>
+ <excludes>
+ <exclude>**/conf/Catalina/**</exclude>
+ <exclude>${basedir}/id/server/data/deploy/conf/moa-id-proxy/**</exclude>
+ </excludes>
+ </fileSet>
+ <fileSet>
+ <directory>${basedir}/spss/handbook/conf/moa-spss/certstore</directory>
+ <outputDirectory>/conf/moa-id/certs/certstore</outputDirectory>
+ <includes>
+ <include>**/*</include>
+ </includes>
+ </fileSet>
+ <fileSet>
+ <directory>${basedir}/spss/handbook/conf/moa-spss/certstore</directory>
+ <outputDirectory>/conf/moa-spss/certstore</outputDirectory>
+ <includes>
+ <include>**/*</include>
+ </includes>
+ </fileSet>
+ <fileSet>
+ <directory>${basedir}/id/server/doc</directory>
+ <outputDirectory>/doc</outputDirectory>
+ <excludes>
+ <exclude>${basedir}/id/server/doc/proxy/**</exclude>
+ </excludes>
+ </fileSet>
+ <fileSet>
+ <directory>${basedir}/id/server/data/deploy/conf</directory>
+ <outputDirectory>/doc/conf</outputDirectory>
+ <excludes>
+ <exclude>${basedir}/id/server/data/deploy/conf/moa-id-proxy/**</exclude>
+ </excludes>
+ </fileSet>
+ <fileSet>
+ <directory>${basedir}/id</directory>
+ <outputDirectory>/</outputDirectory>
+ <includes>
+ <include>history.txt</include>
+ <include>readme_${moa-id-version}.txt</include>
+ </includes>
+ </fileSet>
+ <fileSet>
+ <directory>${basedir}</directory>
+ <outputDirectory>/</outputDirectory>
+ <includes>
+ <include>LICENSE-2.0.txt</include>
+ <include>NOTICE.txt</include>
+ <include>IAIK-LICENSE.txt</include>
+ <include>EUPL v.1.1 - Licence.pdf</include>
+ <include>SIC_LICENSE.txt</include>
+ </includes>
+ </fileSet>
+ </fileSets>
+
+ <moduleSets>
+ <moduleSet>
+ <includes>
+ <include>MOA.id.server:moa-id-auth-final</include>
+ </includes>
+ <binaries>
+ <includeDependencies>true</includeDependencies>
+ <outputDirectory>/</outputDirectory>
+ <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
+ <dependencySets>
+ <dependencySet>
+ <includes>
+ <include>xalan-bin-dist:xalan</include>
+ <include>xerces:xercesImpl</include>
+ <include>xalan-bin-dist:xml-apis</include>
+ <include>xalan-bin-dist:serializer</include>
+ </includes>
+ <outputDirectory>/endorsed</outputDirectory>
+ <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
+ </dependencySet>
+ <dependencySet>
+ <includes>
+ <include>iaik.prod:iaik_ecc</include>
+ <include>iaik.prod:iaik_jce_full</include>
+ <include>iaik.prod:iaik_Pkcs11Provider</include>
+ <include>iaik.prod:iaik_Pkcs11Wrapper:jar</include>
+ </includes>
+ <outputDirectory>/ext</outputDirectory>
+ <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
+ </dependencySet>
+ </dependencySets>
+ <unpack>false</unpack>
+ </binaries>
+ </moduleSet>
+
+ <moduleSet>
+ <includes>
+ <include>MOA.id.server:moa-id-lib</include>
+ </includes>
+ <binaries>
+ <attachmentClassifier>javadoc</attachmentClassifier>
+ <includeDependencies>false</includeDependencies>
+ <outputFileNameMapping>api-doc</outputFileNameMapping>
+ <outputDirectory>/doc</outputDirectory>
+ <unpack>true</unpack>
+ </binaries>
+ </moduleSet>
+
+ <moduleSet>
+ <includes>
+ <include>MOA.id:moa-id-configuration</include>
+ </includes>
+ <binaries>
+ <includeDependencies>false</includeDependencies>
+ <outputDirectory>/</outputDirectory>
+ <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
+ <unpack>false</unpack>
+ </binaries>
+ </moduleSet>
+
+ <moduleSet>
+ <includes>
+ <include>MOA.id.server:moa-id-commons</include>
+ </includes>
+ <binaries>
+ <includeDependencies>false</includeDependencies>
+ <outputDirectory>/migration/</outputDirectory>
+ <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
+ <unpack>false</unpack>
+ <dependencySets>
+ <dependencySet>
+ <outputDirectory>/migration/dependency-jars</outputDirectory>
+ <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
+ </dependencySet>
+ </dependencySets>
+ </binaries>
+ </moduleSet>
+
+ <moduleSet>
+ <includes>
+ <include>MOA.id:moa-id-oa</include>
+ </includes>
+ <sources>
+ <useDefaultExcludes>true</useDefaultExcludes>
+ <outputDirectory>../</outputDirectory>
+ <includeModuleDirectory>true</includeModuleDirectory>
+ <outputDirectoryMapping>/source/${artifactId}/src</outputDirectoryMapping>
+ <excludes>
+ <exclude>**/target/**</exclude>
+ <exclude>**/bin/**</exclude>
+ <exclude>**/.settings/**</exclude>
+ <exclude>.*</exclude>
+ </excludes>
+ <includes>
+ <include>pom.xml</include>
+ </includes>
+ </sources>
+ <binaries>
+ <includeDependencies>false</includeDependencies>
+ <outputDirectory>/</outputDirectory>
+ <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
+ <unpack>false</unpack>
+ <dependencySets>
+ <dependencySet>
+ <includes>
+ <include>iaik:commons-iaik</include>
+ <include>MOA:moa-common</include>
+ </includes>
+ <outputDirectory>/source/repositority</outputDirectory>
+ <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
+ </dependencySet>
+ </dependencySets>
+ </binaries>
+ </moduleSet>
+
+ </moduleSets>
+
+ <componentDescriptors>
+ <componentDescriptor>component-pkcs11libs.xml</componentDescriptor>
+ </componentDescriptors>
+
+</assembly>
diff --git a/id/assembly-auth.xml b/id/assembly-auth.xml deleted file mode 100644 index 5e0ca564a..000000000 --- a/id/assembly-auth.xml +++ /dev/null @@ -1,190 +0,0 @@ -<assembly>
- <id>id-auth-${moa-id-version}</id>
-
- <formats>
- <format>dir</format>
- <format>zip</format>
- <!-- <format>tar.gz</format> -->
- </formats>
-
- <baseDirectory>moa-id-auth-${moa-id-version}</baseDirectory>
-
- <fileSets>
- <fileSet>
- <directory>${basedir}/id/server/data/deploy</directory>
- <outputDirectory>/</outputDirectory>
- <excludes>
- <exclude>**/conf/Catalina/**</exclude>
- <exclude>${basedir}/id/server/data/deploy/conf/moa-id-proxy/**</exclude>
- </excludes>
- </fileSet>
- <fileSet>
- <directory>${basedir}/spss/handbook/conf/moa-spss/certstore</directory>
- <outputDirectory>/conf/moa-id/certs/certstore</outputDirectory>
- <includes>
- <include>**/*</include>
- </includes>
- </fileSet>
- <fileSet>
- <directory>${basedir}/spss/handbook/conf/moa-spss/certstore</directory>
- <outputDirectory>/conf/moa-spss/certstore</outputDirectory>
- <includes>
- <include>**/*</include>
- </includes>
- </fileSet>
- <fileSet>
- <directory>${basedir}/id/server/doc</directory>
- <outputDirectory>/doc</outputDirectory>
- <excludes>
- <exclude>${basedir}/id/server/doc/proxy/**</exclude>
- </excludes>
- </fileSet>
- <fileSet>
- <directory>${basedir}/id/server/data/deploy/conf</directory>
- <outputDirectory>/doc/conf</outputDirectory>
- <excludes>
- <exclude>${basedir}/id/server/data/deploy/conf/moa-id-proxy/**</exclude>
- </excludes>
- </fileSet>
- <fileSet>
- <directory>${basedir}/id</directory>
- <outputDirectory>/</outputDirectory>
- <includes>
- <include>history.txt</include>
- <include>readme_${moa-id-version}.txt</include>
- </includes>
- </fileSet>
- <fileSet>
- <directory>${basedir}</directory>
- <outputDirectory>/</outputDirectory>
- <includes>
- <include>LICENSE-2.0.txt</include>
- <include>NOTICE.txt</include>
- <include>IAIK-LICENSE.txt</include>
- <include>EUPL v.1.1 - Licence.pdf</include>
- <include>SIC_LICENSE.txt</include>
- </includes>
- </fileSet>
- </fileSets>
-
- <moduleSets>
- <moduleSet>
- <includes>
- <include>MOA.id.server:moa-id-auth</include>
- </includes>
- <binaries>
- <includeDependencies>true</includeDependencies>
- <outputDirectory>/</outputDirectory>
- <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
- <dependencySets>
- <dependencySet>
- <includes>
- <include>xalan-bin-dist:xalan</include>
- <include>xerces:xercesImpl</include>
- <include>xalan-bin-dist:xml-apis</include>
- <include>xalan-bin-dist:serializer</include>
- </includes>
- <outputDirectory>/endorsed</outputDirectory>
- <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
- </dependencySet>
- <dependencySet>
- <includes>
- <include>iaik.prod:iaik_ecc</include>
- <include>iaik.prod:iaik_jce_full</include>
- <include>iaik.prod:iaik_Pkcs11Provider</include>
- <include>iaik.prod:iaik_Pkcs11Wrapper:jar</include>
- </includes>
- <outputDirectory>/ext</outputDirectory>
- <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
- </dependencySet>
- </dependencySets>
- <unpack>false</unpack>
- </binaries>
- </moduleSet>
- <moduleSet>
- <includes>
- <include>MOA.id.server:moa-id-lib</include>
- </includes>
- <binaries>
- <attachmentClassifier>javadoc</attachmentClassifier>
- <includeDependencies>false</includeDependencies>
- <outputFileNameMapping>api-doc</outputFileNameMapping>
- <outputDirectory>/doc</outputDirectory>
- <unpack>true</unpack>
- </binaries>
- </moduleSet>
-
- <moduleSet>
- <includes>
- <include>MOA.id:moa-id-configuration</include>
- </includes>
- <binaries>
- <includeDependencies>false</includeDependencies>
- <outputDirectory>/</outputDirectory>
- <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
- <unpack>false</unpack>
- </binaries>
- </moduleSet>
-
- <moduleSet>
- <includes>
- <include>MOA.id.server:moa-id-commons</include>
- </includes>
- <binaries>
- <includeDependencies>false</includeDependencies>
- <outputDirectory>/migration/</outputDirectory>
- <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
- <unpack>false</unpack>
- <dependencySets>
- <dependencySet>
- <outputDirectory>/migration/dependency-jars</outputDirectory>
- <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
- </dependencySet>
- </dependencySets>
- </binaries>
- </moduleSet>
-
- <moduleSet>
- <includes>
- <include>MOA.id:moa-id-oa</include>
- </includes>
- <sources>
- <useDefaultExcludes>true</useDefaultExcludes>
- <outputDirectory>../</outputDirectory>
- <includeModuleDirectory>true</includeModuleDirectory>
- <outputDirectoryMapping>/source/${artifactId}/src</outputDirectoryMapping>
- <excludes>
- <exclude>**/target/**</exclude>
- <exclude>**/bin/**</exclude>
- <exclude>**/.settings/**</exclude>
- <exclude>.*</exclude>
- </excludes>
- <includes>
- <include>pom.xml</include>
- </includes>
- </sources>
- <binaries>
- <includeDependencies>false</includeDependencies>
- <outputDirectory>/</outputDirectory>
- <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
- <unpack>false</unpack>
- <dependencySets>
- <dependencySet>
- <includes>
- <include>iaik:commons-iaik</include>
- <include>MOA:moa-common</include>
- </includes>
- <outputDirectory>/source/repositority</outputDirectory>
- <outputFileNameMapping>${artifactId}.${extension}</outputFileNameMapping>
- </dependencySet>
- </dependencySets>
- </binaries>
- </moduleSet>
-
- </moduleSets>
-
- <componentDescriptors>
- <componentDescriptor>component-pkcs11libs.xml</componentDescriptor>
- </componentDescriptors>
-
-</assembly>
diff --git a/id/history.txt b/id/history.txt index f242ab35e..ab081c9d5 100644 --- a/id/history.txt +++ b/id/history.txt @@ -4,25 +4,31 @@ Version MOA-ID Release 3.1.0: Änderungen seit Version MOA-ID 3.0.2 - Änderungen
- Mehrere virtuelle IDP Instanzen je deployer MOA-ID Instanz möglich
(unterschiedliche Entity-IDs je virtueller Instanz)
+ - Änderung der von MOA-ID verwendeten PVP 2.x EntityID
- Überarbeitung der Weboberfläche des Konfigurationstools
- Update der beigelegten Templates (BKU-Auswahl, SSO Assertion Conformation,
- Front-Channel Single LogOut)
+ Front-Channel Single LogOut, ...)
+ - Inkludierung der neuen Logos für Karte und Handy-Signatur
+ - Optimierung des internen Prozessablaufs
- Kleinere Bug-Fixes
- Update von Libraries
> mysql:mysql-connector-java 5.1.38
- > org.slf4j:jcl-over-slf4j 1.7.13
- > org.slf4j:jul-to-slf4j 1.7.13
- > org.slf4j:slf4j-api 1.7.13
- > org.slf4j:slf4j-log4j12 1.7.13
- > apache:cxf 3.1.4
- > org.springframework 4.2.4.RELEASE
+ > org.slf4j:jcl-over-slf4j 1.7.19
+ > org.slf4j:jul-to-slf4j 1.7.19
+ > org.slf4j:slf4j-api 1.7.19
+ > org.slf4j:slf4j-log4j12 1.7.19
+ > apache:cxf 3.1.5
+ > org.springframework 4.2.5.RELEASE
+ > opensaml 2.6.6
+ > xmlsec 2.0.6
> commons:collections3 3.2.2
> commons:collections4 4.1
> org.apache.struts:struts2-core 2.3.24.1
> org.apache.struts:struts2-json-plugin 2.3.24.1
- > org.hibernate:hibernate-core 4.3.11.Final
- > org.hibernate:hibernate-entitymanager 4.3.11.Final
- > org.hibernate:hibernate-c3p0 4.3.11.Final
+ > org.hibernate:hibernate-core 5.1.0.Final
+ > org.hibernate:hibernate-entitymanager 5.1.0.Final
+ > org.hibernate:hibernate-c3p0 5.1.0.Final
+ > commons-dbcp2 2.1.1
> com.google.http-client:google-http-client-jackson2 1.21.0
> com.google.oauth-client:google-oauth-client-jetty 1.21.0
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java index 1c3e0fe13..270d0866c 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java @@ -435,10 +435,10 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, getKeyPrefix())); if (MiscUtil.isEmpty(check)) { log.info("Empty SSO Target"); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, - "SSO - Target", - LanguageHelper.getErrorString("validation.general.sso.target.empty"))); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, +// "SSO - Target", +// LanguageHelper.getErrorString("validation.general.sso.target.empty"))); } else { diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index c6086583a..8a1a2925b 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -133,38 +133,40 @@ public static final List<String> KEYWHITELIST; LanguageHelper.getErrorString("validation.stork.cpeps.cc", new Object[] {cc}))); } - } else { - log.warn("CPEPS config countrycode is empty : " + cc); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + cpepsKey, - "STORK - CPEPS Country", - LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {cc}))); - } - - // check url - if (MiscUtil.isNotEmpty(url)) { - if (!ValidationHelper.validateURL(url)) { - log.info("CPEPS config URL is invalid : " + url); + + // check url + if (MiscUtil.isNotEmpty(url)) { + if (!ValidationHelper.validateURL(url)) { + log.info("CPEPS config URL is invalid : " + url); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + "." + index + "." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, + "STORK - CPEPS URL", + LanguageHelper.getErrorString("validation.stork.cpeps.url"))); + } + } else { + log.warn("CPEPS config url is empty : " + url); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + "." + index + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, "STORK - CPEPS URL", - LanguageHelper.getErrorString("validation.stork.cpeps.url"))); - } + LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {url}))); + + } + } else { - log.warn("CPEPS config url is empty : " + url); - errors.add(new ValidationObjectIdentifier( - MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST - + "." + index + "." - + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL, - "STORK - CPEPS URL", - LanguageHelper.getErrorString("validation.stork.cpeps.empty", - new Object[] {url}))); - - } + log.warn("CPEPS config countrycode is empty : " + cc); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST +// + "." + cpepsKey, +// "STORK - CPEPS Country", +// LanguageHelper.getErrorString("validation.stork.cpeps.empty", +// new Object[] {cc}))); + } + validatedCPeps.put(cc, url); } else { @@ -210,6 +212,7 @@ public static final List<String> KEYWHITELIST; for(String key : attributeList.keySet()) { if (key.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)) { String value = attributeList.get(key); + value = value.replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? if (!validatedAttributes.contains(value)) { if (ValidationHelper.containsPotentialCSSCharacter(value, true)) { log.warn("default attributes contains potentail XSS characters: " + value); @@ -219,7 +222,7 @@ public static final List<String> KEYWHITELIST; LanguageHelper.getErrorString("validation.stork.requestedattributes", new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}))); } - if(!value.toLowerCase().matches("^[a-z0-9]*$")) { + if(!value.toLowerCase().matches("^[A-Za-z]*$")) { log.warn("default attributes do not match the requested format : " + value); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, diff --git a/id/moa-spss-container/.gitignore b/id/moa-spss-container/.gitignore new file mode 100644 index 000000000..b83d22266 --- /dev/null +++ b/id/moa-spss-container/.gitignore @@ -0,0 +1 @@ +/target/ diff --git a/id/moa-spss-container/pom.xml b/id/moa-spss-container/pom.xml new file mode 100644 index 000000000..49557d83e --- /dev/null +++ b/id/moa-spss-container/pom.xml @@ -0,0 +1,265 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA</groupId> + <artifactId>id</artifactId> + <version>3.x</version> + </parent> + <groupId>MOA.id</groupId> + <artifactId>moa-spss-container</artifactId> + <version>${moa-id-version}</version> + <packaging>pom</packaging> + <name>MOA-SPSS-Container-for-MOA-ID</name> + <description>This module holds MOA-SPSS and all required library</description> + + <properties> + <repositoryPath>${basedir}/../../repository</repositoryPath> + </properties> + + <profiles> + <profile> + <id>default</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <repositories> + <repository> + <id>local</id> + <name>local</name> + <url>file:${basedir}/../../repository</url> + </repository> + <repository> + <id>egiz-commons</id> + <url>https://demo.egiz.gv.at/int-repo/</url> + <releases> + <enabled>true</enabled> + </releases> + </repository> + </repositories> + </profile> + </profiles> + + <dependencies> + <!-- we need Axis 1.1 here, 1.0 is included in SPSS --> + <dependency> + <groupId>MOA.spss.server</groupId> + <artifactId>moa-spss-lib</artifactId> + <exclusions> + <exclusion> + <artifactId>iaik_pki_module</artifactId> + <groupId>iaik</groupId> + </exclusion> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <artifactId>axis-wsdl4j</artifactId> + <groupId>axis</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_ixsil</artifactId> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_X509TrustManager</artifactId> + </dependency> + +<!-- <dependency> + <groupId>axis</groupId> + <artifactId>axis</artifactId> + </dependency> --> + +<!-- <dependency> + <groupId>axis</groupId> + <artifactId>axis</artifactId> + </dependency> + <dependency> + <groupId>org.apache.axis</groupId> + <artifactId>axis-jaxrpc</artifactId> + </dependency> + <dependency> + <groupId>org.apache.axis</groupId> + <artifactId>axis-saaj</artifactId> + </dependency> --> + <dependency> + <groupId>commons-discovery</groupId> + <artifactId>commons-discovery</artifactId> + </dependency> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </dependency> + <dependency> + <groupId>javax.activation</groupId> + <artifactId>activation</artifactId> + </dependency> + <dependency> + <groupId>javax.mail</groupId> + <artifactId>mail</artifactId> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + </dependency> + +<!-- <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> --> +<!-- <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + </dependency> --> + + <dependency> + <groupId>org.postgresql</groupId> + <artifactId>postgresql</artifactId> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xalan</artifactId> + <!-- <scope>provided</scope> --> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <!-- <scope>provided</scope> --> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xml-apis</artifactId> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>serializer</artifactId> + <!-- <scope>provided</scope> --> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_moa</artifactId> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_ixsil</artifactId> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_jce_full</artifactId> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_ecc</artifactId> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_cms</artifactId> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Provider</artifactId> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <classifier>win32</classifier> + <type>dll</type> + <scope>runtime</scope> + <optional>true</optional> + </dependency> + + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-impl</artifactId> + <version>2.2.11</version> + </dependency> + + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-core</artifactId> + <version>2.2.11</version> + </dependency> + + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xalan</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + <exclusions> + <exclusion> + <artifactId>serializer</artifactId> + <groupId>xalan</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xml-apis</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>serializer</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_jce_full</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_ecc</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>iaik</groupId> + <artifactId>iaik_tsl</artifactId> + <exclusions> + <exclusion> + <artifactId>iaik_pki_module</artifactId> + <groupId>iaik</groupId> + </exclusion> + <exclusion> + <artifactId>iaik_ecc_signed</artifactId> + <groupId>iaik</groupId> + </exclusion> + <exclusion> + <artifactId>iaik_jce_eval_signed</artifactId> + <groupId>iaik</groupId> + </exclusion> + </exclusions> + </dependency> + + </dependencies> + +</project>
\ No newline at end of file diff --git a/id/oa/pom.xml b/id/oa/pom.xml index 191eb2be6..c2eb6238c 100644 --- a/id/oa/pom.xml +++ b/id/oa/pom.xml @@ -70,11 +70,11 @@ <version>1.2</version> <scope>provided</scope> </dependency> - <dependency> +<!-- <dependency> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> <scope>provided</scope> - </dependency> + </dependency> --> <dependency> <groupId>org.opensaml</groupId> @@ -98,7 +98,7 @@ </dependency> <dependency> <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> + <artifactId>javax.servlet-api</artifactId> <scope>provided</scope> </dependency> <dependency> @@ -123,10 +123,9 @@ </dependency> <dependency> - <groupId>MOA</groupId> - <artifactId>moa-common</artifactId> - <type>jar</type> - </dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> + </dependency> </dependencies> diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java index 65a4ab2a7..67321ca7e 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java @@ -42,13 +42,13 @@ import javax.xml.transform.TransformerFactoryConfigurationError; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; +import org.apache.log4j.Logger; import org.joda.time.DateTime; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.core.NameIDType; import org.opensaml.saml2.metadata.AssertionConsumerService; import org.opensaml.saml2.metadata.AttributeConsumingService; -import org.opensaml.saml2.metadata.EncryptionMethod; import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.KeyDescriptor; @@ -57,9 +57,6 @@ import org.opensaml.saml2.metadata.NameIDFormat; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.saml2.metadata.ServiceName; import org.opensaml.saml2.metadata.SingleLogoutService; -import org.opensaml.saml2.metadata.impl.EncryptionMethodBuilder; -import org.opensaml.xml.encryption.EncryptionConstants; -import org.opensaml.xml.encryption.OAEPparams; import org.opensaml.xml.io.Marshaller; import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.security.credential.UsageType; @@ -77,10 +74,11 @@ import at.gv.egovernment.moa.id.demoOA.Constants; import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException; import at.gv.egovernment.moa.id.demoOA.utils.AttributeListBuilder; import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils; -import at.gv.egovernment.moa.logging.Logger; import at.iaik.commons.util.MiscUtil; public class BuildMetadata extends HttpServlet { + Logger log = Logger.getLogger(BuildMetadata.class); + private static final long serialVersionUID = 1L; private static final int VALIDUNTIL_IN_HOURS = 24; @@ -119,7 +117,7 @@ public class BuildMetadata extends HttpServlet { String name = config.getPVP2MetadataEntitiesName(); if (MiscUtil.isEmpty(name)) { - Logger.info("NO Metadata EntitiesName configurated"); + log.info("NO Metadata EntitiesName configurated"); throw new ConfigurationException("NO Metadata EntitiesName configurated"); } @@ -143,7 +141,7 @@ public class BuildMetadata extends HttpServlet { if (!serviceURL.endsWith("/")) serviceURL = serviceURL + "/"; - Logger.debug("Set OnlineApplicationURL to " + serviceURL); + log.debug("Set OnlineApplicationURL to " + serviceURL); spEntityDescriptor.setEntityID(serviceURL); SPSSODescriptor spSSODescriptor = SAML2Utils @@ -165,7 +163,7 @@ public class BuildMetadata extends HttpServlet { config.getPVP2KeystoreMetadataKeyPassword().toCharArray()); - Logger.debug("Set Metadata key information"); + log.debug("Set Metadata key information"); //Set MetaData Signing key KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils .createSAMLObject(KeyDescriptor.class); @@ -213,7 +211,7 @@ public class BuildMetadata extends HttpServlet { spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor); } else { - Logger.warn("No Assertion Encryption-Key defined. This setting is not recommended!"); + log.warn("No Assertion Encryption-Key defined. This setting is not recommended!"); } @@ -293,32 +291,32 @@ public class BuildMetadata extends HttpServlet { response.getOutputStream().close(); } catch (ConfigurationException e) { - Logger.warn("Configuration can not be loaded.", e); + log.warn("Configuration can not be loaded.", e); throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); } catch (NoSuchAlgorithmException e) { - Logger.warn("Requested Algorithm could not found.", e); + log.warn("Requested Algorithm could not found.", e); throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); } catch (ParserConfigurationException e) { - Logger.warn("PVP2 Metadata createn error", e); + log.warn("PVP2 Metadata createn error", e); throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); } catch (TransformerConfigurationException e) { - Logger.warn("PVP2 Metadata createn error", e); + log.warn("PVP2 Metadata createn error", e); throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); } catch (TransformerFactoryConfigurationError e) { - Logger.warn("PVP2 Metadata createn error", e); + log.warn("PVP2 Metadata createn error", e); throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); } catch (TransformerException e) { - Logger.warn("PVP2 Metadata createn error", e); + log.warn("PVP2 Metadata createn error", e); throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); } catch (Exception e) { - Logger.warn("Unspecific PVP2 Metadata createn error", e); + log.warn("Unspecific PVP2 Metadata createn error", e); throw new ServletException("MetaData can not be created. Look into LogFiles for more details."); } diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java index cde9451a4..cfc170011 100644 --- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java +++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java @@ -23,7 +23,6 @@ package at.gv.egovernment.moa.id.demoOA.servlet.pvp2; import java.io.IOException; -import java.security.Key; import java.security.KeyStore; import java.util.ArrayList; import java.util.List; @@ -34,6 +33,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; +import org.apache.log4j.Logger; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.xml.SAMLConstants; @@ -56,7 +56,6 @@ import org.opensaml.xml.encryption.InlineEncryptedKeyResolver; import org.opensaml.xml.encryption.SimpleRetrievalMethodEncryptedKeyResolver; import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.CriteriaSet; -import org.opensaml.xml.security.SecurityHelper; import org.opensaml.xml.security.credential.UsageType; import org.opensaml.xml.security.criteria.EntityIDCriteria; import org.opensaml.xml.security.criteria.UsageCriteria; @@ -77,12 +76,11 @@ import at.gv.egovernment.moa.id.demoOA.Constants; import at.gv.egovernment.moa.id.demoOA.PVPConstants; import at.gv.egovernment.moa.id.demoOA.utils.ApplicationBean; import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils; -import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; - public class DemoApplication extends HttpServlet { - + Logger log = Logger.getLogger(DemoApplication.class); + private static final long serialVersionUID = -2129228304760706063L; @@ -97,7 +95,7 @@ public class DemoApplication extends HttpServlet { String method = request.getMethod(); HttpSession session = request.getSession(); if (session == null) { - Logger.info("NO HTTP Session"); + log.info("NO HTTP Session"); bean.setErrorMessage("NO HTTP session"); setAnser(request, response, bean); return; @@ -120,7 +118,7 @@ public class DemoApplication extends HttpServlet { Signature sign = samlResponse.getSignature(); if (sign == null) { - Logger.info("Only http POST Requests can be used"); + log.info("Only http POST Requests can be used"); bean.setErrorMessage("Only http POST Requests can be used"); setAnser(request, response, bean); return; @@ -150,7 +148,7 @@ public class DemoApplication extends HttpServlet { ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoResolver); trustEngine.validate(sign, criteriaSet); - Logger.info("PVP2 Assertion is valid"); + log.info("PVP2 Assertion is valid"); //set assertion org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse); @@ -166,7 +164,7 @@ public class DemoApplication extends HttpServlet { if (encryAssertionList != null && encryAssertionList.size() > 0) { //decrypt assertions - Logger.debug("Found encryped assertion. Start decryption ..."); + log.debug("Found encryped assertion. Start decryption ..."); KeyStore keyStore = config.getPVP2KeyStore(); @@ -192,7 +190,7 @@ public class DemoApplication extends HttpServlet { } - Logger.debug("Assertion decryption finished. "); + log.debug("Assertion decryption finished. "); } else { saml2assertions = samlResponse.getAssertions(); @@ -215,13 +213,12 @@ public class DemoApplication extends HttpServlet { String strAttributeName = attributes.get(x).getDOM().getAttribute("Name"); if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) - familyName = attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent(); - + familyName = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue(); if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) - givenName = attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent(); + givenName = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue(); if (strAttributeName.equals(PVPConstants.BIRTHDATE_NAME)) { - birthday = attributes.get(x).getAttributeValues().get(0).getDOM().getTextContent(); + birthday = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue(); } } } @@ -249,7 +246,7 @@ public class DemoApplication extends HttpServlet { } } catch (Exception e) { - Logger.warn(e); + log.warn(e); bean.setErrorMessage("Internal Error: " + e.getMessage()); setAnser(request, response, bean); return; diff --git a/id/pom.xml b/id/pom.xml index 49dd99a1c..4aff9f373 100644 --- a/id/pom.xml +++ b/id/pom.xml @@ -14,10 +14,10 @@ <modules> <module>oa</module> -<!-- <module>templates</module> --> + <module>moa-spss-container</module> <module>server</module> <module>ConfigWebTool</module> - <module>moa-id-webgui</module> + <module>moa-id-webgui</module> </modules> <properties> diff --git a/id/readme_3.1.0-RC2.txt b/id/readme_3.1.0-RC2.txt new file mode 100644 index 000000000..f06dd4f19 --- /dev/null +++ b/id/readme_3.1.0-RC2.txt @@ -0,0 +1,606 @@ +=============================================================================== +MOA ID Version Release 3.1.0 - Wichtige Informationen zur Installation +=============================================================================== + +------------------------------------------------------------------------------- +A. Neuerungen/Änderungen +------------------------------------------------------------------------------- + +Mit MOA ID Version 3.1.0 wurden folgende Neuerungen und Änderungen eingeführt, +die jetzt erstmals in der Veröffentlichung enthalten sind (siehe auch +history.txt im gleichen Verzeichnis). + +- Änderungen + - Mehrere virtuelle IDP Instanzen je deployer MOA-ID Instanz möglich + (unterschiedliche Entity-IDs je virtueller Instanz) + - Änderung der von MOA-ID verwendeten PVP 2.x EntityID + - Überarbeitung der Weboberfläche des Konfigurationstools + - Überarbeitung aller GUI Templates (BKU-Auswahl, Fehlermeldungen, ...) + - Inkludierung der neuen Logos für Karte und Handy-Signatur + - Optimierung der internen Prozesse + - Kleinere Bug-Fixes + - Update von Libraries + + +------------------------------------------------------------------------------- +B. Durchführung eines Updates +------------------------------------------------------------------------------- + +Es wird generell eine Neuinstallation lt. Handbuch empfohlen! Dennoch ist auch +eine Aktualisierung bestehender Installationen möglich. Je nachdem von welcher +MOA-ID Version ausgegangen wird ergibt sich eine Kombination der nachfolgend +angebebenen Updateschritte. + +Hinweis: Wenn Sie die bestehende Konfiguration von MOA-ID 2.x.x in MOA-ID 3.1.x +reimportieren möchten, so muss diese vor dem Update mit Hilfe der import/export +Funktion der grafischen Konfigurationsoberfläche in eine Datei exportiert werden. +Diese Datei dient dann als Basis für den Import in MOA-ID 3.1.x. + +............................................................................... +B.1 Durchführung eines Updates von Version 3.0.x auf Version 3.1.0 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war + als auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update der TrustStores für WebService Zugriffe. + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\certs\ca-certs + in das Verzeichnis CATALINA_HOME\conf\moa-id\certs\ca-certs. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\certs\certstore\toBeAdded + in das Verzeichnis CATALINA_HOME\conf\moa-id\certs\certstore\toBeAdded. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der + MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) dbcp.validationQuery=..... (SQL Query zum Validieren der + Datenbankverbindung + z.B: "SELECT 1" für mySQL + "select 1 from dual" für OracleDB) + +8. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) configuration.dbcp.validationQuery=..... (SQL Query zum + Validieren der Datenbankverbindung + z.B: "SELECT 1" für mySQL + "select 1 from dual" für OracleDB) + +9. Update der Default html-Templates für die Bürgerkartenauswahl. + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.2 Durchführung eines Updates von Version 2.2.1 auf Version 3.1.0 +............................................................................... + +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +7. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +8. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +9. Update der Default html-Templates für die Bürgerkartenauswahl. + + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +10. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +11. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties + +12. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + +13. Hinzufügen der zusätzlichen Konfigurationsdatei in der MOA-ID-Configuration + CATALINA_HOME\conf\moa-id-configuration\userdatabase.properties + +14. Update der Tomcat Start-Skripts: + - Die Konfigurationsdateien für MOA-ID-Auth und MOA-ID-Configuration müssen + nur als URI (file:/...) übergeben werden. + +15. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.1 Durchführung eines Updates von Version 2.2.0 auf Version 2.2.1 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.2.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +8. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.1 Durchführung eines Updates von Version 2.1.2 auf Version 2.2.0 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.2.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Kopieren der folgenden Dateien: + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei bevor Sie diese durch die neue Version ersetzen. + a.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_VIDP.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_VIDP.xml + b.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_outgoing.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_outgoing.xml + +9. Dem STORK KeyStores unter MOA_ID_AUTH_INST/conf/moa-id/keys/storkDemoKeys.jks + (Passwort=local-demo) wurden neue vertrauenswürdige Zertifikate hinzugefügt. + Gleichen Sie bei Bedarf die Zertifikate dieses KeyStores mit Ihrem aktuell + verwendeten KeyStore ab. + +10. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +11. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + + +12. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.2 Durchführung eines Updates von Version 2.1.1 auf Version 2.1.2 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.2.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +5. Kopieren Sie alle Dateien aus dem Verzeichnis MOA_ID_AUTH_INST\endorsed in das + Verzeichnis CATALINA_HOME_ID\endorsed + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Kopieren der folgenden Dateien + a.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_VIDP.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_VIDP.xml + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei slo_template.html bevor Sie diese durch die neue Version ersetzen. + +9. Dem STORK KeyStores unter MOA_ID_AUTH_INST/conf/moa-id/keys/storkDemoKeys.jks + (Passwort=local-demo) wurden neue vertrauenswürdige Zertifikate hinzugefügt. + Gleichen Sie bei Bedarf die Zertifikate dieses KeyStores mit Ihrem aktuell + verwendeten KeyStore ab. + +10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.3 Durchführung eines Updates von Version 2.1.0 auf Version 2.1.1 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Erstellen Sie eine Sicherungskopie aller "iaik*.jar"-Dateien im Verzeichnis + JAVA_HOME\jre\lib\ext und loeschen Sie diese Dateien danach. + +4. Kopieren Sie alle Dateien aus dem Verzeichnis MOA_ID_AUTH_INST\ext in das + Verzeichnis JAVA_HOME\jre\lib\ext (Achtung: Java 1.4.x wird nicht mehr + unterstuetzt). + +5. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Hinzufügen der zusätzlichen Konfigurationsparameter in der + MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) general.moaconfig.key=..... (Passwort zum Ver- und + Entschlüsseln von Konfigurationsparametern in der Datenbank) + +9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) configuration.moaconfig.key=..... (Passwort zum Ver- und + Entschlüsseln von Konfigurationsparametern in der Datenbank) + +10. Kopieren der folgenden Dateien + a.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html -> + CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei slo_template.html bevor Sie diese durch die neue Version ersetzen. + +11. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +12. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +13. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.4 Durchführung eines Updates von Version 2.0.1 auf Version 2.1.0 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) general.ssl.certstore=certs/certstore + b.) general.ssl.truststore=certs/truststore + +8. Kopieren des folgenden zusätzlichen Ordners MOA_ID_AUTH_INST/conf/moa-id-configuration/certs + nach CATALINA_HOME\conf\moa-id-configuration\ + +9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties und Anpassung an das zu verwendeten Schlüsselpaar. + a.) protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion + protocols.pvp2.idp.ks.assertion.encryption.keypassword=password + +10. Kopieren der folgenden zusätzlichen Ordner aus MOA_ID_AUTH_INST/conf/moa-id/ + nach CATALINA_HOME\conf\moa-id\ + a.) MOA_ID_AUTH_INST/conf/moa-id/SLTemplates -> CATALINA_HOME\conf\moa-id\ + b.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html -> + CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html + +11. Neuinitialisieren des Datenbank Schema für die MOA-Session. Hierfür stehen + zwei Varianten zur Verfügung. + a.) Ändern Sie in der Konfigurationsdatei für das Modul MOA-ID-Auth + CATALINA_HOME\conf\moa-id\moa-id.properties die Zeile + moasession.hibernate.hbm2ddl.auto=update + zu + moasession.hibernate.hbm2ddl.auto=create + Danach werden die Tabellen beim nächsten Startvorgang neu generiert. + + b.) Löschen Sie alle Tabellen aus dem Datenbank Schema für die MOA-Sessixson + Informationen per Hand. Alle Tabellen werden beim nächsten Start autmatisch neu generiert. + +12 . Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.5 Durchführung eines Updates von Version 2.0-RC1 auf Version 2.0.1 +............................................................................... + +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.0.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + Für MOA ID Proxy: + Entpacken Sie die Distribution von MOA-ID-Proxy (moa-id-proxy-2.0.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_PROXY_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +8. Update der Default html-Templates für die Bürgerkartenauswahl. + + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +9. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +10. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties + + a.) configuration.validation.certificate.QC.ignore=false + b.) protocols.pvp2.assertion.encryption.active=false + +11. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.6 Durchführung eines Updates von Version <= 1.5.1 +............................................................................... + +Bitte führen Sie eine Neuinstallation von MOA ID laut Handbuch durch und passen +Sie die mitgelieferte Musterkonfiguration entsprechend Ihren Bedürfnissen unter +Zuhilfenahme Ihrer bisherigen Konfiguration an. + diff --git a/id/readme_3.1.0.txt b/id/readme_3.1.0.txt new file mode 100644 index 000000000..f06dd4f19 --- /dev/null +++ b/id/readme_3.1.0.txt @@ -0,0 +1,606 @@ +=============================================================================== +MOA ID Version Release 3.1.0 - Wichtige Informationen zur Installation +=============================================================================== + +------------------------------------------------------------------------------- +A. Neuerungen/Änderungen +------------------------------------------------------------------------------- + +Mit MOA ID Version 3.1.0 wurden folgende Neuerungen und Änderungen eingeführt, +die jetzt erstmals in der Veröffentlichung enthalten sind (siehe auch +history.txt im gleichen Verzeichnis). + +- Änderungen + - Mehrere virtuelle IDP Instanzen je deployer MOA-ID Instanz möglich + (unterschiedliche Entity-IDs je virtueller Instanz) + - Änderung der von MOA-ID verwendeten PVP 2.x EntityID + - Überarbeitung der Weboberfläche des Konfigurationstools + - Überarbeitung aller GUI Templates (BKU-Auswahl, Fehlermeldungen, ...) + - Inkludierung der neuen Logos für Karte und Handy-Signatur + - Optimierung der internen Prozesse + - Kleinere Bug-Fixes + - Update von Libraries + + +------------------------------------------------------------------------------- +B. Durchführung eines Updates +------------------------------------------------------------------------------- + +Es wird generell eine Neuinstallation lt. Handbuch empfohlen! Dennoch ist auch +eine Aktualisierung bestehender Installationen möglich. Je nachdem von welcher +MOA-ID Version ausgegangen wird ergibt sich eine Kombination der nachfolgend +angebebenen Updateschritte. + +Hinweis: Wenn Sie die bestehende Konfiguration von MOA-ID 2.x.x in MOA-ID 3.1.x +reimportieren möchten, so muss diese vor dem Update mit Hilfe der import/export +Funktion der grafischen Konfigurationsoberfläche in eine Datei exportiert werden. +Diese Datei dient dann als Basis für den Import in MOA-ID 3.1.x. + +............................................................................... +B.1 Durchführung eines Updates von Version 3.0.x auf Version 3.1.0 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war + als auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update der TrustStores für WebService Zugriffe. + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\certs\ca-certs + in das Verzeichnis CATALINA_HOME\conf\moa-id\certs\ca-certs. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\certs\certstore\toBeAdded + in das Verzeichnis CATALINA_HOME\conf\moa-id\certs\certstore\toBeAdded. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der + MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) dbcp.validationQuery=..... (SQL Query zum Validieren der + Datenbankverbindung + z.B: "SELECT 1" für mySQL + "select 1 from dual" für OracleDB) + +8. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) configuration.dbcp.validationQuery=..... (SQL Query zum + Validieren der Datenbankverbindung + z.B: "SELECT 1" für mySQL + "select 1 from dual" für OracleDB) + +9. Update der Default html-Templates für die Bürgerkartenauswahl. + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.2 Durchführung eines Updates von Version 2.2.1 auf Version 3.1.0 +............................................................................... + +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-3.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +7. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +8. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +9. Update der Default html-Templates für die Bürgerkartenauswahl. + + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +10. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +11. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties + +12. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + +13. Hinzufügen der zusätzlichen Konfigurationsdatei in der MOA-ID-Configuration + CATALINA_HOME\conf\moa-id-configuration\userdatabase.properties + +14. Update der Tomcat Start-Skripts: + - Die Konfigurationsdateien für MOA-ID-Auth und MOA-ID-Configuration müssen + nur als URI (file:/...) übergeben werden. + +15. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.1 Durchführung eines Updates von Version 2.2.0 auf Version 2.2.1 +............................................................................... +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.2.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +8. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.1 Durchführung eines Updates von Version 2.1.2 auf Version 2.2.0 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.2.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Kopieren der folgenden Dateien: + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei bevor Sie diese durch die neue Version ersetzen. + a.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_VIDP.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_VIDP.xml + b.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_outgoing.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_outgoing.xml + +9. Dem STORK KeyStores unter MOA_ID_AUTH_INST/conf/moa-id/keys/storkDemoKeys.jks + (Passwort=local-demo) wurden neue vertrauenswürdige Zertifikate hinzugefügt. + Gleichen Sie bei Bedarf die Zertifikate dieses KeyStores mit Ihrem aktuell + verwendeten KeyStore ab. + +10. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +11. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + + +12. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + +............................................................................... +B.2 Durchführung eines Updates von Version 2.1.1 auf Version 2.1.2 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.2.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Dateien moa-id-auth.war und + moa-id-configuration.war als auch das komplette Verzeichnis moa-id-auth + und das komplette Verzeichnis moa-id-configuration. + +4. Erstellen Sie eine Sicherungskopie aller "*.jar"-Dateien im Verzeichnis + CATALINA_HOME_ID\endorsed und loeschen Sie diese Dateien danach. + +5. Kopieren Sie alle Dateien aus dem Verzeichnis MOA_ID_AUTH_INST\endorsed in das + Verzeichnis CATALINA_HOME_ID\endorsed + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Kopieren der folgenden Dateien + a.) MOA_ID_AUTH_INST/conf/moa-id/stork/StorkSamlEngine_VIDP.xml -> + CATALINA_HOME/conf/moa-id/stork/StorkSamlEngine_VIDP.xml + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei slo_template.html bevor Sie diese durch die neue Version ersetzen. + +9. Dem STORK KeyStores unter MOA_ID_AUTH_INST/conf/moa-id/keys/storkDemoKeys.jks + (Passwort=local-demo) wurden neue vertrauenswürdige Zertifikate hinzugefügt. + Gleichen Sie bei Bedarf die Zertifikate dieses KeyStores mit Ihrem aktuell + verwendeten KeyStore ab. + +10. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.3 Durchführung eines Updates von Version 2.1.0 auf Version 2.1.1 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Erstellen Sie eine Sicherungskopie aller "iaik*.jar"-Dateien im Verzeichnis + JAVA_HOME\jre\lib\ext und loeschen Sie diese Dateien danach. + +4. Kopieren Sie alle Dateien aus dem Verzeichnis MOA_ID_AUTH_INST\ext in das + Verzeichnis JAVA_HOME\jre\lib\ext (Achtung: Java 1.4.x wird nicht mehr + unterstuetzt). + +5. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +6. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +7. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +8. Hinzufügen der zusätzlichen Konfigurationsparameter in der + MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) general.moaconfig.key=..... (Passwort zum Ver- und + Entschlüsseln von Konfigurationsparametern in der Datenbank) + +9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth + Konfigurationsdatei CATALINA_HOME\conf\moa-id\moa-id.properties + a.) configuration.moaconfig.key=..... (Passwort zum Ver- und + Entschlüsseln von Konfigurationsparametern in der Datenbank) + +10. Kopieren der folgenden Dateien + a.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html -> + CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html + Sollte die Datei bereits vorhanden sein erstellen Sie ein Backup der + Datei slo_template.html bevor Sie diese durch die neue Version ersetzen. + +11. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +12. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +13. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.4 Durchführung eines Updates von Version 2.0.1 auf Version 2.1.0 +............................................................................... + 1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.1.0.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +7. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Configuration Konfigurationsdatei + CATALINA_HOME\conf\moa-id-configuration\moa-id-configtool.properties + a.) general.ssl.certstore=certs/certstore + b.) general.ssl.truststore=certs/truststore + +8. Kopieren des folgenden zusätzlichen Ordners MOA_ID_AUTH_INST/conf/moa-id-configuration/certs + nach CATALINA_HOME\conf\moa-id-configuration\ + +9. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties und Anpassung an das zu verwendeten Schlüsselpaar. + a.) protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion + protocols.pvp2.idp.ks.assertion.encryption.keypassword=password + +10. Kopieren der folgenden zusätzlichen Ordner aus MOA_ID_AUTH_INST/conf/moa-id/ + nach CATALINA_HOME\conf\moa-id\ + a.) MOA_ID_AUTH_INST/conf/moa-id/SLTemplates -> CATALINA_HOME\conf\moa-id\ + b.) MOA_ID_AUTH_INST/conf/moa-id/htmlTemplates/slo_template.html -> + CATALINA_HOME/conf/moa-id/htmlTemplates/slo_template.html + +11. Neuinitialisieren des Datenbank Schema für die MOA-Session. Hierfür stehen + zwei Varianten zur Verfügung. + a.) Ändern Sie in der Konfigurationsdatei für das Modul MOA-ID-Auth + CATALINA_HOME\conf\moa-id\moa-id.properties die Zeile + moasession.hibernate.hbm2ddl.auto=update + zu + moasession.hibernate.hbm2ddl.auto=create + Danach werden die Tabellen beim nächsten Startvorgang neu generiert. + + b.) Löschen Sie alle Tabellen aus dem Datenbank Schema für die MOA-Sessixson + Informationen per Hand. Alle Tabellen werden beim nächsten Start autmatisch neu generiert. + +12 . Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.5 Durchführung eines Updates von Version 2.0-RC1 auf Version 2.0.1 +............................................................................... + +1. Stoppen Sie den Tomcat, in dem Ihre bisherige Installation betrieben wird. + Fertigen Sie eine Sicherungskopie Ihrer kompletten Tomcat-Installation an. + +2. Entpacken Sie die Distribution von MOA-ID-Auth (moa-id-auth-2.0.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_AUTH_INST + bezeichnet. + Für MOA ID Proxy: + Entpacken Sie die Distribution von MOA-ID-Proxy (moa-id-proxy-2.0.1.zip) in + ein temporäres Verzeichnis, in weiterer Folge als MOA_ID_PROXY_INST + bezeichnet. + +3. Wechseln Sie in jenes Verzeichnis, das die Webapplikation von MOA ID Auth + beinhaltet (für gewöhnlich ist dieses Verzeichnis CATALINA_HOME_ID/webapps, + wobei CATALINA_HOME_ID für das Basisverzeichnis der Tomcat-Installation + für MOA ID steht). Löschen Sie darin sowohl die Datei moa-id-auth.war als + auch das komplette Verzeichnis moa-id-auth. + +4. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-auth.war nach + CATALINA_HOME_ID/webapps. + +5. Kopieren Sie die Datei MOA_ID_AUTH_INST/moa-id-configuration.war nach + CATALINA_HOME_ID/webapps. + +6. Update des Cert-Stores. + Kopieren Sie den Inhalt des Verzeichnisses + MOA_ID_INST_AUTH\conf\moa-spss\certstore in das Verzeichnis + CATALINA_HOME\conf\moa-spss\certstore. Wenn Sie gefragt werden, ob Sie + vorhandene Dateien oder Unterverzeichnisse überschreiben sollen, dann + bejahen sie das. + +7. Update der Trust-Profile. Wenn Sie Ihre alten Trust-Profile durch die Neuen ersetzen + wollen, dann gehen Sie vor, wie in Punkt a). Wenn Sie Ihre eigenen Trust-Profile + beibehalten wollen, dann gehen Sie vor, wie in Punkt b). + + a. Gehen Sie wie folgt vor, um die Trust-Profile auszutauschen: + + 1) Löschen Sie das Verzeichnis CATALINA_HOME\conf\moa-spss\trustprofiles. + 2) Kopieren Sie das Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles in das Verzeichnis + CATALINA_HOME\conf\moa-spss. + + b. Falls Sie Ihre alten Trust-Profile beibehalten wollen, gehen Sie wie + folgt vor, um die Profile auf den aktuellen Stand zu bringen: + + 1) Ergänzen Sie ihre Trustprofile durch alle Zertifikate aus den + entsprechenden Profilen im Verzeichnis + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles, die nicht in Ihren + Profilen enthalten sind. Am einfachsten ist es, wenn Sie den Inhalt + der einzelnen Profile aus der Distribution + (MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles) in die entsprechenden + Profile Ihrer Installation (CATALINA_HOME\conf\moa-spss\trustProfiles) + kopieren und dabei die vorhandenen gleichnamigen Zertifikate + überschreiben), also z.B: Kopieren des Inhalts von + MOA_ID_INST_AUTH\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten nach + CATALINA_HOME\conf\moa-spss\trustProfiles\ + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten usw. + +8. Update der Default html-Templates für die Bürgerkartenauswahl. + + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id\htmlTemplates. + b.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id-configuration\htmlTemplates + in das Verzeichnis CATALINA_HOME\conf\moa-id-configuration\htmlTemplates. + +9. Update der STORK Konfiguration + a.) Kopieren Sie die Dateien aus dem Verzeichnis MOA_ID_INST_AUTH\conf\moa-id\stork + in das Verzeichnis CATALINA_HOME\conf\moa-id\stork. + b.) Passen Sie die STORK Konfiguration laut Handbuch -> Konfiguration -> + 2.4 Konfiguration des SamlEngines an. + +10. Hinzufügen der zusätzlichen Konfigurationsparameter in der MOA-ID-Auth Konfigurationsdatei + CATALINA_HOME\conf\moa-id\moa-id.properties + + a.) configuration.validation.certificate.QC.ignore=false + b.) protocols.pvp2.assertion.encryption.active=false + +11. Starten Sie den Tomcat neu, achten Sie auf eventuelle Fehlermeldungen im + Logging von MOA ID beim Einlesen der Konfiguration. + + +............................................................................... +B.6 Durchführung eines Updates von Version <= 1.5.1 +............................................................................... + +Bitte führen Sie eine Neuinstallation von MOA ID laut Handbuch durch und passen +Sie die mitgelieferte Musterkonfiguration entsprechend Ihren Bedürfnissen unter +Zuhilfenahme Ihrer bisherigen Konfiguration an. + diff --git a/id/server/auth/.gitignore b/id/server/auth-edu/.gitignore index 4dc009173..4dc009173 100644 --- a/id/server/auth/.gitignore +++ b/id/server/auth-edu/.gitignore diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml new file mode 100644 index 000000000..43e87f2ab --- /dev/null +++ b/id/server/auth-edu/pom.xml @@ -0,0 +1,288 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>MOA.id</groupId> + <artifactId>moa-id</artifactId> + <version>3.x</version> + </parent> + + <modelVersion>4.0.0</modelVersion> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-auth-edu</artifactId> + <version>${moa-id-version-edu}</version> + <packaging>war</packaging> + <name>MOA ID-Auth-Edjucation</name> + <description>Education release-version of MOA-ID-Auth which includes all development functionality</description> + + <properties> + <repositoryPath>${basedir}/../../../repository</repositoryPath> + </properties> + + <repositories> + <repository> + <id>shibboleth.internet2.edu</id> + <name>Internet2</name> + <url>https://build.shibboleth.net/nexus/content/groups/public/</url> + </repository> + </repositories> + + <build> + <!--sourceDirectory>${basedir}/../idserverlib/src/main/java</sourceDirectory--> + <!--testSourceDirectory>${basedir}/../idserverlib/src/test/java</testSourceDirectory--> + <plugins> + + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>versions-maven-plugin</artifactId> + <version>2.1</version> + </plugin> + + +<!-- <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>properties-maven-plugin</artifactId> + <version>1.0-alpha-2</version> + <executions> + <execution> + <phase>initialize</phase> + <goals> + <goal>read-project-properties</goal> + </goals> + <configuration> + <files> + <file>${basedir}/../../../moa-id.properties</file> + </files> + </configuration> + </execution> + </executions> + </plugin> --> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.1.1</version> + <!-- <version>2.0.2</version>--> + <configuration> + <archive> + <manifest> + <addDefaultSpecificationEntries>false</addDefaultSpecificationEntries> + <addDefaultImplementationEntries>true</addDefaultImplementationEntries> + </manifest> + <addMavenDescriptor>false</addMavenDescriptor> + </archive> + + <!-- extract moa-id classes for debugging --> + <!--warSourceExcludes>WEB-INF/lib/moa-id-lib*.jar</warSourceExcludes--> + <webResources> + <resource> + <directory>${basedir}/src/main/wsdl</directory> + <targetPath>WEB-INF/classes/resources/wsdl</targetPath> + </resource> + <!-- + <resource> + <directory>${basedir}/../idserverlib/target/classes</directory> + <targetPath>WEB-INF/classes</targetPath> + </resource> +--> + </webResources> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + + <dependency> + <groupId>MOA.id</groupId> + <artifactId>moa-spss-container</artifactId> + <type>pom</type> + <exclusions> + <exclusion> + <artifactId>iaik_pki_module</artifactId> + <groupId>iaik</groupId> + </exclusion> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <artifactId>axis-wsdl4j</artifactId> + <groupId>axis</groupId> + </exclusion> + <exclusion> + <artifactId>axis</artifactId> + <groupId>axis</groupId> + </exclusion> + <exclusion> + <artifactId>axis-jaxrpc</artifactId> + <groupId>org.apache.axis</groupId> + </exclusion> + <exclusion> + <artifactId>axis-saaj</artifactId> + <groupId>org.apache.axis</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + </exclusion> + <exclusion> + <artifactId>axis</artifactId> + <groupId>axis</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-spring-initializer</artifactId> + </dependency> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-frontend-resources</artifactId> + </dependency> + + + <!-- Adding eIDAS module dependency automatically adds eIDAS protocol capabilities. --> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-eIDAS</artifactId> + <exclusions> + <exclusion> + <artifactId>log4j-over-slf4j</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + </exclusions> + </dependency> + + + <!-- Adding monitoring module dependency automatically adds monitoring capabilities. --> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-monitoring</artifactId> + </dependency> + + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-saml1</artifactId> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-openID</artifactId> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-elga_mandate_service</artifactId> + </dependency> + +<!-- <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-pvp2</artifactId> + </dependency> --> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules-federated_authentication</artifactId> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-ssoTransfer</artifactId> + <version>${moa-id-version}</version> + </dependency> + +<!-- <dependency> + <groupId>org.apache.santuario</groupId> + <artifactId>xmlsec</artifactId> + </dependency> --> + + <!-- transitive dependencies we don't want to include into the war --> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_jce_full</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_ecc</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Provider</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xalan</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + <exclusions> + <exclusion> + <groupId>xalan</groupId> + <artifactId>serializer</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xml-apis</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>serializer</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-webmvc</artifactId> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </dependency> + + </dependencies> + +</project> diff --git a/id/server/auth/src/main/resources/log4j.properties b/id/server/auth-edu/src/main/resources/log4j.properties index ecdfad165..ecdfad165 100644 --- a/id/server/auth/src/main/resources/log4j.properties +++ b/id/server/auth-edu/src/main/resources/log4j.properties diff --git a/id/server/auth-edu/src/main/webapp/META-INF/MANIFEST.MF b/id/server/auth-edu/src/main/webapp/META-INF/MANIFEST.MF new file mode 100644 index 000000000..59499bce4 --- /dev/null +++ b/id/server/auth-edu/src/main/webapp/META-INF/MANIFEST.MF @@ -0,0 +1,2 @@ +Manifest-Version: 1.0 + diff --git a/id/server/auth-edu/src/main/webapp/WEB-INF/web.xml b/id/server/auth-edu/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 000000000..64b6ffcdd --- /dev/null +++ b/id/server/auth-edu/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,47 @@ +<?xml version="1.0" encoding="UTF-8"?> +<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_0.xsd" + version="3.0"> + <display-name>MOA ID Auth</display-name> + <description>MOA ID Authentication Service</description> + + <filter> + <filter-name>characterEncodingFilter</filter-name> + <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> + <init-param> + <param-name>encoding</param-name> + <param-value>UTF-8</param-value> + </init-param> + <init-param> + <param-name>forceEncoding</param-name> + <param-value>true</param-value> + </init-param> + </filter> + <filter-mapping> + <filter-name>characterEncodingFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + + <welcome-file-list> + <welcome-file>index.html</welcome-file> + </welcome-file-list> + + <session-config> + <session-timeout>5</session-timeout> + </session-config> + + <error-page> + <error-code>500</error-code> + <location>/errorpage.jsp</location> + </error-page> + + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>UserDatabase</realm-name> + </login-config> + <security-role> + <description>The role that is required to log in to the moa Application</description> + <role-name>moa-admin</role-name> + </security-role> + +</web-app> diff --git a/id/server/legacy-backup/stork2-saml-engine/find.save b/id/server/auth-edu/src/main/webapp/index.html index e69de29bb..e69de29bb 100644 --- a/id/server/legacy-backup/stork2-saml-engine/find.save +++ b/id/server/auth-edu/src/main/webapp/index.html diff --git a/id/server/auth-edu/src/main/wsdl/MOA-ID-1.0.wsdl b/id/server/auth-edu/src/main/wsdl/MOA-ID-1.0.wsdl new file mode 100644 index 000000000..ce24e83c9 --- /dev/null +++ b/id/server/auth-edu/src/main/wsdl/MOA-ID-1.0.wsdl @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<definitions name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/ http://schemas.xmlsoap.org/wsdl/"> + <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="MOA-20020812.xsd"/> + <message name="GetAuthenticationDataInput"> + <part name="body" element="samlp:Request"/> + </message> + <message name="GetAuthenticationDataOutput"> + <part name="body" element="samlp:Response"/> + </message> + <message name="MOAFault"> + <part name="body" element="moa:ErrorResponse"/> + </message> + <portType name="IdentificationPortType"> + <operation name="getAuthenticationData"> + <input message="tns:GetAuthenticationDataInput"/> + <output message="tns:GetAuthenticationDataOutput"/> + <fault name="MOAFault" message="tns:MOAFault"/> + </operation> + </portType> + <binding name="IdentificationBinding" type="tns:IdentificationPortType" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/soap/ http://schemas.xmlsoap.org/wsdl/soap/"> + <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> + <operation name="getAuthenticationData"> + <soap:operation soapAction="urn:GetAuthenticationDataAction"/> + <input> + <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </input> + <output> + <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </output> + <fault name="MOAFault"> + <soap:fault name="MOAFault" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </fault> + </operation> + </binding> + <service name="GetAuthenticationDataService"> + <port name="IdentificationPort" binding="tns:IdentificationBinding"> + <soap:address location="http://localhost/moa-id-auth/services/GetAuthenticationData"/> + </port> + </service> +</definitions> diff --git a/id/server/auth-edu/src/main/wsdl/MOA-ID-1.x.wsdl b/id/server/auth-edu/src/main/wsdl/MOA-ID-1.x.wsdl new file mode 100644 index 000000000..218f0f013 --- /dev/null +++ b/id/server/auth-edu/src/main/wsdl/MOA-ID-1.x.wsdl @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<definitions name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/ http://schemas.xmlsoap.org/wsdl/"> + <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="MOA-SPSS-2.0.0.xsd"/> + <message name="GetAuthenticationDataInput"> + <part name="body" element="samlp:Request"/> + </message> + <message name="GetAuthenticationDataOutput"> + <part name="body" element="samlp:Response"/> + </message> + <message name="MOAFault"> + <part name="body" element="moa:ErrorResponse"/> + </message> + <portType name="IdentificationPortType"> + <operation name="getAuthenticationData"> + <input message="tns:GetAuthenticationDataInput"/> + <output message="tns:GetAuthenticationDataOutput"/> + <fault name="MOAFault" message="tns:MOAFault"/> + </operation> + </portType> + <binding name="IdentificationBinding" type="tns:IdentificationPortType" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/soap/ http://schemas.xmlsoap.org/wsdl/soap/"> + <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> + <operation name="getAuthenticationData"> + <soap:operation soapAction="urn:GetAuthenticationDataAction"/> + <input> + <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </input> + <output> + <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </output> + <fault name="MOAFault"> + <soap:fault name="MOAFault" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </fault> + </operation> + </binding> + <service name="GetAuthenticationDataService"> + <port name="IdentificationPort" binding="tns:IdentificationBinding"> + <soap:address location="http://localhost/Identification"/> + </port> + </service> +</definitions> diff --git a/id/server/auth-edu/src/main/wsdl/MOA-SPSS-1.2.xsd b/id/server/auth-edu/src/main/wsdl/MOA-SPSS-1.2.xsd new file mode 100644 index 000000000..8c994f079 --- /dev/null +++ b/id/server/auth-edu/src/main/wsdl/MOA-SPSS-1.2.xsd @@ -0,0 +1,454 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 1.2 Schema +--> +<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <!--########## Create XML Signature ###--> + <!--### Create XML Signature Request ###--> + <xsd:element name="CreateXMLSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreateXMLSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="DataObjectInfo" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="DataObjectInfoType"> + <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="CreateSignatureInfo" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateSignatureEnvironmentProfile"/> + <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create XML Signature Response ###--> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation> + </xsd:annotation> + <xsd:element name="SignatureEnvironment"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element ref="ErrorResponse"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <!--########## Verify CMS Signature ###--> + <!--### Verifiy CMS Signature Request ###--> + <xsd:element name="VerifyCMSSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="VerifyCMSSignatureRequestType"> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> + <xsd:element name="TrustProfileID"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify CMS Signature Response ###--> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify XML Signature ###--> + <!--### Verify XML Signature Request ###--> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="VerifySignatureInfo"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:element name="VerifySignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element ref="SupplementProfile"/> + <xsd:element name="SupplementProfileID" type="xsd:string"/> + </xsd:choice> + <xsd:element name="SignatureManifestCheckParams" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReturnHashInputData" minOccurs="0"/> + <xsd:element name="TrustProfileID"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify XML Signature Response ###--> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="HashInputData" type="ContentExLocRefBaseType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferenceInputData" type="ContentExLocRefBaseType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ProfileIdentifierType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType"/> + <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="FinalDataMetaInfoType"> + <xsd:complexContent> + <xsd:extension base="MetaInfoType"> + <xsd:sequence> + <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="ContentOptionalRefType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateTransformsInfoProfile"/> + <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLDataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="ContentRequiredRefType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSContentBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!--########## Error Response ###--> + <xsd:element name="ErrorResponse" type="ErrorResponseType"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="xsd:integer"/> + <xsd:element name="Info" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Auxiliary Types ###--> + <xsd:simpleType name="KeyIdentifierType"> + <xsd:restriction base="xsd:string"/> + </xsd:simpleType> + <xsd:simpleType name="KeyStorageType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="Software"/> + <xsd:enumeration value="Hardware"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="AnyChildrenType" mixed="true"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute ref="xml:space" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="ContentExLocRefBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentOptionalRefType"> + <xsd:complexContent> + <xsd:extension base="ContentBaseType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentRequiredRefType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="VerifyTransformsDataType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation> + </xsd:annotation> + <xsd:element ref="VerifyTransformsInfoProfile"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string"> + <xsd:annotation> + <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <xsd:element name="QualifiedCertificate"/> + <xsd:element name="PublicAuthority" type="PublicAuthorityType"/> + <xsd:complexType name="PublicAuthorityType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger"/> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="CreateSignatureLocationType"> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:nonNegativeInteger" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="TransformParameterType"> + <xsd:choice minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation> + </xsd:annotation> + <xsd:element name="Base64Content" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="Hash"> + <xsd:annotation> + <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:DigestMethod"/> + <xsd:element ref="dsig:DigestValue"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:choice> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:element name="CreateSignatureEnvironmentProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyTransformsInfoProfile"> + <xsd:annotation> + <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/> + <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/> + <xsd:element name="CreateTransformsInfoProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/> + <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> +</xsd:schema> diff --git a/id/server/auth-final/.gitignore b/id/server/auth-final/.gitignore new file mode 100644 index 000000000..4dc009173 --- /dev/null +++ b/id/server/auth-final/.gitignore @@ -0,0 +1,2 @@ +/target +/bin diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml new file mode 100644 index 000000000..2fb196255 --- /dev/null +++ b/id/server/auth-final/pom.xml @@ -0,0 +1,261 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>MOA.id</groupId> + <artifactId>moa-id</artifactId> + <version>3.x</version> + </parent> + + <modelVersion>4.0.0</modelVersion> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-auth-final</artifactId> + <version>${moa-id-version-final}</version> + <packaging>war</packaging> + <name>MOA ID-Auth-Final</name> + <description>Final release-version of MOA-ID-Auth without education and development functionality</description> + + <properties> + <repositoryPath>${basedir}/../../../repository</repositoryPath> + </properties> + + <repositories> + <repository> + <id>shibboleth.internet2.edu</id> + <name>Internet2</name> + <url>https://build.shibboleth.net/nexus/content/groups/public/</url> + </repository> + </repositories> + + <build> + <!--sourceDirectory>${basedir}/../idserverlib/src/main/java</sourceDirectory--> + <!--testSourceDirectory>${basedir}/../idserverlib/src/test/java</testSourceDirectory--> + <plugins> + + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>versions-maven-plugin</artifactId> + <version>2.1</version> + </plugin> + + +<!-- <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>properties-maven-plugin</artifactId> + <version>1.0-alpha-2</version> + <executions> + <execution> + <phase>initialize</phase> + <goals> + <goal>read-project-properties</goal> + </goals> + <configuration> + <files> + <file>${basedir}/../../../moa-id.properties</file> + </files> + </configuration> + </execution> + </executions> + </plugin> --> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.1.1</version> + <!-- <version>2.0.2</version>--> + <configuration> + <archive> + <manifest> + <addDefaultSpecificationEntries>false</addDefaultSpecificationEntries> + <addDefaultImplementationEntries>true</addDefaultImplementationEntries> + </manifest> + <addMavenDescriptor>false</addMavenDescriptor> + </archive> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>MOA.id</groupId> + <artifactId>moa-spss-container</artifactId> + <type>pom</type> + <exclusions> + <exclusion> + <artifactId>iaik_pki_module</artifactId> + <groupId>iaik</groupId> + </exclusion> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <artifactId>axis-wsdl4j</artifactId> + <groupId>axis</groupId> + </exclusion> + <exclusion> + <artifactId>axis</artifactId> + <groupId>axis</groupId> + </exclusion> + <exclusion> + <artifactId>axis-jaxrpc</artifactId> + <groupId>org.apache.axis</groupId> + </exclusion> + <exclusion> + <artifactId>axis-saaj</artifactId> + <groupId>org.apache.axis</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + </exclusion> + <exclusion> + <artifactId>axis</artifactId> + <groupId>axis</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-spring-initializer</artifactId> + </dependency> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-frontend-resources</artifactId> + </dependency> + + + <!-- Adding eIDAS module dependency automatically adds eIDAS protocol capabilities. --> + <!--dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-eIDAS</artifactId> + </dependency--> + + + <!-- Adding monitoring module dependency automatically adds monitoring capabilities. --> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-monitoring</artifactId> + </dependency> + + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-saml1</artifactId> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-openID</artifactId> + </dependency> + +<!-- <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-elga_mandate_service</artifactId> + </dependency> --> + +<!-- <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-eIDAS</artifactId> + </dependency> --> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + </dependency> + + <!--dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules-federated_authentication</artifactId> + </dependency--> + + <!--dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-ssoTransfer</artifactId> + <version>${moa-id-version}</version> + </dependency--> + + <!-- transitive dependencies we don't want to include into the war --> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_jce_full</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_ecc</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Provider</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xalan</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + <exclusions> + <exclusion> + <groupId>xalan</groupId> + <artifactId>serializer</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xml-apis</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>serializer</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-webmvc</artifactId> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </dependency> + + </dependencies> + +</project> diff --git a/id/server/auth-final/src/main/resources/log4j.properties b/id/server/auth-final/src/main/resources/log4j.properties new file mode 100644 index 000000000..ecdfad165 --- /dev/null +++ b/id/server/auth-final/src/main/resources/log4j.properties @@ -0,0 +1,27 @@ +# commons-logging setup +org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory + +# define log4j root loggers +log4j.rootLogger=info, stdout, R +log4j.logger.at.gv.egovernment.moa=info, R +log4j.logger.at.gv.egovernment.moa.spss=info, R +log4j.logger.iaik.server=info, R +log4j.logger.at.gv.egovernment.moa.id=info, R +log4j.logger.at.gv.egovernment.moa.id.proxy=info, R +log4j.logger.eu.stork=info, R +log4j.logger.org.hibernate=warn, R + +# configure the stdout appender +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +#log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n +log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20.20c | %10t | %m%n + +# configure the rolling file appender (R) +log4j.appender.R=org.apache.log4j.RollingFileAppender +log4j.appender.R.File=${catalina.base}/logs/moa-id.log +log4j.appender.R.MaxFileSize=10000KB +log4j.appender.R.MaxBackupIndex=1 +log4j.appender.R.layout=org.apache.log4j.PatternLayout +log4j.appender.R.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n + diff --git a/id/server/auth/src/main/webapp/META-INF/MANIFEST.MF b/id/server/auth-final/src/main/webapp/META-INF/MANIFEST.MF index 58630c02e..58630c02e 100644 --- a/id/server/auth/src/main/webapp/META-INF/MANIFEST.MF +++ b/id/server/auth-final/src/main/webapp/META-INF/MANIFEST.MF diff --git a/id/server/auth-final/src/main/webapp/WEB-INF/web.xml b/id/server/auth-final/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 000000000..64b6ffcdd --- /dev/null +++ b/id/server/auth-final/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,47 @@ +<?xml version="1.0" encoding="UTF-8"?> +<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_0.xsd" + version="3.0"> + <display-name>MOA ID Auth</display-name> + <description>MOA ID Authentication Service</description> + + <filter> + <filter-name>characterEncodingFilter</filter-name> + <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> + <init-param> + <param-name>encoding</param-name> + <param-value>UTF-8</param-value> + </init-param> + <init-param> + <param-name>forceEncoding</param-name> + <param-value>true</param-value> + </init-param> + </filter> + <filter-mapping> + <filter-name>characterEncodingFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + + <welcome-file-list> + <welcome-file>index.html</welcome-file> + </welcome-file-list> + + <session-config> + <session-timeout>5</session-timeout> + </session-config> + + <error-page> + <error-code>500</error-code> + <location>/errorpage.jsp</location> + </error-page> + + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>UserDatabase</realm-name> + </login-config> + <security-role> + <description>The role that is required to log in to the moa Application</description> + <role-name>moa-admin</role-name> + </security-role> + +</web-app> diff --git a/id/server/auth-final/src/main/webapp/index.html b/id/server/auth-final/src/main/webapp/index.html new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/id/server/auth-final/src/main/webapp/index.html diff --git a/id/server/auth/src/main/wsdl/MOA-ID-1.0.wsdl b/id/server/auth-final/src/main/wsdl/MOA-ID-1.0.wsdl index 5751b3e58..5751b3e58 100644 --- a/id/server/auth/src/main/wsdl/MOA-ID-1.0.wsdl +++ b/id/server/auth-final/src/main/wsdl/MOA-ID-1.0.wsdl diff --git a/id/server/auth/src/main/wsdl/MOA-ID-1.x.wsdl b/id/server/auth-final/src/main/wsdl/MOA-ID-1.x.wsdl index 37f86aad5..37f86aad5 100644 --- a/id/server/auth/src/main/wsdl/MOA-ID-1.x.wsdl +++ b/id/server/auth-final/src/main/wsdl/MOA-ID-1.x.wsdl diff --git a/id/server/auth/src/main/wsdl/MOA-SPSS-1.2.xsd b/id/server/auth-final/src/main/wsdl/MOA-SPSS-1.2.xsd index d7a06d6e7..d7a06d6e7 100644 --- a/id/server/auth/src/main/wsdl/MOA-SPSS-1.2.xsd +++ b/id/server/auth-final/src/main/wsdl/MOA-SPSS-1.2.xsd diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml deleted file mode 100644 index 96f51666f..000000000 --- a/id/server/auth/pom.xml +++ /dev/null @@ -1,242 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>MOA.id</groupId> - <artifactId>moa-id</artifactId> - <version>3.x</version> - </parent> - - <modelVersion>4.0.0</modelVersion> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-auth</artifactId> - <version>${moa-id-version}</version> - <packaging>war</packaging> - <name>MOA ID-Auth WebService</name> - - <properties> - <repositoryPath>${basedir}/../../../repository</repositoryPath> - </properties> - - <repositories> - <repository> - <id>shibboleth.internet2.edu</id> - <name>Internet2</name> - <url>https://build.shibboleth.net/nexus/content/groups/public/</url> - </repository> - </repositories> - - <build> - <!--sourceDirectory>${basedir}/../idserverlib/src/main/java</sourceDirectory--> - <!--testSourceDirectory>${basedir}/../idserverlib/src/test/java</testSourceDirectory--> - <plugins> - - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>versions-maven-plugin</artifactId> - <version>2.1</version> - </plugin> - - -<!-- <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>properties-maven-plugin</artifactId> - <version>1.0-alpha-2</version> - <executions> - <execution> - <phase>initialize</phase> - <goals> - <goal>read-project-properties</goal> - </goals> - <configuration> - <files> - <file>${basedir}/../../../moa-id.properties</file> - </files> - </configuration> - </execution> - </executions> - </plugin> --> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-war-plugin</artifactId> - <version>2.1.1</version> - <!-- <version>2.0.2</version>--> - <configuration> - <archive> - <manifest> - <addDefaultSpecificationEntries>false</addDefaultSpecificationEntries> - <addDefaultImplementationEntries>true</addDefaultImplementationEntries> - </manifest> - <addMavenDescriptor>false</addMavenDescriptor> - </archive> - - <!-- extract moa-id classes for debugging --> - <!--warSourceExcludes>WEB-INF/lib/moa-id-lib*.jar</warSourceExcludes--> - <webResources> - <resource> - <directory>${basedir}/src/main/wsdl</directory> - <targetPath>WEB-INF/classes/resources/wsdl</targetPath> - </resource> - <!-- - <resource> - <directory>${basedir}/../idserverlib/target/classes</directory> - <targetPath>WEB-INF/classes</targetPath> - </resource> ---> - </webResources> - </configuration> - </plugin> - </plugins> - </build> - - <dependencies> - - - <!-- we need Axis 1.1 here, 1.0 is included in SPSS --> - <dependency> - <groupId>axis</groupId> - <artifactId>axis</artifactId> - </dependency> - <dependency> - <groupId>org.tuckey</groupId> - <artifactId>urlrewritefilter</artifactId> - <version>4.0.4</version> - </dependency> - <dependency> - <groupId>MOA.spss.server</groupId> - <artifactId>moa-spss-lib</artifactId> - <exclusions> - <exclusion> - <artifactId>iaik_pki_module</artifactId> - <groupId>iaik</groupId> - </exclusion> - <exclusion> - <artifactId>axis-wsdl4j</artifactId> - <groupId>axis</groupId> - </exclusion> - <exclusion> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-lib</artifactId> - <exclusions> - <exclusion> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - </exclusion> - <exclusion> - <groupId>ch.qos.logback</groupId> - <artifactId>logback-classic</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>eu.stork</groupId> - <artifactId>oasis-dss-api</artifactId> - <version>1.0.0-RELEASE</version> - </dependency> - - <!-- Adding stork module dependency automatically adds stork capabilities. --> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-stork</artifactId> - </dependency> - - <!-- Adding monitoring module dependency automatically adds monitoring capabilities. --> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-monitoring</artifactId> - </dependency> - - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-saml1</artifactId> - </dependency> - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-openID</artifactId> - </dependency> - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-modul-citizencard_authentication</artifactId> - </dependency> - - <!-- transitive dependencies we don't want to include into the war --> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_jce_full</artifactId> - <!-- should be in the ext directory of the jre --> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_ecc</artifactId> - <!-- should be in the ext directory of the jre --> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Provider</artifactId> - <!-- should be in the ext directory of the jre --> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <!-- should be in the ext directory of the jre --> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>xalan</artifactId> - <!-- should be provided by the container or jre --> - <scope>provided</scope> - <exclusions> - <exclusion> - <groupId>xalan</groupId> - <artifactId>serializer</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <!-- should be provided by the container or jre --> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>xml-apis</artifactId> - <!-- should be provided by the container or jre --> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>serializer</artifactId> - <!-- should be provided by the container or jre --> - <scope>provided</scope> - </dependency> - - <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-webmvc</artifactId> - <exclusions> - <exclusion> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - </dependency> - - </dependencies> - -</project> diff --git a/id/server/auth/src/main/resources/META-INF/services/org.apache.axis.components.net.SecureSocketFactory b/id/server/auth/src/main/resources/META-INF/services/org.apache.axis.components.net.SecureSocketFactory deleted file mode 100644 index c4547e804..000000000 --- a/id/server/auth/src/main/resources/META-INF/services/org.apache.axis.components.net.SecureSocketFactory +++ /dev/null @@ -1 +0,0 @@ -at.gv.egovernment.moa.id.util.AxisSecureSocketFactory
diff --git a/id/server/auth/src/main/webapp/Blockdiagramm.png b/id/server/auth/src/main/webapp/Blockdiagramm.png Binary files differdeleted file mode 100644 index 18d5b84a2..000000000 --- a/id/server/auth/src/main/webapp/Blockdiagramm.png +++ /dev/null diff --git a/id/server/auth/src/main/webapp/WCAG-Pruefprotokoll.pdf b/id/server/auth/src/main/webapp/WCAG-Pruefprotokoll.pdf Binary files differdeleted file mode 100644 index 3722c5d7e..000000000 --- a/id/server/auth/src/main/webapp/WCAG-Pruefprotokoll.pdf +++ /dev/null diff --git a/id/server/auth/src/main/webapp/WEB-INF/applicationContext.xml b/id/server/auth/src/main/webapp/WEB-INF/applicationContext.xml deleted file mode 100644 index a3f834457..000000000 --- a/id/server/auth/src/main/webapp/WEB-INF/applicationContext.xml +++ /dev/null @@ -1,23 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:context="http://www.springframework.org/schema/context"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
-
- <context:annotation-config />
-
- <bean id="processEngine" class="at.gv.egovernment.moa.id.process.ProcessEngineImpl">
- <property name="transitionConditionExpressionEvaluator">
- <bean class="at.gv.egovernment.moa.id.process.springweb.SpringWebExpressionEvaluator" />
- </property>
- </bean>
-
- <bean id="authenticationManager" class="at.gv.egovernment.moa.id.moduls.AuthenticationManager" factory-method="getInstance" />
-
- <!-- import auth modules -->
- <import resource="classpath*:**/*.authmodule.beans.xml" />
-
- <bean id="moduleRegistration" class="at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration" factory-method="getInstance" />
-
-</beans>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd b/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd deleted file mode 100644 index 121ec3cf9..000000000 --- a/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd +++ /dev/null @@ -1,29 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<deployment name="defaultClientConfig"
- xmlns="http://xml.apache.org/axis/wsdd/"
- xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"
- xmlns:handler="http://xml.apache.org/axis/wsdd/providers/handler">
-
- <handler name="URLMapper" type="java:org.apache.axis.handlers.http.URLMapper"/>
- <handler name="MsgDispatcher" type="java:org.apache.axis.providers.java.MsgProvider"/>
- <handler name="HTTPAuthHandler" type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/>
-
- <service name="GetAuthenticationData" provider="java:MSG">
- <namespace>urn:oasis:names:tc:SAML:1.0:protocol</namespace>
- <parameter name="allowedMethods" value="Request"/>
- <parameter name="className" value="at.gv.egovernment.moa.id.protocols.saml1.GetAuthenticationDataService"/>
- <wsdlFile>/resources/wsdl/MOA-ID-1.x.wsdl</wsdlFile>
- <requestFlow>
- </requestFlow>
- <responseFlow>
- </responseFlow>
- </service>
-
- <transport name="http">
- <requestFlow>
- <handler type="URLMapper"/>
- <handler type="HTTPAuthHandler"/>
- </requestFlow>
- </transport>
-
-</deployment>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml deleted file mode 100644 index 8f01ca22b..000000000 --- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml +++ /dev/null @@ -1,124 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 4.0//EN" - "http://www.tuckey.org/res/dtds/urlrewrite4.0.dtd"> - -<!-- Configuration file for UrlRewriteFilter http://www.tuckey.org/urlrewrite/ --> -<urlrewrite> - - <rule> - <note> - The rule means that requests to /test/status/ will be redirected to - /rewrite-status - the url will be rewritten. - </note> - <from>/test/status/</from> - <to type="redirect">%{context-path}/rewrite-status</to> - </rule> - - <!-- Legacy Rules --> - <rule match-type="regex"> - <from>^/StartAuthentication$</from> - <to type="forward">/dispatcher?mod=id_saml1&action=GetArtifact</to> - </rule> - <rule match-type="regex"> - <from>^/StartAuthentication\?(.*)$</from> - <to type="forward">/dispatcher?mod=id_saml1&action=GetArtifact&$1</to> - </rule> - - <rule match-type="regex"> - <from>^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)$</from> - <to type="forward">/dispatcher?mod=$1&action=$2</to> - </rule> - <rule match-type="regex"> - <from>^/auth/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)\?(.*)$</from> - <to type="forward">/dispatcher?mod=$1&action=$2&$3</to> - </rule> - - - <rule match-type="regex"> - <from>^/pvp2/metadata$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Metadata&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/redirect$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Redirect&endpointtype=idp&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/post$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Post&endpointtype=idp&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/Soap$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Soap&endpointtype=idp</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/attributequery$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=AttributeQuery&endpointtype=idp</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/sp/redirect$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Redirect&endpointtype=sp&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/pvp2/sp/post$</from> - <to type="forward">/dispatcher?mod=id_pvp2x&action=Post&endpointtype=sp&%{query-string}</to> - </rule> - - - <rule match-type="regex"> - <from>^/stork2/StartAuthentication$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/ResumeAuthentication$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AttributeCollector&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/GetConsent$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=ConsentEvaluator&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/SendPEPSAuthnRequest$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/ServiceProvider$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/SendPEPSAuthnRequestWithoutSignedDoc$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=AuthenticationRequest1&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/stork2/RetrieveMandate$</from> - <to type="forward">/dispatcher?mod=id_stork2&action=MandateRetrievalRequest&%{query-string}</to> - </rule> - - - <rule match-type="regex"> - <from>^/oauth2/auth\\?(.*)$</from> - <to type="forward">/dispatcher?mod=id_oauth20&action=AUTH&%{query-string}</to> - </rule> - <rule match-type="regex"> - <from>^/oauth2/token\\?(.*)$</from> - <to type="forward">/dispatcher?mod=id_oauth20&action=TOKEN&%{query-string}</to> - </rule> - - - <outbound-rule> - <note> - The outbound-rule specifies that when response.encodeURL is called (if - you are using JSTL c:url) - the url /rewrite-status will be rewritten to /test/status/. - - The above rule and this outbound-rule means that end users should never - see the - url /rewrite-status only /test/status/ both in thier location bar and in - hyperlinks - in your pages. - </note> - <from>/rewrite-status</from> - <to>/test/status/</to> - </outbound-rule> - -</urlrewrite> diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml deleted file mode 100644 index 5afc0dee7..000000000 --- a/id/server/auth/src/main/webapp/WEB-INF/web.xml +++ /dev/null @@ -1,184 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" - version="3.0"> - <display-name>MOA ID Auth</display-name> - <description>MOA ID Authentication Service</description> - - <!-- bootstrap loader for spring framework --> - <listener> - <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> - </listener> - - <filter> - <filter-name>characterEncodingFilter</filter-name> - <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> - <init-param> - <param-name>encoding</param-name> - <param-value>UTF-8</param-value> - </init-param> - <init-param> - <param-name>forceEncoding</param-name> - <param-value>true</param-value> - </init-param> - </filter> - <filter-mapping> - <filter-name>characterEncodingFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> - - <!-- exposes request and response to the current thread --> - <filter> - <filter-name>requestContextFilter</filter-name> - <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class> - </filter> - <filter-mapping> - <filter-name>requestContextFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> - - <filter> - <filter-name>UrlRewriteFilter</filter-name> - <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class> - </filter> - <filter-mapping> - <filter-name>UrlRewriteFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> - - <servlet> - <description>Generate BKU Request template</description> - <display-name>GenerateIframeTemplate</display-name> - <servlet-name>GenerateIframeTemplate</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>GenerateIframeTemplate</servlet-name> - <url-pattern>/GenerateIframeTemplate</url-pattern> - </servlet-mapping> - - <servlet> - <display-name>RedirectServlet</display-name> - <servlet-name>RedirectServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.RedirectServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>RedirectServlet</servlet-name> - <url-pattern>/RedirectServlet</url-pattern> - </servlet-mapping> - - <!-- automatically registered by module 'moa-id-module-monitoring' using @WebServlet annotation --> - <!-- - <servlet> - <display-name>MonitoringServlet</display-name> - <servlet-name>MonitoringServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.MonitoringServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>MonitoringServlet</servlet-name> - <url-pattern>/MonitoringServlet</url-pattern> - </servlet-mapping> - --> - - <servlet> - <display-name>SSOSendAssertionServlet</display-name> - <servlet-name>SSOSendAssertionServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.SSOSendAssertionServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>SSOSendAssertionServlet</servlet-name> - <url-pattern>/SSOSendAssertionServlet</url-pattern> - </servlet-mapping> - - <servlet> - <description>SSO LogOut</description> - <display-name>LogOut</display-name> - <servlet-name>LogOut</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.LogOutServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>LogOut</servlet-name> - <url-pattern>/LogOut</url-pattern> - </servlet-mapping> - - <servlet> - <description>IDP Single LogOut Service</description> - <display-name>IDP-SLO</display-name> - <servlet-name>IDPSLO</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.IDPSingleLogOutServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>IDPSLO</servlet-name> - <url-pattern>/idpSingleLogout</url-pattern> - </servlet-mapping> - - <servlet> - <display-name>Apache-Axis Servlet</display-name> - <servlet-name>AxisServlet</servlet-name> - <servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>AxisServlet</servlet-name> - <url-pattern>/services/*</url-pattern> - </servlet-mapping> - - <servlet> - <display-name>Dispatcher Servlet</display-name> - <servlet-name>DispatcherServlet</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.entrypoints.DispatcherServlet</servlet-class> - <load-on-startup>1</load-on-startup> - </servlet> - <servlet-mapping> - <servlet-name>DispatcherServlet</servlet-name> - <url-pattern>/dispatcher</url-pattern> - </servlet-mapping> - - <servlet> - <description>Resumes a suspended process task.</description> - <display-name>ProcessEngineSignal</display-name> - <servlet-name>ProcessEngineSignal</servlet-name> - <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessEngineSignalServlet</servlet-class> - </servlet> - <servlet-mapping> - <!-- do not change this servlet-name --> - <servlet-name>ProcessEngineSignal</servlet-name> - - <!-- Use this url-pattern in order to signal the next (asynchronous) task. --> - <url-pattern>/signalProcess</url-pattern> - - <!-- legacy url patterns for asynchronous tasks (internal default module/processes) --> - <url-pattern>/GetMISSessionID</url-pattern> - <url-pattern>/GetForeignID</url-pattern> - <url-pattern>/VerifyAuthBlock</url-pattern> - <url-pattern>/VerifyCertificate</url-pattern> - <url-pattern>/VerifyIdentityLink</url-pattern> - - <!-- - STORK servlet mappings; automatically registered by the stork module; - refer to at.gv.egovernment.moa.id.auth.modules.stork.STORKWebApplicationInitializer - --> - <!-- - <url-pattern>/PEPSConnectorWithLocalSigning</url-pattern> - <url-pattern>/PEPSConnector</url-pattern> - --> - </servlet-mapping> - - <session-config> - <session-timeout>5</session-timeout> - </session-config> - - <error-page> - <error-code>500</error-code> - <location>/errorpage.jsp</location> - </error-page> - - <login-config> - <auth-method>BASIC</auth-method> - <realm-name>UserDatabase</realm-name> - </login-config> - <security-role> - <description>The role that is required to log in to the moa Application</description> - <role-name>moa-admin</role-name> - </security-role> - -</web-app> diff --git a/id/server/auth/src/main/webapp/anmeldeablauf.png b/id/server/auth/src/main/webapp/anmeldeablauf.png Binary files differdeleted file mode 100644 index 59bdefe62..000000000 --- a/id/server/auth/src/main/webapp/anmeldeablauf.png +++ /dev/null diff --git a/id/server/auth/src/main/webapp/errorpage-auth.jsp b/id/server/auth/src/main/webapp/errorpage-auth.jsp deleted file mode 100644 index 07f3e7f69..000000000 --- a/id/server/auth/src/main/webapp/errorpage-auth.jsp +++ /dev/null @@ -1,50 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
- String errorMessage = (String)request.getAttribute("ErrorMessage");
- String wrongParameters = (String)request.getAttribute("WrongParameters");
-%>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-<% if (errorMessage != null) { %>
-<p>
-<%= errorMessage%><br>
-</p>
-<% } %>
-<% if (exceptionThrown != null) { %>
-<p>
-<%= exceptionThrown.getMessage()%>
-</p>
-<% } %>
-<% if (wrongParameters != null) { %>
-<p>Die Angabe der Parameter ist unvollständig.<br></p>
-<b> <%= wrongParameters %> </b><br>
-<p>
- Beispiele für korrekte Links zur MOA-ID Authentisierung sind:
-</p>
-<p>
-<tt><a href="https://<MOA-URL>/StartAuthentication?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>"></tt>
-</p>
-<p>
-<tt><a href="https://<MOA-URL>/SelectBKU?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"></tt>
-</p>
-<p>
-Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entfällt die Angabe des <i>Target</i> Parameters:
-</p>
-<p>
-<tt><a href="https://<MOA-URL>/StartAuthentication?OA=<OA-URL>&Template=<Template-URL>"></tt>
-</p>
-<p>
-<tt><a href="https://<MOA-URL>/SelectBKU?OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"></tt>
-</p>
-<p>Die Angabe der Parameter <tt>"Template"</tt> und <tt>"BKUSelectionTemplate"</tt> ist optional.</p>
-<% } %>
-</body>
-</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html deleted file mode 100644 index 0c051571b..000000000 --- a/id/server/auth/src/main/webapp/index.html +++ /dev/null @@ -1,91 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> -<html> - <head> - <meta http-equiv="content-type" content="text/html; charset=utf8" > - <title>MOA-ID 3.1.x</title> - <link rel="stylesheet" href="./common/main.css" type="text/css"> - <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> - <link href='https://fonts.googleapis.com/css?family=Roboto:300,400' rel='stylesheet' type='text/css'> - <script language="JavaScript" type="text/javascript"> - - function PVP2LoginIframe(url) { - var el = document.getElementById("demologin"); - var iframe = document.createElement("iframe"); - iframe.setAttribute("src", url); - iframe.setAttribute("width", "240"); - iframe.setAttribute("height", "180"); - iframe.setAttribute("frameborder", "0"); - iframe.setAttribute("scrolling", "no"); - iframe.setAttribute("title", "Login"); - //iframe.setAttribute("scrolling", "yes"); - - iframe.setAttribute("name", "iframelogin"); - iframe.setAttribute("id", "iframelogin"); - - - iframe.setAttribute("onload","iframeLoaded()"); - - var divdemologin = document.getElementById("demologin"); - divdemologin.innerHTML=""; - - el.appendChild(iframe, el); - } - - function iframeLoaded(){ - //console.log(document.title); - var ifr=document.getElementById("iframelogin"); - - //only works on same origin - - /* - var iframedoc=(ifr.contentWindow||ifr.contentDocument); - - //var iframedoc=ifr.contentDocument||iframe.contentWindow.document; - console.log(iframedoc.title); - if(iframedoc.title=="Demo Applikation"){ - ifr.setAttribute("width",480); - ifr.setAttribute("height",240); - - var demologin=document.getElementById("demologin"); - demologin.style.marginRight="250px"; - } - */ - } - - </script> - </head> - <body> - <div id="headline"> - <div class="container"> - <a href="http://www.digitales.oesterreich.gv.at/"><img src="./common/logo_digAT.png"/></a> - <a href="../index.html"><h1>MOA-ID-AUTH </h1></a> - <br/> - </div> - </div> - <div id="description" class="container"> - <p>Bei MOA-ID-AUTH handelt es sich um ein Modul für die Identifizierung und Authentifizierung bei Onlineapplikationen unter Verwendung der Bürgerkarte. - Hier kann sowohl die Smartcard-Variante (e-Card) als auch die Handysignatur verwendet werden. - Die Konfiguration des Modules MOA-ID-Auth erfolgt mit Hilfe des Zusatzmodules MOA-ID-Configuration welches eine web-basierte Konfigurationsschnittstelle zur Verfügung stellt.</p> - </div> - <div id="maincontent" class="container"> - <nav> - <ul> - <!--li><a href="_index.html">Allgemein</a></li--> - <!--li><a href="http://joinup.ec.europa.eu/site/moa-idspss/">Dokumentation</a></li--> - <li><a href="http://joinup.ec.europa.eu/site/moa-idspss/moa-id-3.x/doc/handbook">Dokumentation</a></li> - <!--Link zu den Demo-Clients--> - <li><a href=#>Demo Clients</a></li> - <!--Link zum Konfigtool--> - <li><a href="https://localhost:8443/moa-id-configuration">Konfiguration GUI</a></li> - - </ul> - </nav> - <div id="demologin" class="container"> - <br/> - <a href="#" id="loginButton" class="button" onClick="PVP2LoginIframe('https://menja.iaik.tugraz.at:8443/moa-id-oa/servlet/pvp2login')">Login</a> - <p id="loginText">Über den Login-Button können Sie sich anschließend bei Ihrer Online-Applikation mit der Bürgerkarte oder der Handysignatur anmelden. Dazu müssen Sie allerdings zuvor die Applikation gemäß <a href="http://joinup.ec.europa.eu/site/moa-idspss/moa-id-3.x/doc/handbook/application/application.html#DemoApp_pvp21">Beschreibung</a> konfigurieren.</p> - </div> - </div> - - </body> -</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/info_bk.html b/id/server/auth/src/main/webapp/info_bk.html deleted file mode 100644 index 59aea64cb..000000000 --- a/id/server/auth/src/main/webapp/info_bk.html +++ /dev/null @@ -1,100 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
- <head>
- <title>Information</title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <meta http-equiv="Content-Style-Type" content="text/css">
- <link rel="stylesheet" type="text/css" href="css/index.css">
- </head>
- <body>
- <div id="wrapper">
- <p id="skiplinks">
- <a href="#content">Zum Inhalt springen</a>
- </p>
- <div id="banner">
- <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) -->
- <div id="bannerleft">
- <h1>MOA-Template zur Bürgerkartenauswahl (Musterseite)</h1>
- <!-- Meldung im Browser, wenn JavaScript nicht aktiviert -->
- <noscript>
- <p>
- Bitte aktivieren Sie JavaScript.
- </p>
- </noscript>
- </div>
- <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) -->
- <div id="bannerright">
- <img src="img/logo.jpg" alt="Logo">
- </div>
- </div>
- <div id="main">
- <div id="centercontent">
- <h2 id="contentheader" class="dunkel">
- Informationen zur Bürgerkarte
- </h2>
- <div id="content" class="hell">
- <p>
- <B>Hinweis:</B>
- Für natürliche Personen ist beim Login mit Bürgerkarte keine Erstanmeldung erforderlich.
- </p>
- <p>
- Um mit der Bürgerkarte einsteigen zu können, benötigen Sie:
- </p>
- <ul>
- <li>
- eine Chipkarte, die für die Verwendung als Bürgerkarte geeignet ist, wie zum Beispiel Ihre e-card, Bankomatkarte oder Signaturkarte von A-Trust
- </li>
- <li>
- einen Kartenleser mit den dazugehörigen Treibern
- </li>
- <li>
- eine Bürgerkartensoftware (BKU)
- </li>
- </ul>
- <p> </p>
- <p>oder</p>
- <ul>
- <li>
- ein Mobiltelefon, das zur Nutzung als Handysignatur registriert ist.
- </li>
- </ul>
-<p>
- </p>
-<p>Als Bürgerkartensoftware stehen Ihnen folgende drei Varianten zur Verfügung:
- </p>
- <ul>
- <li><i>Lokale BKU</i>: Diese Software wird lokal auf Ihrem Computer installiert. Die Software finden sie unter <a href="http://www.buergerkarte.at/download.de.php" target="_blank">http://www.buergerkarte.at/download.de.php</a>
- </li>
- <li><i>Online BKU</i>: Mit der Online BKU wird keine lokale Bürgerkartensoftware am PC benötigt. Über JAVA Technologien werden die benötigten Funktionen als Applet im Browser ausgeführt. Einzige Voraussetzung ist eine aktuelle JAVA Version (ab Java 6).
- </li>
- <li><i>Handysignatur</i>: Mit der Handysignatur können Sie sich mittels ihres Mobiltelefons anmelden. Voraussetzung ist eine vorherige Registrierung. Mehr Informationen hierzu finden Sie auf: <a href="https://www.handy-signatur.at/" target="_blank">https://www.handy-signatur.at/</a><br>
- <br>
- <b>Informationen zur Bürgerkarte finden Sie hier:</b>
- </li>
- </ul>
- <ul>
- <li>
- <a href="http://www.digitales.oesterreich.gv.at" target="_blank">Digitales Österreich</a>: Informationen rund um E-Government
- </li>
- <li>
- <a href="http://www.buergerkarte.at" target="_blank">Bürgerkarte</a>: Informationen zur Bürgerkarte
- </li>
- </ul>
- <p>
- <br>
- <b>Hier bekommen Sie Ihre Bürgerkarte:</b>
- </p>
- <ul>
- <li>
- <a href="http://www.a-trust.at/" target="_blank">A-Trust</a>: Aktivieren der Bankomatkarte/e-card als Bürgerkarte oder Registrierung ihres Mobiltelefons als Bürgerkarte oder Ausstellung einer eigenen Bürgerkarte
- </li>
- </ul>
- <p align="center">
- <a href="javascript:history.back();" class="link_nav">zurück</a>
- </p>
- </div>
- </div>
- </div>
- </div>
- </body>
-</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/info_mandates.html b/id/server/auth/src/main/webapp/info_mandates.html deleted file mode 100644 index c46b91636..000000000 --- a/id/server/auth/src/main/webapp/info_mandates.html +++ /dev/null @@ -1,58 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
- <head>
- <title>Information</title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <meta http-equiv="Content-Style-Type" content="text/css">
- <link rel="stylesheet" type="text/css" href="css/index.css">
- </head>
- <body>
- <div id="wrapper">
- <p id="skiplinks">
- <a href="#content">Zum Inhalt springen</a>
- </p>
- <div id="banner">
- <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) -->
- <div id="bannerleft">
- <h1>MOA-Template zur Bürgerkartenauswahl (Musterseite)</h1>
- <!-- Meldung im Browser, wenn JavaScript nicht aktiviert -->
- <noscript>
- <p>
- Bitte aktivieren Sie JavaScript.
- </p>
- </noscript>
- </div>
- <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) -->
- <div id="bannerright">
- <img src="img/logo.jpg" alt="Logo">
- </div>
- </div>
- <div id="main">
- <div id="centercontent">
- <h2 id="contentheader" class="dunkel">
- Information zur Anmeldung mittels elektronischer Vollmacht
- </h2>
- <div id="content" class="hell">
- <p>
- <p>Aktivieren Sie das Kästchen <input type="checkbox" checked="true" readonly="true" enabled="false"/> "in Vertretung anmelden",
- wenn Sie sich als Vertreter für eine andere Person anmelden möchten. Das Vollmachtenservice
- der Stammzahlenregisterbehörde bietet Ihnen Ihre verfügbaren Vollmachten zur Auswahl an.</p>
-
-
- <p>Das Service zum Eintragen einer Vollmacht zwischen zwei natürlichen Personen können Sie
- unter dem Hyperlink <a href="https://vollmachten.stammzahlenregister.gv.at/">Bilaterale Vollmacht</a>
- eintragen.</p>
-
- <p>Als Organwalter (gemäß § 5 Abs. 3 E-GovG) und berufsmäßige Parteinvertreter,
- aktivieren Sie bitte ebenfalls das Kästchen <input type="checkbox" checked="true" readonly="true" enabled="false"/> "in Vertretung anmelden".</p>
-
-
- <p><span style="text-decoration: underline">Hinweis</span>: Welche Vollmachten Ihnen bei der jeweiligen
- Bürgerkartenapplikation zur Verfügung stehen, hängt vom Anwendungsbetreiber ab.</p>
- </p>
- </div>
- </div>
- </div>
- </div>
- </body>
-</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/info_stork.html b/id/server/auth/src/main/webapp/info_stork.html deleted file mode 100644 index 2bdf62711..000000000 --- a/id/server/auth/src/main/webapp/info_stork.html +++ /dev/null @@ -1,42 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
- <head>
- <title>Information (STORK)</title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <meta http-equiv="Content-Style-Type" content="text/css">
- <link rel="stylesheet" type="text/css" href="css/index.css">
- </head>
- <body>
- <div id="wrapper">
- <p id="skiplinks">
- <a href="#content">Go to contents</a>
- </p>
- <div id="banner">
- <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) -->
- <div id="bannerleft">
- <h1>Information using STORK for secure authentication</h1>
- <!-- Meldung im Browser, wenn JavaScript nicht aktiviert -->
- <noscript>
- <p>
- Please activate JavaScript.
- </p>
- </noscript>
- </div>
- <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) -->
- <div id="bannerright">
- <img src="img/stork-logo.png" alt="STORK-Logo">
- </div>
- </div>
- <div id="main">
- <h2 id="contentheader" class="dunkel">
- Information using STORK for secure authentication
- </h2>
- <div id="content" class="hell">
-
- <p>The STORK project makes it easier for citizens to access online public services across borders by implementing Europe-wide interoperable cross border platforms for the mutual recognition of national electronic identity (eID) between participating countries.</p>
- <p>For more information, please consult the STORK website:</p><a href="https://www.eid-stork2.eu/">https://www.eid-stork2.eu/</a>
- </div>
- </div>
- </div>
- </body>
-</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/template_handyBKU.html b/id/server/auth/src/main/webapp/template_handyBKU.html deleted file mode 100644 index 6c3dc563c..000000000 --- a/id/server/auth/src/main/webapp/template_handyBKU.html +++ /dev/null @@ -1,38 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
- <head>
- <title></title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <script language="javascript" type="text/javascript">
- function onAnmeldeSubmit() {
- document.CustomizedForm.submit();
- document.CustomizedForm.Senden.disabled=true;
- }
- </script>
- </head>
- <body onLoad="onAnmeldeSubmit()">
- <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data">
- Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier:
- <input class="button" type="submit" value="Starte Anmeldung" name="Senden">
- <input type="hidden" name="XMLRequest" value="<XMLRequest>">
- <input type="hidden" name="DataURL" value="<DataURL>">
- <input type="hidden" name="PushInfobox" value="<PushInfobox>">
-
- <!-- Angabe der Parameter für die Handy-BKU -->
- <input type="hidden" name="appletWidth" value="<APPLETWIDTH>">
- <input type="hidden" name="appletHeight" value="<APPLETHEIGHT>">
-
- <!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Handy-BKU -->
- <input type="hidden" name="backgroundColor" value="<COLOR>">
-
- <input type="hidden" name="redirecttarget" value="<REDIRECTTARGET>">
- </form>
-
- <form name="CustomizedInfoForm" action="<BKU>" method="post">
- <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
- <input type="hidden" name="DataURL" value="<CertInfoDataURL>">
- </form>
- <form name="DummyForm" action="<BKU>" method="post">
- </form>
- </body>
-</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/template_localBKU.html b/id/server/auth/src/main/webapp/template_localBKU.html deleted file mode 100644 index 0ec8e52c2..000000000 --- a/id/server/auth/src/main/webapp/template_localBKU.html +++ /dev/null @@ -1,30 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
- <head>
- <title></title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <script language="javascript" type="text/javascript">
- function onAnmeldeSubmit() {
- document.CustomizedForm.submit();
- document.CustomizedForm.Senden.disabled=true;
- }
- </script>
- </head>
- <body onLoad="onAnmeldeSubmit()">
- <form target=<REDIRECTTARGET> name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data">
- Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier:
- <input class="button" type="submit" value="Starte Anmeldung" name="Senden">
- <input type="hidden" name="XMLRequest" value="<XMLRequest>">
- <input type="hidden" name="DataURL" value="<DataURL>">
- <input type="hidden" name="PushInfobox" value="<PushInfobox>">
- </form>
-
- <form name="CustomizedInfoForm" action="<BKU>" method="post">
- <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
- <input type="hidden" name="DataURL" value="<CertInfoDataURL>">
- </form>
-
- <form name="DummyForm" action="<BKU>" method="post">
- </form>
- </body>
-</html>
diff --git a/id/server/auth/src/main/webapp/template_onlineBKU.html b/id/server/auth/src/main/webapp/template_onlineBKU.html deleted file mode 100644 index 39d7bb8e1..000000000 --- a/id/server/auth/src/main/webapp/template_onlineBKU.html +++ /dev/null @@ -1,37 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html lang="de">
- <head>
- <title></title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <script language="javascript" type="text/javascript">
- function onAnmeldeSubmit() {
- document.CustomizedForm.submit();
- document.CustomizedForm.Senden.disabled=true;
- }
- </script>
- </head>
- <body onLoad="onAnmeldeSubmit()">
- <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data">
- Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier:
- <input class="button" type="hidden" value="Starte Anmeldung" name="Senden">
- <input type="hidden" name="XMLRequest" value="<XMLRequest>">
- <input type="hidden" name="DataURL" value="<DataURL>">
- <input type="hidden" name="PushInfobox" value="<PushInfobox>">
-
- <!-- Angabe der Parameter fuer die Online-BKU -->
- <input type="hidden" name="appletWidth" value="<APPLETWIDTH>">
- <input type="hidden" name="appletHeight" value="<APPLETHEIGHT>">
-
- <!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Online-BKU -->
- <input type="hidden" name="appletBackgroundColor" value="<COLOR>">
- <input type="hidden" name="redirectTarget" value="<REDIRECTTARGET>">
- </form>
-
- <form name="CustomizedInfoForm" action="<BKU>" method="post">
- <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
- <input type="hidden" name="DataURL" value="<CertInfoDataURL>">
- </form>
- <form name="DummyForm" action="<BKU>" method="post">
- </form>
- </body>
-</html>
diff --git a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html index 2b0115d4a..02b86472b 100644 --- a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html @@ -4,847 +4,29 @@ <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.85em; - /*border-radius: 5px;*/ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /*border-radius: 7px;*/ - margin-bottom: 25px; - min-width: 80px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - #stork h2 { - font-size: 1.0em; - margin-bottom: 2%; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.7em; - min-width: 55px; - /*min-height: 1.1em; - border-radius: 5px;*/ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2 { - font-size: 0.8em; - margin-top: -0.4em; - padding-top: 0.4em; - } - - #bkulogin { - min-height: 150px; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.75em; - min-width: 60px; - /* min-height: 0.95em; - border-radius: 6px; */ - margin-bottom: 5% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2 { - font-size: 0.9em; - margin-top: -0.45em; - padding-top: 0.45em; - } - - #bkulogin { - min-height: 180px; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /* min-height: 1.05em; - border-radius: 7px; */ - margin-bottom: 10%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.0em; - margin-top: -0.50em; - padding-top: 0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.9em; - /* min-height: 1.2em; - border-radius: 8px; */ - margin-bottom: 10%; - max-width: 80px; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.1em; - margin-top: -0.55em; - padding-top: 0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 1.0em; - /* min-height: 1.3em; - border-radius: 10px; */ - margin-bottom: 10%; - max-width: 85px; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2 { - font-size: 1.3em; - margin-top: -0.65em; - padding-top: 0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - position: relative; - top: 50%; - } - - #stork h2 { - font-size: 0.9em; - margin-bottom: 2%; - } - - #bkulogin { - min-width: 190px; - min-height: 170px; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - input[type=button] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - /*margin-bottom: 10px;*/ - /* margin-top: 5px; */ - } - - #mandateLogin { - padding-bottom: 4%; - padding-top: 4%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-bottom: 4%; - /*padding-top: 4%;*/ - position: relative; - clear: both; - text-align: center; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - -/* input[type=button], .sendButton { - background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } - -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: #BUTTON_COLOR#; */ - /*border: 0px;*/ - display: inline-block; - - } - - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - /*text-decoration: underline;*/ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - #ssoSessionTransferBlock { - font-size: 0.8em; - margin-left: 5px; - margin-bottom: 5px; - } - - </style> -<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> -<script type="text/javascript"> - function isIE() { - return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); - } - function isFullscreen() { - try { - return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); - } catch (e) { - return false; - } - } - function isActivexEnabled() { - var supported = null; - try { - supported = !!new ActiveXObject("htmlfile"); - } catch (e) { - supported = false; - } - return supported; - } - function isMetro() { - if (!isIE()) - return false; - return !isActivexEnabled() && isFullscreen(); - } - window.onload=function() { - document.getElementById("localBKU").style.display="block"; - return; - } - function bkuLocalClicked() { - setMandateSelection(); - } - - function bkuOnlineClicked() { - if (isMetro()) - document.getElementById("metroDetected").style.display="block"; - document.getElementById("localBKU").style.display="block"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function bkuHandyClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#HANDY#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function storkClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var ccc = "AT"; - var countrySelection = document.getElementById("cccSelection"); - if (countrySelection != null) { - ccc = document.getElementById("cccSelection").value; - } - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; - iFrameURL += "&CCC=" + ccc; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function generateIFrame(iFrameURL) { - var el = document.getElementById("bkulogin"); - var width = el.clientWidth; - var heigth = el.clientHeight - 20; - var parent = el.parentNode; - - iFrameURL += "&heigth=" + heigth; - iFrameURL += "&width=" + width; - - var iframe = document.createElement("iframe"); - iframe.setAttribute("src", iFrameURL); - iframe.setAttribute("width", el.clientWidth - 1); - iframe.setAttribute("height", el.clientHeight - 1); - iframe.setAttribute("frameborder", "0"); - iframe.setAttribute("scrolling", "no"); - iframe.setAttribute("title", "Login"); - parent.replaceChild(iframe, el); - } - function setMandateSelection() { - document.getElementById("moaidform").action = "#AUTH_URL#"; - document.getElementById("useMandate").value = "false"; - var checkbox = document.getElementById("mandateCheckBox"); - if (checkbox != null) { - if (document.getElementById("mandateCheckBox").checked) { - document.getElementById("useMandate").value = "true"; - } - } - } - function onChangeChecks() { - if (self.innerWidth < 650) { - document.getElementById("moaidform").setAttribute("target","_parent"); - } else { - document.getElementById("moaidform").removeAttribute("target"); - } - - } - - function checkIfBrowserSupportsJava(){ - console.log("Browser is Chrome: "+checkIfBrowserIsChrome()); - console.log("Browser is Safari: "+checkIfBrowserIsSafari()); - console.log("Browser is Edge: "+checkIfBrowserIsEdge()); - - var cnt = 0; - - if(checkIfBrowserIsChrome())cnt++; - if(checkIfBrowserIsEdge())cnt++; - if(checkIfBrowserIsSafari())cnt++; - - if(cnt==0 || cnt>1)//cnt>1 means perhaps wrong detection - return true; - - var image = document.getElementById("bkuimage"); - var srcatt = image.getAttribute("src"); - var last = srcatt.substring(srcatt.lastIndexOf('/')+1); - srcatt = srcatt.replace(last,'online-bku-deactivated.png'); - image.setAttribute("src",srcatt); - - - var button = document.getElementsByName("bkuButtonOnline")[0]; - button.setAttribute("class","browserInfoButton"); - button.setAttribute("title","Java wird nicht unterstützt, klicken für mehr Informationen."); - button.setAttribute("onClick","alert('Java wird von Ihrem Browser nicht unterstützt, ist jedoch für den Betrieb der Online Bürgerkartenumgebung notwendig.\\nWollen Sie dennoch die Online Bürgerkartenumgebung verwenden, wird zur Zeit Java noch von Firefox und MS Internet Explorer unterstützt. \\nAlternativ koennen Sie auch eine lokale Bürgerkartenumgebung verwenden, verfügbar unter www.buergerkarte.at.');"); - - return false; + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> - } - function checkIfBrowserIsChrome(){ - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = false; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && webstore_defined; - } - function checkIfBrowserIsEdge(){//edge also defines the chrome object, but not the webapp - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = true; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && !webstore_defined; - } - function checkIfBrowserIsSafari(){ - var cond1 = Object.prototype.toString.call(window.HTMLElement).indexOf('Constructor') > 0; - return cond1; - } -/* function setSSOSelection() { - document.getElementById("useSSO").value = "false"; - var checkbox = document.getElementById("SSOCheckBox"); - if (checkbox != null) { - if (document.getElementById("SSOCheckBox").checked) { - document.getElementById("useSSO").value = "true"; - } - } - } */ - -/* function checkMandateSSO() { - var sso = document.getElementById("SSOCheckBox"); - var mandate = document.getElementById("mandateCheckBox"); - - - if (sso.checked && mandate.checked) { - alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!") - mandate.checked = false; - sso.checked = false; - return true; - } else { - return false; - } - } */ - </script> + <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> + <script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script> + + <title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title> </head> <body onload="onChangeChecks();checkIfBrowserSupportsJava();" onresize="onChangeChecks();"> <div id="page"> <div id="page1" class="case selected-case" role="main"> - <h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2> + <h2 class="OA_header" role="heading">Anmeldung an: $OAName</h2> <div id="main"> <div id="leftcontent" class="hell" role="application"> <div id="bku_header" class="dunkel"> - <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> + <h2 id="tabheader" class="dunkel" role="heading">$HEADER_TEXT</h2> </div> <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style="#MANDATEVISIBLE#"> + <div id="mandateLogin" style=""> <div> <input tabindex="1" type="checkbox" name="Mandate" id="mandateCheckBox" class="verticalcenter" role="checkbox" - onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#> + onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'$MANDATECHECKED> <label for="mandateCheckBox" class="verticalcenter">in Vertretung anmelden</label> <!--a href="info_mandates.html" @@ -855,43 +37,41 @@ </div> <div id="bkuselectionarea"> <div id="bkukarte"> - <img id="bkuimage" class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png" + <img id="bkuimage" class="bkuimage" src="$contextPath/img/online-bku.png" alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /> </div> <div id="bkuhandy"> - <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png" + <img class="bkuimage" src="$contextPath/img/mobile-bku.png" alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" onClick="bkuHandyClicked();" tabindex="3" role="button" value="HANDY" /> </div> </div> <div id="localBKU"> - <form method="get" id="moaidform" action="#AUTH_URL#" + <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> - <input type="hidden" name="bkuURI" value="#LOCAL#"> <input - type="hidden" name="useMandate" id="useMandate"> <input - type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="ccc" id="ccc"> <input type="hidden" - name="MODUL" value="#MODUL#"> <input type="hidden" - name="ACTION" value="#ACTION#"> <input type="hidden" - name="MOASessionID" value="#SESSIONID#"> - <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();"> + <input type="hidden" name="bkuURI" value="$bkuLocal" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="SSO" id="useSSO" /> + <input type="hidden" name="ccc" id="ccc" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" + role="button" onclick="setMandateSelection();"> </form> </div> <!-- Single Sign-On Session transfer functionality --> <!--div id="ssoSessionTransferBlock"> - <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + <a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> </div--> - <div id="stork" align="center" style="#STORKVISIBLE#"> + <div id="stork" align="center" style="$STORKVISIBLE"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" > - #PEPSLIST# + $countryList </select> <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button> <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a> @@ -907,16 +87,6 @@ </div> </div> </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> <img - style="border: 0; width: 88px; height: 31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> - </a> <a href="http://jigsaw.w3.org/css-validator/"> <img - style="border: 0; width: 88px; height: 31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> </div> </body> </html> diff --git a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html index 07d018a94..7ae4b3f92 100644 --- a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html +++ b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html @@ -3,556 +3,7 @@ <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.7em; - border-radius: 5px; - } - - #bkuselectionarea button { - font-size: 0.85em; - border-radius: 7px; - margin-bottom: 25px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 440px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - padding-bottom: 15px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #selectArea h3 { - margin-bottom: 25px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 100px; - height: 30px; - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px;*/ - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 90px; - margin-bottom: 10px; - } - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - min-height: 1.2em; - border-radius: 5px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.8em; - min-width: 65px; - min-height: 1.3em; - /* border-radius: 5px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.8em; - margin-top: -0.4em; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - - #localBKU input { - font-size: 0.85em; - min-width: 80px; - min-height: 0.95em; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.85em; - min-width: 70px; - min-height: 0.95em; - /* border-radius: 6px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.9em; - margin-top: -0.45em; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.0em; - min-height: 1.05em; - /* border-radius: 7px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.0em; - margin-top: -0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.1em; - min-height: 1.2em; - /* border-radius: 8px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.1em; - margin-top: -0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.3em; - margin-top: -0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - min-width: 190px; -/* min-height: 190px; */ - vertical-align: middle; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - padding-top: 1%; - position: relative; - top: 50%; - } - - #bkulogin { - min-width: 190px; - min-height: 150px; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 70%; - height: 11%; - min-width: 60px; - min-height: 25px; - } - - #selectArea h3 { - margin-top: 2%; - } - - button { - height: 11%; - width: 70%; - } - } - - * { - margin: 0; - padding: 0; -/* border: 0; */ - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - margin-bottom: 10px; - margin-top: 5px; - } - - #mandateLogin { - padding-bottom: 2%; - padding-top: 2%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin > div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-left: 5%; - padding-right: 2%; - padding-bottom: 2%; - position: relative; - clear: both; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - - button, .sendButton { -/* background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: 3px 3px 3px #222222; */ - } - - button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { -/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: -1px -1px 3px #222222; */ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - </style> - + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> <title>Anmeldung an Online-Applikation</title> </head> @@ -574,25 +25,21 @@ </div> <div id="selectArea" class="hell" role="application"> - <h3>Anmeldung an: #OAName#</h3> + <h3>Anmeldung an: $OAName</h3> <!-- <div class="hell"> --> <div id="leftbutton"> - <form method="post" id="moaidform_yes" action="#URL#"> + <form method="post" id="moaidform_yes" action="$contextPath$submitEndpoint"> <input type="hidden" name="value" value="true"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Ja" class="setAssertionButton_full" role="button"> </form> </div> <div id="rightbutton"> - <form method="post" id="moaidform_no" action="#URL#"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> <input type="hidden" name="value" value="false"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Nein" class="setAssertionButton_full" role="button"> </form> </div> @@ -600,18 +47,6 @@ </div> </div> </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> - <img style="border:0;width:88px;height:31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" - alt="HTML5 ist valide!" /> - </a> - <a href="http://jigsaw.w3.org/css-validator/"> - <img style="border:0;width:88px;height:31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> </div> </body> </html> diff --git a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties index 825a9f138..8f7e0efaf 100644 --- a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties +++ b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties @@ -66,7 +66,7 @@ general.login.pvp2.isactive=true general.login.pvp2.idp.metadata.url=https://localhost:8443/moa-id-auth/pvp2/metadata general.login.pvp2.idp.metadata.certificate=$PATH_TO_CONFIG$/conf/moa-id-configuration/keys/moa_idp.crt -general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth +general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth/pvp2/metadata general.login.pvp2.idp.sso.logout.url=https://localhost:8443/moa-id-auth/LogOut?redirect= general.login.pvp2.metadata.entities.name=MOA-ID 2.x Configuration Tool diff --git a/id/server/data/deploy/conf/moa-id-oa/oa.properties b/id/server/data/deploy/conf/moa-id-oa/oa.properties index f247dcea6..ff5bd0c03 100644 --- a/id/server/data/deploy/conf/moa-id-oa/oa.properties +++ b/id/server/data/deploy/conf/moa-id-oa/oa.properties @@ -8,7 +8,7 @@ general.publicURLContext=https://localhost:8443/moa-id-oa general.login.pvp2.idp.metadata.url=https://localhost:8443/moa-id-auth/pvp2/metadata general.login.pvp2.idp.metadata.certificate=$PATH_TO_CONFIG$/conf/moa-id-oa/keys/moa_idp.crt -general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth +general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth/pvp2/metadata general.login.pvp2.OA.metadata.entities.name=MOA-ID 2.x Demo-Application diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml b/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml new file mode 100644 index 000000000..9fef4fa2e --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SWModule encrypt with JKS.</comment> + <entry key="keystorePath">keys/eidasKeyStore.jks</entry> + <entry key="keyStorePassword">local-demo</entry> + <entry key="keyPassword">local-demo</entry> + + <!-- Management of the encryption activation --> + <entry key="encryptionActivation">eIDAS/encryptionConf.xml</entry> + + + <entry key="responseToPointIssuer.BE">CN=local-demo-cert, OU=DIGIT, O=European Comission, L=Brussels, ST=Belgium,C=BE</entry> + <entry key="responseToPointSerialNumber.BE">54C8F779</entry> + + <!-- If not present then no decryption will be applied on response --> + <entry key="responseDecryptionIssuer">CN=local-demo-cert, OU=DIGIT, O=European Comission, L=Brussels, ST=Belgium, C=BE</entry> + <entry key="serialNumber">54C8F779</entry> + + <entry key="keystoreType">JKS</entry> +</properties>
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/SamlEngine_basics.xml b/id/server/data/deploy/conf/moa-id/eIDAS/SamlEngine_basics.xml new file mode 100644 index 000000000..2327fb0d8 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/eIDAS/SamlEngine_basics.xml @@ -0,0 +1,98 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SAML constants for AuthnRequests and Responses.</comment> + + <!-- + Types of consent obtained from the user for this authentication and + data transfer. + Allow values: 'unspecified'. + --> + <entry key="consentAuthnRequest">unspecified</entry> + <!-- + Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', 'unspecified'. + --> + <entry key="consentAuthnResponse">obtained</entry> + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + --> + <entry key="formatEntity">entity</entry> + + <!--Only HTTP-POST binding is only supported for inter PEPS--> + <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> + <entry key="protocolBinding">HTTP-POST</entry> + + <entry key="eIDSectorShare">false</entry> + <entry key="eIDCrossSectorShare">false</entry> + <entry key="eIDCrossBorderShare">false</entry> + + <!-- Attributes with require option --> + <entry key="isRequired">true</entry> + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="friendlyName">false</entry> + + <!--PEPS in the Service Provider's country--> + <entry key="requester">http://S-PEPS.gov.xx</entry> + + <!--PEPS in the citizen's origin country--> + <entry key="responder">http://C-PEPS.gov.xx</entry> + + <!--Subject cannot be confirmed on or after this seconds time (positive number)--> + <entry key="timeNotOnOrAfter">300</entry> + + <!--Validation IP of the response--> + <entry key="ipAddrValidation">false</entry> + + <!--One time use--> + <entry key="oneTimeUse">true</entry> + + <!--Subject Attribute Definitions--> + <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> + <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> + <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> + <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> + <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> + <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> + <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> + <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> + <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> + <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> + <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> + <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> + <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> + <entry key="title">http://www.stork.gov.eu/1.0/title</entry> + <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> + <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> + <entry key="age">http://www.stork.gov.eu/1.0/age</entry> + <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> + <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> + <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry> + <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> + <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry> + + + <!--Subject Attribute Definitions eidas format, natural person --> + <entry key="eidas/attributes/CurrentFamilyName">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry> + <entry key="eidas/attributes/CurrentGivenName">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry> + <entry key="eidas/attributes/DateOfBirth">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry> + <entry key="eidas/attributes/PersonIdentifier">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry> + <entry key="eidas/attributes/BirthName">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry> + <entry key="eidas/attributes/PlaceOfBirth">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry> + <entry key="eidas/attributes/CurrentAddress">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry> + <entry key="eidas/attributes/Gender">http://eidas.europa.eu/attributes/naturalperson/Gender</entry> + <!--Subject Attribute Definitions eidas format, legal person --> + <entry key="eidas/attributes/LegalPersonIdentifier">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry> + <entry key="eidas/attributes/LegalAddress">http://eidas.europa.eu/attributes/legalperson/LegalAddress</entry> + <entry key="eidas/attributes/LegalName">http://eidas.europa.eu/attributes/legalperson/LegalName</entry> + <entry key="eidas/attributes/VATRegistration">http://eidas.europa.eu/attributes/legalperson/VATRegistration</entry> + <entry key="eidas/attributes/TaxReference">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry> + <entry key="eidas/attributes/D-2012-17-EUIdentifier">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry> + <entry key="eidas/attributes/LEI">http://eidas.europa.eu/attributes/legalperson/LEI</entry> + <entry key="eidas/attributes/EORI">http://eidas.europa.eu/attributes/legalperson/EORI</entry> + <entry key="eidas/attributes/SEED">http://eidas.europa.eu/attributes/legalperson/SEED</entry> + <entry key="eidas/attributes/SIC">http://eidas.europa.eu/attributes/legalperson/SIC</entry> + +</properties>
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/SignModule.xml b/id/server/data/deploy/conf/moa-id/eIDAS/SignModule.xml new file mode 100644 index 000000000..745580428 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/eIDAS/SignModule.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SWModule sign with JKS.</comment> + <entry key="keystorePath">keys/eidasKeyStore_Service_CB.jks</entry> + <entry key="keyStorePassword">local-demo</entry> + <entry key="keyPassword">local-demo</entry> + <entry key="issuer">CN=cpeps-cb-demo-certificate, OU=STORK, O=CPEPS, L=EU, ST=EU, C=CB</entry> + <entry key="serialNumber">54C8F839</entry> + <entry key="keystoreType">JKS</entry> + + <entry key="metadata.keystorePath">keys/eidasKeyStore_METADATA.jks</entry> + <entry key="metadata.keyStorePassword">local-demo</entry> + <entry key="metadata.keyPassword">local-demo</entry> + <entry key="metadata.issuer">CN=metadata, OU=DIGIT, O=EC, L=Brussels, ST=EU, C=BE</entry> + <entry key="metadata.serialNumber">561BC0C8</entry> + <entry key="metadata.keystoreType">JKS</entry> +</properties> diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/encryptionConf.xml b/id/server/data/deploy/conf/moa-id/eIDAS/encryptionConf.xml new file mode 100644 index 000000000..ff8307f10 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/eIDAS/encryptionConf.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> +<properties> + <entry key="EncryptTo.CA">false</entry> + + <entry key="EncryptTo.CB">false</entry> + + <entry key="EncryptTo.CC">false</entry> + + <entry key="EncryptTo.CD">false</entry> + + <entry key="EncryptTo.CF">false</entry> + +</properties>
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css new file mode 100644 index 000000000..aa1242371 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css @@ -0,0 +1,665 @@ +@charset "utf-8"; + @media screen and (min-width: 650px) { + + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: center; + background-color: #6B7B8B; + } + + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #localBKU p { + font-size: 0.7em; + } + + #localBKU input{ + font-size: 0.85em; + /*border-radius: 5px;*/ + } + + #bkuselectionarea input[type=button] { + font-size: 0.85em; + /*border-radius: 7px;*/ + margin-bottom: 25px; + min-width: 80px; + } + + #mandateLogin { + font-size: 0.85em; + } + + #bku_header h2 { + font-size: 0.8em; + } + + + #page { + display: block; + border: 2px solid rgb(0,0,0); + width: 650px; + height: 460px; + margin: 0 auto; + margin-top: 5%; + position: relative; + border-radius: 25px; + background: rgb(255,255,255); + } + + #page1 { + text-align: center; + } + + #main { + /* clear:both; */ + position:relative; + margin: 0 auto; + /*width: 250px;*/ + text-align: center; + } + + .OA_header { + /* background-color: white;*/ + font-size: 20pt; + margin-bottom: 25px; + margin-top: 25px; + } + + #leftcontent { + /*float:left; */ + width:250px; + margin-bottom: 25px; + text-align: left; + border: 1px solid rgb(0,0,0); + } + + #selectArea { + font-size: 15px; + padding-bottom: 65px; + } + + #leftcontent { + width: 300px; + /*margin-top: 30px;*/ + margin: auto; + } + + #bku_header { + height: 5%; + padding-bottom: 3px; + padding-top: 3px; + } + + #bkulogin { + overflow:hidden; + min-width: 190px; + min-height: 180px; + /*height: 260px;*/ + } + + h2#tabheader{ + font-size: 1.1em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + #stork h2 { + font-size: 1.0em; + margin-bottom: 2%; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 100px; + height: 30px + } + + #leftbutton { + width: 30%; + float:left; + margin-left: 40px; + } + + #rightbutton { + width: 30%; + float:right; + margin-right: 45px; + text-align: right; + } + + button { + height: 25px; + width: 75px; + margin-bottom: 10px; + } + + + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } + + } + + @media screen and (max-width: 205px) { + #localBKU p { + font-size: 0.6em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #localBKU input { + font-size: 0.6em; + min-width: 60px; + /* max-width: 65px; */ + min-height: 1.0em; + /* border-radius: 5px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.7em; + min-width: 55px; + /*min-height: 1.1em; + border-radius: 5px;*/ + margin-bottom: 2% + } + + #mandateLogin { + font-size: 0.65em; + } + + #bku_header h2 { + font-size: 0.8em; + margin-top: -0.4em; + padding-top: 0.4em; + } + + #bkulogin { + min-height: 150px; + } + } + + @media screen and (max-width: 249px) and (min-width: 206px) { + #localBKU p { + font-size: 0.7em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #localBKU input { + font-size: 0.7em; + min-width: 70px; + /* max-width: 75px; */ + min-height: 0.95em; + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.75em; + min-width: 60px; + /* min-height: 0.95em; + border-radius: 6px; */ + margin-bottom: 5% + } + + #mandateLogin { + font-size: 0.75em; + } + + #bku_header h2 { + font-size: 0.9em; + margin-top: -0.45em; + padding-top: 0.45em; + } + + #bkulogin { + min-height: 180px; + } + } + + @media screen and (max-width: 299px) and (min-width: 250px) { + #localBKU p { + font-size: 0.9em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 75px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.85em; + /* min-height: 1.05em; + border-radius: 7px; */ + margin-bottom: 10%; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2 { + font-size: 1.0em; + margin-top: -0.50em; + padding-top: 0.50em; + } + } + + @media screen and (max-width: 399px) and (min-width: 300px) { + #localBKU p { + font-size: 0.9em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 75px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.9em; + /* min-height: 1.2em; + border-radius: 8px; */ + margin-bottom: 10%; + max-width: 80px; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2 { + font-size: 1.1em; + margin-top: -0.55em; + padding-top: 0.55em; + } + } + + @media screen and (max-width: 649px) and (min-width: 400px) { + #localBKU p { + font-size: 0.9em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 80px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 1.0em; + /* min-height: 1.3em; + border-radius: 10px; */ + margin-bottom: 10%; + max-width: 85px; + } + + #mandateLogin { + font-size: 1.2em; + } + + #bku_header h2 { + font-size: 1.3em; + margin-top: -0.65em; + padding-top: 0.65em; + } + } + + + + @media screen and (max-width: 649px) { + + body { + margin:0; + padding:0; + color : #000; + text-align: center; + font-size: 100%; + background-color: $MAIN_BACKGOUNDCOLOR; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; + display: none; + } + + .OA_header { + margin-bottom: 0px; + margin-top: 0px; + font-size: 0pt; + visibility: hidden; + } + + #leftcontent { + visibility: visible; + margin-bottom: 0px; + text-align: left; + border:none; + vertical-align: middle; + min-height: 173px; + min-width: 204px; + + } + + #bku_header { + height: 10%; + min-height: 1.2em; + margin-top: 1%; + } + + h2#tabheader{ + padding-left: 2%; + padding-right: 2%; + position: relative; + top: 50%; + } + + #stork h2 { + font-size: 0.9em; + margin-bottom: 2%; + } + + #bkulogin { + min-width: 190px; + min-height: 155px; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + input[type=button] { +/* height: 11%; */ + width: 70%; + } + } + + * { + margin: 0; + padding: 0; + #if($FONTTYPE) + font-family: $FONTTYPE; + #end + } + + #selectArea { + padding-top: 10px; + padding-bottom: 55px; + padding-left: 10px; + } + + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + #leftbutton { + width: 35%; + float:left; + margin-left: 15px; + } + + #rightbutton { + width: 35%; + float:right; + margin-right: 25px; + text-align: right; + } + + #stork { + /*margin-bottom: 10px;*/ + /* margin-top: 5px; */ + } + + #mandateLogin { + padding-bottom: 4%; + padding-top: 4%; + height: 10%; + position: relative; + text-align: center; + } + + .verticalcenter { + vertical-align: middle; + } + + #mandateLogin div { + clear: both; + margin-top: -1%; + position: relative; + top: 50%; + } + + #bkuselectionarea { + position: relative; + display: block; + } + + #localBKU { + padding-bottom: 4%; + /*padding-top: 4%;*/ + position: relative; + clear: both; + text-align: center; + } + + #bkukarte { + float:left; + text-align:center; + width:40%; + min-height: 70px; + padding-left: 5%; + padding-top: 2%; + } + + #bkuhandy { + float:right; + text-align:center; + width:40%; + min-height: 90px; + padding-right: 5%; + padding-top: 2%; + } + + .bkuimage { + width: 60%; + height: auto; + margin-bottom: 10%; + } + + #mandate{ + text-align:center; + padding : 5px 5px 5px 5px; + } + +/* input[type=button], .sendButton { + background: $BUTTON_BACKGROUNDCOLOR; + color: $BUTTON_COLOR; +/* border:1px solid #000; */ +/* cursor: pointer; +/* box-shadow: 3px 3px 3px #222222; */ +/* } + +/* button:hover, button:focus, button:active, + .sendButton:hover , .sendButton:focus, .sendButton:active, + #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { + background: $BUTTON_BACKGROUNDCOLOR_FOCUS; + color: $BUTTON_COLOR; +/* border:1px solid #000; */ +/* cursor: pointer; +/* box-shadow: -1px -1px 3px #222222; */ +/* } + +*/ + input { + /*border:1px solid #000;*/ + cursor: pointer; + } + + #localBKU input { +/* color: $BUTTON_COLOR; */ + /*border: 0px;*/ + display: inline-block; + + } + + #localBKU input:hover, #localBKU input:focus, #localBKU input:active { + /*text-decoration: underline;*/ + } + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + + .selectText{ + + } + + .selectTextHeader{ + + } + + .sendButton { + width: 30%; + margin-bottom: 1%; + } + + #leftcontent a { + text-decoration:none; + color: #000; + /* display:block;*/ + padding:4px; + } + + #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { + text-decoration:underline; + color: #000; + } + + .infobutton { + background-color: #005a00; + color: white; + font-family: serif; + text-decoration: none; + padding-top: 2px; + padding-right: 4px; + padding-bottom: 2px; + padding-left: 4px; + font-weight: bold; + } + + .hell { + background-color : $MAIN_BACKGOUNDCOLOR; + color: $MAIN_COLOR; + } + + .dunkel { + background-color: $HEADER_BACKGROUNDCOLOR; + color: $HEADER_COLOR; + } + + .main_header { + color: black; + font-size: 32pt; + position: absolute; + right: 10%; + top: 40px; + + } + + #ssoSessionTransferBlock { + font-size: 0.8em; + margin-left: 5px; + margin-bottom: 5px; + } + + #alert_area { + width: 500px; + padding-left: 80px; + } + + #processInfoArea { + margin-bottom: 15px; + margin-top: 15px; + } + #processSelectionArea { + width: 550px; + margin-left: 25px; + margin-top: 35px; + } + .processSelectionButtonArea { + float: none; + margin-bottom: 20px; + height: 35px; + } + .processSelectionButton { + background: #ababab; + cursor: pointer; + height: 30px; + width: 200px; + float: right; + border-style: solid; + border-bottom-width: 2px; + border-right-width: 2px; + border-left-width: 1px; + border-top-width: 1px; + border-color: #000000; + } + .buttonDescription { + float: left; + margin-left: 10px; + padding-top: 4px; + text-align: left; + width: 330px; + } + #processContent { + margin-top: 25px; + }
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/error_message.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/error_message.html new file mode 100644 index 000000000..4fd4d63cd --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/error_message.html @@ -0,0 +1,37 @@ +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" href="$contextPath/css/buildCSS" /> + + <title>An error arise ... </title> +</head> + + <body> + <div id="page"> + <div id="page1" class="case selected-case" role="main"> + <h2 class="OA_header" role="heading">Authentication error arise</h2> + <!--div id="main"--> + <!--div id="leftcontent" class="hell" role="application"--> + + + + <div id="alert_area" class="hell" role="application" > + <p>The authentication stops on account of a process error:</p> + <br/> + <p><b>Error Code:</b> $errorCode</p> + <p><b>Error Message:</b >$errorMsg</p> + </div> + + + #if($stacktrace) + <div> + <p><b>Stacktrace:</b> $stacktrace</p> + </div> + #end + + <!--/div---> + <!--/div--> + </div> + </div> +</body> +</html>
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js b/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js new file mode 100644 index 000000000..eadb65b2b --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js @@ -0,0 +1,200 @@ +function isIE() { + return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); + } + function isFullscreen() { + try { + return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); + } catch (e) { + return false; + } + } + function isActivexEnabled() { + var supported = null; + try { + supported = !!new ActiveXObject("htmlfile"); + } catch (e) { + supported = false; + } + return supported; + } + function isMetro() { + if (!isIE()) + return false; + return !isActivexEnabled() && isFullscreen(); + } + window.onload=function() { + document.getElementById("localBKU").style.display="block"; + return; + } + function bkuLocalClicked() { + setMandateSelection(); + } + + function bkuOnlineClicked() { + if (isMetro()) + document.getElementById("metroDetected").style.display="block"; + document.getElementById("localBKU").style.display="block"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var iFrameURL = "$contextPath$submitEndpoint" + "?"; + iFrameURL += "&pendingid=" + "$pendingReqID"; + + iFrameURL += "&bkuURI=" + "$bkuOnline"; + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; + + generateIFrame(iFrameURL); + } + function bkuHandyClicked() { + document.getElementById("localBKU").style.display="none"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var iFrameURL = "$contextPath$submitEndpoint" + "?"; + iFrameURL += "&pendingid=" + "$pendingReqID"; + + iFrameURL += "&bkuURI=" + "$bkuHandy"; + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; + + generateIFrame(iFrameURL); + } + function storkClicked() { + document.getElementById("localBKU").style.display="none"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var ccc = "AT"; + var countrySelection = document.getElementById("cccSelection"); + if (countrySelection != null) { + ccc = document.getElementById("cccSelection").value; + } + var iFrameURL = "$contextPath$submitEndpoint" + "?"; + iFrameURL += "&pendingid=" + "$pendingReqID"; + + #if($bkuOnline) + iFrameURL += "&bkuURI=" + "$bkuOnline"; + #end + + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; + iFrameURL += "&CCC=" + ccc; + + generateIFrame(iFrameURL); + } + function generateIFrame(iFrameURL) { + var el = document.getElementById("bkulogin"); + var width = el.clientWidth; + var heigth = el.clientHeight - 20; + var parent = el.parentNode; + + iFrameURL += "&heigth=" + heigth; + iFrameURL += "&width=" + width; + + var iframe = document.createElement("iframe"); + iframe.setAttribute("src", iFrameURL); + iframe.setAttribute("width", el.clientWidth - 1); + iframe.setAttribute("height", el.clientHeight - 1); + iframe.setAttribute("frameborder", "0"); + iframe.setAttribute("scrolling", "no"); + iframe.setAttribute("title", "Login"); + parent.replaceChild(iframe, el); + } + function setMandateSelection() { + document.getElementById("useMandate").value = "false"; + var checkbox = document.getElementById("mandateCheckBox"); + if (checkbox != null) { + if (document.getElementById("mandateCheckBox").checked) { + document.getElementById("useMandate").value = "true"; + } + } + } + function onChangeChecks() { + if (self.innerWidth < 650) { + document.getElementById("moaidform").setAttribute("target","_parent"); + } else { + document.getElementById("moaidform").removeAttribute("target"); + } + + } + + function checkIfBrowserSupportsJava(){ + console.log("Browser is Chrome: "+checkIfBrowserIsChrome()); + console.log("Browser is Safari: "+checkIfBrowserIsSafari()); + console.log("Browser is Edge: "+checkIfBrowserIsEdge()); + + var cnt = 0; + + if(checkIfBrowserIsChrome())cnt++; + if(checkIfBrowserIsEdge())cnt++; + if(checkIfBrowserIsSafari())cnt++; + + if(cnt==0 || cnt>1)//cnt>1 means perhaps wrong detection + return true; + + var image = document.getElementById("bkuimage"); + var srcatt = image.getAttribute("src"); + var last = srcatt.substring(srcatt.lastIndexOf('/')+1); + srcatt = srcatt.replace(last,'online-bku-deactivated.png'); + image.setAttribute("src",srcatt); + + + var button = document.getElementsByName("bkuButtonOnline")[0]; + button.setAttribute("class","browserInfoButton"); + button.setAttribute("title","Java wird nicht unterstützt, klicken für mehr Informationen."); + button.setAttribute("onClick","alert('Java wird von Ihrem Browser nicht unterstützt, ist jedoch für den Betrieb der Online Bürgerkartenumgebung notwendig.\\nWollen Sie dennoch die Online Bürgerkartenumgebung verwenden, wird zur Zeit Java noch von Firefox und MS Internet Explorer unterstützt. \\nAlternativ koennen Sie auch eine lokale Bürgerkartenumgebung verwenden, verfügbar unter www.buergerkarte.at.');"); + + return false; + + } + function checkIfBrowserIsChrome(){ + var chrome_defined = !!window.chrome;//chrome object defined + var webstore_defined = false; + if(window.chrome){ + webstore_defined = !!window.chrome.webstore; + } + return chrome_defined && webstore_defined; + } + function checkIfBrowserIsEdge(){//edge also defines the chrome object, but not the webapp + var chrome_defined = !!window.chrome;//chrome object defined + var webstore_defined = true; + if(window.chrome){ + webstore_defined = !!window.chrome.webstore; + } + return chrome_defined && !webstore_defined; + } + function checkIfBrowserIsSafari(){ + var cond1 = Object.prototype.toString.call(window.HTMLElement).indexOf('Constructor') > 0; + return cond1; + } +/* function setSSOSelection() { + document.getElementById("useSSO").value = "false"; + var checkbox = document.getElementById("SSOCheckBox"); + if (checkbox != null) { + if (document.getElementById("SSOCheckBox").checked) { + document.getElementById("useSSO").value = "true"; + } + } + } */ + +/* function checkMandateSSO() { + var sso = document.getElementById("SSOCheckBox"); + var mandate = document.getElementById("mandateCheckBox"); + + + if (sso.checked && mandate.checked) { + alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!") + mandate.checked = false; + sso.checked = false; + return true; + } else { + return false; + } + } */
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html index 2b0115d4a..02b86472b 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html @@ -4,847 +4,29 @@ <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.85em; - /*border-radius: 5px;*/ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /*border-radius: 7px;*/ - margin-bottom: 25px; - min-width: 80px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - #stork h2 { - font-size: 1.0em; - margin-bottom: 2%; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.7em; - min-width: 55px; - /*min-height: 1.1em; - border-radius: 5px;*/ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2 { - font-size: 0.8em; - margin-top: -0.4em; - padding-top: 0.4em; - } - - #bkulogin { - min-height: 150px; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.75em; - min-width: 60px; - /* min-height: 0.95em; - border-radius: 6px; */ - margin-bottom: 5% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2 { - font-size: 0.9em; - margin-top: -0.45em; - padding-top: 0.45em; - } - - #bkulogin { - min-height: 180px; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /* min-height: 1.05em; - border-radius: 7px; */ - margin-bottom: 10%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.0em; - margin-top: -0.50em; - padding-top: 0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.9em; - /* min-height: 1.2em; - border-radius: 8px; */ - margin-bottom: 10%; - max-width: 80px; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.1em; - margin-top: -0.55em; - padding-top: 0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 1.0em; - /* min-height: 1.3em; - border-radius: 10px; */ - margin-bottom: 10%; - max-width: 85px; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2 { - font-size: 1.3em; - margin-top: -0.65em; - padding-top: 0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - position: relative; - top: 50%; - } - - #stork h2 { - font-size: 0.9em; - margin-bottom: 2%; - } - - #bkulogin { - min-width: 190px; - min-height: 170px; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - input[type=button] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - /*margin-bottom: 10px;*/ - /* margin-top: 5px; */ - } - - #mandateLogin { - padding-bottom: 4%; - padding-top: 4%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-bottom: 4%; - /*padding-top: 4%;*/ - position: relative; - clear: both; - text-align: center; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - -/* input[type=button], .sendButton { - background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } - -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: #BUTTON_COLOR#; */ - /*border: 0px;*/ - display: inline-block; - - } - - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - /*text-decoration: underline;*/ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - #ssoSessionTransferBlock { - font-size: 0.8em; - margin-left: 5px; - margin-bottom: 5px; - } - - </style> -<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> -<script type="text/javascript"> - function isIE() { - return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); - } - function isFullscreen() { - try { - return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); - } catch (e) { - return false; - } - } - function isActivexEnabled() { - var supported = null; - try { - supported = !!new ActiveXObject("htmlfile"); - } catch (e) { - supported = false; - } - return supported; - } - function isMetro() { - if (!isIE()) - return false; - return !isActivexEnabled() && isFullscreen(); - } - window.onload=function() { - document.getElementById("localBKU").style.display="block"; - return; - } - function bkuLocalClicked() { - setMandateSelection(); - } - - function bkuOnlineClicked() { - if (isMetro()) - document.getElementById("metroDetected").style.display="block"; - document.getElementById("localBKU").style.display="block"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function bkuHandyClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#HANDY#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function storkClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var ccc = "AT"; - var countrySelection = document.getElementById("cccSelection"); - if (countrySelection != null) { - ccc = document.getElementById("cccSelection").value; - } - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; - iFrameURL += "&CCC=" + ccc; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function generateIFrame(iFrameURL) { - var el = document.getElementById("bkulogin"); - var width = el.clientWidth; - var heigth = el.clientHeight - 20; - var parent = el.parentNode; - - iFrameURL += "&heigth=" + heigth; - iFrameURL += "&width=" + width; - - var iframe = document.createElement("iframe"); - iframe.setAttribute("src", iFrameURL); - iframe.setAttribute("width", el.clientWidth - 1); - iframe.setAttribute("height", el.clientHeight - 1); - iframe.setAttribute("frameborder", "0"); - iframe.setAttribute("scrolling", "no"); - iframe.setAttribute("title", "Login"); - parent.replaceChild(iframe, el); - } - function setMandateSelection() { - document.getElementById("moaidform").action = "#AUTH_URL#"; - document.getElementById("useMandate").value = "false"; - var checkbox = document.getElementById("mandateCheckBox"); - if (checkbox != null) { - if (document.getElementById("mandateCheckBox").checked) { - document.getElementById("useMandate").value = "true"; - } - } - } - function onChangeChecks() { - if (self.innerWidth < 650) { - document.getElementById("moaidform").setAttribute("target","_parent"); - } else { - document.getElementById("moaidform").removeAttribute("target"); - } - - } - - function checkIfBrowserSupportsJava(){ - console.log("Browser is Chrome: "+checkIfBrowserIsChrome()); - console.log("Browser is Safari: "+checkIfBrowserIsSafari()); - console.log("Browser is Edge: "+checkIfBrowserIsEdge()); - - var cnt = 0; - - if(checkIfBrowserIsChrome())cnt++; - if(checkIfBrowserIsEdge())cnt++; - if(checkIfBrowserIsSafari())cnt++; - - if(cnt==0 || cnt>1)//cnt>1 means perhaps wrong detection - return true; - - var image = document.getElementById("bkuimage"); - var srcatt = image.getAttribute("src"); - var last = srcatt.substring(srcatt.lastIndexOf('/')+1); - srcatt = srcatt.replace(last,'online-bku-deactivated.png'); - image.setAttribute("src",srcatt); - - - var button = document.getElementsByName("bkuButtonOnline")[0]; - button.setAttribute("class","browserInfoButton"); - button.setAttribute("title","Java wird nicht unterstützt, klicken für mehr Informationen."); - button.setAttribute("onClick","alert('Java wird von Ihrem Browser nicht unterstützt, ist jedoch für den Betrieb der Online Bürgerkartenumgebung notwendig.\\nWollen Sie dennoch die Online Bürgerkartenumgebung verwenden, wird zur Zeit Java noch von Firefox und MS Internet Explorer unterstützt. \\nAlternativ koennen Sie auch eine lokale Bürgerkartenumgebung verwenden, verfügbar unter www.buergerkarte.at.');"); - - return false; + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> - } - function checkIfBrowserIsChrome(){ - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = false; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && webstore_defined; - } - function checkIfBrowserIsEdge(){//edge also defines the chrome object, but not the webapp - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = true; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && !webstore_defined; - } - function checkIfBrowserIsSafari(){ - var cond1 = Object.prototype.toString.call(window.HTMLElement).indexOf('Constructor') > 0; - return cond1; - } -/* function setSSOSelection() { - document.getElementById("useSSO").value = "false"; - var checkbox = document.getElementById("SSOCheckBox"); - if (checkbox != null) { - if (document.getElementById("SSOCheckBox").checked) { - document.getElementById("useSSO").value = "true"; - } - } - } */ - -/* function checkMandateSSO() { - var sso = document.getElementById("SSOCheckBox"); - var mandate = document.getElementById("mandateCheckBox"); - - - if (sso.checked && mandate.checked) { - alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!") - mandate.checked = false; - sso.checked = false; - return true; - } else { - return false; - } - } */ - </script> + <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> + <script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script> + + <title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title> </head> <body onload="onChangeChecks();checkIfBrowserSupportsJava();" onresize="onChangeChecks();"> <div id="page"> <div id="page1" class="case selected-case" role="main"> - <h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2> + <h2 class="OA_header" role="heading">Anmeldung an: $OAName</h2> <div id="main"> <div id="leftcontent" class="hell" role="application"> <div id="bku_header" class="dunkel"> - <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> + <h2 id="tabheader" class="dunkel" role="heading">$HEADER_TEXT</h2> </div> <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style="#MANDATEVISIBLE#"> + <div id="mandateLogin" style=""> <div> <input tabindex="1" type="checkbox" name="Mandate" id="mandateCheckBox" class="verticalcenter" role="checkbox" - onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#> + onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'$MANDATECHECKED> <label for="mandateCheckBox" class="verticalcenter">in Vertretung anmelden</label> <!--a href="info_mandates.html" @@ -855,43 +37,41 @@ </div> <div id="bkuselectionarea"> <div id="bkukarte"> - <img id="bkuimage" class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png" + <img id="bkuimage" class="bkuimage" src="$contextPath/img/online-bku.png" alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /> </div> <div id="bkuhandy"> - <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png" + <img class="bkuimage" src="$contextPath/img/mobile-bku.png" alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" onClick="bkuHandyClicked();" tabindex="3" role="button" value="HANDY" /> </div> </div> <div id="localBKU"> - <form method="get" id="moaidform" action="#AUTH_URL#" + <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> - <input type="hidden" name="bkuURI" value="#LOCAL#"> <input - type="hidden" name="useMandate" id="useMandate"> <input - type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="ccc" id="ccc"> <input type="hidden" - name="MODUL" value="#MODUL#"> <input type="hidden" - name="ACTION" value="#ACTION#"> <input type="hidden" - name="MOASessionID" value="#SESSIONID#"> - <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();"> + <input type="hidden" name="bkuURI" value="$bkuLocal" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="SSO" id="useSSO" /> + <input type="hidden" name="ccc" id="ccc" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" + role="button" onclick="setMandateSelection();"> </form> </div> <!-- Single Sign-On Session transfer functionality --> <!--div id="ssoSessionTransferBlock"> - <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + <a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> </div--> - <div id="stork" align="center" style="#STORKVISIBLE#"> + <div id="stork" align="center" style="$STORKVISIBLE"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" > - #PEPSLIST# + $countryList </select> <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button> <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a> @@ -907,16 +87,6 @@ </div> </div> </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> <img - style="border: 0; width: 88px; height: 31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> - </a> <a href="http://jigsaw.w3.org/css-validator/"> <img - style="border: 0; width: 88px; height: 31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> </div> </body> </html> diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/mandate-service-selection.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/mandate-service-selection.html new file mode 100644 index 000000000..7fb0dd881 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/mandate-service-selection.html @@ -0,0 +1,76 @@ +<!DOCTYPE html> +<html> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <link rel="stylesheet" href="$contextPath/css/buildCSS" /> + + <title>Anmeldung an Online-Applikation</title> +</head> + + +<body> + <div id="page"> + + <div id="page1" class="case selected-case" role="main"> + +<!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> --> + + <div id="main"> + <!--div id="leftcontent" class="hell"--> + <div id=processContent> + <div id="bku_header" class="dunkel"> + <h2 id="tabheader" class="dunkel" role="heading"> + Anmeldeinformationen: + </h2> + </div> + + <div id="selectArea" class="hell" role="application"> + <h3>Anmeldung an: $OAName</h3> + + + <div id="processInfoArea"> + <p>Für die Anmeldung 'in Vertretung' stehen Ihnen zwei Systeme zur Vollmachtenauswahl zur Verfügung. Bitte wählen Sie das gewünschte Service.</p> + </div> + + <div id="processSelectionArea"> + <div id="elgaMandateButton" class="processSelectionButtonArea"> + <form method="post" id="moaidform_yes" action="$contextPath$submitEndpoint"> + <input type="hidden" name="useELGAMandate" value="true"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Eltern-Kind Vertretung" class="processSelectionButton" role="button"> + </form> + <div class="buttonDescription"> + <p>Eltern-Kind Vertretung</p> + </div> + </div> + <div id="misMandateButton" class="processSelectionButtonArea"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> + <input type="hidden" name="useMISMandate" value="true"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="allgemeine Vertretung" class="processSelectionButton" role="button"> + </form> + <div class="buttonDescription"> + <p>Vollmachtenservice der Österreichischen Datenschutzbehörde <a href="https://mms.stammzahlenregister.gv.at/mms/moaid.do">(MMS Service)</a></p> + </div> + </div> + <div id="abortButton" class="processSelectionButtonArea"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Abbrechen" class="processSelectionButton" role="button"> + </form> + <div class="buttonDescription"> + <p>Den Anmeldevorgang abbrechen</p> + </div> + </div> + </div> + + </div> + </div> + + <!--/div--> + </div> + </div> + </div> +</body> +</html> diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/redirectForm.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/redirectForm.html new file mode 100644 index 000000000..ac3242c89 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/redirectForm.html @@ -0,0 +1,13 @@ +<html> +<head> +<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> +<script type="text/javascript"> + </script> +</head> + + +<body onload="document.getElementById('link').click();"> + <a href="$URL" target="$TARGET" id="link">CLICK to perform a + redirect back to Online Application</a> +</body> +</html> diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/sendAssertionFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/sendAssertionFormFull.html index 07d018a94..7ae4b3f92 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/sendAssertionFormFull.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/sendAssertionFormFull.html @@ -3,556 +3,7 @@ <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.7em; - border-radius: 5px; - } - - #bkuselectionarea button { - font-size: 0.85em; - border-radius: 7px; - margin-bottom: 25px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 440px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - padding-bottom: 15px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #selectArea h3 { - margin-bottom: 25px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 100px; - height: 30px; - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px;*/ - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 90px; - margin-bottom: 10px; - } - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - min-height: 1.2em; - border-radius: 5px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.8em; - min-width: 65px; - min-height: 1.3em; - /* border-radius: 5px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.8em; - margin-top: -0.4em; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - - #localBKU input { - font-size: 0.85em; - min-width: 80px; - min-height: 0.95em; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.85em; - min-width: 70px; - min-height: 0.95em; - /* border-radius: 6px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.9em; - margin-top: -0.45em; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.0em; - min-height: 1.05em; - /* border-radius: 7px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.0em; - margin-top: -0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.1em; - min-height: 1.2em; - /* border-radius: 8px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.1em; - margin-top: -0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.3em; - margin-top: -0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - min-width: 190px; -/* min-height: 190px; */ - vertical-align: middle; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - padding-top: 1%; - position: relative; - top: 50%; - } - - #bkulogin { - min-width: 190px; - min-height: 150px; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 70%; - height: 11%; - min-width: 60px; - min-height: 25px; - } - - #selectArea h3 { - margin-top: 2%; - } - - button { - height: 11%; - width: 70%; - } - } - - * { - margin: 0; - padding: 0; -/* border: 0; */ - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - margin-bottom: 10px; - margin-top: 5px; - } - - #mandateLogin { - padding-bottom: 2%; - padding-top: 2%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin > div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-left: 5%; - padding-right: 2%; - padding-bottom: 2%; - position: relative; - clear: both; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - - button, .sendButton { -/* background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: 3px 3px 3px #222222; */ - } - - button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { -/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: -1px -1px 3px #222222; */ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - </style> - + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> <title>Anmeldung an Online-Applikation</title> </head> @@ -574,25 +25,21 @@ </div> <div id="selectArea" class="hell" role="application"> - <h3>Anmeldung an: #OAName#</h3> + <h3>Anmeldung an: $OAName</h3> <!-- <div class="hell"> --> <div id="leftbutton"> - <form method="post" id="moaidform_yes" action="#URL#"> + <form method="post" id="moaidform_yes" action="$contextPath$submitEndpoint"> <input type="hidden" name="value" value="true"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Ja" class="setAssertionButton_full" role="button"> </form> </div> <div id="rightbutton"> - <form method="post" id="moaidform_no" action="#URL#"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> <input type="hidden" name="value" value="false"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Nein" class="setAssertionButton_full" role="button"> </form> </div> @@ -600,18 +47,6 @@ </div> </div> </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> - <img style="border:0;width:88px;height:31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" - alt="HTML5 ist valide!" /> - </a> - <a href="http://jigsaw.w3.org/css-validator/"> - <img style="border:0;width:88px;height:31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> </div> </body> </html> diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/slo_template.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/slo_template.html index a9d73e0d3..b3eb18082 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/slo_template.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/slo_template.html @@ -3,377 +3,7 @@ <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - /*border: 1px solid rgb(0,0,0);*/ - } - - #leftcontent { - width: 300px; - margin-top: 30px; - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - - } - - input[type=button] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - -/* input[type=button], .sendButton { - background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } - -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: #BUTTON_COLOR#; */ - border: 0px; - display: inline-block; - - } - - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - text-decoration: underline; - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - #alert { - margin: 100px 250px; - font-family: Verdana, Arial, Helvetica, sans-serif; - font-size: 14px; - font-weight: normal; - color: red; - } - - .reqframe { - /*display: none;*/ - visibility: hidden; - - } - - </style> + <link rel="stylesheet" href="$contextPath/css/buildCSS" /> #if($timeoutURL) <script type="text/javascript"> diff --git a/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore.jks b/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore.jks Binary files differnew file mode 100644 index 000000000..c8a28d0ae --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore.jks diff --git a/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore_METADATA.jks b/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore_METADATA.jks Binary files differnew file mode 100644 index 000000000..e52051dd8 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore_METADATA.jks diff --git a/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore_Service_CB.jks b/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore_Service_CB.jks Binary files differnew file mode 100644 index 000000000..9275f9fdd --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/keys/eidasKeyStore_Service_CB.jks diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties index 49e69c561..784f66602 100644 --- a/id/server/data/deploy/conf/moa-id/moa-id.properties +++ b/id/server/data/deploy/conf/moa-id/moa-id.properties @@ -5,24 +5,24 @@ ****** -##General MOA-ID 3.0 Configuration +##General MOA-ID 3.x Configuration ##For Testing configuration.validation.certificate.QC.ignore=false protocols.pvp2.assertion.encryption.active=false protocols.pvp2.schemavalidation=true -##General MOA-ID 2.0 operations -#MOA-ID 2.0 session information encryption key (PassPhrase) +##General MOA-ID 3.x operations +#MOA-ID 3.x session information encryption key (PassPhrase) configuration.moasession.key=SessionEncryptionKey configuration.moaconfig.key=ConfigurationEncryptionKey -#MOA-ID 2.0 Monitoring Servlet +#MOA-ID 3.x Monitoring Servlet configuration.monitoring.active=false configuration.monitoring.message.success=All Tests passed! configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/monitoring/monitoring_idl.xml -#MOA-ID 2.0 Advanced Logging +#MOA-ID 3.x Advanced Logging configuration.advancedlogging.active=false ##Webservice Client Configuration @@ -47,7 +47,6 @@ stork.fakeIdL.countries= stork.fakeIdL.keygroup= stork.documentservice.url= - ##Protocol configuration## #PVP2 protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12 @@ -66,7 +65,7 @@ protocols.oauth20.jwt.ks.key.name=oauth protocols.oauth20.jwt.ks.key.password=password ##Database configuration## -#Hibnerate configuration for MOA-ID 2.0 session store +#Hibnerate configuration for MOA-ID 3.x session store moasession.hibernate.dialect=org.hibernate.dialect.MySQLDialect moasession.hibernate.connection.url=jdbc:mysql://localhost/moa-id-session?charSet=utf-8 moasession.hibernate.connection.charSet=utf-8 @@ -87,7 +86,7 @@ moasession.hibernate.c3p0.max_size=20 moasession.hibernate.c3p0.max_statements=0 moasession.hibernate.c3p0.min_size=3 -#Hibnerate configuration for MOA-ID 2.0 configuration +#Hibnerate configuration for MOA-ID 3.x configuration configuration.hibernate.dialect=org.hibernate.dialect.MySQLDialect configuration.jpaVendorAdapter.generateDdl=true configuration.hibernate.show_sql=false @@ -110,7 +109,7 @@ configuration.dbcp.testWhileIdle=false configuration.dbcp.validationQuery=SELECT 1 # -#Hibnerate configuration for MOA-ID 2.0 advanced statistic logging +#Hibnerate configuration for MOA-ID 3.x advanced statistic logging advancedlogging.hibernate.dialect=org.hibernate.dialect.MySQLDialect advancedlogging.hibernate.connection.url=jdbc:mysql://localhost/moa-id-statistic?charSet=utf-8&autoReconnect=true advancedlogging.hibernate.connection.charSet=utf-8 @@ -132,6 +131,41 @@ advancedlogging.hibernate.c3p0.max_statements=0 advancedlogging.hibernate.c3p0.min_size=3 +################ Additonal eID-modul configuration #################################### +## This additional eID moduls add special functionality to MOA-ID-Auth. +## The configuration of this modules is only needed if this modules are in use. +######## +### eIDAS protocol configuration ### +moa.id.protocols.eIDAS.samlengine.config.file=eIDAS/SamlEngine_basics.xml +moa.id.protocols.eIDAS.samlengine.sign.config.file=eIDAS/SignModule.xml +moa.id.protocols.eIDAS.samlengine.enc.config.file=eIDAS/EncryptModule.xml +moa.id.protocols.eIDAS.metadata.validation.truststore=eIDAS_metadata + +### HBV Mandate-Service client module ### +modules.elga_mandate.nameID.target=urn:publicid:gv.at:cdid+GH +modules.elga_mandate.service.entityID= +modules.elga_mandate.service.metadata.trustprofileID= +modules.elga_mandate.service.mandateprofiles= +modules.elga_mandate.keystore.path=keys/moa_idp[password].p12 +modules.elga_mandate.keystore.password=password +modules.elga_mandate.metadata.sign.alias=pvp_metadata +modules.elga_mandate.metadata.sign.password=password +modules.elga_mandate.request.sign.alias=pvp_assertion +modules.elga_mandate.request.sign.password=password +modules.elga_mandate.response.encryption.alias=pvp_assertion +modules.elga_mandate.response.encryption.password=password + +### SSO Interfederation client module ### +modules.federatedAuth.keystore.path=keys/moa_idp[password].p12 +modules.federatedAuth.keystore.password=password +modules.federatedAuth.metadata.sign.alias=pvp_metadata +modules.federatedAuth.metadata.sign.password=password +modules.federatedAuth.request.sign.alias=pvp_assertion +modules.federatedAuth.request.sign.password=password +modules.federatedAuth.response.encryption.alias=pvp_assertion +modules.federatedAuth.response.encryption.password=password + + ################SZR Client configuration#################################### ## The SZR client is only required if MOA-ID-Auth should be ## use as STORK <-> PVP Gateway. @@ -157,4 +191,4 @@ service.egovutil.szr.ssl.truststore.file= service.egovutil.szr.ssl.truststore.password= service.egovutil.szr.ssl.truststore.type= service.egovutil.szr.ssl.trustall=false -service.egovutil.szr.ssl.laxhostnameverification=false
\ No newline at end of file +service.egovutil.szr.ssl.laxhostnameverification=false
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml b/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml index 9d130971d..d2facbd1a 100644 --- a/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml +++ b/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml @@ -47,6 +47,14 @@ <cfg:Id>C-PEPS</cfg:Id> <cfg:TrustAnchorsLocation>trustProfiles/C-PEPS</cfg:TrustAnchorsLocation> </cfg:TrustProfile> + <cfg:TrustProfile> + <cfg:Id>eIDAS_metadata</cfg:Id> + <cfg:TrustAnchorsLocation>trustProfiles/eIDAS_metadata</cfg:TrustAnchorsLocation> + </cfg:TrustProfile> + <cfg:TrustProfile> + <cfg:Id>PVP_metadata</cfg:Id> + <cfg:TrustAnchorsLocation>trustProfiles/PVP_metadata</cfg:TrustAnchorsLocation> + </cfg:TrustProfile> </cfg:PathValidation> <cfg:RevocationChecking> <cfg:EnableChecking>true</cfg:EnableChecking> diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/PVP_metadata/eIDAS_test_node.crt b/id/server/data/deploy/conf/moa-spss/trustProfiles/PVP_metadata/eIDAS_test_node.crt new file mode 100644 index 000000000..14e5e5cb5 --- /dev/null +++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/PVP_metadata/eIDAS_test_node.crt @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIFMTCCAxkCBFYbwMgwDQYJKoZIhvcNAQENBQAwXTELMAkGA1UEBhMCQkUxCzAJBgNVBAgMAkVV +MREwDwYDVQQHDAhCcnVzc2VsczELMAkGA1UECgwCRUMxDjAMBgNVBAsMBURJR0lUMREwDwYDVQQD +DAhtZXRhZGF0YTAeFw0xNTEwMTIxNDE2NDBaFw0xNjEwMTExNDE2NDBaMF0xCzAJBgNVBAYTAkJF +MQswCQYDVQQIDAJFVTERMA8GA1UEBwwIQnJ1c3NlbHMxCzAJBgNVBAoMAkVDMQ4wDAYDVQQLDAVE +SUdJVDERMA8GA1UEAwwIbWV0YWRhdGEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCN +5mYsOKzSJ9ksT9dHtFOztF1M8GIMeBLm6chIvtKHwXVLzO53RKhcOwt0j847VL6m5PcAAp57SutC +DeukA8p6UCUA905p+m7+dt7iEsUV3yje4M8dDFS/LwEF9GhFm3v471ZRYPDW769v14QkmnA9vxWB +WAj4WcMRMats9choHJdnRa1xUnVjx8yMojoVaPwt1tkG/rRnPev2o0g+VI63XkYd1pLKAU5Pt+n7 +LevLPJsvgkKLQhEB7bvMG1tZ1P4fJ0n3FOHmfLHJ/yEWA+hHXorX5T3G8Fq6GsI5O/c1zkZ7QMSw +WwzXDbq5qrfyzesdlTPfdsPnFIRddCgx8NuVwI+brlYDSdLGEm+byfM9W4WmfDN6SK1oGMSibuz7 +K49Xh0MFVKNyxT9hCz309UiV71RGnveZxdMGu4vdzP74Ll3G48IIgQ4ymFPMONYBesuorxDunSqs +R2F1+Th7k7UXL1xblFRaEyqdHlvhVrJqDP6sM9k3lM75aN4L4QMOyKRAqar+Q7f7NoUcx8cvHfqD +GLJUPcqn2msMa3mAXO5ihA2ERN41wmnmeJzsd/UiFkaqIvXUTZVwxUfQWn3D9uCg2lRAvOTHydkP +Cfwj4BtL0P9L3eSZ9NM8IGlTmlyApp2bPlzO92BsE8RE7feOmSLZESDKosqkQzZo2CMr/7V9XQID +AQABMA0GCSqGSIb3DQEBDQUAA4ICAQALfSi+sa90MbJkAeTIA/la1ibtRkPX6jIjHBvkeq8IYEZi +XxjJvI4CuQY6WSPMoDY0w9iJvKIygCxRlVi77CtFzu/otOLrXb8ozInopykRMIH4TyVmKYf//CoE +fkQ3vThaf1JLpKpLuhtqHwV03f7jwODaJBqvqdaBX3VHHMPDOeAWQTAd2abMoHgYRlUgB9TKcbJ1 +akWUyX7hnwZSCiKWbL4nrwsFJc0skFVkfjEQxlZUeRXj/bKgnb0BYUsPsFfxXKJIsIc8CmXGvxKz +B5TSpYIR79WliT9Fo8T1dJ9a/wr+bOXeM/aSUxLechCl+uDuP8yI2iRz9LT++/16HOrRSUuefHpo +7wJLJnALMABW21eMwS2XBInUBrBN9CVGAJUDF6GQWMbfxA8x0uh4oKoa/4stP5maaf/FBe52pNNv +Tacb7P3xJc0mS7jatuAHH0UfXy3+3D3z+SJY4Vy2a1cj5U1nUuxxwIRwsoRtWph0BER4RlOz4lXS +N8ZK9ahgmCsndm+eDvIJm706s7bd8m/X8Xc/lMK+eKhrK6uIIMmkwbdzbgsOS7Plj9IMGm0S4Kdb +rnAKhkhAXUi4zbd55aTx1kDodpid/dYPiqxSauyYmCXKbyFCAfY76Zw9SuFBRJClx4h5Mxb/EEpq +1WHM9IyZshufnuZ587WzqtGmJJubTA== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/eIDAS_metadata/eIDAS_test_node.crt b/id/server/data/deploy/conf/moa-spss/trustProfiles/eIDAS_metadata/eIDAS_test_node.crt new file mode 100644 index 000000000..14e5e5cb5 --- /dev/null +++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/eIDAS_metadata/eIDAS_test_node.crt @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIFMTCCAxkCBFYbwMgwDQYJKoZIhvcNAQENBQAwXTELMAkGA1UEBhMCQkUxCzAJBgNVBAgMAkVV +MREwDwYDVQQHDAhCcnVzc2VsczELMAkGA1UECgwCRUMxDjAMBgNVBAsMBURJR0lUMREwDwYDVQQD +DAhtZXRhZGF0YTAeFw0xNTEwMTIxNDE2NDBaFw0xNjEwMTExNDE2NDBaMF0xCzAJBgNVBAYTAkJF +MQswCQYDVQQIDAJFVTERMA8GA1UEBwwIQnJ1c3NlbHMxCzAJBgNVBAoMAkVDMQ4wDAYDVQQLDAVE +SUdJVDERMA8GA1UEAwwIbWV0YWRhdGEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCN +5mYsOKzSJ9ksT9dHtFOztF1M8GIMeBLm6chIvtKHwXVLzO53RKhcOwt0j847VL6m5PcAAp57SutC +DeukA8p6UCUA905p+m7+dt7iEsUV3yje4M8dDFS/LwEF9GhFm3v471ZRYPDW769v14QkmnA9vxWB +WAj4WcMRMats9choHJdnRa1xUnVjx8yMojoVaPwt1tkG/rRnPev2o0g+VI63XkYd1pLKAU5Pt+n7 +LevLPJsvgkKLQhEB7bvMG1tZ1P4fJ0n3FOHmfLHJ/yEWA+hHXorX5T3G8Fq6GsI5O/c1zkZ7QMSw +WwzXDbq5qrfyzesdlTPfdsPnFIRddCgx8NuVwI+brlYDSdLGEm+byfM9W4WmfDN6SK1oGMSibuz7 +K49Xh0MFVKNyxT9hCz309UiV71RGnveZxdMGu4vdzP74Ll3G48IIgQ4ymFPMONYBesuorxDunSqs +R2F1+Th7k7UXL1xblFRaEyqdHlvhVrJqDP6sM9k3lM75aN4L4QMOyKRAqar+Q7f7NoUcx8cvHfqD +GLJUPcqn2msMa3mAXO5ihA2ERN41wmnmeJzsd/UiFkaqIvXUTZVwxUfQWn3D9uCg2lRAvOTHydkP +Cfwj4BtL0P9L3eSZ9NM8IGlTmlyApp2bPlzO92BsE8RE7feOmSLZESDKosqkQzZo2CMr/7V9XQID +AQABMA0GCSqGSIb3DQEBDQUAA4ICAQALfSi+sa90MbJkAeTIA/la1ibtRkPX6jIjHBvkeq8IYEZi +XxjJvI4CuQY6WSPMoDY0w9iJvKIygCxRlVi77CtFzu/otOLrXb8ozInopykRMIH4TyVmKYf//CoE +fkQ3vThaf1JLpKpLuhtqHwV03f7jwODaJBqvqdaBX3VHHMPDOeAWQTAd2abMoHgYRlUgB9TKcbJ1 +akWUyX7hnwZSCiKWbL4nrwsFJc0skFVkfjEQxlZUeRXj/bKgnb0BYUsPsFfxXKJIsIc8CmXGvxKz +B5TSpYIR79WliT9Fo8T1dJ9a/wr+bOXeM/aSUxLechCl+uDuP8yI2iRz9LT++/16HOrRSUuefHpo +7wJLJnALMABW21eMwS2XBInUBrBN9CVGAJUDF6GQWMbfxA8x0uh4oKoa/4stP5maaf/FBe52pNNv +Tacb7P3xJc0mS7jatuAHH0UfXy3+3D3z+SJY4Vy2a1cj5U1nUuxxwIRwsoRtWph0BER4RlOz4lXS +N8ZK9ahgmCsndm+eDvIJm706s7bd8m/X8Xc/lMK+eKhrK6uIIMmkwbdzbgsOS7Plj9IMGm0S4Kdb +rnAKhkhAXUi4zbd55aTx1kDodpid/dYPiqxSauyYmCXKbyFCAfY76Zw9SuFBRJClx4h5Mxb/EEpq +1WHM9IyZshufnuZ587WzqtGmJJubTA== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh index f6ae86540..9e292540a 100644 --- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh +++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh @@ -7,8 +7,8 @@ export CATALINA_BASE=$CATALINA_HOME LOGGING_OPT=-Dlog4j.configuration=file:$CATALINA_BASE/conf/moa-id/log4j.properties
LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback_config.xml
-CONFIG_OPT=-Dmoa.id.configuration=$CATALINA_BASE/conf/moa-id/moa-id.properties
-SPSS_OPT=-Dmoa.spss.server.configuration=file:$CATALINA_BASE/conf/moa-spss/SampleMOASPSSConfiguration.xml
+CONFIG_OPT=-Dmoa.id.configuration=file:$CATALINA_BASE/conf/moa-id/moa-id.properties
+SPSS_OPT=-Dmoa.spss.server.configuration=$CATALINA_BASE/conf/moa-spss/SampleMOASPSSConfiguration.xml
CONFIGTOOL_OPT=-Dmoa.id.webconfig=file:$CATALINA_BASE/conf/moa-id-configuration/moa-id-configtool.properties
CONFIGTOOL_USER_OPT=-Duser.properties=$CATALINA_BASE/conf/moa-id-configuration/userdatabase.properties
diff --git a/id/server/doc/handbook/additional/additional.html b/id/server/doc/handbook/additional/additional.html index fb9735990..00b36c4cd 100644 --- a/id/server/doc/handbook/additional/additional.html +++ b/id/server/doc/handbook/additional/additional.html @@ -311,104 +311,104 @@ <p> </p> <table border="1" cellpadding="0" cellspacing="0" class="configtable"> <tr> - <td width="131" valign="top"><p align="left"><strong>EventCode</strong></p></td> - <td width="208" valign="top"><p align="left"><strong>Wert</strong></p></td> - <td width="946" valign="top"><p align="left"><strong>Beschreibung</strong></p></td> + <td width="165" valign="top"><p align="left"><strong>EventCode</strong></p></td> + <td width="312" valign="top"><p align="left"><strong>Wert</strong></p></td> + <td width="1127" valign="top"><p align="left"><strong>Beschreibung</strong></p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3000</p></td> - <td width="208" valign="top"><p align="left">Protokolltype</p></td> - <td width="946" valign="top"><p>Type des verwendeten Authentifizierungsprotokolls (OpenID Connect, PVP2, STORK, SAML1)</p></td> + <td width="165" valign="top"><p align="center">3000</p></td> + <td width="312" valign="top"><p align="left">Protokolltype</p></td> + <td width="1127" valign="top"><p>Type des verwendeten Authentifizierungsprotokolls (OpenID Connect, PVP2, STORK, SAML1)</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3100</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Metadaten Request</p></td> + <td width="165" valign="top"><p align="center">3100</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Metadaten Request</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3101</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Authentifizierungsrequest</p></td> + <td width="165" valign="top"><p align="center">3101</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Authentifizierungsrequest</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3102</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Authentifizierungsresponse</p></td> + <td width="165" valign="top"><p align="center">3102</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Authentifizierungsresponse</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3103</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Single LogOut Request</p></td> + <td width="165" valign="top"><p align="center">3103</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Single LogOut Request</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3104</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Attribute Query (im Fall IDP Interfederation mit zwischen MOA-IDs)</p></td> + <td width="165" valign="top"><p align="center">3104</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Attribute Query (im Fall IDP Interfederation mit zwischen MOA-IDs)</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3200</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>OpenID Connect Auth Requsst</p></td> + <td width="165" valign="top"><p align="center">3200</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>OpenID Connect Auth Requsst</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3201</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>OpenID Connect Tokken Request</p></td> + <td width="165" valign="top"><p align="center">3201</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>OpenID Connect Tokken Request</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3300</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>SAML1 StartAuthentication Request</p></td> + <td width="165" valign="top"><p align="center">3300</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>SAML1 StartAuthentication Request</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4000</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Identifizierungs- und Authentifizierungsprozess wurde gestartet</p></td> + <td width="165" valign="top"><p align="center">4000</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Identifizierungs- und Authentifizierungsprozess wurde gestartet</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4001</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Identifizierungs- und Authentifizierungsprozess wurde beendet</p></td> + <td width="165" valign="top"><p align="center">4001</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Identifizierungs- und Authentifizierungsprozess wurde beendet</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4002</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Anmeldeprozess mit Online Vollmachten</p></td> + <td width="165" valign="top"><p align="center">4002</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Anmeldeprozess mit Online Vollmachten</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4003</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Anmeldeprozess mit STORK</p></td> + <td width="165" valign="top"><p align="center">4003</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Anmeldeprozess mit STORK</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4004</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Anmeldeprozess mit Single Sign-On</p></td> + <td width="165" valign="top"><p align="center">4004</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Anmeldeprozess mit Single Sign-On</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4005</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Ungültige Single Sign-On Session</p></td> + <td width="165" valign="top"><p align="center">4005</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Ungültige Single Sign-On Session</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4006</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Benutzeranfrage für Single Sign-On Verwendung gestellt</p></td> + <td width="165" valign="top"><p align="center">4006</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Benutzeranfrage für Single Sign-On Verwendung gestellt</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4007</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Benutzerantwort für Single Sign-On Verwendung empfangen</p></td> + <td width="165" valign="top"><p align="center">4007</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Benutzerantwort für Single Sign-On Verwendung empfangen</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4008</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Anmeldeprozess über IDP Föderation</p></td> + <td width="165" valign="top"><p align="center">4008</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Anmeldeprozess über IDP Föderation</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4009</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Gültige Response von föderiertem IDP erhalten</p></td> + <td width="165" valign="top"><p align="center">4009</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Gültige Response von föderiertem IDP erhalten</p></td> </tr> <tr> <td height="30" valign="top">4010</td> @@ -416,109 +416,179 @@ <td valign="top">Verwendeter IDP für föderierte Anmeldung</td> </tr> <tr> - <td width="131" valign="top"><p align="center">4011</p></td> - <td width="208" valign="top"><p align="left">Service Identifikator</p></td> - <td width="946" valign="top"><p>Eindeutiger Identifikator der/des Online-Applikation/Service an der/dem die Anmeldung erfolgt</p></td> + <td width="165" valign="top"><p align="center">4011</p></td> + <td width="312" valign="top"><p align="left">Service Identifikator</p></td> + <td width="1127" valign="top"><p>Eindeutiger Identifikator der/des Online-Applikation/Service an der/dem die Anmeldung erfolgt</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4110</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>BKU Auswahl gestartet</p></td> + <td width="165" valign="top"><p align="center">4110</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>BKU Auswahl gestartet</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4111</p></td> - <td width="208" valign="top"><p align="left">Bkutype (z.b. online, handy, local)</p></td> - <td width="946" valign="top"><p>Ausgewählter BKU Type</p></td> + <td width="165" valign="top"><p align="center">4111</p></td> + <td width="312" valign="top"><p align="left">Bkutype (z.b. online, handy, local)</p></td> + <td width="1127" valign="top"><p>Ausgewählter BKU Type</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4112</p></td> - <td width="208" valign="top"><p align="left">URL</p></td> - <td width="946" valign="top"><p>Verwendete BKU URL</p></td> + <td width="165" valign="top"><p align="center">4112</p></td> + <td width="312" valign="top"><p align="left">URL</p></td> + <td width="1127" valign="top"><p>Verwendete BKU URL</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4113</p></td> - <td width="208" valign="top"><p align="left">IP Adresse</p></td> - <td width="946" valign="top"><p>IP Adresse mit der die BKU Daten an MOA-ID liefert</p></td> + <td width="165" valign="top"><p align="center">4113</p></td> + <td width="312" valign="top"><p align="left">IP Adresse</p></td> + <td width="1127" valign="top"><p>IP Adresse mit der die BKU Daten an MOA-ID liefert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4220</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Personenbindung ausgelesen und gültig validiert</p></td> + <td width="165" valign="top"><p align="center">4220</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Personenbindung ausgelesen und gültig validiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4221</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Signaturzertifikat ausgelesen und validiert</p></td> + <td width="165" valign="top"><p align="center">4221</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Signaturzertifikat ausgelesen und validiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4222</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>AuthBlock signiert und gültig validiert</p></td> + <td width="165" valign="top"><p align="center">4222</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>AuthBlock signiert und gültig validiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4223</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Wechsel in den Modus für ausländische Signaturkarten</p></td> + <td width="165" valign="top"><p align="center">4223</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Wechsel in den Modus für ausländische Signaturkarten</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4224</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>SZR-Gateway wird kontaktiert</p></td> + <td width="165" valign="top"><p align="center">4224</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>SZR-Gateway wird kontaktiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4225</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Personenbindung von SZR-Gateway erhalten</p></td> + <td width="165" valign="top"><p align="center">4225</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Personenbindung von SZR-Gateway erhalten</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4300</p></td> - <td width="208" valign="top"><p align="left">ReferenceID des Vollmachtensystems</p></td> - <td width="946" valign="top"><p>Online-Vollmachten Service wird kontaktiert</p></td> + <td width="165" valign="top"><p align="center">4300</p></td> + <td width="312" valign="top"><p align="left">ReferenceID des Vollmachtensystems</p></td> + <td width="1127" valign="top"><p>Online-Vollmachten Service wird kontaktiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4301</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Redirekt zum Online-Vollmachten Service</p></td> + <td width="165" valign="top"><p align="center">4301</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Redirekt zum Online-Vollmachten Service</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4302</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Vollmacht vom Online-Vollmachten Service erhalten</p></td> + <td width="165" valign="top"><p align="center">4302</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Vollmacht vom Online-Vollmachten Service erhalten</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">5000</p></td> - <td width="208" valign="top"><p align="left">bPK</p></td> - <td width="946" valign="top"><p>bPK bei Vollmacht mit berufsmäßigem Parteienvertreter oder Organwalter</p></td> + <td valign="top">4400</td> + <td valign="top"> </td> + <td valign="top">IDP initiated Single LogOut Request erhalten</td> </tr> <tr> - <td width="131" valign="top"><p align="center">5001</p></td> - <td width="208" valign="top"><p align="left">OID</p></td> - <td width="946" valign="top"><p>OID bei Vollmacht mit berufsmäßigem Parteienvertreter oder Organwalter</p></td> + <td valign="top">4401</td> + <td valign="top"> </td> + <td valign="top">Single LogOut Process gestartet</td> </tr> <tr> - <td width="131" valign="top"><p align="center">5002</p></td> - <td width="208" valign="top"><p align="left">JSON String</p></td> - <td width="946" valign="top"><p>Pseudoanonymisierte Personendaten der sich anmeldeten natürlichen Person.</p></td> + <td valign="top">4402</td> + <td valign="top"> </td> + <td valign="top">Single LogOut Process erfolgreich beendet</td> </tr> <tr> - <td width="131" valign="top"><p align="center">5100</p></td> - <td width="208" valign="top"><p align="left">Vollmachtstype</p></td> - <td width="946" valign="top"><p>Type der ausgewählten Vollmacht</p></td> + <td valign="top">4403</td> + <td valign="top"> </td> + <td valign="top">Unvollständiger Single LogOut Prozess</td> </tr> <tr> - <td width="131" valign="top"><p align="center">5101</p></td> - <td width="208" valign="top"><p align="left">jur / nat</p></td> - <td width="946" valign="top"><p>Vollmacht - Type der vertretenen Person (Juristische / natürliche Person)</p></td> + <td width="165" valign="top"><p align="center">5000</p></td> + <td width="312" valign="top"><p align="left">bPK</p></td> + <td width="1127" valign="top"><p>bPK bei Vollmacht mit berufsmäßigem Parteienvertreter oder Organwalter</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">5102</p></td> - <td width="208" valign="top"><p align="left">JSON String</p></td> - <td width="946" valign="top"><p>Pseudoanonymisierte Personendaten der vertretenen natürlichen Person.</p></td> + <td width="165" valign="top"><p align="center">5001</p></td> + <td width="312" valign="top"><p align="left">OID</p></td> + <td width="1127" valign="top"><p>OID bei Vollmacht mit berufsmäßigem Parteienvertreter oder Organwalter</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">5103</p></td> - <td width="208" valign="top"><p align="left">baseID</p></td> - <td width="946" valign="top"><p>Stammzahl der vertretenen juristischen Person </p></td> + <td width="165" valign="top"><p align="center">5002</p></td> + <td width="312" valign="top"><p align="left">JSON String</p></td> + <td width="1127" valign="top"><p>Pseudoanonymisierte Personendaten der sich anmeldeten natürlichen Person.</p></td> + </tr> + <tr> + <td width="165" valign="top"><p align="center">5100</p></td> + <td width="312" valign="top"><p align="left">Vollmachtstype</p></td> + <td width="1127" valign="top"><p>Type der ausgewählten Vollmacht</p></td> + </tr> + <tr> + <td width="165" valign="top"><p align="center">5101</p></td> + <td width="312" valign="top"><p align="left">jur / nat</p></td> + <td width="1127" valign="top"><p>Vollmacht - Type der vertretenen Person (Juristische / natürliche Person)</p></td> + </tr> + <tr> + <td width="165" valign="top"><p align="center">5102</p></td> + <td width="312" valign="top"><p align="left">JSON String</p></td> + <td width="1127" valign="top"><p>Pseudoanonymisierte Personendaten der vertretenen natürlichen Person.</p></td> + </tr> + <tr> + <td width="165" valign="top"><p align="center">5103</p></td> + <td width="312" valign="top"><p align="left">baseID</p></td> + <td width="1127" valign="top"><p>Stammzahl der vertretenen juristischen Person </p></td> + </tr> + <tr> + <td valign="top"> </td> + <td valign="top"> </td> + <td valign="top"> </td> + </tr> + <tr> + <td valign="top">6000</td> + <td valign="top">ReferenceID zum Auth. Prozess</td> + <td valign="top">externes Vollmachten Service kontaktiert</td> + </tr> + <tr> + <td valign="top">6001</td> + <td valign="top">ReferenceID des Vollmachhtenservice</td> + <td valign="top">gültige Vollmacht vom externen Vollmachten Service verarbeitet</td> + </tr> + <tr> + <td valign="top">6002</td> + <td valign="top"> </td> + <td valign="top">Fehler vom externen Vollmachten Service verarbeitet</td> + </tr> + <tr> + <td valign="top">6003</td> + <td valign="top">IP Adresse</td> + <td valign="top">IP Adresse mit der das externe Vollmachten Service die Vollmacht ausgeliefert hat</td> + </tr> + <tr> + <td valign="top">6100</td> + <td valign="top">EntityID</td> + <td valign="top">eIDAS Node ausgewählt</td> + </tr> + <tr> + <td valign="top">6101</td> + <td valign="top">RequestID</td> + <td valign="top">eIDAS Node kontaktiert</td> + </tr> + <tr> + <td valign="top">6102</td> + <td valign="top">ResponseID</td> + <td valign="top">Gültige Response von eIDAS Node erhalten</td> + </tr> + <tr> + <td valign="top">6103</td> + <td valign="top"> </td> + <td valign="top">Ungültige Response oder Fehlercode von eIDAS Node erhalten</td> + </tr> + <tr> + <td valign="top">6104</td> + <td valign="top"> </td> + <td valign="top">Personenbindung für Authentifizierung über eIDAS Node erstellt</td> </tr> </table> <p> </p> diff --git a/id/server/doc/handbook/protocol/Assertion.xml b/id/server/doc/handbook/protocol/Assertion.xml index b6db5f088..2654f2e80 100644 --- a/id/server/doc/handbook/protocol/Assertion.xml +++ b/id/server/doc/handbook/protocol/Assertion.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://demo.egiz.gv.at/demoportal_demologin/securearea.action" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0</saml2:Issuer> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> @@ -34,7 +34,7 @@ nibdIyU5+AmfFzDaMwNocJEANoXrjLTpduCHvT0Qt/wH+7rVdgjX1djMrBhyMWs7GQyIBRfuf58m <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> </saml2p:Status> <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0</saml2:Issuer> + <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer> <saml2:Subject> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID> <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> diff --git a/id/server/doc/handbook/protocol/idp_metadata.xml b/id/server/doc/handbook/protocol/idp_metadata.xml index e8915332e..ffc15d461 100644 --- a/id/server/doc/handbook/protocol/idp_metadata.xml +++ b/id/server/doc/handbook/protocol/idp_metadata.xml @@ -1,4 +1,4 @@ -<md:EntitiesDescriptor ID="_c0303e3081ac29bb8329cade76279069" Name="MOA-ID 2.0 Demo IDP (Version: 2.1.0)" validUntil="2014-07-04T11:23:29.736Z"> +<md:EntitiesDescriptor ID="_c0303e3081ac29bb8329cade76279069" Name="MOA-ID 3.1 Demo IDP (Version: 3.1.0)" validUntil="2016-04-05T11:23:29.736Z"> <ds:Signature> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> @@ -37,7 +37,7 @@ cfmNJhb06H+6mmHz929Bk4HuHoQj8X8=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> - <md:EntityDescriptor entityID="https://demo.egiz.gv.at/demoportal_moaid-2.0" validUntil="2014-07-27T11:23:29.736Z"> + <md:EntityDescriptor entityID="https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata" validUntil="2014-07-27T11:23:29.736Z"> <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo> diff --git a/id/server/doc/handbook/protocol/protocol.html b/id/server/doc/handbook/protocol/protocol.html index 6214c393c..58474b635 100644 --- a/id/server/doc/handbook/protocol/protocol.html +++ b/id/server/doc/handbook/protocol/protocol.html @@ -271,6 +271,13 @@ Redirect Binding</td> <p><strong>Hinweis:</strong> Im Falle einer privatwirtschaftlichen Applikation ist die Stammzahl durch die wbPK ersetzt.</p></td> </tr> <tr> + <td height="23">urn:oid:1.2.40.0.10.2.1.1.261.106</td> + <td>MANDATE-TYPE-OID</td> + <td align="center">mandate</td> + <td> </td> + <td>Bezeichnung als OID des verwendeten Vollmachten-Profils</td> + </tr> + <tr> <td height="23">urn:oid:1.2.40.0.10.2.1.1.261.68</td> <td>MANDATE-TYPE</td> <td align="center">mandate</td> @@ -559,6 +566,10 @@ Redirect Binding</td> <td>1007</td> <td>Vollmachtsmodus für ausländische Personen wird nicht unterstützt.</td> </tr> + <tr> + <td>1008</td> + <td>Es konnten nicht alle minimal erforderlichen Identifikations- oder Authentifikationsmerkmale ermittelt werden.</td> + </tr> </table> <h5><a name="statuscodes_11xxx" id="allgemeines_zugangspunkte12"></a>1.3.1.2 Validierung (11xxx)</h5> <table class="configtable"> @@ -606,6 +617,10 @@ Redirect Binding</td> <td>1109</td> <td>Fehler beim Validieren der SZR-Gateway Response</td> </tr> + <tr> + <td>1110</td> + <td>Ungültige Single Sign-On Session</td> + </tr> </table> <h5><a name="statuscodes_12xxx" id="allgemeines_zugangspunkte13"></a>1.3.1.3 STORK (12xxx)</h5> <table class="configtable"> @@ -638,6 +653,45 @@ Redirect Binding</td> <td>Der geforderte QAA Level ist höher als der QAA Level der gewählten Authentifizierungsmethode</td> </tr> </table> +<h5><a name="statuscodes_13xx" id="allgemeines_zugangspunkte26"></a>1.3.1.4 eIDAS (13xxx)</h5> +<table class="configtable"> + <tr> + <th width="13%">Statuscode</th> + <th width="87%">Beschreibung</th> + </tr> + <tr> + <td>1300</td> + <td>Fehler beim Erstellen des eIDAS Authentifizierungsrequests</td> + </tr> + <tr> + <td>1301</td> + <td>Fehler beim Validieren der eIDAS Authentifizierungsresponse</td> + </tr> + <tr> + <td>1302</td> + <td>Response vom eIDAS Node enthält einen Fehler</td> + </tr> + <tr> + <td>1303</td> + <td>eIDAS Response beinhaltet nicht alle minimal erforderlichen Attribute</td> + </tr> + <tr> + <td>1304</td> + <td>Der ausgewählte eIDAS Node existiert nicht oder ist nicht konfiguriert</td> + </tr> + <tr> + <td>1305</td> + <td>eIDAS Request konnte nicht gültig verarbeitet werden</td> + </tr> + <tr> + <td>1306</td> + <td>Generierung dereIDAS Metadaten fehlgeschlagen</td> + </tr> + <tr> + <td>1399</td> + <td>Interner Fehler in der eIDAS SAML-Engine</td> + </tr> +</table> <h4><a name="statuscodes_4xxxx" id="allgemeines_zugangspunkte8"></a>1.3.2 Statuscodes 4xxxx</h4> <p>Alles Statuscodes beginnend mit der Zahl vier beschreiben Fehler die während der Kommunikation mit externen Services aufgetreten sind.</p> <h5><a name="statuscodes_40xxx" id="allgemeines_zugangspunkte19"></a>1.3.2.1 BKU (40xxxx)</h5> @@ -687,24 +741,51 @@ Redirect Binding</td> <h5><a name="statuscodes_43xxx" id="allgemeines_zugangspunkte22"></a>1.3.2.4 MOA SP/SS(43xxx)</h5> <table class="configtable"> <tr> - <th>Statuscode</th> - <th>Beschreibung</th> + <th width="23%">Statuscode</th> + <th width="77%">Beschreibung</th> </tr> <tr> <td>4300</td> <td>Fehler beim Aufruf von MOA SP/SS</td> </tr> </table> -<h5><a name="statuscodes_44xxx" id="allgemeines_zugangspunkte23"></a>1.3.2.5 Interfederation (44xxx)</h5> +<h5><a name="statuscodes_44xxx" id="allgemeines_zugangspunkte23"></a>1.3.2.5 Interfederation (44xx)</h5> <table class="configtable"> <tr> - <th>Statuscode</th> - <th>Beschreibung</th> + <th width="23%">Statuscode</th> + <th width="77%">Beschreibung</th> </tr> <tr> <td>4400</td> <td>Fehler beim Generieren der Anmeldedaten</td> </tr> + <tr> + <td>4401</td> + <td>Die Verwendung des angeforderten federated IDP ist nicht erlaubt</td> + </tr> +</table> +<h5>1.3.2.6 Attributprovider (45xx)</h5> +<table class="configtable"> + <tr> + <th width="12%">Statuscode</th> + <th width="88%">Beschreibung</th> + </tr> + <tr> + <td>4500</td> + <td>Der Zugriff auf einen Attributprovider ist nicht erlaubt</td> + </tr> + <tr> + <td>4501</td> + <td>Die Requestgenerierung für den Zugriff auf den Attributprovider schlug fehl</td> + </tr> + <tr> + <td>4502</td> + <td>Die Response vom Attributeprovider ist ungültig oder nicht errlaubt</td> + </tr> + <tr> + <td>4503</td> + <td>Die Response vom Attributeprovider beinhaltet einen Fehlercode</td> + </tr> </table> <h4><a name="statuscodes_6xxxx" id="allgemeines_zugangspunkte9"></a>1.3.3 Statuscodes 6xxxx</h4> <p>Alles Statuscodes beginnend mit der Zahl sechs beschreiben protokollspezifische Fehler die nicht durch das jeweilige Authentifizierungsprotokoll abgebildet werden.</p> @@ -816,6 +897,14 @@ Redirect Binding</td> <td>9007</td> <td>Der SZR-Gateway Client konnte nicht initialisiert werden.</td> </tr> + <tr> + <td>9008</td> + <td>Fehler beim Verarbeiten eines Konfigurationsparameters.</td> + </tr> + <tr> + <td>9099</td> + <td>Allgemeiner Konfigurationsfehler</td> + </tr> </table> <h5><a name="statuscodes_91xxx" id="allgemeines_zugangspunkte15"></a>1.3.4.2 Interne Fehler (91xxx)</h5> <table class="configtable"> @@ -840,6 +929,14 @@ Redirect Binding</td> <td>Fehler bei der Verarbeitung eines Templates</td> </tr> <tr> + <td>9104</td> + <td>Fehler bei der Auswahl oder Initialisierung des gewünschten Anmeldeprozesses</td> + </tr> + <tr> + <td>9105</td> + <td>Fehler bei der Fortführung des Anmeldeprozesses</td> + </tr> + <tr> <td>9199</td> <td>Allgemeiner interner Fehler</td> </tr> @@ -982,6 +1079,7 @@ https://<host>:<port>/moa-id-auth/LogOut <pre> https://<host>:<port>/moa-id-auth/pvp2/metadata </pre> +<p><strong>Hinweis:</strong> Ist die deployed MOA-ID Instanz für mehrere virtuelle IDPs konfiguriert, so können die Metadaten für die jeweiligen virutellen Entities über den PublicURLPrefix der jeweiligen virtuellen Instanz abgerufen werden. Z.B. https://aaa.com/moa-id-auth/pvp2/metadata für virtuellen IDP aaa.com oder https://bbb.com/moa-id-auth/pvp2/metadata für virtuellen IDP bbb.com</p> <p>Wollen Sie für Ihre Online-Applikation PVP 2.1 als Authentifizierungsprotokoll nutzen müssen für jede Online-Applikation Metadaten erstellt und durch den Service Provider signiert werden. Zusätzlich muss die URL auf die Metadaten und das entsprechende Signaturzertifikat zur Prüfung der Signatur in der online-applikationsspezifischen <a href="../config/config.html#konfigurationsparameter_oa_protocol_pvp21">PVP 2.1 Konfiguration</a> von MOA-ID-Auth hinterlegt sein. Ein Beispiel für online-applikationsspezifische Metadaten finden Sie <a href="serviceprovider_metadata.xml">hier</a>.</p> <p>Die nachfolgenden Anforderungen an die online-applikationsspezifischen Metadaten .</p> <ul> diff --git a/id/server/doc/htmlTemplates/BKU-selection.html b/id/server/doc/htmlTemplates/BKU-selection.html index 2b0115d4a..02b86472b 100644 --- a/id/server/doc/htmlTemplates/BKU-selection.html +++ b/id/server/doc/htmlTemplates/BKU-selection.html @@ -4,847 +4,29 @@ <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.85em; - /*border-radius: 5px;*/ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /*border-radius: 7px;*/ - margin-bottom: 25px; - min-width: 80px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - #stork h2 { - font-size: 1.0em; - margin-bottom: 2%; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.7em; - min-width: 55px; - /*min-height: 1.1em; - border-radius: 5px;*/ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2 { - font-size: 0.8em; - margin-top: -0.4em; - padding-top: 0.4em; - } - - #bkulogin { - min-height: 150px; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.75em; - min-width: 60px; - /* min-height: 0.95em; - border-radius: 6px; */ - margin-bottom: 5% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2 { - font-size: 0.9em; - margin-top: -0.45em; - padding-top: 0.45em; - } - - #bkulogin { - min-height: 180px; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /* min-height: 1.05em; - border-radius: 7px; */ - margin-bottom: 10%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.0em; - margin-top: -0.50em; - padding-top: 0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.9em; - /* min-height: 1.2em; - border-radius: 8px; */ - margin-bottom: 10%; - max-width: 80px; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.1em; - margin-top: -0.55em; - padding-top: 0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 1.0em; - /* min-height: 1.3em; - border-radius: 10px; */ - margin-bottom: 10%; - max-width: 85px; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2 { - font-size: 1.3em; - margin-top: -0.65em; - padding-top: 0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - position: relative; - top: 50%; - } - - #stork h2 { - font-size: 0.9em; - margin-bottom: 2%; - } - - #bkulogin { - min-width: 190px; - min-height: 170px; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - input[type=button] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - /*margin-bottom: 10px;*/ - /* margin-top: 5px; */ - } - - #mandateLogin { - padding-bottom: 4%; - padding-top: 4%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-bottom: 4%; - /*padding-top: 4%;*/ - position: relative; - clear: both; - text-align: center; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - -/* input[type=button], .sendButton { - background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } - -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: #BUTTON_COLOR#; */ - /*border: 0px;*/ - display: inline-block; - - } - - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - /*text-decoration: underline;*/ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - #ssoSessionTransferBlock { - font-size: 0.8em; - margin-left: 5px; - margin-bottom: 5px; - } - - </style> -<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> -<script type="text/javascript"> - function isIE() { - return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); - } - function isFullscreen() { - try { - return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); - } catch (e) { - return false; - } - } - function isActivexEnabled() { - var supported = null; - try { - supported = !!new ActiveXObject("htmlfile"); - } catch (e) { - supported = false; - } - return supported; - } - function isMetro() { - if (!isIE()) - return false; - return !isActivexEnabled() && isFullscreen(); - } - window.onload=function() { - document.getElementById("localBKU").style.display="block"; - return; - } - function bkuLocalClicked() { - setMandateSelection(); - } - - function bkuOnlineClicked() { - if (isMetro()) - document.getElementById("metroDetected").style.display="block"; - document.getElementById("localBKU").style.display="block"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function bkuHandyClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#HANDY#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function storkClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var ccc = "AT"; - var countrySelection = document.getElementById("cccSelection"); - if (countrySelection != null) { - ccc = document.getElementById("cccSelection").value; - } - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; - iFrameURL += "&CCC=" + ccc; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function generateIFrame(iFrameURL) { - var el = document.getElementById("bkulogin"); - var width = el.clientWidth; - var heigth = el.clientHeight - 20; - var parent = el.parentNode; - - iFrameURL += "&heigth=" + heigth; - iFrameURL += "&width=" + width; - - var iframe = document.createElement("iframe"); - iframe.setAttribute("src", iFrameURL); - iframe.setAttribute("width", el.clientWidth - 1); - iframe.setAttribute("height", el.clientHeight - 1); - iframe.setAttribute("frameborder", "0"); - iframe.setAttribute("scrolling", "no"); - iframe.setAttribute("title", "Login"); - parent.replaceChild(iframe, el); - } - function setMandateSelection() { - document.getElementById("moaidform").action = "#AUTH_URL#"; - document.getElementById("useMandate").value = "false"; - var checkbox = document.getElementById("mandateCheckBox"); - if (checkbox != null) { - if (document.getElementById("mandateCheckBox").checked) { - document.getElementById("useMandate").value = "true"; - } - } - } - function onChangeChecks() { - if (self.innerWidth < 650) { - document.getElementById("moaidform").setAttribute("target","_parent"); - } else { - document.getElementById("moaidform").removeAttribute("target"); - } - - } - - function checkIfBrowserSupportsJava(){ - console.log("Browser is Chrome: "+checkIfBrowserIsChrome()); - console.log("Browser is Safari: "+checkIfBrowserIsSafari()); - console.log("Browser is Edge: "+checkIfBrowserIsEdge()); - - var cnt = 0; - - if(checkIfBrowserIsChrome())cnt++; - if(checkIfBrowserIsEdge())cnt++; - if(checkIfBrowserIsSafari())cnt++; - - if(cnt==0 || cnt>1)//cnt>1 means perhaps wrong detection - return true; - - var image = document.getElementById("bkuimage"); - var srcatt = image.getAttribute("src"); - var last = srcatt.substring(srcatt.lastIndexOf('/')+1); - srcatt = srcatt.replace(last,'online-bku-deactivated.png'); - image.setAttribute("src",srcatt); - - - var button = document.getElementsByName("bkuButtonOnline")[0]; - button.setAttribute("class","browserInfoButton"); - button.setAttribute("title","Java wird nicht unterstützt, klicken für mehr Informationen."); - button.setAttribute("onClick","alert('Java wird von Ihrem Browser nicht unterstützt, ist jedoch für den Betrieb der Online Bürgerkartenumgebung notwendig.\\nWollen Sie dennoch die Online Bürgerkartenumgebung verwenden, wird zur Zeit Java noch von Firefox und MS Internet Explorer unterstützt. \\nAlternativ koennen Sie auch eine lokale Bürgerkartenumgebung verwenden, verfügbar unter www.buergerkarte.at.');"); - - return false; + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> - } - function checkIfBrowserIsChrome(){ - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = false; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && webstore_defined; - } - function checkIfBrowserIsEdge(){//edge also defines the chrome object, but not the webapp - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = true; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && !webstore_defined; - } - function checkIfBrowserIsSafari(){ - var cond1 = Object.prototype.toString.call(window.HTMLElement).indexOf('Constructor') > 0; - return cond1; - } -/* function setSSOSelection() { - document.getElementById("useSSO").value = "false"; - var checkbox = document.getElementById("SSOCheckBox"); - if (checkbox != null) { - if (document.getElementById("SSOCheckBox").checked) { - document.getElementById("useSSO").value = "true"; - } - } - } */ - -/* function checkMandateSSO() { - var sso = document.getElementById("SSOCheckBox"); - var mandate = document.getElementById("mandateCheckBox"); - - - if (sso.checked && mandate.checked) { - alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!") - mandate.checked = false; - sso.checked = false; - return true; - } else { - return false; - } - } */ - </script> + <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> + <script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script> + + <title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title> </head> <body onload="onChangeChecks();checkIfBrowserSupportsJava();" onresize="onChangeChecks();"> <div id="page"> <div id="page1" class="case selected-case" role="main"> - <h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2> + <h2 class="OA_header" role="heading">Anmeldung an: $OAName</h2> <div id="main"> <div id="leftcontent" class="hell" role="application"> <div id="bku_header" class="dunkel"> - <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> + <h2 id="tabheader" class="dunkel" role="heading">$HEADER_TEXT</h2> </div> <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style="#MANDATEVISIBLE#"> + <div id="mandateLogin" style=""> <div> <input tabindex="1" type="checkbox" name="Mandate" id="mandateCheckBox" class="verticalcenter" role="checkbox" - onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#> + onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'$MANDATECHECKED> <label for="mandateCheckBox" class="verticalcenter">in Vertretung anmelden</label> <!--a href="info_mandates.html" @@ -855,43 +37,41 @@ </div> <div id="bkuselectionarea"> <div id="bkukarte"> - <img id="bkuimage" class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png" + <img id="bkuimage" class="bkuimage" src="$contextPath/img/online-bku.png" alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /> </div> <div id="bkuhandy"> - <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png" + <img class="bkuimage" src="$contextPath/img/mobile-bku.png" alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" onClick="bkuHandyClicked();" tabindex="3" role="button" value="HANDY" /> </div> </div> <div id="localBKU"> - <form method="get" id="moaidform" action="#AUTH_URL#" + <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> - <input type="hidden" name="bkuURI" value="#LOCAL#"> <input - type="hidden" name="useMandate" id="useMandate"> <input - type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="ccc" id="ccc"> <input type="hidden" - name="MODUL" value="#MODUL#"> <input type="hidden" - name="ACTION" value="#ACTION#"> <input type="hidden" - name="MOASessionID" value="#SESSIONID#"> - <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();"> + <input type="hidden" name="bkuURI" value="$bkuLocal" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="SSO" id="useSSO" /> + <input type="hidden" name="ccc" id="ccc" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" + role="button" onclick="setMandateSelection();"> </form> </div> <!-- Single Sign-On Session transfer functionality --> <!--div id="ssoSessionTransferBlock"> - <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + <a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> </div--> - <div id="stork" align="center" style="#STORKVISIBLE#"> + <div id="stork" align="center" style="$STORKVISIBLE"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" > - #PEPSLIST# + $countryList </select> <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button> <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a> @@ -907,16 +87,6 @@ </div> </div> </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> <img - style="border: 0; width: 88px; height: 31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> - </a> <a href="http://jigsaw.w3.org/css-validator/"> <img - style="border: 0; width: 88px; height: 31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> </div> </body> </html> diff --git a/id/server/doc/htmlTemplates/sendAssertion.html b/id/server/doc/htmlTemplates/sendAssertion.html index 07d018a94..7ae4b3f92 100644 --- a/id/server/doc/htmlTemplates/sendAssertion.html +++ b/id/server/doc/htmlTemplates/sendAssertion.html @@ -3,556 +3,7 @@ <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.7em; - border-radius: 5px; - } - - #bkuselectionarea button { - font-size: 0.85em; - border-radius: 7px; - margin-bottom: 25px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 440px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - padding-bottom: 15px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #selectArea h3 { - margin-bottom: 25px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 100px; - height: 30px; - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px;*/ - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 90px; - margin-bottom: 10px; - } - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - min-height: 1.2em; - border-radius: 5px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.8em; - min-width: 65px; - min-height: 1.3em; - /* border-radius: 5px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.8em; - margin-top: -0.4em; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - - #localBKU input { - font-size: 0.85em; - min-width: 80px; - min-height: 0.95em; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.85em; - min-width: 70px; - min-height: 0.95em; - /* border-radius: 6px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.9em; - margin-top: -0.45em; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.0em; - min-height: 1.05em; - /* border-radius: 7px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.0em; - margin-top: -0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.1em; - min-height: 1.2em; - /* border-radius: 8px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.1em; - margin-top: -0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.3em; - margin-top: -0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - min-width: 190px; -/* min-height: 190px; */ - vertical-align: middle; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - padding-top: 1%; - position: relative; - top: 50%; - } - - #bkulogin { - min-width: 190px; - min-height: 150px; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 70%; - height: 11%; - min-width: 60px; - min-height: 25px; - } - - #selectArea h3 { - margin-top: 2%; - } - - button { - height: 11%; - width: 70%; - } - } - - * { - margin: 0; - padding: 0; -/* border: 0; */ - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - margin-bottom: 10px; - margin-top: 5px; - } - - #mandateLogin { - padding-bottom: 2%; - padding-top: 2%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin > div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-left: 5%; - padding-right: 2%; - padding-bottom: 2%; - position: relative; - clear: both; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - - button, .sendButton { -/* background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: 3px 3px 3px #222222; */ - } - - button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { -/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: -1px -1px 3px #222222; */ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - </style> - + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> <title>Anmeldung an Online-Applikation</title> </head> @@ -574,25 +25,21 @@ </div> <div id="selectArea" class="hell" role="application"> - <h3>Anmeldung an: #OAName#</h3> + <h3>Anmeldung an: $OAName</h3> <!-- <div class="hell"> --> <div id="leftbutton"> - <form method="post" id="moaidform_yes" action="#URL#"> + <form method="post" id="moaidform_yes" action="$contextPath$submitEndpoint"> <input type="hidden" name="value" value="true"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Ja" class="setAssertionButton_full" role="button"> </form> </div> <div id="rightbutton"> - <form method="post" id="moaidform_no" action="#URL#"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> <input type="hidden" name="value" value="false"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Nein" class="setAssertionButton_full" role="button"> </form> </div> @@ -600,18 +47,6 @@ </div> </div> </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> - <img style="border:0;width:88px;height:31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" - alt="HTML5 ist valide!" /> - </a> - <a href="http://jigsaw.w3.org/css-validator/"> - <img style="border:0;width:88px;height:31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> </div> </body> </html> diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index afc432628..fb6ba1bc6 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -30,20 +30,15 @@ <dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
- <version>6.1.1</version>
+ <version>6.9.10</version>
<scope>test</scope>
</dependency>
- <dependency>
- <groupId>eu.stork</groupId>
- <artifactId>oasis-dss-api</artifactId>
- <version>1.0.0-RELEASE</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-io</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
+
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <version>19.0</version>
+ </dependency>
<dependency>
<groupId>at.gv.egiz.components</groupId>
@@ -58,20 +53,37 @@ </dependency>
<dependency>
+ <groupId>at.gv.egiz.components</groupId>
+ <artifactId>egiz-spring-api</artifactId>
+ <version>0.1</version>
+ </dependency>
+
+ <dependency>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-frontend-resources</artifactId>
+ </dependency>
+ <dependency>
<groupId>MOA.id.server</groupId>
<artifactId>moa-id-commons</artifactId>
-<!-- <exclusions>
- <exclusion>
- <artifactId>hyperjaxb3-ejb-runtime</artifactId>
- <groupId>org.jvnet.hyperjaxb3</groupId>
- </exclusion>
- </exclusions> -->
+ </dependency>
+
+ <dependency>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-commons</artifactId>
+ <type>test-jar</type>
+ <scope>test</scope>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<version>${hibernate.version}</version>
+ <exclusions>
+ <exclusion>
+ <artifactId>xml-apis</artifactId>
+ <groupId>xml-apis</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
@@ -83,55 +95,33 @@ <artifactId>hibernate-entitymanager</artifactId>
<version>${hibernate.version}</version>
</dependency>
-
-
-<!-- <dependency>
- <groupId>eu.stork</groupId>
- <artifactId>Commons</artifactId>
- <version>1.4.0</version>
- </dependency> -->
-
-
- <dependency>
- <groupId>MOA</groupId>
- <artifactId>moa-common</artifactId>
- <type>jar</type>
- </dependency>
-
- <dependency>
- <groupId>MOA</groupId>
- <artifactId>moa-common</artifactId>
- <type>test-jar</type>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>MOA.spss.server</groupId>
- <artifactId>moa-spss-lib</artifactId>
- <exclusions>
- <exclusion>
- <artifactId>iaik_pki_module</artifactId>
- <groupId>iaik</groupId>
- </exclusion>
- <exclusion>
- <groupId>javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
- </exclusion>
- <exclusion>
- <artifactId>axis-wsdl4j</artifactId>
- <groupId>axis</groupId>
- </exclusion>
- <exclusion>
- <artifactId>jaxb-impl</artifactId>
- <groupId>com.sun.xml.bind</groupId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>axis</groupId>
- <artifactId>axis</artifactId>
- </dependency>
-
-
+
+ <dependency>
+ <groupId>MOA.id</groupId>
+ <artifactId>moa-spss-container</artifactId>
+ <exclusions>
+ <exclusion>
+ <artifactId>iaik_pki_module</artifactId>
+ <groupId>iaik</groupId>
+ </exclusion>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ <exclusion>
+ <artifactId>axis-wsdl4j</artifactId>
+ <groupId>axis</groupId>
+ </exclusion>
+ </exclusions>
+ <type>pom</type>
+ </dependency>
+
+ <dependency>
+ <groupId>jakarta-regexp</groupId>
+ <artifactId>jakarta-regexp</artifactId>
+ <version>1.4</version>
+ </dependency>
+
<dependency>
<groupId>at.gv.util</groupId>
<artifactId>egovutils</artifactId>
@@ -160,6 +150,10 @@ <artifactId>jaxb-core</artifactId>
<groupId>com.sun.xml.bind</groupId>
</exclusion>
+ <exclusion>
+ <artifactId>xml-apis</artifactId>
+ <groupId>xml-apis</groupId>
+ </exclusion>
</exclusions>
</dependency>
@@ -177,6 +171,11 @@ <artifactId>cxf-rt-transports-http</artifactId>
</dependency>
+ <dependency>
+ <groupId>xalan-bin-dist</groupId>
+ <artifactId>xml-apis</artifactId>
+ </dependency>
+
<dependency>
<groupId>javax.xml.bind</groupId>
@@ -184,94 +183,17 @@ </dependency>
<!-- Required for MOA-SPSS API access -->
- <dependency>
+<!-- <dependency>
<groupId>com.sun.xml.rpc</groupId>
<artifactId>jaxrpc-impl</artifactId>
<version>1.1.3_01</version>
- </dependency>
+ </dependency> -->
<dependency>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
</dependency>
- <!--
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
- <scope>provided</scope>
- </dependency>
- -->
-
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>xalan</artifactId>
- <!-- should be provided by the container or jre -->
- <scope>provided</scope>
- <exclusions>
- <exclusion>
- <artifactId>serializer</artifactId>
- <groupId>xalan</groupId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>xerces</groupId>
- <artifactId>xercesImpl</artifactId>
- <!-- should be provided by the container or jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>xml-apis</artifactId>
- <!-- should be provided by the container or jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>serializer</artifactId>
- <!-- should be provided by the container or jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_jce_full</artifactId>
- <!-- should be in the ext directory of the jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_ecc</artifactId>
- <!-- should be in the ext directory of the jre -->
- <scope>provided</scope>
- </dependency>
-
-
-<!-- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- <version>1.7.7</version>
- </dependency> -->
-<!-- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-simple</artifactId>
- <version>1.7.6</version>
- </dependency> -->
-<!-- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl-over-slf4j</artifactId>
- <version>1.7.6</version>
- </dependency> -->
-<!-- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- <version>1.7.6</version>
- </dependency> -->
-<!-- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>jul-to-slf4j</artifactId>
- <version>1.7.6</version>
- </dependency> -->
<dependency>
<groupId>org.easymock</groupId>
@@ -283,12 +205,12 @@ <artifactId>unitils-core</artifactId>
<scope>test</scope>
</dependency>
- <dependency>
+<!-- <dependency>
<groupId>MOA</groupId>
<artifactId>moa-common</artifactId>
<type>test-jar</type>
<scope>test</scope>
- </dependency>
+ </dependency> -->
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
@@ -312,33 +234,7 @@ <dependency>
<groupId>httpsclient</groupId>
<artifactId>httpsclient</artifactId>
- </dependency>
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_moa</artifactId>
- </dependency>
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_ixsil</artifactId>
- </dependency>
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_X509TrustManager</artifactId>
- </dependency>
- <!-- <dependency> <groupId>iaik</groupId> <artifactId>moa</artifactId>
- <version>1.28</version> </dependency> -->
-<!-- <dependency>
- <groupId>edu.internet2.middleware</groupId>
- <artifactId>shibboleth-common</artifactId>
- <version>1.4.0</version>
- <exclusions>
- <exclusion>
- <artifactId>logback-classic</artifactId>
- <groupId>ch.qos.logback</groupId>
- </exclusion>
- </exclusions>
- </dependency> -->
-
+ </dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml</artifactId>
@@ -382,24 +278,12 @@ <groupId>org.bouncycastle</groupId>
</exclusion>
</exclusions>
- </dependency>
-
-<!-- <dependency>
- <groupId>regexp</groupId>
- <artifactId>regexp</artifactId>
- </dependency> -->
-
- <!-- <dependency> <groupId>commons-httpclient</groupId> <artifactId>commons-httpclient</artifactId>
- </dependency> -->
- <!-- <dependency> <groupId>at.gv.egovernment.moa.id</groupId> <artifactId>mandate-validate</artifactId>
- <version>1.1</version> </dependency> -->
- <!--
- <dependency>
- <groupId>commons-lang</groupId>
- <artifactId>commons-lang</artifactId>
- <version>2.6</version>
- </dependency>
- -->
+ </dependency>
+ <dependency>
+ <groupId>org.apache.santuario</groupId>
+ <artifactId>xmlsec</artifactId>
+ <version>2.0.5</version>
+ </dependency>
<!-- the core, which includes Streaming API, shared low-level abstractions (but NOT data-binding) -->
<dependency>
@@ -434,7 +318,7 @@ <dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
- <version>1.4.178</version>
+ <version>1.4.191</version>
<scope>test</scope>
</dependency>
@@ -467,11 +351,11 @@ </dependency> -->
- <dependency>
+<!-- <dependency>
<groupId>eu.stork</groupId>
<artifactId>SamlEngine</artifactId>
<version>1.5.1</version>
- </dependency>
+ </dependency> -->
<!-- spring -->
@@ -608,11 +492,11 @@ <artifactId>surefire-junit47</artifactId>
<version>${surefire.version}</version>
</dependency>
- <dependency>
+<!-- <dependency>
<groupId>org.apache.maven.surefire</groupId>
<artifactId>surefire-testng</artifactId>
<version>${surefire.version}</version>
- </dependency>
+ </dependency> -->
</dependencies>
</plugin>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java index d5d0a3ab1..9d26cc05f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAIDEventConstants.java @@ -47,7 +47,12 @@ public interface MOAIDEventConstants extends EventConstants { public static final int AUTHPROTOCOL_OPENIDCONNECT_TOKENREQUEST = 3201; public static final int AUTHPROTOCOL_SAML1_AUTHNREQUEST = 3300; - + + public static final int AUTHPROCESS_IDP_SLO_REQUESTED = 4400; + public static final int AUTHPROCESS_SLO_STARTED = 4401; + public static final int AUTHPROCESS_SLO_ALL_VALID = 4402; + public static final int AUTHPROCESS_SLO_NOT_ALL_VALID = 4403; + //authentication process information public static final int AUTHPROCESS_START = 4000; public static final int AUTHPROCESS_FINISHED = 4001; @@ -78,10 +83,12 @@ public interface MOAIDEventConstants extends EventConstants { public static final int AUTHPROCESS_MANDATE_REDIRECT = 4301; public static final int AUTHPROCESS_MANDATE_RECEIVED = 4302; - public static final int AUTHPROCESS_PEPS_REQUESTED = 4400; - public static final int AUTHPROCESS_PEPS_RECEIVED = 4401; - public static final int AUTHPROCESS_PEPS_IDL_RECEIVED = 4402; - + public static final int AUTHPROCESS_PEPS_SELECTED = 6100; + public static final int AUTHPROCESS_PEPS_REQUESTED = 6101; + public static final int AUTHPROCESS_PEPS_RECEIVED = 6102; + public static final int AUTHPROCESS_PEPS_RECEIVED_ERROR = 6103; + public static final int AUTHPROCESS_PEPS_IDL_RECEIVED = 6104; + //person information public static final int PERSONAL_INFORMATION_PROF_REPRESENTATIVE_BPK = 5000; public static final int PERSONAL_INFORMATION_PROF_REPRESENTATIVE = 5001; @@ -92,6 +99,13 @@ public interface MOAIDEventConstants extends EventConstants { public static final int PERSONAL_INFORMATION_MANDATE_MANDATOR_HASH = 5102; public static final int PERSONAL_INFORMATION_MANDATE_MANDATOR_BASEID = 5103; + //Attribute Provider [6000 --> 7900] + public static final int AUTHPROCESS_ELGA_MANDATE_SERVICE_REQUESTED = 6000; + public static final int AUTHPROCESS_ELGA_MANDATE_RECEIVED = 6001; + public static final int AUTHPROCESS_ELGA_MANDATE_ERROR_RECEIVED = 6002; + public static final int AUTHPROCESS_ELGA_MANDATE_RECEIVED_IP = 6003; + + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java index 7ac026888..4a5cbd55f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/MOAReversionLogger.java @@ -27,13 +27,15 @@ import java.util.Arrays; import java.util.Date; import java.util.List; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.data.MISMandate; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; @@ -42,9 +44,13 @@ import at.gv.egovernment.moa.util.MiscUtil; * @author tlenz * */ +@Service("MOAReversionLogger") public class MOAReversionLogger { - - private static MOAReversionLogger instance = null; + + @Autowired protected AuthConfiguration authConfig; + + public static final String NAT_PERSON = "nat"; + public static final String JUR_PERSON = "jur"; private static final List<Integer> defaultEventCodes = Arrays.asList( MOAIDEventConstants.SESSION_CREATED, @@ -57,6 +63,11 @@ public class MOAReversionLogger { MOAIDEventConstants.AUTHPROTOCOL_TYPE, MOAIDEventConstants.AUTHPROTOCOL_PVP_METADATA, + MOAIDEventConstants.AUTHPROCESS_SERVICEPROVIDER, + MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION, + MOAIDEventConstants.AUTHPROCESS_STORK_REQUESTED, + MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED, + MOAIDEventConstants.AUTHPROCESS_START, MOAIDEventConstants.AUTHPROCESS_FINISHED, MOAIDEventConstants.AUTHPROCESS_BKU_URL, @@ -64,22 +75,37 @@ public class MOAReversionLogger { MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED, MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED, + + MOAIDEventConstants.AUTHPROCESS_IDP_SLO_REQUESTED, + MOAIDEventConstants.AUTHPROCESS_SLO_STARTED, + MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID, + MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID, + + MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_SERVICE_REQUESTED, + MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_ERROR_RECEIVED, + MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_RECEIVED, + MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_RECEIVED_IP, + + MOAIDEventConstants.AUTHPROCESS_PEPS_SELECTED, + MOAIDEventConstants.AUTHPROCESS_PEPS_REQUESTED, + MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED, + MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR, + MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED, + + MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND, + MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED, + + MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, + MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT, + MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED, + MOAIDEventConstants.AUTHPROCESS_SSO, - MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION, - MOAIDEventConstants.AUTHPROCESS_STORK_REQUESTED, - MOAIDEventConstants.AUTHPROCESS_SERVICEPROVIDER - ); - - - public static synchronized MOAReversionLogger getInstance() { - if (instance == null) { - instance = new MOAReversionLogger(); - MOAIDEventLog.reload(); + MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_START, + MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED, + MOAIDEventConstants.AUTHPROCESS_SSO_INVALID - } - - return instance; - } + + ); public void logEvent(IOAAuthParameters oaConfig, int eventCode, String message) { @@ -91,8 +117,8 @@ public class MOAReversionLogger { int eventCode) { if (selectOASpecificEventCodes(oaConfig).contains(eventCode)) MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, - pendingRequest.getSessionIdentifier(), - pendingRequest.getRequestID())); + pendingRequest.getUniqueSessionIdentifier(), + pendingRequest.getUniqueTransactionIdentifier())); } @@ -101,8 +127,8 @@ public class MOAReversionLogger { if (selectOASpecificEventCodes(oaConfig).contains(eventCode)) MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, message, - pendingRequest.getSessionIdentifier(), - pendingRequest.getRequestID() + pendingRequest.getUniqueSessionIdentifier(), + pendingRequest.getUniqueTransactionIdentifier() )); } @@ -140,8 +166,8 @@ public class MOAReversionLogger { */ public void logEvent(IRequest pendingRequest, int eventCode) { MOAIDEventLog.logEvent(MOAIDEventLog.createNewEvent(new Date().getTime(), eventCode, - pendingRequest.getSessionIdentifier(), - pendingRequest.getRequestID())); + pendingRequest.getUniqueSessionIdentifier(), + pendingRequest.getUniqueTransactionIdentifier())); } @@ -167,7 +193,7 @@ public class MOAReversionLogger { if (jaxBMandate.getMandator().getCorporateBody() != null) { logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_TYPE, - "jur"); + JUR_PERSON); try { String jurBaseID = jaxBMandate.getMandator().getCorporateBody().getIdentification().get(0).getType() + "+" + jaxBMandate.getMandator().getCorporateBody().getIdentification().get(0).getId(); @@ -181,7 +207,7 @@ public class MOAReversionLogger { } else { logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_TYPE, - "nat"); + NAT_PERSON); logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_HASH, buildPersonInformationHash( jaxBMandate.getMandator().getPhysicalPerson().getName().getGivenName().get(0), @@ -190,7 +216,7 @@ public class MOAReversionLogger { } } } - + /** * @param pendingReq * @param identityLink @@ -217,7 +243,7 @@ public class MOAReversionLogger { return OASpecificEventCodes; } - private String buildPersonInformationHash(String givenName, String familyName, String dateofBirth) { + public String buildPersonInformationHash(String givenName, String familyName, String dateofBirth) { // {"hash":"hashvalue","salt":"testSalt"} // {"person":{"givenname":"value","familyname":"value","dateofbirth":"value"},"salt":"saltvalue"} @@ -249,15 +275,9 @@ public class MOAReversionLogger { } public List<Integer> getDefaulttReversionsLoggingEventCodes() { - try { - List<Integer> configuredDefaultEventCodes = AuthConfigurationProviderFactory.getInstance().getDefaultRevisionsLogEventCodes(); - if (configuredDefaultEventCodes != null) - return configuredDefaultEventCodes; - - } catch (ConfigurationException e) { - Logger.error("Access to configuration FAILED.", e); - - } + List<Integer> configuredDefaultEventCodes = authConfig.getDefaultRevisionsLogEventCodes(); + if (configuredDefaultEventCodes != null) + return configuredDefaultEventCodes; return defaultEventCodes; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index 5487152cf..0171f9d90 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -32,6 +32,8 @@ import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; import org.apache.commons.lang3.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator; @@ -39,24 +41,25 @@ import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBod import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.BKUException; import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.client.SZRGWClientException; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.MISMandate; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; +@Service("StatisticLogger") public class StatisticLogger { private static final String GENERIC_LOCALBKU = ":3496/https-security-layer-request"; @@ -73,45 +76,19 @@ public class StatisticLogger { private static final String ERRORTYPE_MANDATE = "mandate"; private static final String ERRORTYPE_MOAID = "moa-id"; private static final String ERRORTYPE_SZRGW = "szrgw"; - - private static StatisticLogger instance; - - private boolean isAktive = false; - - public static StatisticLogger getInstance() { - if (instance == null) - instance = new StatisticLogger(); - return instance; - } - - private StatisticLogger() { - try { - AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); - - if (config != null) - isAktive = config.isAdvancedLoggingActive(); - - } catch (ConfigurationException e) { - Logger.error("StatisticLogger can not be inizialized", e); - } - } - + @Autowired AuthConfiguration authConfig; + @Autowired IAuthenticationSessionStoreage authenticatedSessionStorage; + public void logSuccessOperation(IRequest protocolRequest, IAuthData authData, boolean isSSOSession) { - if ( isAktive && protocolRequest != null && authData != null) { + if ( authConfig.isAdvancedLoggingActive() && protocolRequest != null && authData != null) { - OAAuthParameter dbOA = null; - try { - dbOA = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); + IOAAuthParameters dbOA = null; + dbOA = protocolRequest.getOnlineApplicationConfiguration(); - if (dbOA == null) { - Logger.warn("Advanced logging failed: OA can not be found in database."); - return; - } - - } catch (ConfigurationException e1) { - Logger.error("Access MOA-ID configuration FAILED.", e1); + if (dbOA == null) { + Logger.warn("Advanced logging failed: OA can not be found in database."); return; } @@ -130,12 +107,14 @@ public class StatisticLogger { boolean isbusinessservice = isBusinessService(dbOA); dblog.setBusinessservice(isbusinessservice); dblog.setOatarget(authData.getBPKType()); - - dblog.setInterfederatedSSOSession(authData.isInterfederatedSSOSession()); + + + boolean isFederatedAuthentication = protocolRequest.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_RESPONSE) != null; + dblog.setInterfederatedSSOSession(isFederatedAuthentication); - if (authData.isInterfederatedSSOSession()) { + if (isFederatedAuthentication) { dblog.setBkutype(IOAAuthParameters.INDERFEDERATEDIDP); - dblog.setBkuurl(authData.getInterfederatedIDP()); + dblog.setBkuurl(protocolRequest.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_ENTITYID, String.class)); } else { dblog.setBkuurl(authData.getBkuURL()); @@ -221,7 +200,7 @@ public class StatisticLogger { } public void logErrorOperation(Throwable throwable) { - if ( isAktive ) { + if ( authConfig.isAdvancedLoggingActive() ) { StatisticLog dblog = new StatisticLog(); //set actual date and time @@ -249,7 +228,7 @@ public class StatisticLogger { public void logErrorOperation(Throwable throwable, IRequest errorRequest) { - if (isAktive && throwable != null && errorRequest != null) { + if (authConfig.isAdvancedLoggingActive() && throwable != null && errorRequest != null) { StatisticLog dblog = new StatisticLog(); //set actual date and time @@ -260,44 +239,45 @@ public class StatisticLogger { dblog.setProtocoltype(errorRequest.requestedModule()); dblog.setProtocolsubtype(errorRequest.requestedAction()); - try { - OAAuthParameter dbOA = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(errorRequest.getOAURL()); - if (dbOA != null) { - dblog.setOafriendlyName(dbOA.getFriendlyName()); - dblog.setOatarget(dbOA.getTarget()); - //dblog.setOaID(dbOA.getHjid()); - dblog.setBusinessservice(isBusinessService(dbOA)); - - - AuthenticationSession moasession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(errorRequest.getRequestID()); + IOAAuthParameters dbOA = errorRequest.getOnlineApplicationConfiguration(); + if (dbOA != null) { + dblog.setOafriendlyName(dbOA.getFriendlyName()); + dblog.setOatarget(dbOA.getTarget()); + //dblog.setOaID(dbOA.getHjid()); + dblog.setBusinessservice(isBusinessService(dbOA)); + + try { + AuthenticationSession moasession = authenticatedSessionStorage. + getSession(errorRequest.getMOASessionIdentifier()); if (moasession != null) { if (MiscUtil.isNotEmpty(moasession.getBkuURL())) { dblog.setBkuurl(moasession.getBkuURL()); dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA)); } - - dblog.setMandatelogin(moasession.getUseMandate()); - } - generateErrorLogFormThrowable(throwable, dblog); + dblog.setMandatelogin(moasession.isMandateUsed()); + } + } catch (MOADatabaseException e) { + Logger.debug(e.getMessage() + " --> StatistikLog will not include MOASession information."); - - try { - StatisticLogDBUtils.saveOrUpdate(dblog); + } + + generateErrorLogFormThrowable(throwable, dblog); - } catch (MOADatabaseException e) { - Logger.warn("Statistic Log can not be stored into Database", e); - } + + + try { + StatisticLogDBUtils.saveOrUpdate(dblog); + + } catch (MOADatabaseException e) { + Logger.warn("Statistic Log can not be stored into Database", e); } - } catch (ConfigurationException e) { - Logger.error("Access MOA-ID configuration FAILED.", e); - return; } } } - private boolean isBusinessService(OAAuthParameter dbOA) { + private boolean isBusinessService(IOAAuthParameters dbOA) { if (dbOA.getOaType().equals("businessService")) return true; @@ -360,7 +340,7 @@ public class StatisticLogger { } - private String findBKUType(String bkuURL, OAAuthParameter dbOA) { + private String findBKUType(String bkuURL, IOAAuthParameters dbOA) { if (dbOA != null) { if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameter.HANDYBKU))) @@ -376,14 +356,13 @@ public class StatisticLogger { Logger.trace("Staticic Log search BKUType from DefaultBKUs"); try { - AuthConfiguration authconfig = AuthConfigurationProviderFactory.getInstance(); - if (bkuURL.equals(authconfig.getDefaultBKUURL(IOAAuthParameters.ONLINEBKU))) + if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.ONLINEBKU))) return IOAAuthParameters.ONLINEBKU; - if (bkuURL.equals(authconfig.getDefaultBKUURL(IOAAuthParameters.LOCALBKU))) + if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.LOCALBKU))) return IOAAuthParameters.LOCALBKU; - if (bkuURL.equals(authconfig.getDefaultBKUURL(IOAAuthParameters.HANDYBKU))) + if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.HANDYBKU))) return IOAAuthParameters.HANDYBKU; } catch (ConfigurationException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/TransactionIDUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/TransactionIDUtils.java index 7f6f2c6b3..6d53fd510 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/TransactionIDUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/TransactionIDUtils.java @@ -25,7 +25,7 @@ package at.gv.egovernment.moa.id.advancedlogging; import java.util.Date; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.util.MiscUtil; /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java index 1f12675ca..e0552c337 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationSessionCleaner.java @@ -3,8 +3,23 @@ package at.gv.egovernment.moa.id.auth; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import java.util.Date; +import java.util.List; + +import org.hibernate.HibernateException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.data.ExceptionContainer; +import at.gv.egovernment.moa.id.process.ProcessExecutionException; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; /** * Thread cleaning the <code>AuthenticationServer</code> session store @@ -13,22 +28,91 @@ import at.gv.egovernment.moa.logging.Logger; * @author Paul Ivancsics * @version $Id$ */ +@Service("AuthenticationSessionCleaner") public class AuthenticationSessionCleaner implements Runnable { + @Autowired private IAuthenticationSessionStoreage authenticationSessionStorage; + @Autowired private ITransactionStorage transactionStorage; + @Autowired protected AuthConfiguration authConfig; + /** interval the <code>AuthenticationSessionCleaner</code> is run in */ private static final long SESSION_CLEANUP_INTERVAL = 5 * 60; // 5 min /** * Runs the thread. Cleans the <code>AuthenticationServer</code> session store * and authentication data store from garbage, then sleeps for given interval, and restarts. + * + * Cleans up expired session and authentication data stores. + * */ public void run() { while (true) { try { Logger.debug("AuthenticationSessionCleaner run"); - BaseAuthenticationServer.cleanup(); - } - catch (Exception e) { + Date now = new Date(); + + try { + int sessionTimeOutCreated = authConfig.getSSOCreatedTimeOut() * 1000; + int sessionTimeOutUpdated = authConfig.getSSOUpdatedTimeOut() * 1000; + int authDataTimeOut = authConfig.getTransactionTimeOut() * 1000; + + //clean AuthenticationSessionStore + authenticationSessionStorage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated); + + //clean TransactionStorage + List<String> entryKeysToClean = transactionStorage.clean(now, authDataTimeOut); + if (entryKeysToClean != null && entryKeysToClean.size() != 0) { + for(String entryKey : entryKeysToClean) { + try { + try { + Object entry = transactionStorage.get(entryKey); + //if entry is an exception --> log it because is could be unhandled + if (entry != null && entry instanceof ExceptionContainer) { + ExceptionContainer exContainer = (ExceptionContainer) entry; + + if (exContainer.getExceptionThrown() != null) { + //add session and transaction ID to log if exists + if (MiscUtil.isNotEmpty(exContainer.getUniqueTransactionID())) + TransactionIDUtils.setTransactionId(exContainer.getUniqueTransactionID()); + + if (MiscUtil.isNotEmpty(exContainer.getUniqueSessionID())) + TransactionIDUtils.setSessionId(exContainer.getUniqueSessionID()); + + //log exception to technical log + logExceptionToTechnicalLog(exContainer.getExceptionThrown()); + + //remove session and transaction ID from thread + TransactionIDUtils.removeSessionId(); + TransactionIDUtils.removeTransactionId(); + } + } + + } catch (Exception e) { + Logger.info("Transaction info is not loadable. " + + "Key:" + entryKey + + " ErrorMsg:" + e.getMessage()); + + } + + transactionStorage.remove(entryKey); + Logger.info("Remove stored information with ID: " + entryKey + + " after timeout."); + + } catch (HibernateException e){ + Logger.warn("Transaction information with ID=" + entryKey + + " not removed after timeout! (Error during Database communication)", e); + } + + } + } + + + } catch (Exception e) { + Logger.error("Session/Transaction cleanUp FAILED!" , e); + + } + + } catch (Exception e) { Logger.error(MOAIDMessageProvider.getInstance().getMessage("cleaner.01", null), e); } try { @@ -39,13 +123,34 @@ public class AuthenticationSessionCleaner implements Runnable { } } + /** + * Write a Exception to the MOA-ID-Auth internal technical log + * + * @param loggedException Exception to log + */ + protected void logExceptionToTechnicalLog(Throwable loggedException) { + if (!( loggedException instanceof MOAIDException + || loggedException instanceof ProcessExecutionException )) { + Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException); + + } else { + if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) { + Logger.warn(loggedException.getMessage(), loggedException); + + } else { + Logger.info(loggedException.getMessage()); + + } + } + } + /** * start the sessionCleaner */ - public static void start() { + public static void start(Runnable clazz) { // start the session cleanup thread Thread sessionCleaner = - new Thread(new AuthenticationSessionCleaner(), "AuthenticationSessionCleaner"); + new Thread(clazz, "AuthenticationSessionCleaner"); sessionCleaner.setName("SessionCleaner"); sessionCleaner.setDaemon(true); sessionCleaner.setPriority(Thread.MIN_PRIORITY); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java index 5e3b6653b..20f2029cb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/BaseAuthenticationServer.java @@ -1,37 +1,14 @@ package at.gv.egovernment.moa.id.auth; -import java.io.UnsupportedEncodingException; -import java.util.Date; -import java.util.List; -import java.util.UUID; - -import org.opensaml.xml.util.XMLHelper; - -import org.w3c.dom.Element; +import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.client.SZRGWClient; -import at.gv.egovernment.moa.id.client.SZRGWClientException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.util.xsd.mis.MandateIdentifiers; -import at.gv.util.xsd.mis.Target; -import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest; -import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData; -import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; -import at.gv.util.xsd.srzgw.MISType; -import at.gv.util.xsd.srzgw.MISType.Filters; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; /** * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is @@ -43,6 +20,9 @@ import at.gv.util.xsd.srzgw.MISType.Filters; */ public abstract class BaseAuthenticationServer extends MOAIDAuthConstants { + @Autowired private IAuthenticationSessionStoreage authenticationSessionStorage; + @Autowired protected AuthConfiguration authConfig; + /** * Retrieves a session from the session store. * @@ -50,11 +30,11 @@ public abstract class BaseAuthenticationServer extends MOAIDAuthConstants { * @return <code>AuthenticationSession</code> stored with given session ID (never {@code null}). * @throws AuthenticationException in case the session id does not reflect a valic, active session. */ - public static AuthenticationSession getSession(String id) + public AuthenticationSession getSession(String id) throws AuthenticationException { AuthenticationSession session; try { - session = AuthenticationSessionStoreage.getSession(id); + session = authenticationSessionStorage.getSession(id); if (session == null) throw new AuthenticationException("auth.02", new Object[]{id}); @@ -68,33 +48,4 @@ public abstract class BaseAuthenticationServer extends MOAIDAuthConstants { } } - /** - * Cleans up expired session and authentication data stores. - */ - public static void cleanup() { - long now = new Date().getTime(); - - try { - int sessionTimeOutCreated = AuthConfigurationProviderFactory.getInstance().getSSOCreatedTimeOut() * 1000; - int sessionTimeOutUpdated = AuthConfigurationProviderFactory.getInstance().getSSOUpdatedTimeOut() * 1000; - int authDataTimeOut = AuthConfigurationProviderFactory.getInstance().getTransactionTimeOut() * 1000; - - //clean AuthenticationSessionStore - AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated); - - //clean AssertionStore - AssertionStorage assertionstore = AssertionStorage.getInstance(); - assertionstore.clean(now, authDataTimeOut); - - //clean ExeptionStore - DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore(); - exstore.clean(now, authDataTimeOut); - - } catch (Exception e) { - Logger.error("Session cleanUp FAILED!" , e); - - } - - } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java deleted file mode 100644 index fa30f9ffd..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ /dev/null @@ -1,179 +0,0 @@ - - - -package at.gv.egovernment.moa.id.auth; - -import java.util.Arrays; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import at.gv.egovernment.moa.id.commons.MOAIDConstants; -import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; - -import iaik.asn1.ObjectID; - - -/** - * Constants used throughout moa-id-auth component. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class MOAIDAuthConstants extends MOAIDConstants{ - - /** servlet parameter "Target" */ - public static final String PARAM_TARGET = "Target"; - /** servlet parameter "useMandate" */ - public static final String PARAM_USEMANDATE = "useMandate"; - /** servlet parameter "OA" */ - public static final String PARAM_OA = "OA"; - /** servlet parameter "bkuURI" */ - public static final String PARAM_BKU = "bkuURI"; - public static final String PARAM_MODUL = "MODUL"; - public static final String PARAM_ACTION = "ACTION"; - public static final String PARAM_SSO = "SSO"; - public static final String INTERFEDERATION_IDP = "interIDP"; - - public static final String PARAM_SLOSTATUS = "status"; - public static final String PARAM_SLORESTART = "restart"; - public static final String SLOSTATUS_SUCCESS = "success"; - public static final String SLOSTATUS_ERROR = "error"; - - /** servlet parameter "sourceID" */ - public static final String PARAM_SOURCEID = "sourceID"; - /** servlet parameter "BKUSelectionTemplate" */ - public static final String PARAM_BKUTEMPLATE = "BKUSelectionTemplate"; - /** servlet parameter "CCC (Citizen Country Code)" */ - public static final String PARAM_CCC = "CCC"; - /** servlet parameter "BKUSelectionTemplate" */ - public static final String PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE = "InputProcessorSignTemplate"; - /** default BKU URL */ - public static final String DEFAULT_BKU = "http://localhost:3495/http-security-layer-request"; - /** default BKU URL for https connections*/ - public static final String DEFAULT_BKU_HTTPS = "https://127.0.0.1:3496/https-security-layer-request"; - /** servlet parameter "returnURI" */ - public static final String PARAM_RETURN = "returnURI"; - /** servlet parameter "Template" */ - public static final String PARAM_TEMPLATE = "Template"; - /** servlet parameter "MOASessionID" */ - public static final String PARAM_SESSIONID = "MOASessionID"; - /** servlet parameter "XMLResponse" */ - public static final String PARAM_XMLRESPONSE = "XMLResponse"; - /** servlet parameter "SAMLArtifact" */ - public static final String PARAM_SAMLARTIFACT = "SAMLArtifact"; - /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet} is mapped to */ - public static final String REQ_START_AUTHENTICATION = "StartAuthentication"; - /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet} is mapped to */ - public static final String REQ_VERIFY_IDENTITY_LINK = "VerifyIdentityLink"; - /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet} is mapped to */ - public static final String REQ_GET_FOREIGN_ID = "GetForeignID"; - /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet} is mapped to */ - public static final String REQ_VERIFY_CERTIFICATE = "VerifyCertificate"; - /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet} is mapped to */ - public static final String GET_MIS_SESSIONID = "GetMISSessionID"; - /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet} is mapped to */ - public static final String REQ_PROCESS_VALIDATOR_INPUT = "ProcessInput"; - /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet} is mapped to */ - public static final String REQ_VERIFY_AUTH_BLOCK = "VerifyAuthBlock"; - /** Logging hierarchy used for controlling debug output of XML structures to files */ - public static final String DEBUG_OUTPUT_HIERARCHY = "moa.id.auth"; - /** Header Name for controlling the caching mechanism of the browser */ - public static final String HEADER_EXPIRES = "Expires"; - /** Header Value for controlling the caching mechanism of the browser */ - public static final String HEADER_VALUE_EXPIRES = "Sat, 6 May 1995 12:00:00 GMT"; - /** Header Name for controlling the caching mechanism of the browser */ - public static final String HEADER_PRAGMA = "Pragma"; - /** Header Value for controlling the caching mechanism of the browser */ - public static final String HEADER_VALUE_PRAGMA = "no-cache"; - /** Header Name for controlling the caching mechanism of the browser */ - public static final String HEADER_CACHE_CONTROL = "Cache-control"; - /** Header Value for controlling the caching mechanism of the browser */ - public static final String HEADER_VALUE_CACHE_CONTROL = "no-store, no-cache, must-revalidate"; - /** Header Value for controlling the caching mechanism of the browser */ - public static final String HEADER_VALUE_CACHE_CONTROL_IE = "post-check=0, pre-check=0"; - /** - * the identity link signer X509Subject names of those identity link signer certificates - * not including the identity link signer OID. The authorisation for signing the identity - * link must be checked by using their issuer names. After february 19th 2007 the OID of - * the certificate will be used fo checking the authorisation for signing identity links. - */ - public static final String[] IDENTITY_LINK_SIGNERS_WITHOUT_OID = - new String[] {"T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitgieds der Datenschutzkommission", - "T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitglieds der Datenschutzkommission"}; - - /** the number of the certifcate extension "Eigenschaft zur Ausstellung von Personenbindungen" */ - public static final String IDENTITY_LINK_SIGNER_OID_NUMBER = "1.2.40.0.10.1.7.1"; - /** - * the OID of the identity link signer certificate (Eigenschaft zur Ausstellung von Personenbindungen); - * used for checking the authorisation for signing the identity link for identity links signed after february 19th 2007 - */ - public static final ObjectID IDENTITY_LINK_SIGNER_OID = new ObjectID(IDENTITY_LINK_SIGNER_OID_NUMBER); - - /** the number of the certifcate extension for party representatives */ - public static final String PARTY_REPRESENTATION_OID_NUMBER = "1.2.40.0.10.3"; - -// /** the number of the certifcate extension for party organ representatives */ -// public static final String PARTY_ORGAN_REPRESENTATION_OID_NUMBER = PARTY_REPRESENTATION_OID_NUMBER + ".10"; - - /** OW */ - public static final String OW_ORGANWALTER = PARTY_REPRESENTATION_OID_NUMBER + ".4"; - - /** List of OWs */ - public static final List<ObjectID> OW_LIST = Arrays.asList( - new ObjectID(OW_ORGANWALTER)); - - /**BKU type identifiers to use bkuURI from configuration*/ - public static final String REQ_BKU_TYPE_LOCAL = "local"; - public static final String REQ_BKU_TYPE_ONLINE = "online"; - public static final String REQ_BKU_TYPE_HANDY = "handy"; - public static final List<String> REQ_BKU_TYPES = Arrays.asList(REQ_BKU_TYPE_LOCAL, REQ_BKU_TYPE_ONLINE, REQ_BKU_TYPE_HANDY); - - - public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; - public final static String EXT_SAML_MANDATE_OID = "OID"; - public final static String EXT_SAML_MANDATE_RAW = "Mandate"; - public final static String EXT_SAML_MANDATE_NAME = "MandatorName"; - public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth"; - public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk"; - public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; - public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; - public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; - - public static final String PARAM_APPLET_HEIGTH = "heigth"; - public static final String PARAM_APPLET_WIDTH = "width"; - - public static final Map<String, String> COUNTRYCODE_XX_TO_NAME = - Collections.unmodifiableMap(new HashMap<String, String>() { - private static final long serialVersionUID = 1L; - { - put("AT", "Other Countries");//"Workaround for PEPS Simulator" - put("BE", "België/Belgique"); - //put("CH", "Schweiz"); - put("EE", "Eesti"); - put("ES", "España"); - put("FI", "Suomi"); - put("IS", "Ísland"); - put("IT", "Italia"); - put("LI", "Liechtenstein"); - put("LT", "Lithuania"); - put("LU", "Luxemburg"); - put("PT", "Portugal"); - put("SE", "Sverige"); - put("SI", "Slovenija"); - } - }); - - public static final String REGEX_PATTERN_TARGET = "^[A-Za-z]{2}(-.*)?$"; - - public static final String MDC_TRANSACTION_ID = "transactionId"; - public static final String MDC_SESSION_ID = "sessionId"; - - //AuthnRequest IssueInstant validation - public static final int TIME_JITTER = 5; //all 5 minutes time jitter - - public static final String PROCESSCONTEXT_INTERFEDERATION_ENTITYID = "interfederationIDPEntityID"; - public static final String PROCESSCONTEXT_REQUIRELOCALAUTHENTICATION = "requireLocalAuthentication"; - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 022ec9def..d1cf3338a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -1,23 +1,43 @@ - - - +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ package at.gv.egovernment.moa.id.auth; -import iaik.pki.PKIException; -import iaik.security.ecc.provider.ECCProvider; -import iaik.security.provider.IAIK; - import java.io.IOException; import java.security.GeneralSecurityException; +import java.security.Provider; +import java.security.Security; import javax.activation.CommandMap; import javax.activation.MailcapCommandMap; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigLoader; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import org.springframework.web.context.support.GenericWebApplicationContext; + +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector; +import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.logging.LoggingContext; @@ -26,73 +46,34 @@ import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.pki.PKIException; +import iaik.security.ecc.provider.ECCProvider; +import iaik.security.provider.IAIK; /** - * Web application initializer - * - * @author Paul Ivancsics - * @version $Id$ + * @author tlenz + * */ public class MOAIDAuthInitializer { - /** a boolean identifying if the MOAIDAuthInitializer has been startet */ - public static boolean initialized = false; - - /** + /** * Initializes the web application components which need initialization: * logging, JSSE, MOA-ID Auth configuration, Axis, session cleaner. + * @param rootContext */ - public static void initialize() throws ConfigurationException, + public static void initialize(GenericWebApplicationContext rootContext) throws ConfigurationException, PKIException, IOException, GeneralSecurityException { - if (initialized) return; - initialized = true; Logger.setHierarchy("moa.id.auth"); Logger.info("Default java file.encoding: " + System.getProperty("file.encoding")); - - Logger.info("Loading security providers."); - IAIK.addAsProvider(); - - -// Security.insertProviderAt(new IAIK(), 1); -// Security.insertProviderAt(new ECCProvider(), 1); - + //JDK bug workaround according to: // http://jce.iaik.tugraz.at/products/03_cms/faq/index.php#JarVerifier // register content data handlers for S/MIME types MailcapCommandMap mc = new MailcapCommandMap(); CommandMap.setDefaultCommandMap(mc); - // create some properties and get the default Session -// Properties props = new Properties(); -// props.put("mail.smtp.host", "localhost"); -// Session session = Session.getDefaultInstance(props, null); - - // Restricts TLS cipher suites -// System.setProperty( -// "https.cipherSuites", -// "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA"); -// - // actual HIGH cipher suites from OpenSSL -// Mapping OpenSSL - Java -// OpenSSL Java -// http://www.openssl.org/docs/apps/ciphers.html http://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html -// via !openssl ciphers -tls1 HIGH !v! -// -// ADH-AES256-SHA TLS_DH_anon_WITH_AES_256_CBC_SHA -// DHE-RSA-AES256-SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA -// DHE-DSS-AES256-SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA -// AES256-SHA TLS_RSA_WITH_AES_256_CBC_SHA -// ADH-AES128-SHA TLS_DH_anon_WITH_AES_128_CBC_SHA -// DHE-RSA-AES128-SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA -// DHE-DSS-AES128-SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA -// AES128-SHA TLS_RSA_WITH_AES_128_CBC_SHA -// ADH-DES-CBC3-SHA SSL_DH_anon_WITH_3DES_EDE_CBC_SHA -// EDH-RSA-DES-CBC3-SHA - -// EDH-DSS-DES-CBC3-SHA - -// DES-CBC3-SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA - if (MiscUtil.isEmpty(System.getProperty("https.cipherSuites"))) System.setProperty( "https.cipherSuites", @@ -120,7 +101,8 @@ public class MOAIDAuthInitializer { Logger.warn(MOAIDMessageProvider.getInstance().getMessage( "init.01", null), e); } - + + Logger.info("Loading Java security providers."); IAIK.addAsProvider(); ECCProvider.addAsProvider(); @@ -133,12 +115,17 @@ public class MOAIDAuthInitializer { "http://www.w3.org/2001/04/xmldsig-more#"); Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); + //seed the random number generator + Random.seedRandom(); + Logger.debug("Random-number generator is seeded."); + // Initialize configuration provider - AuthConfiguration authConf = AuthConfigurationProviderFactory.reload(); + AuthConfiguration authConf = AuthConfigurationProviderFactory.reload(rootContext); - //test, if MOA-ID is already configured + //test, if MOA-ID is already configured authConf.getPublicURLPrefix(); + // Initialize MOA-SP //MOA-SP is only use by API calls since MOA-ID 3.0.0 try { @@ -149,15 +136,32 @@ public class MOAIDAuthInitializer { new IaikConfigurator().configure(config); } catch (at.gv.egovernment.moa.spss.server.config.ConfigurationException ex) { + Logger.error("MOA-SP initialization FAILED!", ex.getWrapped()); throw new ConfigurationException("config.10", new Object[] { ex .toString() }, ex); } + + //IAIK.addAsProvider(); + //ECCProvider.addAsProvider(); + + Security.insertProviderAt(IAIK.getInstance(), 0); + Security.addProvider(new ECCProvider()); + + if (Logger.isDebugEnabled()) { + Logger.debug("Loaded Security Provider:"); + Provider[] providerList = Security.getProviders(); + for (int i=0; i<providerList.length; i++) + Logger.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion()); + + } + // Starts the session cleaner thread to remove unpicked authentication data - AuthenticationSessionCleaner.start(); - AuthConfigLoader.start(); + AuthenticationSessionCleaner sessioncleaner = rootContext.getBean("AuthenticationSessionCleaner", AuthenticationSessionCleaner.class); + AuthenticationSessionCleaner.start(sessioncleaner); + + MOAGarbageCollector.start(); } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 57a5316e8..908c7e7b6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -22,84 +22,68 @@ */ package at.gv.egovernment.moa.id.auth.builder; -import iaik.x509.X509Certificate; - -import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.lang.reflect.InvocationTargetException; import java.security.PrivateKey; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; import java.util.Date; +import java.util.Iterator; import java.util.List; -import java.util.regex.Matcher; -import java.util.regex.Pattern; import javax.naming.ldap.LdapName; import javax.naming.ldap.Rdn; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Marshaller; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.core.AttributeQuery; -import org.opensaml.saml2.core.AuthnStatement; import org.opensaml.saml2.core.Response; import org.opensaml.ws.soap.common.SOAPException; import org.opensaml.xml.XMLObject; -import org.opensaml.xml.security.SecurityException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import org.w3c.dom.Element; import org.w3c.dom.Node; +import org.w3c.dom.NodeList; -import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; -import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator; -import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType; -import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType; -import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value; -import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType; -import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType.FamilyName; -import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.MISMandate; -import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.data.Pair; +import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.MOASAMLSOAPClient; -import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; @@ -107,39 +91,40 @@ import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.XPathUtils; import at.gv.util.client.szr.SZRClient; import at.gv.util.config.EgovUtilPropertiesConfiguration; -import at.gv.util.ex.EgovUtilException; import at.gv.util.wsdl.szr.SZRException; import at.gv.util.xsd.szr.PersonInfoType; +import iaik.x509.X509Certificate; /** * @author tlenz * */ +@Service("AuthenticationDataBuilder") public class AuthenticationDataBuilder extends MOAIDAuthConstants { - public static IAuthData buildAuthenticationData(IRequest protocolRequest, - AuthenticationSession session, List<Attribute> reqAttributes) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { - - - String oaID = protocolRequest.getOAURL(); - if (oaID == null) { - throw new WrongParametersException("StartAuthentication", - PARAM_OA, "auth.12"); - } - - // check parameter - if (!ParamValidatorUtils.isValidOA(oaID)) - throw new WrongParametersException("StartAuthentication", - PARAM_OA, "auth.12"); + @Autowired private IAuthenticationSessionStoreage authenticatedSessionStorage; + @Autowired protected AuthConfiguration authConfig; + @Autowired private AttributQueryBuilder attributQueryBuilder; + @Autowired private SAMLVerificationEngineSP samlVerificationEngine; + + + public IAuthData buildAuthenticationData(IRequest pendingReq, + AuthenticationSession session) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { + return buildAuthenticationData(pendingReq, session, pendingReq.getOnlineApplicationConfiguration()); + } + + public IAuthData buildAuthenticationData(IRequest pendingReq, + AuthenticationSession session, IOAAuthParameters oaParam) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { AuthenticationData authdata = null; + //only needed for SAML1 legacy support try { //check if SAML1 authentication module is in Classpath Class<?> saml1RequstTemplate = Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl"); IAuthData saml1authdata = (IAuthData) Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData").newInstance(); if (saml1RequstTemplate != null && - saml1RequstTemplate.isInstance(protocolRequest)) { + saml1RequstTemplate.isInstance(pendingReq)) { //request is SAML1 --> invoke SAML1 protocol specific methods if (session.getExtendedSAMLAttributesOA() == null) { saml1authdata.getClass().getMethod("setExtendedSAMLAttributesOA", List.class).invoke(saml1authdata, new ArrayList<ExtendedSAMLAttribute>()); @@ -154,719 +139,700 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { authdata = new AuthenticationData(); } - - + } catch (ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) { authdata = new AuthenticationData(); } - - //reuse some parameters if it is a reauthentication - OASessionStore activeOA = AuthenticationSessionStoreage.searchActiveOASSOSession(session, oaID, protocolRequest.requestedModule()); + + OASessionStore activeOA = authenticatedSessionStorage.searchActiveOASSOSession(session, pendingReq.getOAURL(), pendingReq.requestedModule()); + //reuse authentication information in case of service-provider reauthentication if (activeOA != null) { authdata.setSessionIndex(activeOA.getAssertionSessionID()); authdata.setNameID(activeOA.getUserNameID()); authdata.setNameIDFormat(activeOA.getUserNameIDFormat()); - - //mark AttributeQuery as used - if ( protocolRequest instanceof PVPTargetConfiguration && - ((PVPTargetConfiguration) protocolRequest).getRequest() instanceof MOARequest && - ((PVPTargetConfiguration) protocolRequest).getRequest().getInboundMessage() instanceof AttributeQuery) { - try { - activeOA.setAttributeQueryUsed(true); - MOASessionDBUtils.saveOrUpdate(activeOA); - - } catch (MOADatabaseException e) { - Logger.error("MOASession interfederation information can not stored to database.", e); - - } - } - } - - InterfederationSessionStore interfIDP = AuthenticationSessionStoreage.searchInterfederatedIDPFORAttributeQueryWithSessionID(session); - - IOAAuthParameters oaParam = null; - if (reqAttributes == null) { - //get OnlineApplication from MOA-ID-Auth configuration - oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(oaID); - - //build OA dynamically from STROK request if this OA is used as STORK<->PVP gateway - if (oaParam.isSTORKPVPGateway()) - oaParam = DynamicOAAuthParameterBuilder.buildFromAuthnRequest(oaParam, protocolRequest); - } else { - //build OnlineApplication dynamic from requested attributes - oaParam = DynamicOAAuthParameterBuilder.buildFromAttributeQuery(reqAttributes, interfIDP); - } - if (interfIDP != null ) { - //IDP is a chained interfederated IDP and Authentication is requested - if (oaParam.isInderfederationIDP() && protocolRequest instanceof PVPTargetConfiguration && - !(((PVPTargetConfiguration)protocolRequest).getRequest() instanceof AttributeQuery)) { - //only set minimal response attributes - authdata.setQAALevel(interfIDP.getQAALevel()); - authdata.setBPK(interfIDP.getUserNameID()); - - } else { - //get attributes from interfederated IDP - OAAuthParameter idp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(interfIDP.getIdpurlprefix()); - getAuthDataFromInterfederation(authdata, session, oaParam, protocolRequest, interfIDP, idp, reqAttributes); + //TODO: move to eIDAS-Code in case of ISA1.18 action is enabled for eIDAS + //build OA dynamically from STROK request if this OA is used as STORK<->PVP gateway + if (oaParam.isSTORKPVPGateway()) + oaParam = DynamicOAAuthParameterBuilder.buildFromAuthnRequest(oaParam, pendingReq); - //mark attribute request as used - try { - interfIDP.setAttributesRequested(true); - MOASessionDBUtils.saveOrUpdate(interfIDP); - - } catch (MOADatabaseException e) { - Logger.error("MOASession interfederation information can not stored to database.", e); - - } - } - + Boolean isMinimalFrontChannelResp = pendingReq.getGenericData( + PVPTargetConfiguration.DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP, Boolean.class); + if (isMinimalFrontChannelResp != null && isMinimalFrontChannelResp) { + //only set minimal response attributes + authdata.setQAALevel( + pendingReq.getGenericData(PVPTargetConfiguration.DATAID_INTERFEDERATION_QAALEVEL, String.class)); + authdata.setBPK( + pendingReq.getGenericData(PVPTargetConfiguration.DATAID_INTERFEDERATION_NAMEID, String.class)); + } else { //build AuthenticationData from MOASession - buildAuthDataFormMOASession(authdata, session, oaParam, protocolRequest); - + buildAuthDataFormMOASession(authdata, session, oaParam, pendingReq); + } return authdata; } /** - * @param req - * @param session - * @param reqAttributes - * @return - * @throws WrongParametersException - * @throws ConfigurationException - * @throws BuildException - * @throws DynamicOABuildException - */ - public static IAuthData buildAuthenticationData(IRequest req, - AuthenticationSession session) throws WrongParametersException, ConfigurationException, BuildException, DynamicOABuildException { - return buildAuthenticationData(req, session, null); - } - - /** - * @param authdata - * @param session - * @param oaParam - * @param protocolRequest - * @param interfIDP - * @param idp - * @param reqQueryAttr - * @throws ConfigurationException + * Get PVP authentication attributes by using a SAML2 AttributeQuery + * + * @param reqQueryAttr List of PVP attributes which are requested + * @param userNameID SAML2 UserNameID of the user for which attributes are requested + * @param idpConfig Configuration of the IDP, which is requested + * @return + * @return PVP attribute DAO, which contains all received information + * @throws MOAIDException */ - private static void getAuthDataFromInterfederation( - AuthenticationData authdata, AuthenticationSession session, - IOAAuthParameters oaParam, IRequest req, - InterfederationSessionStore interfIDP, OAAuthParameter idp, List<Attribute> reqQueryAttr) throws BuildException, ConfigurationException{ + public AssertionAttributeExtractor getAuthDataFromAttributeQuery(List<Attribute> reqQueryAttr, + String userNameID, IOAAuthParameters idpConfig ) throws MOAIDException{ + String idpEnityID = idpConfig.getPublicURLPrefix(); try { - List<Attribute> attributs = null; - - //IDP is a chained interfederated IDP and request is of type AttributQuery - if (oaParam.isInderfederationIDP() && req instanceof PVPTargetConfiguration && - (((PVPTargetConfiguration)req).getRequest() instanceof AttributeQuery) && - reqQueryAttr != null) { - attributs = reqQueryAttr; - - //IDP is a service provider IDP and request interfederated IDP to collect attributes - } else { - //get PVP 2.1 attributes from protocol specific requested attributes - attributs = req.getRequestedAttributes(); + Logger.debug("Starting AttributeQuery process ..."); + //collect attributes by using BackChannel communication + String endpoint = idpConfig.getIDPAttributQueryServiceURL(); + if (MiscUtil.isEmpty(endpoint)) { + Logger.error("No AttributeQueryURL for interfederationIDP " + idpEnityID); + throw new ConfigurationException("config.26", new Object[]{idpEnityID}); } - - Response intfResp = (Response) req.getInterfederationResponse().getResponse(); - AssertionAttributeExtractor extractor = - new AssertionAttributeExtractor(intfResp); - - if (!extractor.containsAllRequiredAttributes()) { - Logger.info("Received assertion does no contain a minimum set of attributes. Starting AttributeQuery process ..."); - //collect attributes by using BackChannel communication - String endpoint = idp.getIDPAttributQueryServiceURL(); - if (MiscUtil.isEmpty(endpoint)) { - Logger.error("No AttributeQueryURL for interfederationIDP " + idp.getPublicURLPrefix()); - throw new ConfigurationException("No AttributeQueryURL for interfederationIDP " + idp.getPublicURLPrefix(), null); - } - //build attributQuery request - AttributeQuery query = - AttributQueryBuilder.buildAttributQueryRequest(interfIDP.getUserNameID(), endpoint, attributs); + //build attributQuery request + AttributeQuery query = attributQueryBuilder.buildAttributQueryRequest(userNameID, endpoint, reqQueryAttr); - //build SOAP request - List<XMLObject> xmlObjects = MOASAMLSOAPClient.send(endpoint, query); + //build SOAP request + List<XMLObject> xmlObjects = MOASAMLSOAPClient.send(endpoint, query); + + if (xmlObjects.size() == 0) { + Logger.error("Receive emptry AttributeQuery response-body."); + throw new AttributQueryException("auth.27", + new Object[]{idpEnityID, "Receive emptry AttributeQuery response-body."}); - if (xmlObjects.size() == 0) { - Logger.error("Receive emptry AttributeQuery response-body."); - throw new AttributQueryException("Receive emptry AttributeQuery response-body.", null); - - } + } + + Response intfResp; + if (xmlObjects.get(0) instanceof Response) { + intfResp = (Response) xmlObjects.get(0); - if (xmlObjects.get(0) instanceof Response) { - intfResp = (Response) xmlObjects.get(0); - - //validate PVP 2.1 response - try { - SAMLVerificationEngine engine = new SAMLVerificationEngine(); - engine.verifyIDPResponse(intfResp, TrustEngineFactory.getSignatureKnownKeysTrustEngine()); - - SAMLVerificationEngine.validateAssertion(intfResp, false); - - } catch (Exception e) { - Logger.warn("PVP 2.1 assertion validation FAILED.", e); - throw new AssertionValidationExeption("PVP 2.1 assertion validation FAILED.", null, e); - } - - } else { - Logger.error("Receive AttributeQuery response-body include no PVP 2.1 response"); - throw new AttributQueryException("Receive AttributeQuery response-body include no PVP 2.1 response.", null); - + //validate PVP 2.1 response + try { + samlVerificationEngine.verifyIDPResponse(intfResp, + TrustEngineFactory.getSignatureKnownKeysTrustEngine( + MOAMetadataProvider.getInstance())); + + //create assertion attribute extractor from AttributeQuery response + return new AssertionAttributeExtractor(intfResp); + + } catch (Exception e) { + Logger.warn("PVP 2.1 assertion validation FAILED.", e); + throw new AssertionValidationExeption("auth.27", + new Object[]{idpEnityID, e.getMessage()}, e); } - - //create assertion attribute extractor from AttributeQuery response - extractor = new AssertionAttributeExtractor(intfResp); - + } else { - Logger.info("Interfedation response include all attributes with are required. Skip AttributQuery request step. "); - - } - //parse response information to authData - buildAuthDataFormInterfederationResponse(authdata, session, extractor, oaParam, req); + Logger.error("Receive AttributeQuery response-body include no PVP 2.1 response"); + throw new AttributQueryException("auth.27", + new Object[]{idpEnityID, "Receive AttributeQuery response-body include no PVP 2.1 response"}); + } + } catch (SOAPException e) { throw new BuildException("builder.06", null, e); } catch (SecurityException e) { throw new BuildException("builder.06", null, e); - - } catch (AttributQueryException e) { - throw new BuildException("builder.06", null, e); - - } catch (BuildException e) { - throw new BuildException("builder.06", null, e); - - } catch (AssertionValidationExeption e) { - throw new BuildException("builder.06", null, e); - - } catch (AssertionAttributeExtractorExeption e) { - throw new BuildException("builder.06", null, e); + + } catch (org.opensaml.xml.security.SecurityException e1) { + throw new BuildException("builder.06", null, e1); } } - - private static void buildAuthDataFormInterfederationResponse( - AuthenticationData authData, - AuthenticationSession session, - AssertionAttributeExtractor extractor, - IOAAuthParameters oaParam, - IRequest req) - throws BuildException, AssertionAttributeExtractorExeption { - Logger.debug("Build AuthData from assertion starts ...."); - - authData.setIsBusinessService(oaParam.getBusinessService()); + private void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session, + IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException { + + Collection<String> includedToGenericAuthData = null; + if (session.getGenericSessionDataStorage() != null && + !session.getGenericSessionDataStorage().isEmpty()) + includedToGenericAuthData = session.getGenericSessionDataStorage().keySet(); + else + includedToGenericAuthData = new ArrayList<String>(); - authData.setFamilyName(extractor.getSingleAttributeValue(PVPConstants.PRINCIPAL_NAME_NAME)); - authData.setGivenName(extractor.getSingleAttributeValue(PVPConstants.GIVEN_NAME_NAME)); - authData.setDateOfBirth(extractor.getSingleAttributeValue(PVPConstants.BIRTHDATE_NAME)); - authData.setCcc(extractor.getSingleAttributeValue(PVPConstants.EID_ISSUING_NATION_NAME)); - authData.setBkuURL(extractor.getSingleAttributeValue(PVPConstants.EID_CCS_URL_NAME)); - authData.setIdentificationValue(extractor.getSingleAttributeValue(PVPConstants.EID_SOURCE_PIN_NAME)); - authData.setIdentificationType(extractor.getSingleAttributeValue(PVPConstants.EID_SOURCE_PIN_TYPE_NAME)); + try { + //#################################################### + //set general authData info's + authData.setIssuer(protocolRequest.getAuthURL()); + authData.setSsoSession(protocolRequest.needSingleSignOnFunctionality()); + authData.setIsBusinessService(oaParam.getBusinessService()); - if (extractor.containsAttribute(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME)) { - String bpkType = extractor.getSingleAttributeValue(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME); - if (bpkType.startsWith(Constants.URN_PREFIX_CDID) && - !bpkType.substring(Constants.URN_PREFIX_CDID.length(), - Constants.URN_PREFIX_CDID.length() + 1).equals("+")) { - Logger.warn("Receive uncorrect encoded bBKType attribute " + bpkType + " Starting attribute value correction ... "); - bpkType = Constants.URN_PREFIX_CDID + "+" + bpkType.substring(Constants.URN_PREFIX_CDID.length() + 1); - - } - - authData.setBPKType(bpkType); - } - - if (extractor.containsAttribute(PVPConstants.BPK_NAME)) { - String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME); + //#################################################### + //parse user info's from identityLink + IdentityLink idlFromPVPAttr = null; + IdentityLink identityLink = session.getIdentityLink(); + if (identityLink != null) { + parseBasicUserInfosFromIDL(authData, identityLink, includedToGenericAuthData); - if (pvpbPK.startsWith("bPK:")) { - Logger.warn("Attribute " + PVPConstants.BPK_NAME - + " contains a not standardize prefix! Staring attribute value correction process ..."); - pvpbPK = pvpbPK.substring("bPK:".length()); + } else { + // identityLink is not direct in MOASession + String pvpAttrIDL = session.getGenericDataFromSession(PVPConstants.EID_IDENTITY_LINK_NAME, String.class); + //find PVP-Attr. which contains the IdentityLink + if (MiscUtil.isNotEmpty(pvpAttrIDL)) { + Logger.debug("Find PVP-Attr: " + PVPConstants.EID_IDENTITY_LINK_FRIENDLY_NAME + + " --> Parse basic user info's from that attribute."); + InputStream idlStream = null; + try { + idlStream = Base64Utils.decodeToStream(pvpAttrIDL, false); + idlFromPVPAttr = new IdentityLinkAssertionParser(idlStream).parseIdentityLink(); + parseBasicUserInfosFromIDL(authData, idlFromPVPAttr, includedToGenericAuthData); + + } catch (ParseException e) { + Logger.error("Received IdentityLink is not valid", e); + + } catch (Exception e) { + Logger.error("Received IdentityLink is not valid", e); + + } finally { + try { + includedToGenericAuthData.remove(PVPConstants.EID_IDENTITY_LINK_NAME); + if (idlStream != null) + idlStream.close(); + + } catch (IOException e) { + Logger.fatal("Close InputStream FAILED.", e); + + } + + } + + } + //if no basic user info's are set yet, parse info's single PVP-Attributes + if (MiscUtil.isEmpty(authData.getFamilyName())) { + Logger.debug("No IdentityLink found or not parseable --> Parse basic user info's from single PVP-Attributes."); + authData.setFamilyName(session.getGenericDataFromSession(PVPConstants.PRINCIPAL_NAME_NAME, String.class)); + authData.setGivenName(session.getGenericDataFromSession(PVPConstants.GIVEN_NAME_NAME, String.class)); + authData.setDateOfBirth(session.getGenericDataFromSession(PVPConstants.BIRTHDATE_NAME, String.class)); + authData.setIdentificationValue(session.getGenericDataFromSession(PVPConstants.EID_SOURCE_PIN_NAME, String.class)); + authData.setIdentificationType(session.getGenericDataFromSession(PVPConstants.EID_SOURCE_PIN_TYPE_NAME, String.class)); + + //remove corresponding keys from genericSessionData if exists + includedToGenericAuthData.remove(PVPConstants.PRINCIPAL_NAME_NAME); + includedToGenericAuthData.remove(PVPConstants.GIVEN_NAME_NAME); + includedToGenericAuthData.remove(PVPConstants.BIRTHDATE_NAME); + includedToGenericAuthData.remove(PVPConstants.EID_SOURCE_PIN_NAME); + includedToGenericAuthData.remove(PVPConstants.EID_SOURCE_PIN_TYPE_NAME); + } + } - String[] spitted = pvpbPK.split(":"); - authData.setBPK(spitted[1]); - if (MiscUtil.isEmpty(authData.getBPKType())) { - Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " + - "Starting target extraction from bPK/wbPK prefix ..."); - //exract bPK/wbPK type from bpk attribute value prefix if type is - //not transmitted as single attribute - Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?"); - Matcher matcher = pattern.matcher(spitted[0]); - if (matcher.matches()) { - //find public service bPK - authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]); - Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType()); - - } else { - //find business service wbPK - authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]); - Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType()); - - } - } - } - - boolean foundEncryptedbPKForOA = false; - if (extractor.containsAttribute(PVPConstants.ENC_BPK_LIST_NAME)) { - List<String> encbPKList = Arrays.asList( - extractor.getSingleAttributeValue(PVPConstants.ENC_BPK_LIST_NAME).split(";")); - authData.setEncbPKList(encbPKList); - for (String fullEncbPK : encbPKList) { - int index = fullEncbPK.indexOf("|"); - if (index >= 0) { - String encbPK = fullEncbPK.substring(index+1); - String second = fullEncbPK.substring(0, index); - int secIndex = second.indexOf("+"); - if (secIndex >= 0) { - if (oaParam.getTarget().equals(second.substring(secIndex+1))) { - Logger.debug("Found encrypted bPK for online-application " - + oaParam.getPublicURLPrefix() - + " Start decryption process ..."); - PrivateKey privKey = oaParam.getBPKDecBpkDecryptionKey(); - foundEncryptedbPKForOA = true; - if (privKey != null) { - try { - String bPK = BPKBuilder.decryptBPK(encbPK, oaParam.getTarget(), privKey); - if (MiscUtil.isNotEmpty(bPK)) { - if (MiscUtil.isEmpty(authData.getBPK())) { - authData.setBPK(bPK); - authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget()); - Logger.info("bPK decryption process finished successfully."); - } - - } else { - Logger.error("bPK decryption FAILED."); - - } - } catch (BuildException e) { - Logger.error("bPK decryption FAILED.", e); - - } - - } else { - Logger.info("bPK decryption FAILED, because no valid decryption key is found."); + if (authData.getIdentificationType() != null && + !authData.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { + Logger.trace("IdentificationType is not a baseID --> clear it. "); + authData.setBPK(authData.getIdentificationValue()); + authData.setBPKType(authData.getIdentificationType()); + + authData.setIdentificationValue(null); + authData.setIdentificationType(null); - } - - } else { - Logger.info("Found encrypted bPK but " + - "encrypted bPK target does not match to online-application target"); - - } - } - } - } - } - - if (MiscUtil.isEmpty(authData.getIdentificationValue()) && - MiscUtil.isEmpty(authData.getBPK()) && - !foundEncryptedbPKForOA) { - Logger.info("Federated assertion include no bPK, encrypted bPK or baseID"); - throw new AssertionAttributeExtractorExeption("No " + PVPConstants.BPK_FRIENDLY_NAME - + " or " + PVPConstants.EID_SOURCE_PIN_NAME - + " or " + PVPConstants.ENC_BPK_LIST_NAME); + } - } - - //check if received bPK matchs to online application configuration - //and no encrypted bPK is found for this oa - if (!matchsReceivedbPKToOnlineApplication(oaParam, authData) - && !foundEncryptedbPKForOA) { - Logger.info("Received bPK/wbPK does not match to online application"); - if (MiscUtil.isEmpty(authData.getIdentificationValue())) { - Logger.info("No baseID found. Connect SZR to reveive baseID ..."); - try { - EgovUtilPropertiesConfiguration eGovClientsConfig = AuthConfigurationProviderFactory.getInstance().geteGovUtilsConfig(); - if (eGovClientsConfig != null) { - SZRClient szrclient = new SZRClient(eGovClientsConfig); + //#################################################### + //set BKU URL + includedToGenericAuthData.remove(PVPConstants.EID_CCS_URL_NAME); + if (MiscUtil.isNotEmpty(session.getBkuURL())) + authData.setBkuURL(session.getBkuURL()); + else + authData.setBkuURL(session.getGenericDataFromSession(PVPConstants.EID_CCS_URL_NAME, String.class)); - Logger.debug("Create SZR request to get baseID ... "); - PersonInfoType personInfo = new PersonInfoType(); - at.gv.util.xsd.szr.persondata.PhysicalPersonType person = new at.gv.util.xsd.szr.persondata.PhysicalPersonType(); - personInfo.setPerson(person); - at.gv.util.xsd.szr.persondata.PersonNameType name = new at.gv.util.xsd.szr.persondata.PersonNameType(); - person.setName(name); - at.gv.util.xsd.szr.persondata.IdentificationType idValue = new at.gv.util.xsd.szr.persondata.IdentificationType(); - person.setIdentification(idValue); - - //set bPK or wbPK - idValue.setValue(authData.getBPK()); - idValue.setType(authData.getBPKType()); + + //#################################################### + //set QAA level + includedToGenericAuthData.remove(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME); + if (MiscUtil.isNotEmpty(session.getQAALevel())) + authData.setQAALevel(session.getQAALevel()); + + else { + String qaaLevel = session.getGenericDataFromSession(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME, String.class); + if (MiscUtil.isNotEmpty(qaaLevel)) { + Logger.debug("Find PVP-Attr: " + PVPConstants.EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME + + " --> Parse QAA-Level from that attribute."); - //set person information - name.setGivenName(authData.getGivenName()); - name.setFamilyName(authData.getFamilyName()); - if (authData.getDateOfBirth() != null) - person.setDateOfBirth(authData.getFormatedDateOfBirth()); + if (qaaLevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) { + authData.setQAALevel(qaaLevel); - //request szr and store baseID - authData.setIdentificationValue(szrclient.getStammzahl(personInfo)); - authData.setIdentificationType(Constants.URN_PREFIX_BASEID); - } else { - Logger.warn("No SZR clieht configuration found. Interfederation SSO login not possible."); - throw new AssertionAttributeExtractorExeption("No " + PVPConstants.BPK_FRIENDLY_NAME - + " or " + PVPConstants.EID_SOURCE_PIN_NAME); - + Logger.debug("Found PVP QAA level. QAA mapping process starts ... "); + String mappedQAA = PVPtoSTORKMapper.getInstance().mapToQAALevel(qaaLevel); + if (MiscUtil.isNotEmpty(mappedQAA)) + authData.setQAALevel(mappedQAA); + } - - } catch (ConfigurationException e) { - Logger.warn("SZR connection FAILED. Interfederation SSO login not possible.", e); - throw new AssertionAttributeExtractorExeption("No " + PVPConstants.BPK_FRIENDLY_NAME - + " or " + PVPConstants.EID_SOURCE_PIN_NAME); - - } catch (EgovUtilException e) { - Logger.warn("SZR connection FAILED. Interfederation SSO login not possible.", e); - throw new AssertionAttributeExtractorExeption("No " + PVPConstants.BPK_FRIENDLY_NAME - + " or " + PVPConstants.EID_SOURCE_PIN_NAME); - - } catch (SZRException e) { - Logger.warn("SZR connection FAILED. Interfederation SSO login not possible.", e); - throw new AssertionAttributeExtractorExeption("No " + PVPConstants.BPK_FRIENDLY_NAME - + " or " + PVPConstants.EID_SOURCE_PIN_NAME); - } } - //build OA specific bPK/wbPK information - buildOAspecificbPK(req, oaParam, authData, - authData.getIdentificationValue(), - authData.getIdentificationType()); + //if no QAA level is set in MOASession then set default QAA level + if (MiscUtil.isEmpty(authData.getQAALevel())) { + Logger.info("No QAA level found. Set to default level " + PVPConstants.STORK_QAA_PREFIX + "1"); + authData.setQAALevel(PVPConstants.STORK_QAA_PREFIX + "1"); + + } + - } - - if (MiscUtil.isEmpty(authData.getBPK())) { - Logger.debug("Calcutlate bPK from baseID"); - buildOAspecificbPK(req, oaParam, authData, - authData.getIdentificationValue(), - authData.getIdentificationType()); + //#################################################### + //set signer certificate + includedToGenericAuthData.remove(PVPConstants.EID_SIGNER_CERTIFICATE_NAME); + if (session.getEncodedSignerCertificate() != null) + authData.setSignerCertificate(session.getEncodedSignerCertificate()); - } - - - try { - String qaaLevel = extractor.getQAALevel(); - if (MiscUtil.isNotEmpty(qaaLevel) && - qaaLevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) { - authData.setQAALevel(qaaLevel); + else { + String pvpAttrSignerCert = session.getGenericDataFromSession(PVPConstants.EID_SIGNER_CERTIFICATE_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpAttrSignerCert)) { + Logger.debug("Find PVP-Attr: " + PVPConstants.EID_SIGNER_CERTIFICATE_FRIENDLY_NAME); + try { + authData.setSignerCertificate(Base64Utils.decode(pvpAttrSignerCert, false)); + + } catch (IOException e) { + Logger.error("SignerCertificate received via federated IDP is NOT valid", e); + + } + } else + Logger.info("NO SignerCertificate in MOASession."); + + } + + + //#################################################### + //set authBlock + includedToGenericAuthData.remove(PVPConstants.EID_AUTH_BLOCK_NAME); + if (MiscUtil.isNotEmpty(session.getAuthBlock())) { + authData.setAuthBlock(session.getAuthBlock()); } else { - Logger.debug("Found PVP QAA level. QAA mapping process starts ... "); - String mappedQAA = PVPtoSTORKMapper.getInstance().mapToQAALevel(qaaLevel); - if (MiscUtil.isNotEmpty(mappedQAA)) - authData.setQAALevel(mappedQAA); + String pvpAttrAuthBlock = session.getGenericDataFromSession(PVPConstants.EID_AUTH_BLOCK_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpAttrAuthBlock)) { + Logger.debug("Find PVP-Attr: " + PVPConstants.EID_AUTH_BLOCK_FRIENDLY_NAME); + try { + byte[] authBlock = Base64Utils.decode(pvpAttrAuthBlock, false); + authData.setAuthBlock(new String(authBlock, "UTF-8")); + + } catch (IOException e) { + Logger.error("AuthBlock received via federated IDP is NOT valid", e); + + } + + } else + Logger.info("NO AuthBlock in MOASession."); + + } + + + //#################################################### + //set isForeigner flag + //TODO: change to new eIDAS-token attribute identifier + if (session.getGenericDataFromSession(PVPConstants.EID_STORK_TOKEN_NAME) != null) { + Logger.debug("Find PVP-Attr: " + PVPConstants.EID_STORK_TOKEN_FRIENDLY_NAME + + " --> Set 'isForeigner' flag to TRUE"); + authData.setForeigner(true); - else - throw new AssertionAttributeExtractorExeption("PVP SecClass not mappable"); + } else { + authData.setForeigner(session.isForeigner()); } - - } catch (AssertionAttributeExtractorExeption e) { - Logger.warn("No QAA level found in <RequestedAuthnContext> element of interfederated assertion. " + - "(ErrorHeader=" + e.getMessage() + ")"); - if (extractor.containsAttribute(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME)) { - authData.setQAALevel(PVPConstants.STORK_QAA_PREFIX + - extractor.getSingleAttributeValue(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME)); - } else { - Logger.info("No QAA level found. Set to default level " + - PVPConstants.STORK_QAA_PREFIX + "1"); - authData.setQAALevel(PVPConstants.STORK_QAA_PREFIX + "1"); + + //#################################################### + //set citizen country-code + includedToGenericAuthData.remove(PVPConstants.EID_ISSUING_NATION_NAME); + String pvpCCCAttr = session.getGenericDataFromSession(PVPConstants.EID_ISSUING_NATION_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpCCCAttr)) { + authData.setCcc(pvpCCCAttr); + Logger.debug("Find PVP-Attr: " + PVPConstants.EID_ISSUING_NATION_FRIENDLY_NAME); + } else { + if (authData.isForeigner()) { + try { + if (authData.getSignerCertificate() != null) { + //TODO: replace with TSL lookup when TSL is ready! + X509Certificate certificate = new X509Certificate(authData.getSignerCertificate()); + if (certificate != null) { + LdapName ln = new LdapName(certificate.getIssuerDN() + .getName()); + for (Rdn rdn : ln.getRdns()) { + if (rdn.getType().equalsIgnoreCase("C")) { + Logger.info("C is: " + rdn.getValue()); + authData.setCcc(rdn.getValue().toString()); + break; + } + } + } + + } else + Logger.warn("NO PVP-Attr: " + PVPConstants.EID_ISSUING_NATION_NAME + + " and NO SignerCertificate in MOASession -->" + + " Can NOT extract citizen-country of foreign person."); + + + } catch (Exception e) { + Logger.error("Failed to extract country code from certificate with message: " + e.getMessage()); + + } + + } else { + authData.setCcc(COUNTRYCODE_AUSTRIA); + + } } - - } - - if (extractor.containsAttribute(PVPConstants.EID_AUTH_BLOCK_NAME)) { - try { - byte[] authBlock = Base64Utils.decode(extractor.getSingleAttributeValue(PVPConstants.EID_AUTH_BLOCK_NAME), false); - authData.setAuthBlock(new String(authBlock, "UTF-8")); - } catch (IOException e) { - Logger.error("Received AuthBlock is not valid", e); + + //#################################################### + //set max. SSO session time + includedToGenericAuthData.remove(AuthenticationSessionStorageConstants.FEDERATION_RESPONSE_VALIDE_TO); + Date validToFromFederatedIDP = session.getGenericDataFromSession( + AuthenticationSessionStorageConstants.FEDERATION_RESPONSE_VALIDE_TO, Date.class); + if (validToFromFederatedIDP != null) { + authData.setSsoSessionValidTo(validToFromFederatedIDP); + Logger.debug("Use idToken validTo periode from federated IDP response."); + + } else { + if (authData.isSsoSession()) { + long maxSSOSessionTime = authConfig.getSSOCreatedTimeOut() * 1000; + Date ssoSessionValidTo = new Date(session.getSessionCreated().getTime() + maxSSOSessionTime); + authData.setSsoSessionValidTo(ssoSessionValidTo); + + } else { + //set valid to 5 min + Date ssoSessionValidTo = new Date(new Date().getTime() + 5 * 60 * 1000); + authData.setSsoSessionValidTo(ssoSessionValidTo); + } } - } - - if (extractor.containsAttribute(PVPConstants.EID_SIGNER_CERTIFICATE_NAME)) { - try { - authData.setSignerCertificate(Base64Utils.decode( - extractor.getSingleAttributeValue(PVPConstants.EID_SIGNER_CERTIFICATE_NAME), false)); + + //mandate functionality + MISMandate misMandate = null; + if (session.isMandateUsed()) { + //#################################################### + //set Mandate reference value + includedToGenericAuthData.remove(PVPConstants.MANDATE_REFERENCE_VALUE_NAME); + if (MiscUtil.isNotEmpty(session.getMandateReferenceValue())) + authData.setMandateReferenceValue(session.getMandateReferenceValue()); - } catch (IOException e) { - Logger.error("Received SignerCertificate is not valid", e); + else { + String pvpMandateRefAttr = session.getGenericDataFromSession(PVPConstants.MANDATE_REFERENCE_VALUE_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpMandateRefAttr)) { + authData.setMandateReferenceValue(pvpMandateRefAttr); + Logger.debug("Find PVP-Attr: " + PVPConstants.MANDATE_REFERENCE_VALUE_FRIENDLY_NAME); + } + } - } - } - if (extractor.containsAttribute(PVPConstants.EID_IDENTITY_LINK_NAME)) { - try { - InputStream idlStream = Base64Utils.decodeToStream(extractor.getSingleAttributeValue(PVPConstants.EID_IDENTITY_LINK_NAME), false); - IdentityLink idl = new IdentityLinkAssertionParser(idlStream).parseIdentityLink(); - idlStream.close(); - buildOAspecificIdentityLink(oaParam, authData, idl); - - } catch (ParseException e) { - Logger.error("Received IdentityLink is not valid", e); + /* TODO: Support SSO Mandate MODE! + * Insert functionality to translate mandates in case of SSO + */ - } catch (Exception e) { - Logger.error("Received IdentityLink is not valid", e); + //#################################################### + //set Full-mandate + misMandate = session.getMISMandate(); + if (misMandate != null ) { + //set MIS mandate to authdata + authData.setMISMandate(misMandate); + authData.setUseMandate(session.isMandateUsed()); + + } else { + String pvpFullMandateAttr = session.getGenericDataFromSession( + PVPConstants.MANDATE_FULL_MANDATE_NAME, String.class); + //check if full-mandate is available as PVP attribute + if (MiscUtil.isNotEmpty(pvpFullMandateAttr)) { + Logger.debug("Find PVP-Attr: " + PVPConstants.MANDATE_FULL_MANDATE_FRIENDLY_NAME); + try { + byte[] mandate = Base64Utils.decode(pvpFullMandateAttr, false); + misMandate = new MISMandate(); + misMandate.setMandate(mandate); + + //read Organwalter OID + String pvpRepOIDAttr = session.getGenericDataFromSession(PVPConstants.MANDATE_PROF_REP_OID_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpRepOIDAttr)) { + misMandate.setProfRep(pvpRepOIDAttr); + Logger.debug("Find PVP-Attr: " + PVPConstants.MANDATE_PROF_REP_OID_NAME); + + } + + //read Organwalter bPK from full-mandate + NodeList mandateElements = misMandate.getMandateDOM().getChildNodes(); + for (int i=0; i<mandateElements.getLength(); i++) { + Element mandateEl = (Element) mandateElements.item(i); + if (mandateEl.hasAttribute("OWbPK")) { + misMandate.setOWbPK(mandateEl.getAttribute("OWbPK")); + session.setOW(true); + + } + } + + authData.setMISMandate(misMandate); + authData.setUseMandate(true); + + } catch (IOException e) { + Logger.error("Base64 decoding of PVP-Attr:"+ PVPConstants.MANDATE_FULL_MANDATE_FRIENDLY_NAME + + " FAILED.", e); + + } + + } else { + Logger.debug("No full MIS-Mandate found --> Use single PVP attributes for mandate information."); + //check if ELGA mandates exists + String mandateType = session.getGenericDataFromSession(PVPConstants.MANDATE_TYPE_NAME, String.class); + if (MiscUtil.isNotEmpty(mandateType)) { + //switch to mandate-mode for authdata generation, because mandate-information + // is directly included in MOA-Session as PVP attributes + Logger.info("AuthDataBuilder find directly included 'MandateType' PVP-attribute." + + " --> Switch to mandate-mode for authdata generation."); + authData.setUseMandate(true); + + } + } + } + //remove PVP attributes with mandate information, because full-mandate exists + if (authData.getMISMandate() != null) { + includedToGenericAuthData.remove(PVPConstants.MANDATE_FULL_MANDATE_NAME); + + includedToGenericAuthData.remove(PVPConstants.MANDATE_TYPE_NAME); + + includedToGenericAuthData.remove(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME); + includedToGenericAuthData.remove(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME); + includedToGenericAuthData.remove(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME); + + includedToGenericAuthData.remove(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME); + includedToGenericAuthData.remove(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME); + includedToGenericAuthData.remove(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME); + includedToGenericAuthData.remove(PVPConstants.MANDATE_NAT_PER_BPK_NAME); + includedToGenericAuthData.remove(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME); + includedToGenericAuthData.remove(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_TYPE_NAME); + + includedToGenericAuthData.remove(PVPConstants.MANDATE_PROF_REP_DESC_NAME); + includedToGenericAuthData.remove(PVPConstants.MANDATE_PROF_REP_OID_NAME); + } } - } - // set mandate attributes - authData.setMandateReferenceValue(extractor.getSingleAttributeValue(PVPConstants.MANDATE_REFERENCE_VALUE_NAME)); - - if (extractor.containsAttribute(PVPConstants.MANDATE_FULL_MANDATE_NAME)) { - try { - byte[] mandate = Base64Utils.decode( - (extractor.getSingleAttributeValue(PVPConstants.MANDATE_FULL_MANDATE_NAME)), false); + + + + //#################################################### + // set bPK and IdentityLink for Organwalter --> + // Organwalter has a special bPK is received from MIS + if (authData.isUseMandate() && session.isOW() && misMandate != null + && MiscUtil.isNotEmpty(misMandate.getOWbPK())) { + //TODO: if full-mandate is removed in OPB --> OWbPK functionality needs an update!!! + authData.setBPK(misMandate.getOWbPK()); + authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW"); + Logger.trace("Authenticated User is OW: " + misMandate.getOWbPK()); - if (authData.getMISMandate() == null) - authData.setMISMandate(new MISMandate()); - authData.getMISMandate().setMandate(mandate); - authData.getMISMandate().setFullMandateIncluded(true); - authData.setUseMandate(true); - - } catch (Exception e) { - Logger.error("Received Mandate is not valid", e); - throw new AssertionAttributeExtractorExeption(PVPConstants.MANDATE_FULL_MANDATE_NAME); - } - } - - //TODO: build short mandate if full mandate is no included. - if (authData.getMISMandate() == null && - (extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME) - || extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_BPK_NAME) - || extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME)) ) { - Logger.info("Federated assertion contains no full mandate. Start short mandate generation process ... "); - - MISMandate misMandate = new MISMandate(); - misMandate.setFullMandateIncluded(false); - - Mandate mandateObject = new Mandate(); - Mandator mandator = new Mandator(); - mandateObject.setMandator(mandator); + //TODO: check in case of mandates for business services + if (identityLink != null) + authData.setIdentityLink(identityLink); - //build legal person short mandate - if (extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME) && - extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME) && - extractor.containsAttribute(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME)) { - Logger.debug("Build short mandate for legal person ..."); - CorporateBodyType legalperson = new CorporateBodyType(); - IdentificationType legalID = new IdentificationType(); - Value idvalue = new Value(); - legalID.setValue(idvalue ); - legalperson.getIdentification().add(legalID ); - mandator.setCorporateBody(legalperson ); - - legalperson.setFullName(extractor.getSingleAttributeValue(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME)); - legalID.setType(extractor.getSingleAttributeValue(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME)); - idvalue.setValue(extractor.getSingleAttributeValue(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME)); - - //build natural person short mandate - } else if ( (extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME) || - extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_BPK_NAME)) && - extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME) && - extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME) && - extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME)) { - Logger.debug("Build short mandate for natural person ..."); - PhysicalPersonType physPerson = new PhysicalPersonType(); - PersonNameType persName = new PersonNameType(); - mandator.setPhysicalPerson(physPerson ); - physPerson.setName(persName ); - FamilyName familyName = new FamilyName(); - persName.getFamilyName().add(familyName ); - IdentificationType persID = new IdentificationType(); - physPerson.getIdentification().add(persID ); - Value idValue = new Value(); - persID.setValue(idValue ); - - String[] pvp2GivenName = extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME).split(" "); - for(int i=0; i<pvp2GivenName.length; i++) - persName.getGivenName().add(pvp2GivenName[i]); - familyName.setValue(extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME)); - physPerson.setDateOfBirth(extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME)); + else if (idlFromPVPAttr != null){ + authData.setIdentityLink(idlFromPVPAttr); + Logger.debug("Set IdentityLink received from federated IDP for Organwalter"); + + } else + Logger.info("Can NOT set Organwalter IdentityLink. Msg: No IdentityLink found"); + - if (extractor.containsAttribute(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME)) { - persID.setType(Constants.URN_PREFIX_BASEID); - idValue.setValue(extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME)); + //set bPK and IdenityLink for all other + } else { + //build bPK + String pvpbPKValue = getbPKValueFromPVPAttribute(session); + String pvpbPKTypeAttr = getbPKTypeFromPVPAttribute(session); + Pair<String, String> pvpEncbPKAttr = getEncryptedbPKFromPVPAttribute(session, authData, oaParam); + + //check if a unique ID for this citizen exists + if (MiscUtil.isEmpty(authData.getIdentificationValue()) && + MiscUtil.isEmpty(pvpbPKValue) && MiscUtil.isEmpty(authData.getBPK()) && + pvpEncbPKAttr == null) { + Logger.info("Can not build authData, because moaSession include no bPK, encrypted bPK or baseID"); + throw new MOAIDException("builder.08", new Object[]{"No " + PVPConstants.BPK_FRIENDLY_NAME + + " or " + PVPConstants.EID_SOURCE_PIN_FRIENDLY_NAME + + " or " + PVPConstants.ENC_BPK_LIST_FRIENDLY_NAME}); + + } + + // baseID is in MOASesson --> calculate bPK directly + if (MiscUtil.isNotEmpty(authData.getIdentificationValue())) { + Logger.debug("Citizen baseID is in MOASession --> calculate bPK from this."); + Pair<String, String> result = buildOAspecificbPK(protocolRequest, oaParam, authData); + authData.setBPK(result.getFirst()); + authData.setBPKType(result.getSecond()); + + //check if bPK already added to AuthData matches OA + } else if (MiscUtil.isNotEmpty(authData.getBPK()) + && matchsReceivedbPKToOnlineApplication(oaParam, authData.getBPKType()) ) { + Logger.debug("Correct bPK is already included in AuthData."); + + //check if bPK received by PVP-Attribute matches OA + } else if (MiscUtil.isNotEmpty(pvpbPKValue) && + matchsReceivedbPKToOnlineApplication(oaParam, pvpbPKTypeAttr)) { + Logger.debug("Receive correct bPK from PVP-Attribute"); + authData.setBPK(pvpbPKValue); + authData.setBPKType(pvpbPKTypeAttr); + //check if decrypted bPK exists + } else if (pvpEncbPKAttr != null) { + Logger.debug("Receive bPK as encrypted bPK and decryption was possible."); + authData.setBPK(pvpEncbPKAttr.getFirst()); + authData.setBPKType(pvpEncbPKAttr.getSecond()); + + //ask SZR to get bPK } else { - String[] pvp2bPK = extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_BPK_NAME).split(":"); - if (pvp2bPK.length == 2) { - idValue.setValue(pvp2bPK[1]); + String notValidbPK = authData.getBPK(); + String notValidbPKType = authData.getBPKType(); + if (MiscUtil.isEmpty(notValidbPK) && + MiscUtil.isEmpty(notValidbPKType)) { + notValidbPK = pvpbPKValue; + notValidbPKType = pvpbPKTypeAttr; - Pattern pattern = Pattern.compile(MOAIDAuthConstants.REGEX_PATTERN_TARGET); - Matcher matcher = pattern.matcher(pvp2bPK[0]); - if (matcher.matches()) - persID.setType(Constants.URN_PREFIX_CDID + "+" + pvp2bPK[0]); - else - persID.setType(Constants.URN_PREFIX_WBPK + "+" + pvp2bPK[0]); + if (MiscUtil.isEmpty(notValidbPK) && + MiscUtil.isEmpty(notValidbPKType)) { + Logger.fatal("No bPK in MOASession. THIS error should not occur any more."); + throw new NullPointerException("No bPK in MOASession. THIS error should not occur any more."); + } + } + + Pair<String, String> baseIDFromSZR = getbaseIDFromSZR(authData, notValidbPK, notValidbPKType); + if (baseIDFromSZR != null) { + Logger.info("Receive citizen baseID from SRZ. Authentication can be completed"); + authData.setIdentificationValue(baseIDFromSZR.getFirst()); + authData.setIdentificationType(baseIDFromSZR.getSecond()); + Pair<String, String> result = buildOAspecificbPK(protocolRequest, oaParam, authData); + authData.setBPK(result.getFirst()); + authData.setBPKType(result.getSecond()); } else { - Logger.warn("Receive mandator bPK from federation with an unsupported format. " + extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_BPK_NAME)); - throw new AssertionAttributeExtractorExeption("Receive mandator bPK from federation with an unsupported format."); + Logger.warn("Can not build authData, because moaSession include no valid bPK, encrypted bPK or baseID"); + throw new MOAIDException("builder.08", new Object[]{"No valid " + PVPConstants.BPK_FRIENDLY_NAME + + " or " + PVPConstants.EID_SOURCE_PIN_FRIENDLY_NAME + + " or " + PVPConstants.ENC_BPK_LIST_FRIENDLY_NAME}); } } - - } else { - Logger.error("Short mandate could not generated. Assertion contains not all attributes which are necessary."); - throw new AssertionAttributeExtractorExeption("Assertion contains not all attributes which are necessary for mandate generation", null); - - } - - try { - JAXBContext jc = JAXBContext.newInstance("at.gv.e_government.reference.namespace.mandates._20040701_"); - Marshaller m = jc.createMarshaller(); - ByteArrayOutputStream stream = new ByteArrayOutputStream(); - m.marshal(mandateObject, stream); - misMandate.setMandate(Base64Utils.encode(stream.toByteArray()).getBytes()); - stream.close(); + + //build IdentityLink + if (identityLink != null) + authData.setIdentityLink(buildOAspecificIdentityLink(oaParam, identityLink, authData.getBPK(), authData.getBPKType())); - } catch (JAXBException e) { - Logger.error("Failed to parse short mandate", e); - throw new AssertionAttributeExtractorExeption(); + else if (idlFromPVPAttr != null) { + authData.setIdentityLink(buildOAspecificIdentityLink(oaParam, idlFromPVPAttr, authData.getBPK(), authData.getBPKType())); + Logger.debug("Set IdentityLink received from federated IDP"); - } catch (IOException e) { - Logger.error("Failed to parse short mandate", e); - throw new AssertionAttributeExtractorExeption(); - - } - authData.setUseMandate(true); + } else { + Logger.info("Can NOT set IdentityLink. Msg: No IdentityLink found"); + + } + } - } - - - if (extractor.containsAttribute(PVPConstants.MANDATE_PROF_REP_OID_NAME)) { - if (authData.getMISMandate() == null) - authData.setMISMandate(new MISMandate()); - authData.getMISMandate().setProfRep( - extractor.getSingleAttributeValue(PVPConstants.MANDATE_PROF_REP_OID_NAME)); - } - - //set PVP role attribute - if (extractor.containsAttribute(PVPConstants.ROLES_NAME)) { - String pvpRoles = extractor.getSingleAttributeValue(PVPConstants.ROLES_NAME); - if (MiscUtil.isNotEmpty(pvpRoles)) { - List<String> roles = Arrays.asList(pvpRoles.split(";")); + //################################################################### + //set PVP role attribute (implemented for ISA 1.18 action) + includedToGenericAuthData.remove(PVPConstants.ROLES_NAME); + String pvpAttrRoles = session.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpAttrRoles)) { + List<String> roles = Arrays.asList(pvpAttrRoles.split(";")); for (String role : roles) { authData.addAuthenticationRole(AuthenticationRoleFactory.buildFormPVPole(role)); - } - } - } - - //set PVP OU attribute - if (extractor.containsAttribute(PVPConstants.OU_NAME)) { - authData.setPvpAttribute_OU(extractor.getSingleAttributeValue(PVPConstants.OU_NAME)); - Logger.debug("Found PVP 'OU' attribute in response -> " + authData.getPvpAttribute_OU()); + + } + } + - } - - //set STORK attributes - if (extractor.containsAttribute(PVPConstants.EID_STORK_TOKEN_NAME)) { - authData.setStorkAuthnResponse(extractor.getSingleAttributeValue(PVPConstants.EID_STORK_TOKEN_NAME)); - authData.setForeigner(true); + //################################################################### + //set PVP OU attribute (implemented for ISA 1.18 action) + includedToGenericAuthData.remove(PVPConstants.OU_NAME); + String pvpAttrOUName = session.getGenericDataFromSession(PVPConstants.OU_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpAttrOUName)) { + authData.setPvpAttribute_OU(pvpAttrOUName); + Logger.debug("Found PVP 'OU' attribute in response -> " + authData.getPvpAttribute_OU()); + + } - } - - if (!extractor.getSTORKAttributes().isEmpty()) { - authData.setStorkAttributes(extractor.getSTORKAttributes()); - authData.setForeigner(true); - } + //#################################################################### + //parse AuthBlock signature-verification response + //INFO: this parameters are only required for SAML1 auth. protocol + VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); + if (verifyXMLSigResp != null) { + authData.setQualifiedCertificate(verifyXMLSigResp + .isQualifiedCertificate()); + authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); + authData.setPublicAuthorityCode(verifyXMLSigResp + .getPublicAuthorityCode()); + + } else { + //set parameters in respect to QAA level + Logger.info("No authBlock signature-verfication response found. Maybe IDP federation is in use."); + if (PVPConstants.STORK_QAA_1_4.equals(authData.getQAALevel())) + authData.setQualifiedCertificate(true); + else + authData.setQualifiedCertificate(false); + authData.setPublicAuthority(false); - authData.setSsoSession(true); - authData.setInterfederatedSSOSession(true); - - if (extractor.getFullAssertion().getAuthnStatements() != null - && extractor.getFullAssertion().getAuthnStatements().size() > 0) { - for (AuthnStatement el : extractor.getFullAssertion().getAuthnStatements()) { - if (el.getSessionNotOnOrAfter() != null) { - authData.setSsoSessionValidTo(el.getSessionNotOnOrAfter().toDate()); - break; - } + } + + //#################################################################### + //copy all generic authentication information, which are not processed before to authData + Iterator<String> copyInterator = includedToGenericAuthData.iterator(); + while (copyInterator.hasNext()) { + String elementKey = copyInterator.next(); + try { + authData.setGenericData(elementKey, session.getGenericDataFromSession(elementKey)); + + } catch (SessionDataStorageException e) { + Logger.warn("Can not add generic authData with key:" + elementKey, e); + + } } - } else { - authData.setSsoSessionValidTo(extractor.getFullAssertion().getConditions().getNotOnOrAfter().toDate()); + } catch (BuildException e) { + throw e; - } + } catch (Throwable ex) { + throw new BuildException("builder.00", new Object[]{ + "AuthenticationData", ex.toString()}, ex); + } - //only for SAML1 - if (PVPConstants.STORK_QAA_1_4.equals(authData.getQAALevel())) - authData.setQualifiedCertificate(true); - else - authData.setQualifiedCertificate(false); - authData.setPublicAuthority(false); } - + /** - * @param oaParam - * @param authData - * @return + * Check a bPK-Type against a Service-Provider configuration <br> + * If bPK-Type is <code>null</code> the result is <code>false</code>. + * + * @param oaParam Service-Provider configuration, never null + * @param bPKType bPK-Type to check + * @return true, if bPK-Type matchs to Service-Provider configuration, otherwise false */ - private static boolean matchsReceivedbPKToOnlineApplication( - IOAAuthParameters oaParam, AuthenticationData authData) { - + private boolean matchsReceivedbPKToOnlineApplication(IOAAuthParameters oaParam, String bPKType) { String oaTarget = null; if (oaParam.getBusinessService()) { - if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK) || - oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_STORK)) - oaTarget = oaParam.getIdentityLinkDomainIdentifier(); - - else { - Logger.warn("BusinessIdentifier can not be clearly assigned, because it starts without a prefix."); - return false; - - } - + oaTarget = oaParam.getIdentityLinkDomainIdentifier(); + } else { oaTarget = Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget(); } - - - if (oaTarget.equals(authData.getBPKType())) + + if (oaTarget.equals(bPKType)) return true; else return false; } - private static void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session, - IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException { - - IdentityLink identityLink = session.getIdentityLink(); - - VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); - - authData.setIssuer(session.getAuthURL()); - + private void parseBasicUserInfosFromIDL(AuthenticationData authData, IdentityLink identityLink, Collection<String> includedGenericSessionData) { //baseID or wbpk in case of BusinessService without SSO or BusinessService SSO authData.setIdentificationValue(identityLink.getIdentificationValue()); authData.setIdentificationType(identityLink.getIdentificationType()); @@ -875,129 +841,238 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { authData.setFamilyName(identityLink.getFamilyName()); authData.setDateOfBirth(identityLink.getDateOfBirth()); - if (verifyXMLSigResp != null) { - authData.setQualifiedCertificate(verifyXMLSigResp - .isQualifiedCertificate()); - authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); - authData.setPublicAuthorityCode(verifyXMLSigResp - .getPublicAuthorityCode()); + //remove corresponding keys from genericSessionData if exists + includedGenericSessionData.remove(PVPConstants.PRINCIPAL_NAME_NAME); + includedGenericSessionData.remove(PVPConstants.GIVEN_NAME_NAME); + includedGenericSessionData.remove(PVPConstants.BIRTHDATE_NAME); + includedGenericSessionData.remove(PVPConstants.EID_SOURCE_PIN_NAME); + includedGenericSessionData.remove(PVPConstants.EID_SOURCE_PIN_TYPE_NAME); + + } + + /** + * @param authData + * @param notValidbPK + * @param notValidbPKType + * @return + */ + private Pair<String, String> getbaseIDFromSZR(AuthenticationData authData, String notValidbPK, + String notValidbPKType) { + try { + EgovUtilPropertiesConfiguration eGovClientsConfig = authConfig.geteGovUtilsConfig(); + if (eGovClientsConfig != null) { + Logger.info("bPK in MOASession (bPK-Type:" + notValidbPKType + + " does no match to Service-Provider configuration. --> Request SZR to get correct bPK."); + + SZRClient szrclient = new SZRClient(eGovClientsConfig); + + Logger.debug("Create SZR request to get baseID ... "); + PersonInfoType personInfo = new PersonInfoType(); + at.gv.util.xsd.szr.persondata.PhysicalPersonType person = new at.gv.util.xsd.szr.persondata.PhysicalPersonType(); + personInfo.setPerson(person); + at.gv.util.xsd.szr.persondata.PersonNameType name = new at.gv.util.xsd.szr.persondata.PersonNameType(); + person.setName(name); + at.gv.util.xsd.szr.persondata.IdentificationType idValue = new at.gv.util.xsd.szr.persondata.IdentificationType(); + person.setIdentification(idValue); + + //set bPK or wbPK + idValue.setValue(authData.getBPK()); + idValue.setType(authData.getBPKType()); + + //set person information + name.setGivenName(authData.getGivenName()); + name.setFamilyName(authData.getFamilyName()); + if (authData.getDateOfBirth() != null) + person.setDateOfBirth(authData.getFormatedDateOfBirth()); + + //request szr and store baseID + return Pair.newInstance(szrclient.getStammzahl(personInfo), + Constants.URN_PREFIX_BASEID); + + } else { + Logger.debug("No SZR clieht configuration found."); + return null; + + } + + } catch (SZRException e) { + Logger.warn("SZR connection FAILED. Interfederation SSO login not possible.", e); - } else { - Logger.warn("No signature verfication response found!"); + } catch (at.gv.util.ex.EgovUtilException e) { + Logger.warn("SZR connection FAILED. Interfederation SSO login not possible.", e); } - authData.setBkuURL(session.getBkuURL()); - - authData.setStorkAttributes(session.getStorkAttributes()); - authData.setStorkAuthnResponse(session.getStorkAuthnResponse()); - authData.setStorkRequest(session.getStorkAuthnRequest()); - - authData.setSignerCertificate(session.getEncodedSignerCertificate()); - authData.setAuthBlock(session.getAuthBlock()); - - authData.setForeigner(session.isForeigner()); - authData.setQAALevel(session.getQAALevel()); + return null; + } - authData.setIsBusinessService(oaParam.getBusinessService()); - - if (session.isForeigner()) { - try { - //TODO: replace with TSL lookup when TSL is ready! - X509Certificate certificate = new X509Certificate(authData.getSignerCertificate()); - if (certificate != null) { - LdapName ln = new LdapName(certificate.getIssuerDN() - .getName()); - for (Rdn rdn : ln.getRdns()) { - if (rdn.getType().equalsIgnoreCase("C")) { - Logger.info("C is: " + rdn.getValue()); - authData.setCcc(rdn.getValue().toString()); - break; - } - } - } - - } catch (Exception e) { - Logger.error("Failed to extract country code from certificate with message: " + e.getMessage()); - - } + /** + * Add encrypted bPKs from PVP Attribute 'ENC_BPK_LIST_NAME', which could be exist in + * MOASession as 'GenericData' <br> <pre><code>session.getGenericDataFromSession(PVPConstants.ENC_BPK_LIST_NAME, String.class)</code></pre> + * to <code>authData</code> + * + * @param session MOASession, but never null + * @param authData AuthenticationData DAO + * @param spConfig Service-Provider configuration + * + * @return Pair<bPK, bPKType> which was received by PVP-Attribute and could be decrypted for this Service Provider, + * or <code>null</code> if no attribute exists or can not decrypted + */ + private Pair<String, String> getEncryptedbPKFromPVPAttribute(AuthenticationSession session, + AuthenticationData authData, IOAAuthParameters spConfig) { + //set List of encrypted bPKs to authData DAO + String pvpEncbPKListAttr = session.getGenericDataFromSession(PVPConstants.ENC_BPK_LIST_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpEncbPKListAttr)) { + List<String> encbPKList = Arrays.asList(pvpEncbPKListAttr.split(";")); + authData.setEncbPKList(encbPKList); - if (MiscUtil.isEmpty(authData.getCcc())) { - if (authData.getStorkAuthnRequest() != null) { - authData.setCcc(authData.getStorkAuthnRequest().getCitizenCountryCode()); - Logger.info("Can not extract country from certificate -> Use country from STORK request."); - - } + //check if one of this encrypted bPK could be decrypt for this Service-Provider + for (String fullEncbPK : encbPKList) { + int index = fullEncbPK.indexOf("|"); + if (index >= 0) { + String encbPK = fullEncbPK.substring(index+1); + String second = fullEncbPK.substring(0, index); + int secIndex = second.indexOf("+"); + if (secIndex >= 0) { + if (spConfig.getTarget().equals(second.substring(secIndex+1))) { + Logger.debug("Found encrypted bPK for online-application " + + spConfig.getPublicURLPrefix() + + " Start decryption process ..."); + PrivateKey privKey = spConfig.getBPKDecBpkDecryptionKey(); + if (privKey != null) { + try { + String bPK = BPKBuilder.decryptBPK(encbPK, spConfig.getTarget(), privKey); + if (MiscUtil.isNotEmpty(bPK)) { + Logger.info("bPK decryption process finished successfully."); + return Pair.newInstance(bPK, Constants.URN_PREFIX_CDID + "+" + spConfig.getTarget()); + + } else { + Logger.error("bPK decryption FAILED."); + + } + } catch (BuildException e) { + Logger.error("bPK decryption FAILED.", e); + + } + } else { + Logger.info("bPK decryption FAILED, because no valid decryption key is found."); + + } + + } else { + Logger.info("Found encrypted bPK but " + + "encrypted bPK target does not match to online-application target"); + + } + } + } } - - } else { - authData.setCcc("AT"); - } - try { - authData.setSsoSession(AuthenticationSessionStoreage.isSSOSession(session.getSessionID())); + return null; + } + + /** + * Get bPK from PVP Attribute 'BPK_NAME', which could be exist in + * MOASession as 'GenericData' <br> <pre><code>session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class)</code></pre> + * + * @param session MOASession, but never null + * @return bPK, which was received by PVP-Attribute, or <code>null</code> if no attribute exists + */ + private String getbPKValueFromPVPAttribute(AuthenticationSession session) { + String pvpbPKValueAttr = session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpbPKValueAttr)) { - //set max. SSO session time - if (authData.isSsoSession()) { - long maxSSOSessionTime = AuthConfigurationProviderFactory.getInstance().getSSOCreatedTimeOut() * 1000; - Date ssoSessionValidTo = new Date(session.getSessionCreated().getTime() + maxSSOSessionTime); - authData.setSsoSessionValidTo(ssoSessionValidTo); - - } else { - //set valid to 5 min - Date ssoSessionValidTo = new Date(new Date().getTime() + 5 * 60 * 1000); - authData.setSsoSessionValidTo(ssoSessionValidTo); + //fix a wrong bPK-value prefix, which was used in some PVP Standardportal implementations + if (pvpbPKValueAttr.startsWith("bPK:")) { + Logger.warn("Attribute " + PVPConstants.BPK_NAME + + " contains a not standardize prefix! Staring attribute value correction process ..."); + pvpbPKValueAttr = pvpbPKValueAttr.substring("bPK:".length()); } + String[] spitted = pvpbPKValueAttr.split(":"); + if (spitted.length != 2) { + Logger.warn("Attribute " + PVPConstants.BPK_NAME + " has a wrong encoding and can NOT be USED!" + + " Value:" + pvpbPKValueAttr); + return null; + + } + Logger.debug("Find PVP-Attr: " + PVPConstants.BPK_FRIENDLY_NAME); + return spitted[1]; - /* TODO: Support SSO Mandate MODE! - * Insert functionality to translate mandates in case of SSO - */ + } + + return null; + } + /** + * Get bPK-Type from PVP Attribute 'EID_SECTOR_FOR_IDENTIFIER_NAME', which could be exist in + * MOASession as 'GenericData' <br> <pre><code>session.getGenericDataFromSession(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class)</code></pre> + * + * @param session MOASession, but never null + * @return bPKType, which was received by PVP-Attribute, or <code>null</code> if no attribute exists + */ + private String getbPKTypeFromPVPAttribute(AuthenticationSession session) { + String pvpbPKTypeAttr = session.getGenericDataFromSession(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class); + if (MiscUtil.isNotEmpty(pvpbPKTypeAttr)) { - MISMandate mandate = session.getMISMandate(); - authData.setMISMandate(mandate); - authData.setUseMandate(session.getUseMandate()); - authData.setMandateReferenceValue(session.getMandateReferenceValue()); - - if (session.getUseMandate() && session.isOW() - && mandate != null && MiscUtil.isNotEmpty(mandate.getOWbPK())) { - authData.setBPK(mandate.getOWbPK()); - authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW"); + //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations + if (pvpbPKTypeAttr.startsWith(Constants.URN_PREFIX_CDID) && + !pvpbPKTypeAttr.substring(Constants.URN_PREFIX_CDID.length(), + Constants.URN_PREFIX_CDID.length() + 1).equals("+")) { + Logger.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting attribute value correction ... "); + pvpbPKTypeAttr = Constants.URN_PREFIX_CDID + "+" + pvpbPKTypeAttr.substring(Constants.URN_PREFIX_CDID.length() + 1); - //TODO: check in case of mandates for business services - authData.setIdentityLink(identityLink); - Logger.trace("Authenticated User is OW: " + mandate.getOWbPK()); + } + Logger.debug("Find PVP-Attr: " + PVPConstants.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME); + return pvpbPKTypeAttr; + } + + return null; - } else { - buildOAspecificbPK(protocolRequest, oaParam, authData, - identityLink.getIdentificationValue(), - identityLink.getIdentificationType()); - - buildOAspecificIdentityLink(oaParam, authData, identityLink); - - } - - - } catch (Throwable ex) { - throw new BuildException("builder.00", new Object[]{ - "AuthenticationData", ex.toString()}, ex); - } + + /* + * INFO: This code could be used to extract the bPKType from 'PVPConstants.BPK_NAME', + * because the prefix of BPK_NAME attribute contains the postfix of the bPKType + * + * Now, all PVP Standardportals should be able to send 'EID_SECTOR_FOR_IDENTIFIER' + * PVP attributes + */ +// String pvpbPKValueAttr = session.getGenericDataFromSession(PVPConstants.BPK_NAME, String.class); +// String[] spitted = pvpbPKValueAttr.split(":"); +// if (MiscUtil.isEmpty(authData.getBPKType())) { +// Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " + +// "Starting target extraction from bPK/wbPK prefix ..."); +// //exract bPK/wbPK type from bpk attribute value prefix if type is +// //not transmitted as single attribute +// Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?"); +// Matcher matcher = pattern.matcher(spitted[0]); +// if (matcher.matches()) { +// //find public service bPK +// authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]); +// Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType()); +// +// } else { +// //find business service wbPK +// authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]); +// Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType()); +// +// } +// } } - - private static void buildOAspecificIdentityLink(IOAAuthParameters oaParam, AuthenticationData authData, IdentityLink idl) throws MOAIDException { + + private IdentityLink buildOAspecificIdentityLink(IOAAuthParameters oaParam, IdentityLink idl, String bPK, String bPKType) throws MOAIDException { if (oaParam.getBusinessService()) { Element idlassertion = idl.getSamlAssertion(); //set bpk/wpbk; Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); - prIdentification.getFirstChild().setNodeValue(authData.getBPK()); + prIdentification.getFirstChild().setNodeValue(bPK); //set bkp/wpbk type Node prIdentificationType = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_TYPE_XPATH); - prIdentificationType.getFirstChild().setNodeValue(authData.getBPKType()); + prIdentificationType.getFirstChild().setNodeValue(bPKType); IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion); IdentityLink businessServiceIdl = idlparser.parseIdentityLink(); @@ -1006,68 +1081,76 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); Element resignedilAssertion; - AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); - if (config.isIdentityLinkResigning()) { - resignedilAssertion = identitylinkresigner.resignIdentityLink(businessServiceIdl.getSamlAssertion(), config.getIdentityLinkResigningKey()); + if (authConfig.isIdentityLinkResigning()) { + resignedilAssertion = identitylinkresigner.resignIdentityLink(businessServiceIdl.getSamlAssertion(), authConfig.getIdentityLinkResigningKey()); } else { resignedilAssertion = businessServiceIdl.getSamlAssertion(); } IdentityLinkAssertionParser resignedIDLParser = new IdentityLinkAssertionParser(resignedilAssertion); - IdentityLink resignedIDL = resignedIDLParser.parseIdentityLink(); + return resignedIDLParser.parseIdentityLink(); - authData.setIdentityLink(resignedIDL); - } else - authData.setIdentityLink(idl); + return idl; } - - private static void buildOAspecificbPK(IRequest protocolRequest, IOAAuthParameters oaParam, AuthenticationData authData, String baseID, String baseIDType) throws BuildException { - - if (oaParam.getBusinessService()) { - //since we have foreigner, wbPK is not calculated in BKU - if (baseIDType.equals(Constants.URN_PREFIX_BASEID)) { - String registerAndOrdNr = oaParam.getIdentityLinkDomainIdentifier(); - authData.setBPK(new BPKBuilder().buildbPKorwbPK(baseID, registerAndOrdNr)); - authData.setBPKType(registerAndOrdNr); - - } else { - authData.setBPK(baseID); - authData.setBPKType(baseIDType); - - } - Logger.trace("Authenticate user with wbPK " + authData.getBPK()); - - } else { - if (baseIDType.equals(Constants.URN_PREFIX_BASEID)) { - // only compute bPK if online application is a public service and we have the Stammzahl - String target = null; - Object saml1Requst = null; - try { - saml1Requst = Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl").newInstance(); - - } catch (ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | java.lang.SecurityException ex) { - - - } - - if (saml1Requst != null && protocolRequest.getClass().isInstance(saml1Requst)) - target = protocolRequest.getTarget(); - else - target = oaParam.getTarget(); - - String bpkBase64 = new BPKBuilder().buildBPK(baseID, target); - authData.setBPK(bpkBase64); - authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + target); - } + private Pair<String, String> buildOAspecificbPK(IRequest pendingReq, IOAAuthParameters oaParam, AuthenticationData authData) throws BuildException { + + String bPK; + String bPKType; - Logger.trace("Authenticate user with bPK " + authData.getBPK()); - } + String baseID = authData.getIdentificationValue(); + String baseIDType = authData.getIdentificationType(); + + String eIDASOutboundCountry = pendingReq.getGenericData(RequestImpl.eIDAS_GENERIC_REQ_DATA_COUNTRY, String.class); + if (Constants.URN_PREFIX_BASEID.equals(baseIDType)) { + if (MiscUtil.isNotEmpty(eIDASOutboundCountry) && !COUNTRYCODE_AUSTRIA.equals(eIDASOutboundCountry)) { + Pair<String, String> eIDASID = new BPKBuilder().buildeIDASIdentifer(baseIDType, baseID, + COUNTRYCODE_AUSTRIA, eIDASOutboundCountry); + Logger.debug("Authenticate user with bPK:" + eIDASID.getFirst() + " Type:" + eIDASID.getSecond()); + return eIDASID; + + } else if (oaParam.getBusinessService()) { + //is Austrian private-service application + String registerAndOrdNr = oaParam.getIdentityLinkDomainIdentifier(); + bPK = new BPKBuilder().buildbPKorwbPK(baseID, registerAndOrdNr); + bPKType = registerAndOrdNr; + + } else { + // only compute bPK if online application is a public service and we have the Stammzahl + String target = null; + Class<?> saml1RequstTemplate = null; + try { + saml1RequstTemplate = Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl"); + if (saml1RequstTemplate != null && + saml1RequstTemplate.isInstance(pendingReq)) { + target = (String) pendingReq.getClass().getMethod("getTarget").invoke(pendingReq); + + } + + } catch (ClassNotFoundException | IllegalAccessException | IllegalArgumentException | java.lang.SecurityException | InvocationTargetException | NoSuchMethodException ex) { } + + if (MiscUtil.isEmpty(target)) + target = oaParam.getTarget(); + + bPK = new BPKBuilder().buildBPK(baseID, target); + bPKType = Constants.URN_PREFIX_CDID + "+" + target; + + } + + } else { + Logger.warn("!!!baseID-element does not include a baseID. This should not be happen any more!!!"); + bPK = baseID; + bPKType = baseIDType; + + } + Logger.trace("Authenticate user with bPK:" + bPK + " Type:" + bPKType); + return Pair.newInstance(bPK, bPKType); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index 1cf6929e6..9e4e36fec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -46,13 +46,6 @@ package at.gv.egovernment.moa.id.auth.builder; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.MiscUtil; - import java.security.InvalidKeyException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; @@ -66,6 +59,13 @@ import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.data.Pair; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.MiscUtil; + /** * Builder for the bPK, as defined in * <code>"Ableitung f¨r die bereichsspezifische Personenkennzeichnung"</code> @@ -203,73 +203,42 @@ public class BPKBuilder { /** * Builds the storkeid from the given parameters. * - * @param identityLink identity link - * @param destinationCountry destination country code (2 chars) - * @return storkid in a BASE64 encoding - * @throws BuildException if an error occurs on building the wbPK - */ - public String buildStorkeIdentifier(IdentityLink identityLink, String destinationCountry) - throws BuildException { - return buildStorkbPK(identityLink.getIdentificationValue(), - identityLink.getIdentificationType(), "AT", destinationCountry); - } - - /** - * Builds the storkeid from the given parameters. - * - * @param identityLink identity link - * @param destinationCountry destination country code (2 chars) - * @return storkid in a BASE64 encoding - * @throws BuildException if an error occurs on building the wbPK - */ - public String buildStorkeIdentifier(String identificationType, String identificationValue, String destinationCountry) - throws BuildException { - return buildStorkbPK(identificationValue, identificationType, "AT", destinationCountry); - } - - /** - * Builds the storkeid from the given parameters. - * - * @param identityLink identity link - * @param sourceCountry source country code (2 chars) - * @param destinationCountry destination country code (2 chars) - * @return storkid in a BASE64 encoding + * @param baseID baseID of the citizen + * @param baseIDType Type of the baseID + * @param sourceCountry CountryCode of that country, which build the eIDAs ID + * @param destinationCountry CountryCode of that country, which receives the eIDAs ID + * + * @return Pair<eIDAs, bPKType> in a BASE64 encoding * @throws BuildException if an error occurs on building the wbPK */ - public String buildStorkbPK(String baseID, String baseIDType, String sourceCountry, String destinationCountry) - throws BuildException { - String identificationValue = null; - + public Pair<String, String> buildeIDASIdentifer(String baseID, String baseIDType, String sourceCountry, String destinationCountry) + throws BuildException { + String bPK = null; + String bPKType = null; + // check if we have been called by public sector application - if (baseIDType.startsWith(Constants.URN_PREFIX_BASEID)) { - identificationValue = calculateStorkeIdentifierBase(baseID, sourceCountry, destinationCountry); + if (baseIDType.startsWith(Constants.URN_PREFIX_BASEID)) { + bPKType = Constants.URN_PREFIX_EIDAS + "+" + sourceCountry + "+" + destinationCountry; + Logger.debug("Building eIDAS identification from: [identValue]+" + bPKType); + bPK = calculatebPKwbPK(baseID + "+" + bPKType); } else { // if not, sector identification value is already calculated by BKU - Logger.debug("STORK eIdentifier already provided by BKU"); - identificationValue = baseID; + Logger.debug("eIDAS eIdentifier already provided by BKU"); + bPK = baseID; } - if ((identificationValue == null || - identificationValue.length() == 0 || - destinationCountry == null || - destinationCountry.length() == 0 || - sourceCountry == null || - sourceCountry.length() == 0)) { + if ((MiscUtil.isEmpty(bPK) || + MiscUtil.isEmpty(sourceCountry) || + MiscUtil.isEmpty(destinationCountry))) { throw new BuildException("builder.00", - new Object[]{"storkid", "Unvollständige Parameterangaben: identificationValue=" + - identificationValue + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry}); + new Object[]{"eIDAS-ID", "Unvollständige Parameterangaben: identificationValue=" + + bPK + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry}); } - Logger.info("Building STORK identification from: " + sourceCountry+"/"+destinationCountry+"/" + "[identValue]"); - String eIdentifier = sourceCountry+"/"+destinationCountry+"/"+identificationValue; - - return eIdentifier; - } - - private String calculateStorkeIdentifierBase(String baseID, String sourceCountry, String destinationCountry) throws BuildException { - String basisbegriff = baseID + "+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry; - Logger.debug("Building STORK identification from: [identValue]+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry); - return calculatebPKwbPK(basisbegriff); + Logger.debug("Building eIDAS identification from: " + sourceCountry+"/"+destinationCountry+"/" + "[identValue]"); + String eIdentifier = sourceCountry + "/" + destinationCountry + "/" + bPK; + + return Pair.newInstance(eIdentifier, baseIDType); } private String calculatebPKwbPK(String basisbegriff) throws BuildException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java index bbbfacbd1..73fe961eb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java @@ -50,9 +50,10 @@ import java.text.MessageFormat; import java.util.Calendar; import java.util.List; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DateTimeUtils; import at.gv.egovernment.moa.util.StringUtils; @@ -156,7 +157,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants { * @param session current session * @return String representation of <code><CreateXMLSignatureRequest></code> */ - public String buildForeignID(String subject, OAAuthParameter oaParam, AuthenticationSession session) { + public String buildForeignID(String subject, IRequest pendingReq) { String request = ""; request += "<sl:CreateXMLSignatureRequest xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">"; @@ -165,7 +166,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants { request += "<sl:DataObject>"; request += "<sl:XMLContent>"; - request += buildForeignIDTextToBeSigned(subject, oaParam, session); + request += buildForeignIDTextToBeSigned(subject,pendingReq); request += "</sl:XMLContent>"; request += "</sl:DataObject>"; @@ -180,9 +181,10 @@ public class CreateXMLSignatureRequestBuilder implements Constants { return request; } - public static String buildForeignIDTextToBeSigned(String subject, OAAuthParameter oaParam, AuthenticationSession session) { - - String target = session.getTarget(); + public static String buildForeignIDTextToBeSigned(String subject, IRequest pendingReq) { + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); + String target = pendingReq.getGenericData( + MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class); String sectorName = TargetToSectorNameMapper.getSectorNameViaTarget(target); Calendar cal = Calendar.getInstance(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java index d4350f97b..8334780ba 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java @@ -46,8 +46,7 @@ package at.gv.egovernment.moa.id.auth.builder; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; /** * Builds a DataURL parameter meant for the security layer implementation @@ -76,31 +75,13 @@ public class DataURLBuilder { * @return String */ public String buildDataURL(String authBaseURL, String authServletName, String sessionID) { - -// String individualDataURLPrefix = null; - String dataURL; - - //is removed from config in MOA-ID 2.0 - //check if an individual prefix is configured -// individualDataURLPrefix = AuthConfigurationProvider.getInstance(). -// getGenericConfigurationParameter(AuthConfigurationProvider.INDIVIDUAL_DATA_URL_PREFIX); -// -// if (null != individualDataURLPrefix) { -// -// //check individualDataURLPrefix -// if(!individualDataURLPrefix.startsWith("http")) -// throw(new ConfigurationException("config.13", new Object[] { individualDataURLPrefix})); -// -// //when ok then use it -// dataURL = individualDataURLPrefix + authServletName; -// } else - + String dataURL; if (!authBaseURL.endsWith("/")) authBaseURL += "/"; dataURL = authBaseURL + authServletName; - dataURL = addParameter(dataURL, MOAIDAuthConstants.PARAM_SESSIONID, sessionID); + dataURL = addParameter(dataURL, MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, sessionID); return dataURL; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java index 79b09503f..f4f6e82ba 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java @@ -28,16 +28,17 @@ import java.util.List; import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.MiscUtil; /** * @author tlenz @@ -45,65 +46,35 @@ import at.gv.egovernment.moa.util.Constants; */ public class DynamicOAAuthParameterBuilder { - public static IOAAuthParameters buildFromAttributeQuery(List<Attribute> reqAttributes, InterfederationSessionStore interfIDP) throws DynamicOABuildException { + public static IOAAuthParameters buildFromAttributeQuery(List<Attribute> reqAttributes) throws DynamicOABuildException { Logger.debug("Build dynamic OAConfiguration from AttributeQuery and interfederation information"); - try { - DynamicOAAuthParameters dynamicOA = new DynamicOAAuthParameters(); - - for (Attribute attr : reqAttributes) { - //get Target or BusinessService from request - if (attr.getName().equals(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME)) { - String attrValue = attr.getAttributeValues().get(0).getDOM().getTextContent(); - if (attrValue.startsWith(Constants.URN_PREFIX_CDID)) { - dynamicOA.setBusinessService(false); - dynamicOA.setTarget(attrValue.substring((Constants.URN_PREFIX_CDID + "+").length())); - - } else if( attrValue.startsWith(Constants.URN_PREFIX_WBPK) || - attrValue.startsWith(Constants.URN_PREFIX_STORK) ) { - dynamicOA.setBusinessService(true); - dynamicOA.setTarget(attrValue); - - } else { - Logger.error("Sector identification " + attrValue + " is not a valid Target or BusinessServiceArea"); - throw new DynamicOABuildException("Sector identification " + attrValue + " is not a valid Target or BusinessServiceArea", null); - - } - - } + DynamicOAAuthParameters dynamicOA = new DynamicOAAuthParameters(); - } - - if (interfIDP != null) { - //load interfederated IDP informations - OAAuthParameter idp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(interfIDP.getIdpurlprefix()); - if (idp == null) { - Logger.warn("Interfederated IDP configuration is not loadable."); - throw new DynamicOABuildException("Interfederated IDP configuration is not loadable.", null); + for (Attribute attr : reqAttributes) { + //get Target or BusinessService from request + if (attr.getName().equals(PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME)) { + String attrValue = attr.getAttributeValues().get(0).getDOM().getTextContent(); + if (attrValue.startsWith(Constants.URN_PREFIX_CDID)) { + dynamicOA.setBusinessService(false); + dynamicOA.setTarget(attrValue.substring((Constants.URN_PREFIX_CDID + "+").length())); + + } else if( attrValue.startsWith(Constants.URN_PREFIX_WBPK) || + attrValue.startsWith(Constants.URN_PREFIX_STORK) ) { + dynamicOA.setBusinessService(true); + dynamicOA.setTarget(attrValue); + + } else { + Logger.error("Sector identification " + attrValue + " is not a valid Target or BusinessServiceArea"); + throw new DynamicOABuildException("Sector identification " + attrValue + " is not a valid Target or BusinessServiceArea", null); } - - dynamicOA.setApplicationID(idp.getPublicURLPrefix()); - dynamicOA.setInderfederatedIDP(idp.isInderfederationIDP()); - dynamicOA.setIDPQueryURL(idp.getIDPAttributQueryServiceURL()); - //check if IDP service area policy. BusinessService IDPs can only request wbPKs - if (!dynamicOA.getBusinessService() && !idp.isIDPPublicService()) { - Logger.error("Interfederated IDP " + idp.getPublicURLPrefix() - + " has a BusinessService-IDP but requests PublicService attributes."); - throw new DynamicOABuildException("Interfederated IDP " + idp.getPublicURLPrefix() - + " has a BusinessService-IDP but requests PublicService attributes.", null); - - } } - return dynamicOA; - - } catch (ConfigurationException e) { - Logger.warn("Internel server errror. Basic configuration load failed.", e); - throw new DynamicOABuildException("Basic configuration load failed.", null); - } + } + return dynamicOA; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java deleted file mode 100644 index 99ba49d26..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ /dev/null @@ -1,182 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.builder; - -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.net.URI; - -import org.apache.commons.io.IOUtils; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.stork.CPEPS; -import at.gv.egovernment.moa.id.util.FormBuildUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class LoginFormBuilder { - - private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; - private static final String HTMLTEMPLATEFULL = "loginFormFull.html"; - - private static String AUTH_URL = "#AUTH_URL#"; - private static String MODUL = "#MODUL#"; - private static String ACTION = "#ACTION#"; - private static String OANAME = "#OAName#"; - private static String BKU_ONLINE = "#ONLINE#"; - private static String BKU_HANDY = "#HANDY#"; - private static String BKU_LOCAL = "#LOCAL#"; - public static String CONTEXTPATH = "#CONTEXTPATH#"; - private static String MOASESSIONID = "#SESSIONID#"; - private static String PEPSLIST = "#PEPSLIST#"; - - private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate"; - - private static String getTemplate() { - String pathLocation =""; - InputStream input = null; - - try { - String rootconfigdir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); - pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; - File file = new File(new URI(pathLocation)); - input = new FileInputStream(file); - - } catch (ConfigurationException e) { - Logger.warn("MOA-ID configuration can not be loaded."); - - } catch (Exception e) { - - } - - return getTemplate(input); - - } - - public static String getTemplate(InputStream input) { - - String template = null; - - try { - if (input == null) { - - Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package."); - - String pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; - input = Thread.currentThread() - .getContextClassLoader() - .getResourceAsStream(pathLocation); - - } - - StringWriter writer = new StringWriter(); - IOUtils.copy(input, writer); - template = writer.toString(); - template = template.replace(AUTH_URL, SERVLET); - template = template.replace(BKU_ONLINE, IOAAuthParameters.ONLINEBKU); - template = template.replace(BKU_HANDY, IOAAuthParameters.HANDYBKU); - template = template.replace(BKU_LOCAL, IOAAuthParameters.LOCALBKU); - - } catch (Exception e) { - Logger.error("Failed to read template", e); - - } finally { - try { - input.close(); - - } catch (IOException e) { - Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); - } - } - return template; - } - - public static String buildLoginForm(String modul, String action, OAAuthParameter oaParam, String contextpath, String moaSessionID) { - - String value = null; - - byte[] oatemplate = oaParam.getBKUSelectionTemplate(); - // OA specific template requires a size of 8 bits minimum - if (oatemplate != null && oatemplate.length > 7) { - InputStream is = new ByteArrayInputStream(oatemplate); - value = getTemplate(is); - - } else { - //load default BKU-selection template - value = getTemplate(); - - } - - if(value != null) { -// if(modul == null) { -// modul = SAML1Protocol.PATH; -// } -// if(action == null) { -// action = SAML1Protocol.GETARTIFACT; -// } - value = value.replace(MODUL, modul); - value = value.replace(ACTION, action); - value = value.replace(OANAME, oaParam.getFriendlyName()); - value = value.replace(CONTEXTPATH, contextpath); - value = value.replace(MOASESSIONID, moaSessionID); - - if (oaParam.isShowStorkLogin()) { - String pepslist = ""; - try { - for (CPEPS current : oaParam.getPepsList()) { - String countryName = null; - if (MiscUtil.isNotEmpty(MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()))) - countryName = MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()); - else - countryName = current.getCountryCode().toUpperCase(); - - pepslist += "<option value=" + current.getCountryCode() + ">" - + countryName - + "</option>\n"; - - } - value = value.replace(PEPSLIST, pepslist); - - } catch (NullPointerException e) { - - } - } - - value = FormBuildUtils.customiceLayoutBKUSelection(value, - oaParam.isShowMandateCheckBox(), - oaParam.isOnlyMandateAllowed(), - oaParam.getFormCustomizaten(), - oaParam.isShowStorkLogin()); - - } - return value; - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java deleted file mode 100644 index 2a5c8d418..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java +++ /dev/null @@ -1,65 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.builder; - -import java.io.InputStream; -import java.io.StringWriter; - -import org.apache.commons.io.IOUtils; - -import at.gv.egovernment.moa.logging.Logger; - -public class RedirectFormBuilder { - - private static String URL = "#URL#"; - private static String TARGET = "#TARGET#"; - private static String template; - - private static String getTemplate() { - - if (template == null) { - try { - String classpathLocation = "resources/templates/redirectForm.html"; - InputStream input = Thread.currentThread() - .getContextClassLoader() - .getResourceAsStream(classpathLocation); - StringWriter writer = new StringWriter(); - IOUtils.copy(input, writer); - template = writer.toString(); - } catch (Exception e) { - Logger.error("Failed to read template", e); - } - } - - return template; - } - - public static String buildLoginForm(String url, String redirectTarget) { - String value = getTemplate(); - value = value.replace(URL, url); - value = value.replace(TARGET, redirectTarget); - - return value; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java deleted file mode 100644 index d14910319..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java +++ /dev/null @@ -1,165 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.builder; - -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.net.URI; - -import org.apache.commons.io.IOUtils; - -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.util.FormBuildUtils; -import at.gv.egovernment.moa.logging.Logger; - -public class SendAssertionFormBuilder { - - private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; - private static final String HTMLTEMPLATEFULL = "sendAssertionFormFull.html"; - - private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\""; - - private static String URL = "#URL#"; - private static String MODUL = "#MODUL#"; - private static String ACTION = "#ACTION#"; - private static String ID = "#ID#"; - private static String OANAME = "#OAName#"; - private static String CONTEXTPATH = "#CONTEXTPATH#"; - private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#"; - private static String COLOR = "#COLOR#"; - - private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet"; - - private static String getTemplate() { - - String pathLocation; - InputStream input = null; - try { - String rootconfigdir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); - pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; - - try { - File file = new File(new URI(pathLocation)); - input = new FileInputStream(file); - - } catch (FileNotFoundException e) { - - Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package."); - - pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; - - input = Thread.currentThread() - .getContextClassLoader() - .getResourceAsStream(pathLocation); - - } - - return getTemplate(input); - - } catch (Exception e) { - try { - input.close(); - - } catch (IOException e1) { - Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); - } - - return null; - } - - } - - private static String getTemplate(InputStream input) { - - String template = null; - - try { - - StringWriter writer = new StringWriter(); - IOUtils.copy(input, writer); - template = writer.toString(); - template = template.replace(URL, SERVLET); - - } catch (Exception e) { - Logger.error("Failed to read template", e); - - } finally { - try { - input.close(); - - } catch (IOException e) { - Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); - } - } - - return template; - } - - public static String buildForm(String modul, String action, String id, OAAuthParameter oaParam, String contextpath) { - String value = null; - - byte[] oatemplate = oaParam.getSendAssertionTemplate(); - // OA specific template requires a size of 8 bits minimum - if (oatemplate != null && oatemplate.length > 7) { - InputStream is = new ByteArrayInputStream(oatemplate); - value = getTemplate(is); - - } else { - //load default BKU-selection template - value = getTemplate(); - - } - - if(value != null) { -// if(modul == null) { -// modul = SAML1Protocol.PATH; -// } -// if(action == null) { -// action = SAML1Protocol.GETARTIFACT; -// } - value = value.replace(MODUL, modul); - value = value.replace(ACTION, action); - value = value.replace(ID, id); - value = value.replace(OANAME, oaParam.getFriendlyName()); - - if (contextpath.endsWith("/")) - contextpath = contextpath.substring(0, contextpath.length() - 1); - value = value.replace(CONTEXTPATH, contextpath); - - value = FormBuildUtils.customiceLayoutBKUSelection(value, - oaParam.isShowMandateCheckBox(), - oaParam.isOnlyMandateAllowed(), - oaParam.getFormCustomizaten(), - oaParam.isShowStorkLogin()); - - } - return value; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java new file mode 100644 index 000000000..ec94101d1 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SignatureVerificationUtils.java @@ -0,0 +1,172 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.builder; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.exception.ServiceException; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.Constants; + +/** + * @author tlenz + * + */ +public class SignatureVerificationUtils { + /** shortcut for XMLNS namespace URI */ + private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI; + /** shortcut for MOA namespace URI */ + private static final String MOA_NS_URI = Constants.MOA_NS_URI; + /** The DSIG-Prefix */ + private static final String DSIG = Constants.DSIG_PREFIX + ":"; + + /** The document containing the <code>VerifyXMLsignatureRequest</code> */ + private Document requestDoc_; + /** the <code>VerifyXMLsignatureRequest</code> root element */ + private Element requestElem_; + + + public SignatureVerificationUtils() throws BuildException { + try { + DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); + requestDoc_ = docBuilder.newDocument(); + requestElem_ = requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest"); + requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI); + requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); + requestDoc_.appendChild(requestElem_); + + } catch (Throwable t) { + throw new BuildException( + "builder.00", + new Object[] {"VerifyXMLSignatureRequest", t.toString()}, + t); + } + } + + public VerifyXMLSignatureResponse verify(byte[] signature, String trustProfileID) throws MOAIDException { + try { + //build signature-verification request + Element domVerifyXMLSignatureRequest = build(signature, trustProfileID); + + //send signature-verification to MOA-SP + Element domVerifyXMLSignatureResponse = SignatureVerificationInvoker.getInstance() + .verifyXMLSignature(domVerifyXMLSignatureRequest); + + // parses the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + domVerifyXMLSignatureResponse).parseData(); + + return verifyXMLSignatureResponse; + + } catch (ParseException e) { + Logger.error("Build signature-verification request FAILED." ,e); + throw e; + + } catch (ServiceException e) { + Logger.error("MOA-SP signature verification FAILED." ,e); + throw e; + + } + + } + + /** + * Builds a <code><VerifyXMLSignatureRequest></code> + * from an IdentityLink with a known trustProfileID which + * has to exist in MOA-SP + * @param signature - The XML signature as byte[] + * @param trustProfileID - a preconfigured TrustProfile at MOA-SP + * + * @return Element - The complete request as Dom-Element + * + * @throws ParseException + */ + private Element build(byte[] signature, String trustProfileID) + throws ParseException + { + try { + // build the request + Element verifiySignatureInfoElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); + requestElem_.appendChild(verifiySignatureInfoElem); + Element verifySignatureEnvironmentElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment"); + verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem); + Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); + verifySignatureEnvironmentElem.appendChild(base64ContentElem); + + // insert the base64 encoded signature + String base64EncodedAssertion = Base64Utils.encode(signature); + //replace all '\r' characters by no char. + StringBuffer replaced = new StringBuffer(); + for (int i = 0; i < base64EncodedAssertion.length(); i ++) { + char c = base64EncodedAssertion.charAt(i); + if (c != '\r') { + replaced.append(c); + } + } + base64EncodedAssertion = replaced.toString(); + Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion); + base64ContentElem.appendChild(base64Content); + + // specify the signature location + Element verifySignatureLocationElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation"); + verifiySignatureInfoElem.appendChild(verifySignatureLocationElem); + Node signatureLocation = requestDoc_.createTextNode(DSIG + "Signature"); + verifySignatureLocationElem.appendChild(signatureLocation); + + // signature manifest params + Element signatureManifestCheckParamsElem = + requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); + requestElem_.appendChild(signatureManifestCheckParamsElem); + signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); + + Element returnHashInputDataElem = + requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData"); + requestElem_.appendChild(returnHashInputDataElem); + + //add trustProfileID + Element trustProfileIDElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID"); + trustProfileIDElem.appendChild(requestDoc_.createTextNode(trustProfileID)); + requestElem_.appendChild(trustProfileIDElem); + } catch (Throwable t) { + throw new ParseException("builder.00", + new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" }, t); + } + + return requestElem_; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 59482c4a8..a72f6c2ea 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -36,21 +36,22 @@ package at.gv.egovernment.moa.id.auth.data; -import iaik.x509.X509Certificate; - import java.io.Serializable; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Date; import java.util.List; +import java.util.Map; +import org.apache.commons.collections4.map.HashedMap; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; /** * Session data to be stored between <code>AuthenticationServer</code> API calls. @@ -74,68 +75,22 @@ public class AuthenticationSession implements Serializable { private String sessionID; private Date sessionCreated = null; - - /** - * "Geschäftsbereich" the online application belongs to; maybe <code>null</code> if the - * online application is a business application - */ - private String target; - /** - * Friendly name for the target, if target is configured via MOA-ID configuration - */ - private String targetFriendlyName; - - /** - * SourceID - */ - private String sourceID; - - /** - * public online application URL requested - */ - private String oaURLRequested; - /** - * public online application URL prefix - */ - private String oaPublicURLPrefix; - /** - * URL of MOA ID authentication component - */ - private String authURL; - /** - * HTML template URL - */ - private String templateURL; - + /** * URL of the BKU */ private String bkuURL; - /** - * Indicates whether the corresponding online application is a business service or not - */ - private boolean businessService; - - /** - * Indicates whether the corresponding online application is a stork service or not - */ - private boolean storkService; // Store Mandate /** * Use mandate */ - private boolean useMandate; + private boolean useMandates; private boolean isOW = false; /** - * STORK - */ - private String ccc; - - /** * * Mandate element */ @@ -157,12 +112,6 @@ public class AuthenticationSession implements Serializable { */ private IdentityLink identityLink; - // /** - // * timestamp logging when identity link has been received - // */ - // private Date timestampIdentityLink; - - // store Authblock /** * authentication block to be signed by the user */ @@ -175,11 +124,9 @@ public class AuthenticationSession implements Serializable { */ private String issueInstant; - // Signer certificate /** * Signer certificate of the foreign citizen or for mandate mode */ - // private X509Certificate signerCertificate; private byte[] signerCertificate; /** @@ -199,193 +146,18 @@ public class AuthenticationSession implements Serializable { * the AUTHBlock. */ private List<ExtendedSAMLAttribute> extendedSAMLAttributesAUTH; - -// /** -// * If infobox validators are needed after signing, they can be stored in this list. -// */ -// private List infoboxValidators; - - /** - * The register and number in the register parameter in case of a business service application. - */ - private String domainIdentifier; - - /** - * This string contains all identifiers of infoboxes, the online application is configured to - * accept. The infobox identifiers are comma separated. - */ - private String pushInfobox; - - /** - * The STORK AuthRequest to be sent to the C-PEPS - */ - private STORKAuthnRequest storkAuthnRequest; - - private String storkAuthnResponse; - - // private AuthenticationData authData; - - // protocol selection - private String action; - private String modul; - + private boolean authenticated; - private boolean authenticatedUsed = false; - - private boolean ssoRequested = false; - + private String QAALevel = null; - -// private OAuth20SessionObject oAuth20SessionObject; - - // /** - // * Indicates if target from configuration is used or not - // */ - // private boolean useTargetFromConfig; - - // /** - // * Authentication data for the assertion - // */ - // private AuthenticationData assertionAuthData; - // - // /** - // * Persondata for the assertion - // */ - // private String assertionPrPerson; - // - // /** - // * Authblock for the assertion - // */ - // private String assertionAuthBlock; - // - // /** - // * Identitylink assertion for the (MOA) assertion - // */ - // private String assertionIlAssertion; - // - // /** - // * Signer certificate (base64 encoded) for the assertion - // */ - // private String assertionSignerCertificateBase64; - // - // /** - // * bussiness service for the assertion - // */ - // boolean assertionBusinessService; - // - // /** - // * timestamp logging when authentication session has been created - // */ - // private Date timestampStart; - // private CreateXMLSignatureResponse XMLCreateSignatureResponse; - + private VerifyXMLSignatureResponse XMLVerifySignatureResponse; private boolean isForeigner; - - private IPersonalAttributeList storkAttributes; - - - //Temporary store SignRequest for local processing - private String signedDoc; - //Temporary store SAMLResponse for processing after user signed signedDoc locally - private String SAMLResponse; - // - private StringBuffer returnURL; - private IPersonalAttributeList authnResponseGetPersonalAttributeList; - private String authnContextClassRef; - // private String requestedProtocolURL = null; - private String processInstanceId; - - public String getAuthnContextClassRef() { - return authnContextClassRef; - } - - public void setAuthnContextClassRef(String authnContextClassRef) { - this.authnContextClassRef = authnContextClassRef; - } - - public IPersonalAttributeList getAuthnResponseGetPersonalAttributeList() { - return authnResponseGetPersonalAttributeList; - } - - public void setAuthnResponseGetPersonalAttributeList(IPersonalAttributeList authnResponseGetPersonalAttributeList) { - this.authnResponseGetPersonalAttributeList = authnResponseGetPersonalAttributeList; - } - - public String getSAMLResponse() { - return SAMLResponse; - } - - public void setSAMLResponse(String samlResponse) { - SAMLResponse = samlResponse; - } - - public StringBuffer getReturnURL() { - return returnURL; - } - - public void setReturnURL(StringBuffer returnURL) { - this.returnURL = returnURL; - } - - public String getSignedDoc() { - return signedDoc; - } + private Map<String, Object> genericSessionDataStorate = new HashedMap<String, Object>(); - public void setSignedDoc(String signedDoc) { - this.signedDoc = signedDoc; - } - public String getModul() { - return modul; - } - - public void setModul(String modul) { - this.modul = modul; - } - - public String getAction() { - return action; - } - - public void setAction(String action) { - this.action = action; - } - - // public AuthenticationData getAuthData() { - // return authData; - // } - // - // public void setAuthData(AuthenticationData authData) { - // this.authData = authData; - // } - - public boolean isAuthenticatedUsed() { - return authenticatedUsed; - } - - public void setAuthenticatedUsed(boolean authenticatedUsed) { - this.authenticatedUsed = authenticatedUsed; - } - - public boolean isAuthenticated() { - return authenticated; - } - - public void setAuthenticated(boolean authenticated) { - this.authenticated = authenticated; - } - - // public String getRequestedProtocolURL() { - // return requestedProtocolURL; - // } - // - // public void setRequestedProtocolURL(String requestedProtocolURL) { - // this.requestedProtocolURL = requestedProtocolURL; - // } - /** * Constructor for AuthenticationSession. * @@ -395,10 +167,17 @@ public class AuthenticationSession implements Serializable { public AuthenticationSession(String id, Date created) { sessionID = id; sessionCreated = created; - // setTimestampStart(); -// infoboxValidators = new ArrayList(); + + } + + public boolean isAuthenticated() { + return authenticated; } + public void setAuthenticated(boolean authenticated) { + this.authenticated = authenticated; + } + public X509Certificate getSignerCertificate() { try { return new X509Certificate(signerCertificate); @@ -461,24 +240,6 @@ public class AuthenticationSession implements Serializable { } /** - * Returns the oaURLRequested. - * - * @return String - */ - public String getOAURLRequested() { - return oaURLRequested; - } - - /** - * Returns the oaURLRequested. - * - * @return String - */ - public String getPublicOAURLPrefix() { - return oaPublicURLPrefix; - } - - /** * Returns the BKU URL. * * @return String @@ -486,54 +247,7 @@ public class AuthenticationSession implements Serializable { public String getBkuURL() { return bkuURL; } - - /** - * Returns the target. - * - * @return String - */ - public String getTarget() { - return target; - } - - /** - * Returns the sourceID. - * - * @return String - */ - public String getSourceID() { - return sourceID; - } - - /** - * Returns the target friendly name. - * - * @return String - */ - public String getTargetFriendlyName() { - return targetFriendlyName; - } - - /** - * Sets the oaURLRequested. - * - * @param oaURLRequested - * The oaURLRequested to set - */ - public void setOAURLRequested(String oaURLRequested) { - this.oaURLRequested = oaURLRequested; - } - - /** - * Sets the oaPublicURLPrefix - * - * @param oaPublicURLPrefix - * The oaPublicURLPrefix to set - */ - public void setPublicOAURLPrefix(String oaPublicURLPrefix) { - this.oaPublicURLPrefix = oaPublicURLPrefix; - } - + /** * Sets the bkuURL * @@ -543,63 +257,7 @@ public class AuthenticationSession implements Serializable { public void setBkuURL(String bkuURL) { this.bkuURL = bkuURL; } - - /** - * Sets the target. If the target includes the target prefix, the prefix will be stripped off. - * - * @param target - * The target to set - */ - public void setTarget(String target) { - if (target != null && target.startsWith(TARGET_PREFIX_)) { - // If target starts with prefix "urn:publicid:gv.at:cdid+"; remove - // prefix - this.target = target.substring(TARGET_PREFIX_.length()); - Logger.debug("Target prefix stripped off; resulting target: " + this.target); - } else { - this.target = target; - } - } - - /** - * Sets the sourceID - * - * @param sourceID - * The sourceID to set - */ - public void setSourceID(String sourceID) { - this.sourceID = sourceID; - } - - /** - * Sets the target. If the target includes the target prefix, the prefix will be stripped off. - * - * @param target - * The target to set - */ - public void setTargetFriendlyName(String targetFriendlyName) { - this.targetFriendlyName = targetFriendlyName; - } - - /** - * Returns the authURL. - * - * @return String - */ - public String getAuthURL() { - return authURL; - } - - /** - * Sets the authURL. - * - * @param authURL - * The authURL to set - */ - public void setAuthURL(String authURL) { - this.authURL = authURL; - } - + /** * Returns the authBlock. * @@ -619,61 +277,6 @@ public class AuthenticationSession implements Serializable { this.authBlock = authBlock; } - /** - * Returns the businessService. - * - * @return <code>true</code> if the corresponding online application is a business application, - * otherwise <code>false</code> - */ - public boolean getBusinessService() { - return businessService; - } - - /** - * Sets the businessService variable. - * - * @param businessService - * the value for setting the businessService variable. - */ - public void setBusinessService(boolean businessService) { - this.businessService = businessService; - } - - - /** - * Returns the storkService. - * - * @return <code>true</code> if the corresponding online application is a stork application, - * otherwise <code>false</code> - */ - public boolean getStorkService() { - return storkService; - } - - /** - * Sets the storkService variable. - * - * @param storkService - * the value for setting the storkService variable. - */ - public void setStorkService(boolean storkService) { - this.storkService = storkService; - } - - /** - * @return template URL - */ - public String getTemplateURL() { - return templateURL; - } - - /** - * @param string - * the template URL - */ - public void setTemplateURL(String string) { - templateURL = string; - } /** * Returns the SAML Attributes to be appended to the AUTHBlock. Maybe <code>null</code>. @@ -761,145 +364,6 @@ public class AuthenticationSession implements Serializable { this.issueInstant = issueInstant; } -// /** -// * Returns the iterator to the stored infobox validators. -// * -// * @return Iterator -// */ -// public Iterator getInfoboxValidatorIterator() { -// if (infoboxValidators == null) return null; -// return infoboxValidators.iterator(); -// } - - // /** - // * Adds an infobox validator class to the stored infobox validators. - // * - // * @param infoboxIdentifier - // * the identifier of the infobox the validator belongs to - // * @param infoboxFriendlyName - // * the friendly name of the infobox - // * @param infoboxValidator - // * the infobox validator to add - // */ - // public Iterator addInfoboxValidator(String infoboxIdentifier, - // String infoboxFriendlyName, InfoboxValidator infoboxValidator) { - // if (infoboxValidators == null) - // infoboxValidators = new ArrayList(); - // Vector v = new Vector(3); - // v.add(infoboxIdentifier); - // v.add(infoboxFriendlyName); - // v.add(infoboxValidator); - // infoboxValidators.add(v); - // return infoboxValidators.iterator(); - // } - -// /** -// * Tests for pending input events of the infobox validators. -// * -// * @return true if a validator has a form to show -// */ -// public boolean isValidatorInputPending() { -// boolean result = false; -// Iterator iter = getInfoboxValidatorIterator(); -// if (iter != null) { -// while (!result && iter.hasNext()) { -// Vector infoboxValidatorVector = (Vector) iter.next(); -// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2); -// if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) result = true; -// } -// } -// return result; -// } - - // /** - // * Returns the first pending infobox validator. - // * - // * @return the infobox validator class - // */ - // public InfoboxValidator getFirstPendingValidator() { - // Iterator iter = getInfoboxValidatorIterator(); - // if (iter != null) { - // while (iter.hasNext()) { - // Vector infoboxValidatorVector = (Vector) iter.next(); - // InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - // .get(2); - // String form = infoboxvalidator.getForm(); - // if (!ParepUtils.isEmpty(form)) - // return infoboxvalidator; - // } - // } - // return null; - // } - - // /** - // * Returns the input form of the first pending infobox validator input - // * processor. - // * - // * @return the form to show - // */ - // public String getFirstValidatorInputForm() { - // Iterator iter = getInfoboxValidatorIterator(); - // if (iter != null) { - // while (iter.hasNext()) { - // Vector infoboxValidatorVector = (Vector) iter.next(); - // InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - // .get(2); - // String form = infoboxvalidator.getForm(); - // if (!ParepUtils.isEmpty(form)) - // return form; - // } - // } - // return null; - // } - - /** - * Returns domain identifier (the register and number in the register parameter). - * <code>null</code> in the case of not a business service. - * - * @return the domainIdentifier - */ - public String getDomainIdentifier() { - return domainIdentifier; - } - - /** - * Sets the register and number in the register parameter if the application is a business - * service. If the domain identifier includes the registerAndOrdNr prefix, the prefix will be - * stripped off. - * - * @param domainIdentifier - * the domain identifier to set - */ - public void setDomainIdentifier(String domainIdentifier) { - if (domainIdentifier != null && domainIdentifier.startsWith(REGISTERANDORDNR_PREFIX_)) { - // If domainIdentifier starts with prefix - // "urn:publicid:gv.at:wbpk+"; remove this prefix - this.domainIdentifier = domainIdentifier.substring(REGISTERANDORDNR_PREFIX_.length()); - Logger.debug("Register and ordernumber prefix stripped off; resulting register string: " + this.domainIdentifier); - } else { - this.domainIdentifier = domainIdentifier; - } - } - - /** - * Gets all identifiers of infoboxes, the online application is configured to accept. The - * infobox identifiers are comma separated. - * - * @return the string containing infobox identifiers - */ - public String getPushInfobox() { - if (pushInfobox == null) return ""; - return pushInfobox; - } - - /** - * @param pushInfobox - * the infobox identifiers to set (comma separated) - */ - public void setPushInfobox(String pushInfobox) { - this.pushInfobox = pushInfobox; - } - /** * * @param useMandate @@ -907,19 +371,22 @@ public class AuthenticationSession implements Serializable { */ public void setUseMandate(String useMandate) { if (useMandate.compareToIgnoreCase("true") == 0) - this.useMandate = true; + this.useMandates = true; else - this.useMandate = false; + this.useMandates = false; + + } + + public void setUseMandates(boolean useMandates) { + this.useMandates = useMandates; } /** - * Returns if mandate is used or not - * * @return */ - public boolean getUseMandate() { - return this.useMandate; + public boolean isMandateUsed() { + return this.useMandates; } /** @@ -954,34 +421,7 @@ public class AuthenticationSession implements Serializable { public void setMandateReferenceValue(String mandateReferenceValue) { this.mandateReferenceValue = mandateReferenceValue; } - - /** - * Gets the STORK SAML AuthnRequest - * - * @return STORK SAML AuthnRequest - */ - public STORKAuthnRequest getStorkAuthnRequest() { - return storkAuthnRequest; - } - - /** - * Sets the STORK SAML AuthnRequest - * - * @param storkAuthnRequest - * STORK SAML AuthnRequest - */ - public void setStorkAuthnRequest(STORKAuthnRequest storkAuthnRequest) { - this.storkAuthnRequest = storkAuthnRequest; - } - - public String getCcc() { - return ccc; - } - - public void setCcc(String ccc) { - this.ccc = ccc; - } - + public boolean isForeigner() { return isForeigner; } @@ -1005,24 +445,7 @@ public class AuthenticationSession implements Serializable { public void setMISMandate(MISMandate mandate) { this.mandate = mandate; } - - /** - * @return the ssoRequested - */ - - // TODO: SSO only allowed without mandates, actually!!!!!! - public boolean isSsoRequested() { - return ssoRequested && !useMandate; - } - - /** - * @param ssoRequested - * the ssoRequested to set - */ - public void setSsoRequested(boolean ssoRequested) { - this.ssoRequested = ssoRequested; - } - + /** * @return the isOW */ @@ -1054,24 +477,8 @@ public class AuthenticationSession implements Serializable { } /** - * Memorizes the stork attribute list. - * - * @param personalAttributeList the new stork attributes - */ - public void setStorkAttributes(IPersonalAttributeList personalAttributeList) { - this.storkAttributes = personalAttributeList; - } - - /** - * Recalls the stork attribute list. - * - * @return the stork attributes - */ - public IPersonalAttributeList getStorkAttributes() { - return this.storkAttributes; - } - - /** + * eIDAS QAA level + * * @return the qAALevel */ public String getQAALevel() { @@ -1079,6 +486,8 @@ public class AuthenticationSession implements Serializable { } /** + * set QAA level in eIDAS form + * * @param qAALevel the qAALevel to set */ public void setQAALevel(String qAALevel) { @@ -1086,40 +495,93 @@ public class AuthenticationSession implements Serializable { } /** - * @return the storkAuthnResponse - */ - public String getStorkAuthnResponse() { - return storkAuthnResponse; - } - - /** - * @param storkAuthnResponse the storkAuthnResponse to set - */ - public void setStorkAuthnResponse(String storkAuthnResponse) { - this.storkAuthnResponse = storkAuthnResponse; - } - - /** * @return the sessionCreated */ public Date getSessionCreated() { return sessionCreated; } - /** - * Returns the identifier of the process instance associated with this moaid session. - * @return The process instance id (may be {@code null} if no process has been created yet). - */ - public String getProcessInstanceId() { - return processInstanceId; + public Map<String, Object> getGenericSessionDataStorage() { + return genericSessionDataStorate; } - + + /** - * Sets the process instance identifier in order to associate a certain process instance with this moaid session. - * @param processInstanceId The process instance id. + * Returns a generic session-data object with is stored with a specific identifier + * + * @param key The specific identifier of the session-data object + * @return The session-data object or null if no data is found with this key */ - public void setProcessInstanceId(String processInstanceId) { - this.processInstanceId = processInstanceId; + public Object getGenericDataFromSession(String key) { + if (MiscUtil.isNotEmpty(key)) { + return genericSessionDataStorate.get(key); + + } + + Logger.warn("Can not load generic session-data with key='null'"); + return null; + + } + + /** + * Returns a generic session-data object with is stored with a specific identifier + * + * @param key The specific identifier of the session-data object + * @param clazz The class type which is stored with this key + * @return The session-data object or null if no data is found with this key + */ + public <T> T getGenericDataFromSession(String key, final Class<T> clazz) { + if (MiscUtil.isNotEmpty(key)) { + Object data = genericSessionDataStorate.get(key); + + if (data == null) + return null; + + try { + @SuppressWarnings("unchecked") + T test = (T) data; + return test; + + } catch (Exception e) { + Logger.warn("Generic authentication-data object can not be casted to requsted type", e); + return null; + + } + + } + + Logger.warn("Can not load generic session-data with key='null'"); + return null; + } + /** + * Store a generic data-object to session with a specific identifier + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface + * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage + */ + public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { + if (MiscUtil.isEmpty(key)) { + Logger.warn("Generic session-data can not be stored with a 'null' key"); + throw new SessionDataStorageException("Generic session-data can not be stored with a 'null' key", null); + + } + + if (object != null) { + if (!Serializable.class.isInstance(object)) { + Logger.warn("Generic session-data can only store objects which implements the 'Seralizable' interface"); + throw new SessionDataStorageException("Generic session-data can only store objects which implements the 'Seralizable' interface", null); + + } + } + + if (genericSessionDataStorate.containsKey(key)) + Logger.debug("Overwrite generic session-data with key:" + key); + else + Logger.trace("Add generic session-data with key:" + key + " to session."); + + genericSessionDataStorate.put(key, object); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java new file mode 100644 index 000000000..4a764e362 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java @@ -0,0 +1,44 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.data; + +/** + * @author tlenz + * + */ +public class AuthenticationSessionStorageConstants { + + public static final String PREFIX_STORK = "stork_"; + public static final String PREFIX_eIDAS = "eIDAS_"; + + public static final String STORK_ATTRIBUTELIST = PREFIX_STORK + "attributelist"; + public static final String STORK_REQUEST = PREFIX_STORK + "request"; + public static final String STORK_RESPONSE = PREFIX_STORK + "response"; + public static final String STORK_CCC = PREFIX_STORK + "ccc"; + + public static final String eIDAS_ATTRIBUTELIST = PREFIX_eIDAS + "attributeList"; + public static final String eIDAS_RESPONSE = PREFIX_eIDAS + "response"; + + public static final String FEDERATION_RESPONSE_VALIDE_TO = "federationRespValidTo"; +} + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/AuthenticationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/AuthenticationException.java index 31a3e38dc..8fc6368fc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/AuthenticationException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/AuthenticationException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; /** * Exception thrown during handling of AuthenticationSession diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java index 9c2960c4c..ffbb6a19e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BKUException.java @@ -22,6 +22,8 @@ ******************************************************************************/ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + public class BKUException extends MOAIDException { private static final long serialVersionUID = -4646544256490397419L; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BuildException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BuildException.java index 155a18f15..b31354927 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BuildException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/BuildException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; /** * Exception thrown while building an XML or HTML structure. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DatabaseEncryptionException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DatabaseEncryptionException.java index 69802d7e6..f62bbc4bd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DatabaseEncryptionException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DatabaseEncryptionException.java @@ -22,6 +22,8 @@ */ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + /** * @author tlenz * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DynamicOABuildException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DynamicOABuildException.java index 554cf7370..f43471f0a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DynamicOABuildException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/DynamicOABuildException.java @@ -22,6 +22,8 @@ */ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + /** * @author tlenz * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ECDSAConverterException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ECDSAConverterException.java index 2b277736d..20e544330 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ECDSAConverterException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ECDSAConverterException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; /** * Exception thrown while converting ECDSAKeys from/to an XML structure. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/InvalidProtocolRequestException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/InvalidProtocolRequestException.java index 4f68bbac0..c6b8a4b6e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/InvalidProtocolRequestException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/InvalidProtocolRequestException.java @@ -22,6 +22,8 @@ */ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + /** * @author tlenz * @@ -41,4 +43,7 @@ public class InvalidProtocolRequestException extends MOAIDException { super(messageId, parameters); } + public InvalidProtocolRequestException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java index c80cbea26..718c35df3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MISSimpleClientException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
public class MISSimpleClientException extends MOAIDException {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIDException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIDException.java deleted file mode 100644 index 165fee599..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIDException.java +++ /dev/null @@ -1,209 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.exception; - -import java.io.PrintStream; -import java.io.PrintWriter; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; - -import org.w3c.dom.DOMImplementation; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.util.Constants; - -/** - * Base class of technical MOA exceptions. - * - * Technical exceptions are exceptions that originate from system failure (e.g., - * a database connection fails, a component is not available, etc.) - * - * @author Patrick Peck, Ivancsics Paul - * @version $Id$ - */ -public class MOAIDException extends Exception { - /** - * - */ - private static final long serialVersionUID = -1507246171708083912L; -/** message ID */ - private String messageId; - /** wrapped exception */ - private Throwable wrapped; - - /** - * Create a new <code>MOAIDException</code>. - * - * @param messageId The identifier of the message associated with this - * exception. - * @param parameters Additional message parameters. - */ - public MOAIDException(String messageId, Object[] parameters) { - super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); - this.messageId = messageId; - } - - /** - * Create a new <code>MOAIDException</code>. - * - * @param messageId The identifier of the message associated with this - * <code>MOAIDException</code>. - * @param parameters Additional message parameters. - * @param wrapped The exception wrapped by this - * <code>MOAIDException</code>. - */ - public MOAIDException( - String messageId, - Object[] parameters, - Throwable wrapped) { - - super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); - this.messageId = messageId; - this.wrapped = wrapped; - } - - /** - * Print a stack trace of this exception to <code>System.err</code>. - * - * @see java.lang.Throwable#printStackTrace() - */ - public void printStackTrace() { - printStackTrace(System.err); - } - - /** - * Print a stack trace of this exception, including the wrapped exception. - * - * @param s The stream to write the stack trace to. - * @see java.lang.Throwable#printStackTrace(java.io.PrintStream) - */ - public void printStackTrace(PrintStream s) { - if (getWrapped() == null) - super.printStackTrace(s); - else { - s.print("Root exception: "); - getWrapped().printStackTrace(s); - } - } - - /** - * Print a stack trace of this exception, including the wrapped exception. - * - * @param s The stream to write the stacktrace to. - * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter) - */ - public void printStackTrace(PrintWriter s) { - if (getWrapped() == null) - super.printStackTrace(s); - else { - s.print("Root exception: "); - getWrapped().printStackTrace(s); - } - } - - /** - * @return message ID - */ - public String getMessageId() { - return messageId; - } - - /** - * @return wrapped exception - */ - public Throwable getWrapped() { - return wrapped; - } - - /** - * Convert this <code>MOAIDException</code> to an <code>ErrorResponse</code> - * element from the MOA namespace. - * - * @return An <code>ErrorResponse</code> element, containing the subelements - * <code>ErrorCode</code> and <code>Info</code> required by the MOA schema. - */ - public Element toErrorResponse() { - DocumentBuilder builder; - DOMImplementation impl; - Document doc; - Element errorResponse; - Element errorCode; - Element info; - - // create a new document - try { - builder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); - impl = builder.getDOMImplementation(); - } catch (ParserConfigurationException e) { - return null; - } - - // build the ErrorResponse element - doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null); - errorResponse = doc.getDocumentElement(); - - // add MOA namespace declaration - errorResponse.setAttributeNS( - Constants.XMLNS_NS_URI, - "xmlns", - Constants.MOA_NS_URI); - - // build the child elements - errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode"); - errorCode.appendChild(doc.createTextNode(messageId)); - info = doc.createElementNS(Constants.MOA_NS_URI, "Info"); - info.appendChild(doc.createTextNode(toString())); - errorResponse.appendChild(errorCode); - errorResponse.appendChild(info); - return errorResponse; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIllegalStateException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIllegalStateException.java new file mode 100644 index 000000000..bc19a3f39 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOAIllegalStateException.java @@ -0,0 +1,46 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.exception; + +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + +/** + * @author tlenz + * + */ +public class MOAIllegalStateException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 613582783125887683L; + + /** + * + */ + public MOAIllegalStateException(String code, Object[] params) { + super(code, params); + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOASPException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOASPException.java index 42fa5c6a7..d498c3209 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOASPException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/MOASPException.java @@ -22,6 +22,8 @@ ******************************************************************************/ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + public class MOASPException extends MOAIDException { private static final long serialVersionUID = -4646544256490397419L; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ParseException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ParseException.java index 83d0a398b..aac5fcddb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ParseException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ParseException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; /** * Exception thrown while parsing an XML structure. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ProtocolNotActiveException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ProtocolNotActiveException.java index fe2bcedca..2d09384a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ProtocolNotActiveException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ProtocolNotActiveException.java @@ -22,6 +22,8 @@ */ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + /** * @author tlenz * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ServiceException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ServiceException.java index 3bdf8f743..b892424d9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ServiceException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ServiceException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; /** * Exception thrown while calling the MOA-SPSS web service. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ValidateException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ValidateException.java index 0385352d2..124ae771a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ValidateException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/ValidateException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; /** * Exception thrown while validating an incoming XML structure diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/WrongParametersException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/WrongParametersException.java index 895a2aeef..c83d1580b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/WrongParametersException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/WrongParametersException.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.exception; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; /** * Exception thrown when the <code>AuthenticationServer</code> API is diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java new file mode 100644 index 000000000..a82ba501c --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java @@ -0,0 +1,169 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.invoke; + +import javax.xml.namespace.QName; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.exception.ServiceException; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.spss.api.SignatureVerificationService; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * Invoker of the <code>SignatureVerification</code> web service of MOA-SPSS.<br> + * Either invokes the web service, or calls the corresponding API, depending on configuration data. + * + * @author Stefan Knirsch + * @version $Id$ + */ +public class SignatureVerificationInvoker { + + private static SignatureVerificationInvoker instance = null; + private SignatureVerificationService svs = null; + + /** This QName Object identifies the SignatureVerification endpoint of the web service */ + private static final QName SERVICE_QNAME = new QName("SignatureVerification"); + + + public static SignatureVerificationInvoker getInstance() { + if (instance == null) { + instance = new SignatureVerificationInvoker(); + + } + + return instance; + } + + private SignatureVerificationInvoker() { + try { + AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance(); + ConnectionParameterInterface authConnParam = authConfigProvider.getMoaSpConnectionParameter(); + + if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) { + + + } else { + svs = SignatureVerificationService.getInstance(); + + } + + } catch (ConfigurationException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + } + + /** + * Method verifyXMLSignature. + * @param request to be sent + * @return Element with the answer + * @throws ServiceException if an error occurs + */ + public Element verifyXMLSignature(Element request) throws ServiceException { + return doCall(SERVICE_QNAME, request); + } + + /** + * Method doCall. + * @param serviceName the name of the service + * @param request the request to be sent + * @return Element the answer + * @throws ServiceException if an error occurs + */ + protected Element doCall(QName serviceName, Element request) throws ServiceException { + ConnectionParameterInterface authConnParam = null; + try { + AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance(); + authConnParam = authConfigProvider.getMoaSpConnectionParameter(); + //If the ConnectionParameter do NOT exist, we try to get the api to work.... + if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) { + + throw new ServiceException("service.00", new Object[]{"MOA-SP connection via Web-Service is not allowed any more!!!!!!"}); +// Service service = ServiceFactory.newInstance().createService(serviceName); +// Call call = service.createCall(); +// SOAPBodyElement body = new SOAPBodyElement(request); +// SOAPBodyElement[] params = new SOAPBodyElement[] { body }; +// Vector responses; +// SOAPBodyElement response; +// +// Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix()); +// call.setTargetEndpointAddress(authConnParam.getUrl()); +// responses = (Vector) call.invoke(serviceName, params); +// Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used +// response = (SOAPBodyElement) responses.get(0); +// return response.getAsDOM(); + } + else { + VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request); + + VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest); + Document result = new VerifyXMLSignatureResponseBuilder().build(vsresponse); + + //Logger.setHierarchy("moa.id.auth"); + return result.getDocumentElement(); + } + } + catch (Exception ex) { + if (authConnParam != null) { + throw new ServiceException("service.00", new Object[] { ex.toString()}, ex); + } else { + throw new ServiceException("service.03", new Object[] { ex.toString()}, ex); + } + } + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java index 67ddd170a..84ca9fa05 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/AbstractAuthServletTask.java @@ -1,20 +1,14 @@ package at.gv.egovernment.moa.id.auth.modules;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
-
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -24,18 +18,20 @@ import org.apache.commons.fileupload.FileUploadException; import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.apache.commons.lang3.ArrayUtils;
-
-import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.moduls.IRequestStorage;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.process.springweb.MoaIdTask;
-import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
-import at.gv.egovernment.moa.id.storage.IExceptionStore;
-import at.gv.egovernment.moa.id.util.ServletUtils;
+import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
+import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -45,159 +41,84 @@ import at.gv.egovernment.moa.util.MiscUtil; */
public abstract class AbstractAuthServletTask extends MoaIdTask {
+ @Autowired protected IRequestStorage requestStoreage;
+ @Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage;
+ @Autowired protected MOAReversionLogger revisionsLogger;
+ @Autowired protected AuthConfiguration authConfig;
+
protected static final String ERROR_CODE_PARAM = "errorid";
- protected void handleErrorNoRedirect(String errorMessage, Throwable exceptionThrown,
- HttpServletRequest req, HttpServletResponse resp) {
-
- if (null != errorMessage) {
- Logger.error(errorMessage);
- req.setAttribute("ErrorMessage", errorMessage);
- }
-
- if (null != exceptionThrown) {
- if (null == errorMessage)
- errorMessage = exceptionThrown.getMessage();
- Logger.error(errorMessage, exceptionThrown);
- req.setAttribute("ExceptionThrown", exceptionThrown);
- }
-
- if (Logger.isDebugEnabled()) {
- req.setAttribute("LogLevel", "debug");
- }
-
-
- StatisticLogger logger = StatisticLogger.getInstance();
- logger.logErrorOperation(exceptionThrown);
+ protected IRequest pendingReq = null;
+ protected AuthenticationSession moasession = null;
+
+ public abstract void execute(ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response) throws TaskExecutionException;
+
+
+ protected final IRequest internalExecute(IRequest pendingReq, ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response) throws TaskExecutionException {
+ //set pending-request object
+ this.pendingReq = pendingReq;
+ //execute task specific action
+ execute(executionContext, request, response);
- // forward this to errorpage-auth.jsp where the HTML error page is
- // generated
- ServletContext context = req.getServletContext();
- RequestDispatcher dispatcher = context
- .getRequestDispatcher("/errorpage-auth.jsp");
- try {
-
- resp.setHeader(HEADER_EXPIRES, HEADER_VALUE_EXPIRES);
- resp.setHeader(HEADER_PRAGMA, HEADER_VALUE_PRAGMA);
- resp.setHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL_IE);
-
- dispatcher.forward(req, resp);
- } catch (ServletException e) {
- Logger.error(e);
- } catch (IOException e) {
- Logger.error(e);
- }
+ //return pending-request object
+ return this.pendingReq;
}
+
/**
- * Handles an error. <br>>
- * <ul>
- * <li>Logs the error</li>
- * <li>Places error message and exception thrown into the request as request
- * attributes (to be used by <code>"/errorpage-auth.jsp"</code>)</li>
- * <li>Sets HTTP status 500 (internal server error)</li>
- * </ul>
+ * Default initialization loads the MOASession object from database
*
- * @param errorMessage
- * error message
- * @param exceptionThrown
- * exception thrown
* @param req
- * servlet request
- * @param resp
- * servlet response
+ * @param executionContext
+ * @throws MOAIDException
+ * @throws MOADatabaseException
*/
- protected void handleError(String errorMessage, Throwable exceptionThrown,
- HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) {
-
- if (null != errorMessage) {
- Logger.error(errorMessage);
- req.setAttribute("ErrorMessage", errorMessage);
- }
-
- if (null != exceptionThrown) {
- if (null == errorMessage)
- errorMessage = exceptionThrown.getMessage();
- Logger.error(errorMessage, exceptionThrown);
- req.setAttribute("ExceptionThrown", exceptionThrown);
- }
-
- if (Logger.isDebugEnabled()) {
- req.setAttribute("LogLevel", "debug");
- }
-
- if (!(exceptionThrown instanceof MOAIDException)) {
- Logger.error("Receive an internal error: Message=" + exceptionThrown.getMessage(), exceptionThrown);
-
+ protected void defaultTaskInitialization(HttpServletRequest req, ExecutionContext executionContext) throws MOAIDException, MOADatabaseException {
+ String moasessionid = pendingReq.getMOASessionIdentifier();
+ if (MiscUtil.isEmpty(moasessionid)) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
}
- IExceptionStore store = DBExceptionStoreImpl.getStore();
- String id = store.storeException(exceptionThrown);
-
- if (id != null && MiscUtil.isNotEmpty(pendingRequestID)) {
-
- String redirectURL = null;
-
- redirectURL = ServletUtils.getBaseUrl(req);
- redirectURL += "/dispatcher?" + ERROR_CODE_PARAM + "=" + id
- + "&" + DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID;
-
- resp.setContentType("text/html");
- resp.setStatus(302);
-
- resp.addHeader("Location", redirectURL);
- Logger.debug("REDIRECT TO: " + redirectURL);
+ try {
+ moasession = authenticatedSessionStorage.getSession(moasessionid);
- return;
-
- } else {
+ if (moasession == null) {
+ Logger.warn("MOASessionID is empty.");
+ throw new MOAIDException("auth.18", new Object[] {});
+ }
- //Exception can not be stored in database
- handleErrorNoRedirect(errorMessage, exceptionThrown, req, resp);
- }
- }
-
- /**
- * Handles a <code>WrongParametersException</code>.
- *
- * @param req
- * servlet request
- * @param resp
- * servlet response
- */
- protected void handleWrongParameters(WrongParametersException ex,
- HttpServletRequest req, HttpServletResponse resp) {
- Logger.error(ex.toString());
- req.setAttribute("WrongParameters", ex.getMessage());
+ } catch (MOADatabaseException e) {
+ Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
+ throw new MOAIDException("init.04", new Object[] { moasessionid });
- // forward this to errorpage-auth.jsp where the HTML error page is
- // generated
- ServletContext context = req.getServletContext();
- RequestDispatcher dispatcher = context
- .getRequestDispatcher("/errorpage-auth.jsp");
- try {
- setNoCachingHeaders(resp);
- dispatcher.forward(req, resp);
- } catch (ServletException e) {
- Logger.error(e);
- } catch (IOException e) {
- Logger.error(e);
+ } catch (Throwable e) {
+ Logger.info("No HTTP Session found!");
+ throw new MOAIDException("auth.18", new Object[] {});
}
+
}
/**
- * Logs all servlet parameters for debugging purposes.
+ * Redirect the authentication process to protocol specific finalization endpoint.
+ *
+ * @param pendingReq Actually processed protocol specific authentication request
+ * @param httpResp
*/
- protected void logParameters(HttpServletRequest req) {
- for (Enumeration params = req.getParameterNames(); params
- .hasMoreElements();) {
- String parname = (String) params.nextElement();
- Logger.debug("Parameter " + parname + req.getParameter(parname));
- }
+ protected void performRedirectToProtocolFinialization(IRequest pendingReq, HttpServletResponse httpResp) {
+ String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(),
+ AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT, pendingReq.getRequestID());
+
+ httpResp.setContentType("text/html");
+ httpResp.setStatus(302);
+ httpResp.addHeader("Location", redirectURL);
+ Logger.debug("REDIRECT TO: " + redirectURL);
+
}
-
+
/**
* Parses the request input stream for parameters, assuming parameters are
* encoded UTF-8 (no standard exists how browsers should encode them).
@@ -256,27 +177,7 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { }
}
- else {
- // request is encoded as application/x-www-urlencoded
- // [tknall]: we must not consume request body input stream once servlet-api request parameters have been accessed
-
- /*
- InputStream in = req.getInputStream();
-
- String paramName;
- String paramValueURLEncoded;
- do {
- paramName = new String(readBytesUpTo(in, '='));
- if (paramName.length() > 0) {
- paramValueURLEncoded = readBytesUpTo(in, '&');
- String paramValue = URLDecoder.decode(paramValueURLEncoded,
- "UTF-8");
- parameters.put(paramName, paramValue);
- }
- } while (paramName.length() > 0);
- in.close();
- */
-
+ else {
Iterator<Entry<String, String[]>> requestParamIt = req.getParameterMap().entrySet().iterator();
while (requestParamIt.hasNext()) {
Entry<String, String[]> entry = requestParamIt.next();
@@ -316,19 +217,6 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { }
/**
- * Sets response headers that prevent caching (code taken from {@link AuthServlet}).
- *
- * @param resp
- * The HttpServletResponse.
- */
- public void setNoCachingHeaders(HttpServletResponse resp) {
- resp.setHeader(HEADER_EXPIRES, HEADER_VALUE_EXPIRES);
- resp.setHeader(HEADER_PRAGMA, HEADER_VALUE_PRAGMA);
- resp.setHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL_IE);
- }
-
- /**
* Adds a parameter to a URL.
*
* @param url
@@ -347,32 +235,4 @@ public abstract class AbstractAuthServletTask extends MoaIdTask { else
return url + "&" + param;
}
-
- /**
- * Checks if HTTP requests are allowed
- *
- * @param authURL
- * requestURL
- * @throws AuthenticationException
- * if HTTP requests are not allowed
- * @throws ConfigurationException
- */
- protected void checkIfHTTPisAllowed(String authURL)
- throws AuthenticationException, ConfigurationException {
- // check if HTTP Connection may be allowed (through
- // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY)
-
- //Removed from MOA-ID 2.0 config
-// String boolStr = AuthConfigurationProvider
-// .getInstance()
-// .getGenericConfigurationParameter(
-// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY);
- if ((!authURL.startsWith("https:"))
- //&& (false == BoolUtils.valueOf(boolStr))
- )
- throw new AuthenticationException("auth.07", new Object[] { authURL
- + "*" });
-
- }
-
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java new file mode 100644 index 000000000..90795a416 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java @@ -0,0 +1,69 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules; + +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; + +/** + * @author tlenz + * + */ +public class BKUSelectionModuleImpl implements AuthModule { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() + */ + @Override + public int getPriority() { + return 0; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext) + */ + @Override + public String selectProcess(ExecutionContext context) { + boolean performBKUSelection = false; + Object performBKUSelectionObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION); + if (performBKUSelectionObj != null && performBKUSelectionObj instanceof Boolean) + performBKUSelection = (boolean) performBKUSelectionObj; + + if (performBKUSelection) + return "BKUSelectionProcess"; + + else + return null; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/internal/BKUSelection.process.xml" }; + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java new file mode 100644 index 000000000..d64126de6 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java @@ -0,0 +1,69 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules; + +import at.gv.egovernment.moa.id.process.api.ExecutionContext; + +/** + * @author tlenz + * + */ +public class SingleSignOnConsentsModuleImpl implements AuthModule { + + public static final String PARAM_SSO_CONSENTS_EVALUATION = "ssoconsentsevaluation"; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() + */ + @Override + public int getPriority() { + return 0; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext) + */ + @Override + public String selectProcess(ExecutionContext context) { + Object evaluationObj = context.get(PARAM_SSO_CONSENTS_EVALUATION); + if (evaluationObj != null && evaluationObj instanceof Boolean) { + boolean evaluateSSOConsents = (boolean) evaluationObj; + if (evaluateSSOConsents) { + return "SSOConsentsEvluationProcess"; + + } + } + + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/internal/SingleSignOnConsentEvaluator.process.xml" }; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/TaskExecutionException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/TaskExecutionException.java index 3e9f4cf14..1128cbab3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/TaskExecutionException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/TaskExecutionException.java @@ -22,7 +22,9 @@ */ package at.gv.egovernment.moa.id.auth.modules; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.ProcessExecutionException; +import at.gv.egovernment.moa.util.MiscUtil; /** * @author tlenz @@ -32,14 +34,18 @@ public class TaskExecutionException extends ProcessExecutionException { private static final long serialVersionUID = 1L; Throwable originalException = null; + String pendingRequestID = null; /** * @param message * @param cause */ - public TaskExecutionException(String message, Throwable cause) { + public TaskExecutionException(IRequest pendingReq, String message, Throwable cause) { super(message, cause); - originalException = cause; + this.originalException = cause; + + if (MiscUtil.isNotEmpty(pendingReq.getRequestID())) + this.pendingRequestID = pendingReq.getRequestID(); } @@ -50,7 +56,19 @@ public class TaskExecutionException extends ProcessExecutionException { */ public Throwable getOriginalException() { return originalException; + } + + /** + * Get the pending-request ID of that request, which was processed when the exception occurs + * + * @return the pendingRequestID + */ + public String getPendingRequestID() { + return pendingRequestID; + } + + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java deleted file mode 100644 index 4a6ecd56a..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateInterfedeartionRequestTask.java +++ /dev/null @@ -1,297 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks; - -import java.lang.reflect.InvocationTargetException; -import java.security.NoSuchAlgorithmException; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.joda.time.DateTime; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.AuthnContextClassRef; -import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; -import org.opensaml.saml2.core.AuthnRequest; -import org.opensaml.saml2.core.Issuer; -import org.opensaml.saml2.core.NameID; -import org.opensaml.saml2.core.NameIDPolicy; -import org.opensaml.saml2.core.NameIDType; -import org.opensaml.saml2.core.RequestedAuthnContext; -import org.opensaml.saml2.metadata.EntityDescriptor; -import org.opensaml.saml2.metadata.SingleSignOnService; -import org.opensaml.saml2.metadata.provider.MetadataProviderException; -import org.opensaml.ws.message.encoder.MessageEncodingException; -import org.opensaml.xml.security.SecurityException; - -import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; -import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; -import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -/** - * @author tlenz - * - */ -public class CreateInterfedeartionRequestTask extends AbstractAuthServletTask { - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) - */ - @Override - public void execute(ExecutionContext executionContext, - HttpServletRequest request, HttpServletResponse response) - throws TaskExecutionException { - boolean requiredLocalAuthentication = true; - - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - - String idpEntityID = - (String) executionContext.get(MOAIDAuthConstants.PROCESSCONTEXT_INTERFEDERATION_ENTITYID); - - if (MiscUtil.isEmpty(idpEntityID)) { - Logger.info("Interfederation not possible -> not inderfederation IDP EntityID found!"); - throw new TaskExecutionException("Interfederation not possible", new MOAIDException("No inderfederation-IDP EntityID found.", null)); - - } - - //TODO: create MOASession - //TODO: set relayState to MOASession - //TODO: add support for requested attributes (from context and from metadata) - - - try { - OAAuthParameter idp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(idpEntityID); - OAAuthParameter sp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(pendingReq.getOAURL()); - - if (!idp.isInderfederationIDP() || !idp.isInboundSSOInterfederationAllowed()) { - Logger.info("Requested interfederation IDP " + pendingReq.getRequestedIDP() + " is not valid for interfederation."); - Logger.debug("isInderfederationIDP:" + String.valueOf(idp.isInderfederationIDP()) - + " isInboundSSOAllowed:" + String.valueOf(idp.isInboundSSOInterfederationAllowed())); - Logger.info("Switch to local authentication on this IDP ... "); - - executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_REQUIRELOCALAUTHENTICATION, true); - return; - - } - - - - - EntityDescriptor idpEntity = MOAMetadataProvider.getInstance(). - getEntityDescriptor(idpEntityID); - - if (idpEntity != null ) { - - //fetch endpoint from IDP metadata - SingleSignOnService redirectEndpoint = null; - for (SingleSignOnService sss : - idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) { - - // use POST binding as default if it exists - //TODO: maybe use RedirectBinding as default - if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { - redirectEndpoint = sss; - - } else if ( sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) && - redirectEndpoint == null ) - redirectEndpoint = sss; - } - - if (redirectEndpoint != null) { - - AuthnRequest authReq = SAML2Utils - .createSAMLObject(AuthnRequest.class); - SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); - authReq.setID(gen.generateIdentifier()); - - //send passive AuthnRequest - authReq.setIsPassive(idp.isPassivRequestUsedForInterfederation()); - - authReq.setAssertionConsumerServiceIndex(0); - authReq.setIssueInstant(new DateTime()); - Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - issuer.setValue(pendingReq.getAuthURLWithOutSlash()); - - issuer.setFormat(NameIDType.ENTITY); - authReq.setIssuer(issuer); - NameIDPolicy policy = SAML2Utils - .createSAMLObject(NameIDPolicy.class); - policy.setAllowCreate(true); - policy.setFormat(NameID.TRANSIENT); - authReq.setNameIDPolicy(policy); - - authReq.setDestination(redirectEndpoint.getLocation()); - - RequestedAuthnContext reqAuthContext = - SAML2Utils.createSAMLObject(RequestedAuthnContext.class); - - AuthnContextClassRef authnClassRef = - SAML2Utils.createSAMLObject(AuthnContextClassRef.class); - - //check if STORK protocol module is in ClassPath - Object storkRequst = null; - Integer storkSecClass = null; - try { - storkRequst = Class.forName("at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest").newInstance(); - if (storkRequst != null && - pendingReq.getClass().isInstance(storkRequst)) { - Object storkAuthnRequest = pendingReq.getClass().getMethod("getStorkAuthnRequest", null).invoke(pendingReq, null); - storkSecClass = (Integer) storkAuthnRequest.getClass().getMethod("getQaa", null).invoke(storkAuthnRequest, null); - - } - - } catch (ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) { - - - } - - - if (sp != null && sp.isSTORKPVPGateway()){ - //use PVP SecClass instead of STORK QAA level - String secClass = null; - if (storkRequst != null && - pendingReq.getClass().isInstance(storkRequst)) { - - try { - secClass = PVPtoSTORKMapper.getInstance().mapToSecClass( - PVPConstants.STORK_QAA_PREFIX + String.valueOf(storkSecClass)); - - } catch (Exception e) { - Logger.warn("STORK-QAA level can not read from STORK request. Use default QAA 4", e); - - } - } - - if (MiscUtil.isNotEmpty(secClass)) - authnClassRef.setAuthnContextClassRef(secClass); - else - authnClassRef.setAuthnContextClassRef("http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3"); - - } else { - if (storkRequst != null && - pendingReq.getClass().isInstance(storkRequst)) { - //use requested QAA level from STORK request - try { - authnClassRef.setAuthnContextClassRef( - PVPConstants.STORK_QAA_PREFIX + String.valueOf(storkSecClass)); - Logger.debug("Use STORK-QAA level " + authnClassRef.getAuthnContextClassRef() - + " from STORK request"); - - } catch (Exception e) { - Logger.warn("STORK-QAA level can not read from STORK request. Use default QAA 4", e); - - } - - } - - if (MiscUtil.isEmpty(authnClassRef.getAuthnContextClassRef())) - authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); - - } - - reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM); - reqAuthContext.getAuthnContextClassRefs().add(authnClassRef); - authReq.setRequestedAuthnContext(reqAuthContext); - - IEncoder binding = null; - if (redirectEndpoint.getBinding().equals( - SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { - binding = new RedirectBinding(); - - } else if (redirectEndpoint.getBinding().equals( - SAMLConstants.SAML2_POST_BINDING_URI)) { - binding = new PostBinding(); - - } - - binding.encodeRequest(request, response, authReq, - redirectEndpoint.getLocation(), pendingReq.getRequestID()); - - //build and send request without an error - requiredLocalAuthentication = false; - - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), - pendingReq, MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION_IDP, idpEntity.getEntityID()); - - - } else { - Logger.warn("Requested IDP " + pendingReq.getRequestedIDP() - + " does not support POST or Redirect Binding."); - - } - - } else { - Logger.warn("Requested IDP " + pendingReq.getRequestedIDP() - + " is not found in InterFederation configuration"); - - } - - } catch (MetadataProviderException e) { - Logger.error("IDP metadata error." , e); - - } catch (NoSuchAlgorithmException e) { - Logger.error("Build IDP authentication request FAILED.", e); - - } catch (MessageEncodingException e) { - Logger.error("Build IDP authentication request FAILED.", e); - - } catch (SecurityException e) { - Logger.error("Build IDP authentication request FAILED.", e); - - } catch (PVP2Exception e) { - Logger.error("Build IDP authentication request FAILED.", e); - - } catch (ConfigurationException e1) { - Logger.error("Build IDP authentication request FAILED.", e1); - - } - - //set flag for next step - executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_REQUIRELOCALAUTHENTICATION, - requiredLocalAuthentication); - - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateBKUSelectionTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateBKUSelectionTask.java new file mode 100644 index 000000000..42789d01d --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateBKUSelectionTask.java @@ -0,0 +1,77 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import java.util.Enumeration; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Component("EvaluateBKUSelectionTask") +public class EvaluateBKUSelectionTask extends AbstractAuthServletTask { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try { + // set parameter execution context + Enumeration<String> reqParamNames = request.getParameterNames(); + while(reqParamNames.hasMoreElements()) { + String paramName = reqParamNames.nextElement(); + if (MiscUtil.isNotEmpty(paramName) && + !MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID.equalsIgnoreCase(paramName)) + executionContext.put(paramName, + StringEscapeUtils.escapeHtml(request.getParameter(paramName))); + + } + + //remove BKU-selection flag from context + executionContext.remove(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION); + + Logger.info("BKU is selected finished -> Start BKU selection evaluation ..."); + + } catch (Exception e) { + Logger.warn("EvaluateBKUSelectionTask has an internal error", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java new file mode 100644 index 000000000..dfb90da3a --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java @@ -0,0 +1,119 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.moduls.SSOManager; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * Evaluate the Single Sign-On user consent + * + * @author tlenz + * + */ +@Component("EvaluateSSOConsentsTaskImpl") +public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask { + + private static final String PARAM_SSO_CONSENTS = "value"; + + @Autowired private SSOManager ssoManager; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try { + //evaluate SSO consents flag + String ssoConsentsString = request.getParameter(PARAM_SSO_CONSENTS); + ssoConsentsString = StringEscapeUtils.escapeHtml(ssoConsentsString); + if (!ParamValidatorUtils.isValidUseMandate(ssoConsentsString)) + throw new WrongParametersException("EvaluateSSOConsentsTaskImpl", PARAM_SSO_CONSENTS, null); + + boolean ssoConsents = false; + if (MiscUtil.isNotEmpty(ssoConsentsString)) + ssoConsents = Boolean.parseBoolean(ssoConsentsString); + + //perform default task initialization + defaultTaskInitialization(request, executionContext); + + //check SSO session cookie and MOASession object + String ssoId = ssoManager.getSSOSessionID(request); + boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq); + if (!(isValidSSOSession && moasession.isAuthenticated() )) { + Logger.info("Single Sign-On consents evaluator found NO valid SSO session. Stopping authentication process ..."); + throw new AuthenticationException("auth.30", null); + + } + + //Log consents evaluator event to revisionslog + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED, String.valueOf(ssoConsents)); + + //user allow single sign-on authentication + if (ssoConsents) { + //authenticate pending-request + pendingReq.setAuthenticated(true); + pendingReq.setAbortedByUser(false); + + } else { + //user deny single sign-on authentication + Logger.debug("User deny the Single Sign-On authentication for SP: " + pendingReq.getOAURL()); + pendingReq.setAbortedByUser(true); + + } + + //store pending-request + requestStoreage.storePendingRequest(pendingReq); + + //redirect to auth. protocol finalization + performRedirectToProtocolFinialization(pendingReq, response); + + } catch (MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (Exception e) { + Logger.warn("FinalizeAuthenticationTask has an internal error", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java index 8add03da7..6a1ed7203 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java @@ -22,29 +22,24 @@ */ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import org.springframework.stereotype.Component; + import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; /** * @author tlenz * */ +@Component("FinalizeAuthenticationTask") public class FinalizeAuthenticationTask extends AbstractAuthServletTask { /* (non-Javadoc) @@ -56,63 +51,32 @@ public class FinalizeAuthenticationTask extends AbstractAuthServletTask { throws TaskExecutionException { try { - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - - //get Session from context - String moasessionid = (String) executionContext.get(PARAM_SESSIONID); - AuthenticationSession session = null; - if (MiscUtil.isEmpty(moasessionid)) { - Logger.warn("MOASessionID is empty."); - throw new MOAIDException("auth.18", new Object[] {}); - } - - try { - session = AuthenticationSessionStoreage.getSession(moasessionid); - AuthenticationSessionStoreage.changeSessionID(session); - - } catch (MOADatabaseException e) { - Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database"); - throw new MOAIDException("init.04", new Object[] { moasessionid }); + defaultTaskInitialization(request, executionContext); + + //set MOASession to authenticated and store MOASession + moasession.setAuthenticated(true); + String newMOASessionID = authenticatedSessionStorage.changeSessionID(moasession); - } catch (Throwable e) { - Logger.info("No HTTP Session found!"); - throw new MOAIDException("auth.18", new Object[] {}); - - } finally { - executionContext.remove(PARAM_SESSIONID); - - } + //set pendingRequest to authenticated and set new MOASessionID + ((RequestImpl)pendingReq).setMOASessionIdentifier(newMOASessionID); + pendingReq.setAuthenticated(true); + requestStoreage.storePendingRequest(pendingReq); - - session.setAuthenticatedUsed(false); - session.setAuthenticated(true); - - - String oldsessionID = session.getSessionID(); - - //Session is implicte stored in changeSessionID!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - - Logger.info("AuthProcess finished. Redirect to Protocol Dispatcher."); - - String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), - ModulUtils.buildAuthURL(pendingReq.requestedModule(), pendingReq.requestedAction(), pendingReq.getRequestID()), newMOASessionID); - - response.setContentType("text/html"); - response.setStatus(302); - response.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); - + Logger.info("AuthProcess finished. Redirect to Protocol Dispatcher."); + performRedirectToProtocolFinialization(pendingReq, response); + } catch (MOAIDException e) { - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } catch (Exception e) { Logger.warn("FinalizeAuthenticationTask has an internal error", e); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } finally { + executionContext.remove(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID); } - + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java new file mode 100644 index 000000000..c582050ad --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateBKUSelectionFrameTask.java @@ -0,0 +1,96 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.frontend.builder.ServiceProviderSpecificGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.servlet.GeneralProcessEngineSignalController; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Component("GenerateBKUSelectionFrameTask") +public class GenerateBKUSelectionFrameTask extends AbstractAuthServletTask { + + @Autowired IGUIFormBuilder guiBuilder; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try { + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUSELECTION_INIT); + + //load Parameters from OnlineApplicationConfiguration + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); + + if (oaParam == null) { + throw new AuthenticationException("auth.00", new Object[] { pendingReq.getOAURL() }); + + } + + IGUIBuilderConfiguration config = new ServiceProviderSpecificGUIFormBuilderConfiguration( + pendingReq, + ServiceProviderSpecificGUIFormBuilderConfiguration.VIEW_BKUSELECTION, + GeneralProcessEngineSignalController.ENDPOINT_BKUSELECTION_EVALUATION); + + guiBuilder.build(response, config, "BKU-Selection form"); + + } catch (GUIBuildException e) { + Logger.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage()); + throw new TaskExecutionException(pendingReq, + "Can not build GUI. Msg:" + e.getMessage(), + new MOAIDException("builder.09", new Object[]{e.getMessage()}, e)); + + } catch (MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (Exception e) { + Logger.warn("FinalizeAuthenticationTask has an internal error", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java new file mode 100644 index 000000000..ca99e9ba3 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GenerateSSOConsentEvaluatorFrameTask.java @@ -0,0 +1,99 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.frontend.builder.ServiceProviderSpecificGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.servlet.GeneralProcessEngineSignalController; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.logging.Logger; + +/** + * Build a Single Sign-On consents evaluator form + * + * @author tlenz + * + */ +@Component("GenerateSSOConsentEvaluatorFrameTask") +public class GenerateSSOConsentEvaluatorFrameTask extends AbstractAuthServletTask { + + @Autowired IGUIFormBuilder guiBuilder; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try { + //perform default task initialization + defaultTaskInitialization(request, executionContext); + + //set authenticated flag to false, because user consents is required + pendingReq.setAuthenticated(false); + + //store pending request + requestStoreage.storePendingRequest(pendingReq); + + //build consents evaluator form + IGUIBuilderConfiguration config = new ServiceProviderSpecificGUIFormBuilderConfiguration( + pendingReq, + ServiceProviderSpecificGUIFormBuilderConfiguration.VIEW_SENDASSERTION, + GeneralProcessEngineSignalController.ENDPOINT_SENDASSERTION_EVALUATION); + + guiBuilder.build(response, config, "SendAssertion-Evaluation"); + + //Log consents evaluator event to revisionslog + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_START); + + } catch (GUIBuildException e) { + Logger.warn("Can not build GUI:'SendAssertion-Evaluation'. Msg:" + e.getMessage()); + throw new TaskExecutionException(pendingReq, + "Can not build GUI. Msg:" + e.getMessage(), + new MOAIDException("builder.09", new Object[]{e.getMessage()}, e)); + + } catch (MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (Exception e) { + Logger.warn("FinalizeAuthenticationTask has an internal error", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/ReceiveInterfederationResponseTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/ReceiveInterfederationResponseTask.java deleted file mode 100644 index f05ff07e9..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/ReceiveInterfederationResponseTask.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.auth.modules.internal.tasks; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; -import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -import at.gv.egovernment.moa.id.process.api.ExecutionContext; - -/** - * @author tlenz - * - */ -public class ReceiveInterfederationResponseTask extends AbstractAuthServletTask { - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) - */ - @Override - public void execute(ExecutionContext executionContext, - HttpServletRequest request, HttpServletResponse response) - throws TaskExecutionException { - - //TODO: validate SAML2 assertion - //TODO: move attributeQuery from AuthenticationDataBuilder to her - //TODO: add SAML2 interfederation Response to MOASession - //TODO: update AuthenticationDataBuilder to use Response from MOASession if exists - - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/RestartAuthProzessManagement.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/RestartAuthProzessManagement.java new file mode 100644 index 000000000..c1d02a029 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/RestartAuthProzessManagement.java @@ -0,0 +1,108 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.internal.tasks; + +import java.util.Set; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import at.gv.egovernment.moa.id.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.process.ProcessEngine; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Component("RestartAuthProzessManagement") +public class RestartAuthProzessManagement extends AbstractAuthServletTask { + + @Autowired ProcessEngine processEngine; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try { + //create a new execution context and copy all elements to new context + ExecutionContext newec = new ExecutionContextImpl(); + Set<String> entries = executionContext.keySet(); + for (String key : entries) { + newec.put(key, executionContext.get(key)); + + } + + Logger.debug("Select new auth.-process and restart restart process-engine ... "); + + // select and create new process instance + String processDefinitionId = ModuleRegistration.getInstance().selectProcess(newec); + if (processDefinitionId == null) { + Logger.warn("No suitable authentication process found for SessionID " + pendingReq.getRequestID()); + throw new MOAIDException("process.02", new Object[] { pendingReq.getRequestID() }); + } + + String processInstanceId = processEngine.createProcessInstance(processDefinitionId, newec); + + // keep process instance id in moa session + ((RequestImpl)pendingReq).setProcessInstanceId(processInstanceId); + + // make sure pending request has been persisted before running the process + try { + requestStoreage.storePendingRequest(pendingReq); + + } catch (MOAIDException e) { + Logger.error("Database Error! MOASession is not stored!"); + throw new MOAIDException("init.04", new Object[] { pendingReq.getRequestID() }); + + } + + Logger.info("Restart process-engine with auth.process:" + processDefinitionId); + + // start process + processEngine.start(pendingReq); + + + } catch (MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (Exception e) { + Logger.warn("RestartAuthProzessManagement has an internal error", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index e659c9447..140c7aebc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -25,19 +25,20 @@ package at.gv.egovernment.moa.id.auth.parser; import java.util.List; import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; @@ -45,45 +46,36 @@ import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; +@Service("StartAuthentificationParameterParser") public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ - public static void parse(AuthenticationSession moasession, + @Autowired AuthConfiguration authConfig; + + public void parse(AuthenticationSession moasession, String target, String oaURL, String bkuURL, String templateURL, String useMandate, String ccc, - String module, - String action, HttpServletRequest req, IRequest protocolReq) throws WrongParametersException, MOAIDException { String targetFriendlyName = null; - -// String sso = req.getParameter(PARAM_SSO); - + // escape parameter strings target = StringEscapeUtils.escapeHtml(target); - //oaURL = StringEscapeUtils.escapeHtml(oaURL); bkuURL = StringEscapeUtils.escapeHtml(bkuURL); templateURL = StringEscapeUtils.escapeHtml(templateURL); useMandate = StringEscapeUtils.escapeHtml(useMandate); ccc = StringEscapeUtils.escapeHtml(ccc); - // sso = StringEscapeUtils.escapeHtml(sso); - - // check parameter - - //pvp2.x can use general identifier (equals oaURL in SAML1) -// if (!ParamValidatorUtils.isValidOA(oaURL)) -// throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.12"); + //validate parameters if (!ParamValidatorUtils.isValidUseMandate(useMandate)) throw new WrongParametersException("StartAuthentication", PARAM_USEMANDATE, "auth.12"); if (!ParamValidatorUtils.isValidCCC(ccc)) throw new WrongParametersException("StartAuthentication", PARAM_CCC, "auth.12"); -// if (!ParamValidatorUtils.isValidUseMandate(sso)) -// throw new WrongParametersException("StartAuthentication", PARAM_SSO, "auth.12"); + //check UseMandate flag String useMandateString = null; @@ -103,161 +95,98 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ //load OnlineApplication configuration - OAAuthParameter oaParam; - if (moasession.getPublicOAURLPrefix() != null) { - Logger.debug("Loading OA parameters for PublicURLPrefix: " + moasession.getPublicOAURLPrefix()); - oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter( - moasession.getPublicOAURLPrefix()); - - if (oaParam == null) - throw new AuthenticationException("auth.00", - new Object[] { moasession.getPublicOAURLPrefix() }); - - } else { - oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(oaURL); - - if (oaParam == null) + IOAAuthParameters oaParam = protocolReq.getOnlineApplicationConfiguration(); + if (oaParam == null) throw new AuthenticationException("auth.00", - new Object[] { oaURL }); + new Object[] { protocolReq.getOAURL() }); - // get target and target friendly name from config - String targetConfig = oaParam.getTarget(); - String targetFriendlyNameConfig = oaParam.getTargetFriendlyName(); + // get target and target friendly name from config + String targetConfig = oaParam.getTarget(); + String targetFriendlyNameConfig = oaParam.getTargetFriendlyName(); - if (!oaParam.getBusinessService()) { - if (StringUtils.isEmpty(targetConfig) - || (module.equals("id_saml1") && - !StringUtils.isEmpty(target)) - ) { - //INFO: ONLY SAML1 legacy mode - // if SAML1 is used and target attribute is given in request - // use requested target - // check target parameter - if (!ParamValidatorUtils.isValidTarget(target)) { - Logger.error("Selected target is invalid. Using target: " + target); - throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12"); - } - if (MiscUtil.isNotEmpty(targetConfig)) - targetFriendlyName = targetFriendlyNameConfig; + if (!oaParam.getBusinessService()) { + if (StringUtils.isEmpty(targetConfig) + || (protocolReq.requestedModule().equals("at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol") && + !StringUtils.isEmpty(target)) + ) { + //INFO: ONLY SAML1 legacy mode + // if SAML1 is used and target attribute is given in request + // use requested target + // check target parameter + if (!ParamValidatorUtils.isValidTarget(target)) { + Logger.error("Selected target is invalid. Using target: " + target); + throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12"); + } + if (MiscUtil.isNotEmpty(targetConfig)) + targetFriendlyName = targetFriendlyNameConfig; + + else { + String sectorName = TargetToSectorNameMapper.getSectorNameViaTarget(target); + if (MiscUtil.isNotEmpty(sectorName)) + targetFriendlyName = sectorName; else { - String sectorName = TargetToSectorNameMapper.getSectorNameViaTarget(target); - if (MiscUtil.isNotEmpty(sectorName)) - targetFriendlyName = sectorName; - - else { - //check target contains subSector - int delimiter = target.indexOf("-"); - if (delimiter > 0) { - targetFriendlyName = - TargetToSectorNameMapper.getSectorNameViaTarget(target.substring(0, delimiter)); - - } - } - } - - } else { - // use target from config - target = targetConfig; - targetFriendlyName = targetFriendlyNameConfig; + //check target contains subSector + int delimiter = target.indexOf("-"); + if (delimiter > 0) { + targetFriendlyName = + TargetToSectorNameMapper.getSectorNameViaTarget(target.substring(0, delimiter)); + + } + } } - moasession.setTarget(target); - moasession.setTargetFriendlyName(targetFriendlyName); - + } else { - Logger.debug("Business: " + moasession.getBusinessService() + " stork: " + moasession.getStorkService()); - moasession.setDomainIdentifier(oaParam.getIdentityLinkDomainIdentifier()); - + // use target from config + target = targetConfig; + targetFriendlyName = targetFriendlyNameConfig; } + if (isEmpty(target)) + throw new WrongParametersException("StartAuthentication", + PARAM_TARGET, "auth.05"); -// //check useSSO flag -// String useSSOString = null; -// boolean useSSOBoolean = false; -// if ((sso != null) && (sso.compareTo("") != 0)) { -// useSSOString = sso; -// } else { -// useSSOString = "false"; -// } - // -// if (useSSOString.compareToIgnoreCase("true") == 0) -// useSSOBoolean = true; -// else -// useSSOBoolean = false; - - //moasession.setSsoRequested(useSSOBoolean); - moasession.setSsoRequested(true && oaParam.useSSO()); //make always SSO if OA requested it!!!! + protocolReq.setGenericDataToSession(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, target); + protocolReq.setGenericDataToSession( + MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, targetFriendlyName); + Logger.debug("Service-Provider is of type 'PublicService' with DomainIdentifier:" + target); + + } else { + Logger.debug("Service-Provider is of type 'PrivateService' with DomainIdentifier:" + oaParam.getIdentityLinkDomainIdentifier()); - //Validate BKU URI - List<String> allowedbkus = oaParam.getBKUURL(); - allowedbkus.addAll(AuthConfigurationProviderFactory.getInstance().getDefaultBKUURLs()); - if (!ParamValidatorUtils.isValidBKUURI(bkuURL, allowedbkus)) - throw new WrongParametersException("StartAuthentication", PARAM_BKU, "auth.12"); - - moasession.setBkuURL(bkuURL); - - if ((!oaParam.getBusinessService())) { - if (isEmpty(target)) - throw new WrongParametersException("StartAuthentication", - PARAM_TARGET, "auth.05"); - - } else { - if (useMandateBoolean) { - Logger.error("Online-Mandate Mode for business application not supported."); - throw new AuthenticationException("auth.17", null); - } - target = null; - targetFriendlyName = null; + if (useMandateBoolean) { + Logger.error("Online-Mandate Mode for business application not supported."); + throw new AuthenticationException("auth.17", null); } - moasession.setPublicOAURLPrefix(oaParam.getPublicURLPrefix()); - moasession.setBusinessService(oaParam.getBusinessService()); - - //moasession.setStorkService(oaParam.getStorkService()); - } - - //check OnlineApplicationURL - if (isEmpty(oaURL)) - throw new WrongParametersException("StartAuthentication", - PARAM_OA, "auth.05"); - moasession.setOAURLRequested(oaURL); - - //check AuthURL - String authURL = protocolReq.getAuthURL(); - if (!authURL.startsWith("https:") && !AuthConfigurationProviderFactory.getInstance().isHTTPAuthAllowed()) - throw new AuthenticationException("auth.07", - new Object[] { authURL + "*" }); - - //set Auth URL from configuration - moasession.setAuthURL(authURL); - - //check and set SourceID - if (oaParam.getSAML1Parameter() != null) { - String sourceID = oaParam.getSAML1Parameter().getSourceID(); - if (MiscUtil.isNotEmpty(sourceID)) - moasession.setSourceID(sourceID); } - + + //Validate BKU URI + List<String> allowedbkus = oaParam.getBKUURL(); + allowedbkus.addAll(authConfig.getDefaultBKUURLs()); + if (!ParamValidatorUtils.isValidBKUURI(bkuURL, allowedbkus)) + throw new WrongParametersException("StartAuthentication", PARAM_BKU, "auth.12"); + moasession.setBkuURL(bkuURL); + + //validate securityLayer-template if (MiscUtil.isEmpty(templateURL)) { List<String> templateURLList = oaParam.getTemplateURL(); List<String> defaulTemplateURLList = - AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(); + authConfig.getSLRequestTemplates(); if ( templateURLList != null && templateURLList.size() > 0 && MiscUtil.isNotEmpty(templateURLList.get(0)) ) { templateURL = FileUtils.makeAbsoluteURL( oaParam.getTemplateURL().get(0), - AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); + authConfig.getRootConfigFileDir()); Logger.info("No SL-Template in request, load SL-Template from OA configuration (URL: " + templateURL + ")"); } else if ( (defaulTemplateURLList.size() > 0) && MiscUtil.isNotEmpty(defaulTemplateURLList.get(0))) { templateURL = FileUtils.makeAbsoluteURL( defaulTemplateURLList.get(0), - AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); + authConfig.getRootConfigFileDir()); Logger.info("No SL-Template in request, load SL-Template from general configuration (URL: " + templateURL + ")"); } else { @@ -270,33 +199,32 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ if (!ParamValidatorUtils.isValidTemplate(req, templateURL, oaParam.getTemplateURL())) throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12"); - moasession.setTemplateURL(templateURL); - - moasession.setCcc(ccc); + + protocolReq.setGenericDataToSession( + MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE, + templateURL); + + + //validate SSO functionality + String domainIdentifier = authConfig.getSSOTagetIdentifier(); + if (MiscUtil.isEmpty(domainIdentifier) && protocolReq.needSingleSignOnFunctionality()) { + //do not use SSO if no Target is set + Logger.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!"); + protocolReq.setNeedSingleSignOnFunctionality(false); + + } + if (protocolReq.needSingleSignOnFunctionality() && useMandateBoolean) { + Logger.info("Usage of Mandate-Service does not allow Single Sign-On. --> SSO is disabled for this request."); + protocolReq.setNeedSingleSignOnFunctionality(false); + + } } - public static void parse(ExecutionContext ec, HttpServletRequest req, + public void parse(ExecutionContext ec, HttpServletRequest req, AuthenticationSession moasession, IRequest request) throws WrongParametersException, MOAIDException { - - - String modul = request.requestedModule();//req.getParameter(PARAM_MODUL); - String action = request.requestedAction();//req.getParameter(PARAM_ACTION); - - modul = StringEscapeUtils.escapeHtml(modul); - action = StringEscapeUtils.escapeHtml(action); -// if(modul == null) { -// modul = SAML1Protocol.PATH; -// } -// -// if(action == null) { -// action = SAML1Protocol.GETARTIFACT; -// } - moasession.setModul(modul); - moasession.setAction(action); - + //get Parameters from request - String target = (String) ec.get(PARAM_TARGET); String oaURL = (String) ec.get(PARAM_OA); String bkuURL = (String) ec.get(PARAM_BKU); String templateURL = (String) ec.get(PARAM_TEMPLATE); @@ -312,9 +240,11 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ } oaURL = request.getOAURL(); - target = request.getTarget(); + + //only needed for SAML1 + String target = request.getGenericData("saml1_target", String.class); - parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, modul, action, req, request); + parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, req, request); } @@ -325,7 +255,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ * parameter * @return true if the parameter is null or empty */ - private static boolean isEmpty(String param) { + private boolean isEmpty(String param) { return param == null || param.length() == 0; } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java index 7bce406e0..7bce406e0 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java new file mode 100644 index 000000000..d87480cc1 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java @@ -0,0 +1,350 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; +import java.io.PrintWriter; +import java.io.StringWriter; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.ExceptionHandler; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; +import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; +import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; +import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.data.ExceptionContainer; +import at.gv.egovernment.moa.id.moduls.IRequestStorage; +import at.gv.egovernment.moa.id.process.ProcessExecutionException; +import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; +import at.gv.egovernment.moa.id.util.ErrorResponseUtils; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.id.util.ServletUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public abstract class AbstractController extends MOAIDAuthConstants { + + public static final String ERROR_CODE_PARAM = "errorid"; + + @Autowired protected StatisticLogger statisticLogger; + @Autowired protected IRequestStorage requestStorage; + @Autowired protected ITransactionStorage transactionStorage; + @Autowired protected MOAReversionLogger revisionsLogger; + @Autowired protected AuthConfiguration authConfig; + @Autowired protected IGUIFormBuilder guiBuilder; + + @ExceptionHandler({MOAIDException.class}) + public void MOAIDExceptionHandler(HttpServletRequest req, HttpServletResponse resp, Exception e) throws IOException { + Logger.error(e.getMessage() , e); + internalMOAIDExceptionHandler(req, resp, e, true); + + } + + @ExceptionHandler({Exception.class}) + public void GenericExceptionHandler(HttpServletResponse resp, Exception exception) throws IOException { + Logger.error("Internel Server Error." , exception); + resp.setContentType("text/html;charset=UTF-8"); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Internal Server Error!" + + "(Errorcode=9199" + +" | Description="+ exception.getMessage() + ")"); + return; + + } + + @ExceptionHandler({IOException.class}) + public void IOExceptionHandler(HttpServletResponse resp, Throwable exception) { + Logger.error("Internel Server Error." , exception); + resp.setContentType("text/html;charset=UTF-8"); + resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + + } + + protected void handleError(String errorMessage, Throwable exceptionThrown, + HttpServletRequest req, HttpServletResponse resp, IRequest pendingReq) throws IOException { + + String pendingRequestID = null; + if (pendingReq != null) + pendingRequestID = pendingReq.getRequestID(); + + Throwable loggedException = null; + Throwable extractedException = extractOriginalExceptionFromProcessException(exceptionThrown); + + //extract pendingRequestID and originalException if it was a TaskExecutionException + if (extractedException instanceof TaskExecutionException) { + //set original exception + loggedException = ((TaskExecutionException) extractedException).getOriginalException(); + + //use TaskExecutionException directly, if no Original Exeception is included + if (loggedException == null) + loggedException = exceptionThrown; + + //set pending-request ID if it is set + String reqID = ((TaskExecutionException) extractedException).getPendingRequestID(); + if (MiscUtil.isNotEmpty(reqID)) + pendingRequestID = reqID; + + } else + loggedException = exceptionThrown; + + try { + //switch to protocol-finalize method to generate a protocol-specific error message + + //put exception into transaction store for redirect + String key = Random.nextLongRandom(); + if (pendingReq != null) { + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR); + transactionStorage.put(key, + new ExceptionContainer(pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), loggedException)); + + } else { + transactionStorage.put(key, + new ExceptionContainer(null, + null, loggedException)); + + } + + //build up redirect URL + String redirectURL = null; + redirectURL = ServletUtils.getBaseUrl(req); + redirectURL += "/"+AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT + + "?" + ERROR_CODE_PARAM + "=" + key; + + //only add pending-request Id if it exists + if (MiscUtil.isNotEmpty(pendingRequestID)) + redirectURL += "&" + MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID; + + resp.setContentType("text/html"); + resp.setStatus(302); + + resp.addHeader("Location", redirectURL); + Logger.debug("REDIRECT TO: " + redirectURL); + + return; + + } catch (MOADatabaseException e) { + Logger.warn("Exception can not be stored to Database.", e); + handleErrorNoRedirect(loggedException, req, resp, true); + + } + + } + + /** + * Handles all exceptions with no pending request. + * Therefore, the error is written to the users browser + * + * @param throwable + * @param req + * @param resp + * @throws IOException + */ + protected void handleErrorNoRedirect(Throwable throwable, HttpServletRequest req, + HttpServletResponse resp, boolean writeExceptionToStatisticLog) throws IOException { + + //log Exception into statistic database + if (writeExceptionToStatisticLog) + statisticLogger.logErrorOperation(throwable); + + //write errror to console + logExceptionToTechnicalLog(throwable); + + //return error to Web browser + if (throwable instanceof MOAIDException || throwable instanceof ProcessExecutionException) + internalMOAIDExceptionHandler(req, resp, (Exception)throwable, false); + + else { + //write generic message for general exceptions + String msg = MOAIDMessageProvider.getInstance().getMessage("internal.00", null); + writeHTMLErrorResponse(req, resp, msg, "9199", (Exception) throwable); + + } + + } + + /** + * Write a Exception to the MOA-ID-Auth internal technical log + * + * @param loggedException Exception to log + */ + protected void logExceptionToTechnicalLog(Throwable loggedException) { + if (!( loggedException instanceof MOAIDException + || loggedException instanceof ProcessExecutionException )) { + Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException); + + } else { + if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) { + Logger.warn(loggedException.getMessage(), loggedException); + + } else { + Logger.warn(loggedException.getMessage()); + + } + } + } + + private void writeBadRequestErrorResponse(HttpServletRequest req, HttpServletResponse resp, MOAIDException e) throws IOException { + ErrorResponseUtils utils = ErrorResponseUtils.getInstance(); + String code = utils.mapInternalErrorToExternalError( + ((InvalidProtocolRequestException)e).getMessageId()); + String descr = e.getMessage(); + resp.setContentType("text/html;charset=UTF-8"); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Protocol validation FAILED!" + + "(Errorcode=" + code + + " | Description=" + descr + ")"); + + } + + private void writeHTMLErrorResponse(HttpServletRequest req, HttpServletResponse httpResp, String msg, String errorCode, Exception error) throws IOException { + + try { + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + HTTPUtils.extractAuthURLFromRequest(req), + DefaultGUIFormBuilderConfiguration.VIEW_ERRORMESSAGE, + null); + + //add errorcode and errormessage + config.putCustomParameter("errorMsg", msg); + config.putCustomParameter("errorCode", errorCode); + + //add stacktrace if debug is enabled + if (Logger.isTraceEnabled()) { + config.putCustomParameter("stacktrace", getStacktraceFromException(error)); + + } + + guiBuilder.build(httpResp, config, "Error-Message"); + + } catch (GUIBuildException e) { + Logger.warn("Can not build error-message GUI.", e); + GenericExceptionHandler(httpResp, e); + + } + + } + + private void writeHTMLErrorResponse(HttpServletRequest req, HttpServletResponse httpResp, Exception error) throws IOException { + writeHTMLErrorResponse(req, httpResp, + error.getMessage(), + ErrorResponseUtils.getInstance().getResponseErrorCode(error), + error); + } + + + private String getStacktraceFromException(Exception ex) { + StringWriter errors = new StringWriter(); + ex.printStackTrace(new PrintWriter(errors)); + return errors.toString(); + + } + + /** + * Extracts a TaskExecutionException of a ProcessExecutionExeception Stacktrace. + * + * @param exception + * @return Return the latest TaskExecutionExecption if exists, otherwise the latest ProcessExecutionException + */ + private Throwable extractOriginalExceptionFromProcessException(Throwable exception) { + Throwable exholder = exception; + TaskExecutionException taskExc = null; + + while(exholder != null + && exholder instanceof ProcessExecutionException) { + ProcessExecutionException procExc = (ProcessExecutionException) exholder; + if (procExc.getCause() != null && + procExc.getCause() instanceof TaskExecutionException) { + taskExc = (TaskExecutionException) procExc.getCause(); + exholder = taskExc.getOriginalException(); + + } else + break; + + } + + if (taskExc == null) + return exholder; + + else + return taskExc; + } + + private void internalMOAIDExceptionHandler(HttpServletRequest req, HttpServletResponse resp, Exception e, boolean writeExceptionToStatisicLog) throws IOException { + if (e instanceof ProtocolNotActiveException) { + resp.getWriter().write(e.getMessage()); + resp.setContentType("text/html;charset=UTF-8"); + resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage()); + + } else if (e instanceof AuthnRequestValidatorException) { + AuthnRequestValidatorException ex = (AuthnRequestValidatorException)e; + //log Error Message + if (writeExceptionToStatisicLog) + statisticLogger.logErrorOperation(ex, ex.getErrorRequest()); + + //write error message + writeBadRequestErrorResponse(req, resp, (MOAIDException) e); + + } else if (e instanceof InvalidProtocolRequestException) { + //send error response + writeBadRequestErrorResponse(req, resp, (MOAIDException) e); + + } else if (e instanceof ConfigurationException) { + //send HTML formated error message + writeHTMLErrorResponse(req, resp, (MOAIDException) e); + + } else if (e instanceof MOAIDException) { + //send HTML formated error message + writeHTMLErrorResponse(req, resp, e); + + } else if (e instanceof ProcessExecutionException) { + //send HTML formated error message + writeHTMLErrorResponse(req, resp, e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractProcessEngineSignalController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractProcessEngineSignalController.java new file mode 100644 index 000000000..0ce7b0050 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractProcessEngineSignalController.java @@ -0,0 +1,91 @@ +package at.gv.egovernment.moa.id.auth.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang.StringEscapeUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
+import at.gv.egovernment.moa.id.auth.exception.MOAIllegalStateException;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.process.ProcessEngine;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * Servlet that resumes a suspended process (in case of asynchronous tasks).
+ *
+ * @author tknall
+ *
+ */
+public abstract class AbstractProcessEngineSignalController extends AbstractController {
+
+ @Autowired protected ProcessEngine processEngine;
+
+ protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ String pendingRequestID = StringEscapeUtils.escapeHtml(getPendingRequestId(req));
+ IRequest pendingReq = null;
+ try {
+ if (pendingRequestID == null) {
+ throw new MOAIllegalStateException("process.03", new Object[]{"Unable to determine MOA pending-request id."});
+
+ }
+
+ pendingReq = requestStorage.getPendingRequest(pendingRequestID);
+ if (pendingReq == null) {
+ Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
+ throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
+
+ }
+
+ //change pending-request ID
+ requestStorage.changePendingRequestID(pendingReq);
+ pendingRequestID = pendingReq.getRequestID();
+
+ //add transactionID and unique sessionID to Logger
+ TransactionIDUtils.setSessionId(pendingReq.getUniqueSessionIdentifier());
+ TransactionIDUtils.setTransactionId(pendingReq.getUniqueTransactionIdentifier());
+
+ // process instance is mandatory
+ if (pendingReq.getProcessInstanceId() == null) {
+ throw new MOAIllegalStateException("process.03", new Object[]{"MOA session does not provide process instance id."});
+
+ }
+
+ // wake up next task
+ processEngine.signal(pendingReq);
+
+ } catch (Exception ex) {
+ handleError(null, ex, req, resp, pendingReq);
+
+ } finally {
+ //MOASessionDBUtils.closeSession();
+ TransactionIDUtils.removeTransactionId();
+ TransactionIDUtils.removeSessionId();
+
+ }
+
+
+ }
+
+ /**
+ * Retrieves the current pending-request id from the HttpServletRequest parameter
+ * {@link MOAIDAuthConstants#PARAM_TARGET_PENDINGREQUESTID}.
+ * <p/>
+ * Note that this class/method can be overwritten by modules providing their own strategy of retrieving the
+ * respective pending-request id.
+ *
+ * @param request
+ * The unterlying HttpServletRequest.
+ * @return The current pending-request id.
+ */
+ public String getPendingRequestId(HttpServletRequest request) {
+ return StringEscapeUtils.escapeHtml(request.getParameter(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID));
+
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java deleted file mode 100644 index fe24d45dd..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ /dev/null @@ -1,507 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.Enumeration; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletConfig; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.fileupload.FileItemFactory; -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.fileupload.disk.DiskFileItemFactory; -import org.apache.commons.fileupload.servlet.ServletFileUpload; -import org.springframework.beans.BeansException; -import org.springframework.beans.factory.NoSuchBeanDefinitionException; -import org.springframework.beans.factory.NoUniqueBeanDefinitionException; -import org.springframework.web.context.WebApplicationContext; -import org.springframework.web.context.support.WebApplicationContextUtils; - -import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet; -import at.gv.egovernment.moa.id.process.ProcessEngine; -import at.gv.egovernment.moa.id.process.ProcessExecutionException; -import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; -import at.gv.egovernment.moa.id.storage.IExceptionStore; -import at.gv.egovernment.moa.id.util.ServletUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.egovernment.moa.util.URLDecoder; - -/** - * Base class for MOA-ID Auth Servlets, providing standard error handling and - * constant names. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class AuthServlet extends HttpServlet { - - /** - * - */ - private static final long serialVersionUID = -6929905344382283738L; - - protected static final String ERROR_CODE_PARAM = "errorid"; - - /** - * The process engine. - */ - private ProcessEngine processEngine; - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - Logger.debug("GET " + this.getServletName()); - - this.setNoCachingHeadersInHttpRespone(req, resp); - } - - protected void handleErrorNoRedirect(String errorMessage, Throwable exceptionThrown, - HttpServletRequest req, HttpServletResponse resp) { - - if (null != errorMessage) { - Logger.error(errorMessage); - req.setAttribute("ErrorMessage", errorMessage); - } - - if (null != exceptionThrown) { - if (null == errorMessage) - errorMessage = exceptionThrown.getMessage(); - Logger.error(errorMessage, exceptionThrown); - req.setAttribute("ExceptionThrown", exceptionThrown); - } - - if (Logger.isDebugEnabled()) { - req.setAttribute("LogLevel", "debug"); - } - - - StatisticLogger logger = StatisticLogger.getInstance(); - logger.logErrorOperation(exceptionThrown); - - - // forward this to errorpage-auth.jsp where the HTML error page is - // generated - ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context - .getRequestDispatcher("/errorpage-auth.jsp"); - try { - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, - MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, - MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - dispatcher.forward(req, resp); - } catch (ServletException e) { - Logger.error(e); - } catch (IOException e) { - Logger.error(e); - } - } - - /** - * Handles an error. <br>> - * <ul> - * <li>Logs the error</li> - * <li>Places error message and exception thrown into the request as request - * attributes (to be used by <code>"/errorpage-auth.jsp"</code>)</li> - * <li>Sets HTTP status 500 (internal server error)</li> - * </ul> - * - * @param errorMessage - * error message - * @param exceptionThrown - * exception thrown - * @param req - * servlet request - * @param resp - * servlet response - */ - protected void handleError(String errorMessage, Throwable exceptionThrown, - HttpServletRequest req, HttpServletResponse resp, String pendingRequestID) { - - Throwable loggedException = null; - - if (exceptionThrown != null - && exceptionThrown instanceof ProcessExecutionException) { - ProcessExecutionException procExc = - (ProcessExecutionException) exceptionThrown; - if (procExc.getCause() != null && - procExc.getCause() instanceof TaskExecutionException) { - TaskExecutionException taskExc = (TaskExecutionException) procExc.getCause(); - loggedException = taskExc.getOriginalException(); - - } - } - - if (loggedException == null) - loggedException = exceptionThrown; - - - if (!(loggedException instanceof MOAIDException)) { - Logger.error("Receive an internal error: Message=" + loggedException.getMessage(), loggedException); - - } else { - if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) { - Logger.error(loggedException.getMessage(), loggedException); - - } else { - Logger.error(loggedException.getMessage()); - - } - } - - IExceptionStore store = DBExceptionStoreImpl.getStore(); - String id = store.storeException(loggedException); - - if (id != null && MiscUtil.isNotEmpty(pendingRequestID)) { - - String redirectURL = null; - - redirectURL = ServletUtils.getBaseUrl(req); - redirectURL += "/dispatcher?" + ERROR_CODE_PARAM + "=" + id - + "&" + DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID; - - resp.setContentType("text/html"); - resp.setStatus(302); - - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); - - return; - - } else { - - //Exception can not be stored in database - handleErrorNoRedirect(errorMessage, loggedException, req, resp); - } - } - - /** - * Handles a <code>WrongParametersException</code>. - * - * @param req - * servlet request - * @param resp - * servlet response - */ - protected void handleWrongParameters(WrongParametersException ex, - HttpServletRequest req, HttpServletResponse resp) { - Logger.error(ex.toString()); - req.setAttribute("WrongParameters", ex.getMessage()); - - // forward this to errorpage-auth.jsp where the HTML error page is - // generated - ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context - .getRequestDispatcher("/errorpage-auth.jsp"); - try { - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, - MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, - MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - dispatcher.forward(req, resp); - } catch (ServletException e) { - Logger.error(e); - } catch (IOException e) { - Logger.error(e); - } - } - - /** - * Logs all servlet parameters for debugging purposes. - */ - protected void logParameters(HttpServletRequest req) { - for (Enumeration params = req.getParameterNames(); params - .hasMoreElements();) { - String parname = (String) params.nextElement(); - Logger.debug("Parameter " + parname + req.getParameter(parname)); - } - } - - /** - * Parses the request input stream for parameters, assuming parameters are - * encoded UTF-8 (no standard exists how browsers should encode them). - * - * @param req - * servlet request - * - * @return mapping parameter name -> value - * - * @throws IOException - * if parsing request parameters fails. - * - * @throws FileUploadException - * if parsing request parameters fails. - */ - protected Map<String, String> getParameters(HttpServletRequest req) throws IOException, - FileUploadException { - - Map<String, String> parameters = new HashMap<String, String>(); - - if (ServletFileUpload.isMultipartContent(req)) { - // request is encoded as mulitpart/form-data - FileItemFactory factory = new DiskFileItemFactory(); - ServletFileUpload upload = null; - upload = new ServletFileUpload(factory); - List items = null; - items = upload.parseRequest(req); - for (int i = 0; i < items.size(); i++) { - FileItem item = (FileItem) items.get(i); - if (item.isFormField()) { - // Process only form fields - no file upload items - String logString = item.getString("UTF-8"); - - // TODO use RegExp - String startS = "<pr:Identification><pr:Value>"; - String endS = "</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type>"; - String logWithMaskedBaseid = logString; - int start = logString.indexOf(startS); - if (start > -1) { - int end = logString.indexOf(endS); - if (end > -1) { - logWithMaskedBaseid = logString.substring(0, start); - logWithMaskedBaseid += startS; - logWithMaskedBaseid += "xxxxxxxxxxxxxxxxxxxxxxxx"; - logWithMaskedBaseid += logString.substring(end, - logString.length()); - } - } - parameters - .put(item.getFieldName(), item.getString("UTF-8")); - Logger.debug("Processed multipart/form-data request parameter: \nName: " - + item.getFieldName() - + "\nValue: " - + logWithMaskedBaseid); - } - } - } - - else { - // request is encoded as application/x-www-urlencoded - InputStream in = req.getInputStream(); - - String paramName; - String paramValueURLEncoded; - do { - paramName = new String(readBytesUpTo(in, '=')); - if (paramName.length() > 0) { - paramValueURLEncoded = readBytesUpTo(in, '&'); - String paramValue = URLDecoder.decode(paramValueURLEncoded, - "UTF-8"); - parameters.put(paramName, paramValue); - } - } while (paramName.length() > 0); - in.close(); - } - - return parameters; - } - - /** - * Reads bytes up to a delimiter, consuming the delimiter. - * - * @param in - * input stream - * @param delimiter - * delimiter character - * @return String constructed from the read bytes - * @throws IOException - */ - protected String readBytesUpTo(InputStream in, char delimiter) - throws IOException { - ByteArrayOutputStream bout = new ByteArrayOutputStream(); - boolean done = false; - int b; - while (!done && (b = in.read()) >= 0) { - if (b == delimiter) - done = true; - else - bout.write(b); - } - return bout.toString(); - } - - /** - * Calls the web application initializer. - * - * @see javax.servlet.Servlet#init(ServletConfig) - */ - public void init(ServletConfig servletConfig) throws ServletException { - super.init(servletConfig); - } - - -// public void contextDestroyed(ServletContextEvent arg0) { -// Security.removeProvider((new IAIK()).getName()); -// Security.removeProvider((new ECCProvider()).getName()); -// } - - /** - * Set response headers to avoid caching - * - * @param request - * HttpServletRequest - * @param response - * HttpServletResponse - */ - protected void setNoCachingHeadersInHttpRespone(HttpServletRequest request, - HttpServletResponse response) { - response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, - MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, - MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - } - - /** - * Adds a parameter to a URL. - * - * @param url - * the URL - * @param paramname - * parameter name - * @param paramvalue - * parameter value - * @return the URL with parameter added - */ - protected static String addURLParameter(String url, String paramname, - String paramvalue) { - String param = paramname + "=" + paramvalue; - if (url.indexOf("?") < 0) - return url + "?" + param; - else - return url + "&" + param; - } - - /** - * Checks if HTTP requests are allowed - * - * @param authURL - * requestURL - * @throws AuthenticationException - * if HTTP requests are not allowed - * @throws ConfigurationException - */ - protected void checkIfHTTPisAllowed(String authURL) - throws AuthenticationException, ConfigurationException { - // check if HTTP Connection may be allowed (through - // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY) - - //Removed from MOA-ID 2.0 config -// String boolStr = AuthConfigurationProvider -// .getInstance() -// .getGenericConfigurationParameter( -// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY); - if ((!authURL.startsWith("https:")) - //&& (false == BoolUtils.valueOf(boolStr)) - ) - throw new AuthenticationException("auth.07", new Object[] { authURL - + "*" }); - - } - - - /** - * Returns the underlying process engine instance. - * - * @return The process engine (never {@code null}). - * @throws NoSuchBeanDefinitionException - * if no {@link ProcessEngine} bean was found. - * @throws NoUniqueBeanDefinitionException - * if more than one {@link ProcessEngine} bean was found. - * @throws BeansException - * if a problem getting the {@link ProcessEngine} bean occurred. - * @throws IllegalStateException - * if the Spring WebApplicationContext was not found, which means that the servlet is used outside a - * Spring web environment. - */ - public synchronized ProcessEngine getProcessEngine() { - if (processEngine == null) { - WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(getServletContext()); - if (ctx == null) { - throw new IllegalStateException( - "Unable to find Spring WebApplicationContext. Servlet needs to be executed within a Spring web environment."); - } - processEngine = ctx.getBean(ProcessEngine.class); - } - return processEngine; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java new file mode 100644 index 000000000..babc87866 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GUILayoutBuilderServlet.java @@ -0,0 +1,149 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.frontend.builder.ServiceProviderSpecificGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.moduls.IRequestStorage; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Controller +public class GUILayoutBuilderServlet extends AbstractController { + + public static final String ENDPOINT_CSS = "/css/buildCSS"; + public static final String ENDPOINT_JS = "/js/buildJS"; + + @Autowired AuthConfiguration authConfig; + @Autowired IRequestStorage requestStoreage; + @Autowired IGUIFormBuilder formBuilder; + + public GUILayoutBuilderServlet() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '" + ENDPOINT_CSS + + "' and '" + ENDPOINT_JS + "'."); + + } + + @RequestMapping(value = "/css/buildCSS", method = {RequestMethod.GET}) + public void buildCSS(HttpServletRequest req, HttpServletResponse resp) throws IOException { + try { + IRequest pendingReq = extractPendingRequest(req); + + //initialize GUI builder configuration + ServiceProviderSpecificGUIFormBuilderConfiguration config = null; + if (pendingReq != null) + config = new ServiceProviderSpecificGUIFormBuilderConfiguration( + pendingReq, + ServiceProviderSpecificGUIFormBuilderConfiguration.VIEW_TEMPLATE_CSS, + null); + + else + config = new ServiceProviderSpecificGUIFormBuilderConfiguration( + HTTPUtils.extractAuthURLFromRequest(req), + ServiceProviderSpecificGUIFormBuilderConfiguration.VIEW_TEMPLATE_CSS, + null); + + //build GUI component + formBuilder.build(resp, config, "text/css;charset=UTF-8", "CSS-Form"); + + } catch (Exception e) { + Logger.warn("GUI ressource:'CSS' generation FAILED."); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Created resource failed"); + } + + } + + @RequestMapping(value = "/js/buildJS", method = {RequestMethod.GET}) + public void buildJavaScript(HttpServletRequest req, HttpServletResponse resp) throws IOException { + try { + IRequest pendingReq = extractPendingRequest(req); + + //initialize GUI builder configuration + ServiceProviderSpecificGUIFormBuilderConfiguration config = null; + if (pendingReq != null) + config = new ServiceProviderSpecificGUIFormBuilderConfiguration( + pendingReq, + ServiceProviderSpecificGUIFormBuilderConfiguration.VIEW_TEMPLATE_JS, + GeneralProcessEngineSignalController.ENDPOINT_BKUSELECTION_EVALUATION); + + else + config = new ServiceProviderSpecificGUIFormBuilderConfiguration( + HTTPUtils.extractAuthURLFromRequest(req), + ServiceProviderSpecificGUIFormBuilderConfiguration.VIEW_TEMPLATE_JS, + GeneralProcessEngineSignalController.ENDPOINT_BKUSELECTION_EVALUATION); + + //build GUI component + formBuilder.build(resp, config, "text/javascript;charset=UTF-8", "JavaScript"); + + } catch (Exception e) { + Logger.warn("GUI ressource:'JavaScript' generation FAILED."); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Created resource failed"); + } + + } + + private IRequest extractPendingRequest(HttpServletRequest req) { + try { + String pendingReqID = StringEscapeUtils.escapeHtml( + req.getParameter(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID)); + + if (MiscUtil.isNotEmpty(pendingReqID)) { + IRequest pendingReq = requestStorage.getPendingRequest(pendingReqID); + if (pendingReq != null) { + Logger.trace("GUI-Layout builder: Pending-request:" + + pendingReqID + " found -> Build specific template"); + return pendingReq; + + } + } + + Logger.trace("GUI-Layout builder: No pending-request found -> Use default templates"); + + } catch (Exception e) { + Logger.warn("GUI-Layout builder-servlet has an error during request-preprocessing.", e); + } + + return null; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java new file mode 100644 index 000000000..dfa923558 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GeneralProcessEngineSignalController.java @@ -0,0 +1,55 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +/** + * @author tlenz + * + */ +@Controller +public class GeneralProcessEngineSignalController extends AbstractProcessEngineSignalController { + + + public static final String ENDPOINT_BKUSELECTION_EVALUATION = "/EvaluateBKUSelection"; + public static final String ENDPOINT_SENDASSERTION_EVALUATION = "/SSOSendAssertionServlet"; + public static final String ENDPOINT_GENERIC = "/signalProcess"; + + @RequestMapping(value = {"/EvaluateBKUSelection", + "/SSOSendAssertionServlet", + "/signalProcess" + }, + method = {RequestMethod.POST, RequestMethod.GET}) + public void performGenericAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp) throws IOException { + signalProcessManagement(req, resp); + + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java deleted file mode 100644 index 15d596049..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ /dev/null @@ -1,168 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.util.Enumeration; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang.StringEscapeUtils; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.process.ExecutionContextImpl; -import at.gv.egovernment.moa.id.process.ProcessExecutionException; -import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class GenerateIFrameTemplateServlet extends AuthServlet { - - private static final long serialVersionUID = 1L; - - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - Logger.debug("Receive " + GenerateIFrameTemplateServlet.class + " Request"); - - String pendingRequestID = null; - - try { - String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); - moasessionid = StringEscapeUtils.escapeHtml(moasessionid); - AuthenticationSession moasession = null; - try { - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moasessionid); - moasession = AuthenticationSessionStoreage.getSession(moasessionid); - - } catch (MOADatabaseException e) { - Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database"); - throw new MOAIDException("init.04", new Object[] { - moasessionid}); - - } catch (Throwable e) { - Logger.info("No HTTP Session found!"); - throw new MOAIDException("auth.18", new Object[] {}); - } - - - - ExecutionContext ec = new ExecutionContextImpl(); - // set execution context - Enumeration<String> reqParamNames = req.getParameterNames(); - while(reqParamNames.hasMoreElements()) { - String paramName = reqParamNames.nextElement(); - if (MiscUtil.isNotEmpty(paramName)) - ec.put(paramName, req.getParameter(paramName)); - - } - - ec.put("pendingRequestID", pendingRequestID); - ec.put(MOAIDAuthConstants.PARAM_SESSIONID, moasessionid); - -// String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU); -// String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE); -// String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC); -// ec.put("ccc", moasession.getCcc()); -// ec.put("useMandate", moasession.getUseMandate()); -// ec.put("bkuURL", moasession.getBkuURL()); - - // select and create process instance - String processDefinitionId = ModuleRegistration.getInstance().selectProcess(ec); - if (processDefinitionId == null) { - Logger.warn("No suitable process found for SessionID " + moasession.getSessionID()); - throw new MOAIDException("process.02", new Object[] { moasession.getSessionID() }); - } - - String processInstanceId = getProcessEngine().createProcessInstance(processDefinitionId, ec); - - // keep process instance id in moa session - moasession.setProcessInstanceId(processInstanceId); - - // make sure moa session has been persisted before running the process - try { - AuthenticationSessionStoreage.storeSession(moasession); - } catch (MOADatabaseException e) { - Logger.error("Database Error! MOASession is not stored!"); - throw new MOAIDException("init.04", new Object[] { moasession.getSessionID() }); - } - - Logger.info("BKU is selected -> Start BKU communication ..."); - - // start process - getProcessEngine().start(processInstanceId); - - } - catch (WrongParametersException ex) { - handleWrongParameters(ex, req, resp); - } - - catch (MOAIDException ex) { - handleError(null, ex, req, resp, pendingRequestID); - - } catch (ProcessExecutionException e) { - Throwable cause = e.getCause(); - if (cause != null && cause instanceof TaskExecutionException) { - Throwable taskCause = cause.getCause(); - if (taskCause != null && taskCause instanceof WrongParametersException) { - WrongParametersException internalEx = (WrongParametersException) taskCause; - handleWrongParameters(internalEx, req, resp); - return; - - } else if (taskCause != null && taskCause instanceof MOAIDException) { - MOAIDException moaTaskCause = (MOAIDException) taskCause; - handleError(null, moaTaskCause, req, resp, pendingRequestID); - return; - - } - } - - Logger.error("BKUSelectionServlet has an interal Error.", e); - - } catch (Exception e) { - Logger.error("BKUSelectionServlet has an interal Error.", e); - - } - - finally { - - } - } - - - - - - - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index fe5cd1ac0..66e8757ad 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -28,25 +28,30 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.velocity.VelocityContext; import org.opensaml.saml2.core.LogoutResponse; import org.opensaml.saml2.metadata.SingleLogoutService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.data.ISLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescriptorException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -56,13 +61,19 @@ import at.gv.egovernment.moa.util.URLEncoder; * @author tlenz * */ -public class IDPSingleLogOutServlet extends AuthServlet { - - private static final long serialVersionUID = -1301786072691577221L; - - protected void doGet(HttpServletRequest req, HttpServletResponse resp) +@Controller +public class IDPSingleLogOutServlet extends AbstractController { + + @Autowired SSOManager ssoManager; + @Autowired AuthenticationManager authManager; + @Autowired IAuthenticationSessionStoreage authenicationStorage; + @Autowired SingleLogOutBuilder sloBuilder; + + + @RequestMapping(value = "/idpSingleLogout", method = {RequestMethod.GET}) + public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - Logger.debug("receive IDP SingleLogOut Request"); + Logger.debug("Receive IDP-initiated SingleLogOut"); String authURL = HTTPUtils.extractAuthURLFromRequest(req); try { @@ -79,9 +90,8 @@ public class IDPSingleLogOutServlet extends AuthServlet { return; } - - SSOManager ssomanager = SSOManager.getInstance(); - String ssoid = ssomanager.getSSOSessionID(req); + + String ssoid = ssoManager.getSSOSessionID(req); Object restartProcessObj = req.getParameter(MOAIDAuthConstants.PARAM_SLORESTART); @@ -91,26 +101,30 @@ public class IDPSingleLogOutServlet extends AuthServlet { if (tokkenObj != null && tokkenObj instanceof String) { tokken = (String) tokkenObj; try { - status = AssertionStorage.getInstance().get(tokken, String.class); + status = transactionStorage.get(tokken, String.class); if (MiscUtil.isNotEmpty(status)) { - AssertionStorage.getInstance().remove(tokken); + transactionStorage.remove(tokken); } - VelocityContext context = new VelocityContext(); + + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, + null); + if (MOAIDAuthConstants.SLOSTATUS_SUCCESS.equals(status)) - context.put("successMsg", + config.putCustomParameter("successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.00", null)); else - context.put("errorMsg", - MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); - - ssomanager.printSingleLogOutInfo(context, resp); - - } catch (MOAIDException e) { - handleErrorNoRedirect(e.getMessage(), e, req, resp); + config.putCustomParameter("errorMsg", + MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); + guiBuilder.build(resp, config, "Single-LogOut GUI"); + + } catch (GUIBuildException e) { + handleErrorNoRedirect(e, req, resp, false); } catch (MOADatabaseException e) { - handleErrorNoRedirect(e.getMessage(), e, req, resp); + handleErrorNoRedirect(e, req, resp, false); } @@ -118,28 +132,22 @@ public class IDPSingleLogOutServlet extends AuthServlet { } else if (MiscUtil.isNotEmpty(ssoid)) { try { - if (ssomanager.isValidSSOSession(ssoid, null)) { + if (ssoManager.isValidSSOSession(ssoid, null)) { - AuthenticationManager authmanager = AuthenticationManager.getInstance(); - String moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoid); + String moaSessionID = authenicationStorage.getMOASessionSSOID(ssoid); if (MiscUtil.isNotEmpty(moaSessionID)) { - AuthenticationSession authSession = AuthenticationSessionStoreage - .getSession(moaSessionID); + AuthenticationSession authSession = authenicationStorage.getSession(moaSessionID); if(authSession != null) { - authmanager.performSingleLogOut(req, resp, authSession, authURL); + authManager.performSingleLogOut(req, resp, authSession, authURL); return; } } } - } catch (MOADatabaseException e) { - //TODO: insert error Handling - e.printStackTrace(); + } catch (Exception e) { + handleErrorNoRedirect(e, req, resp, false); - } catch (MOAIDException e) { - // TODO Auto-generated catch block - e.printStackTrace(); } } else if (restartProcessObj != null && restartProcessObj instanceof String) { @@ -147,16 +155,16 @@ public class IDPSingleLogOutServlet extends AuthServlet { if (MiscUtil.isNotEmpty(restartProcess)) { Logger.info("Restart Single LogOut process after timeout ... "); try { - SLOInformationContainer sloContainer = AssertionStorage.getInstance().get(restartProcess, SLOInformationContainer.class); + ISLOInformationContainer sloContainer = transactionStorage.get(restartProcess, SLOInformationContainer.class); if (sloContainer.hasFrontChannelOA()) sloContainer.putFailedOA("differntent OAs"); String redirectURL = null; if (sloContainer.getSloRequest() != null) { //send SLO response to SLO request issuer - SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(sloContainer.getSloRequest()); - LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs()); - redirectURL = SingleLogOutBuilder.getFrontChannelSLOMessageURL(sloService, message, req, resp, sloContainer.getSloRequest().getRequest().getRelayState()); + SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(sloContainer.getSloRequest()); + LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs()); + redirectURL = sloBuilder.getFrontChannelSLOMessageURL(sloService, message, req, resp, sloContainer.getSloRequest().getRequest().getRelayState()); } else { //print SLO information directly @@ -171,13 +179,13 @@ public class IDPSingleLogOutServlet extends AuthServlet { else statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; - AssertionStorage.getInstance().put(artifact, statusCode); - redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); + transactionStorage.put(artifact, statusCode); + redirectURL = HTTPUtils.addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); } - //redirect to Redirect Servlet - String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; - url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8")); + //redirect to Redirect Servlet + String url = authURL + "/RedirectServlet"; + url = HTTPUtils.addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8")); url = resp.encodeRedirectURL(url); resp.setContentType("text/html"); @@ -200,28 +208,38 @@ public class IDPSingleLogOutServlet extends AuthServlet { } - VelocityContext context = new VelocityContext(); - context.put("errorMsg", - MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); - try { - ssomanager.printSingleLogOutInfo(context, resp); + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, + null); - } catch (MOAIDException e) { + config.putCustomParameter("errorMsg", + MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); + + guiBuilder.build(resp, config, "Single-LogOut GUI"); + + } catch (GUIBuildException e) { e.printStackTrace(); + } return; } } - - VelocityContext context = new VelocityContext(); - context.put("successMsg", - MOAIDMessageProvider.getInstance().getMessage("slo.02", null)); - try { - ssomanager.printSingleLogOutInfo(context, resp); + try { + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, + null); + + config.putCustomParameter("successMsg", + MOAIDMessageProvider.getInstance().getMessage("slo.02", null)); + + guiBuilder.build(resp, config, "Single-LogOut GUI"); - } catch (MOAIDException e) { + } catch (GUIBuildException e) { e.printStackTrace(); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index 53187088e..15333a933 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -48,113 +48,88 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -public class LogOutServlet extends AuthServlet { - - private static final long serialVersionUID = 3908001651893673395L; +@Controller +public class LogOutServlet { private static final String REDIRECT_URL = "redirect"; - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("receive LogOut Request"); - - String redirectUrl = (String) req.getParameter(REDIRECT_URL); - - SSOManager ssomanager = SSOManager.getInstance(); + @Autowired private SSOManager ssomanager; + @Autowired private AuthenticationManager authmanager; + @Autowired private IAuthenticationSessionStoreage authenticatedSessionStorage; - try { - //get SSO token from request - String ssoid = ssomanager.getSSOSessionID(req); - - if (MiscUtil.isEmpty(redirectUrl)) { - //set default redirect Target - Logger.debug("Set default RedirectURL back to MOA-ID-Auth"); - redirectUrl = HTTPUtils.extractAuthURLFromRequest(req); + @RequestMapping(value = "/LogOut", method = {RequestMethod.POST, RequestMethod.GET}) + public void performLogOut(HttpServletRequest req, HttpServletResponse resp) throws IOException { + Logger.debug("Receive simple LogOut Request"); + + String redirectUrl = (String) req.getParameter(REDIRECT_URL); + + try { + //get SSO token from request + String ssoid = ssomanager.getSSOSessionID(req); - } else { - //return an error if RedirectURL is not a active Online-Applikation - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(redirectUrl); - if (oa == null) { - Logger.info("RedirctURL does not match to OA configuration. Set default RedirectURL back to MOA-ID-Auth"); + if (MiscUtil.isEmpty(redirectUrl)) { + //set default redirect Target + Logger.debug("Set default RedirectURL back to MOA-ID-Auth"); redirectUrl = HTTPUtils.extractAuthURLFromRequest(req); + } else { + //return an error if RedirectURL is not a active Online-Applikation + IOAAuthParameters oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(redirectUrl); + if (oa == null) { + Logger.info("RedirctURL does not match to OA configuration. Set default RedirectURL back to MOA-ID-Auth"); + redirectUrl = HTTPUtils.extractAuthURLFromRequest(req); + + } + } - } + if (ssomanager.isValidSSOSession(ssoid, null)) { - if (ssomanager.isValidSSOSession(ssoid, null)) { - - //TODO: Single LogOut Implementation - - //delete SSO session and MOA session - AuthenticationManager authmanager = AuthenticationManager.getInstance(); - String moasessionid = AuthenticationSessionStoreage.getMOASessionSSOID(ssoid); - - RequestStorage.removePendingRequest(AuthenticationSessionStoreage.getPendingRequestID(moasessionid)); + //TODO: Single LogOut Implementation + + //delete SSO session and MOA session + String moasessionid = authenticatedSessionStorage.getMOASessionSSOID(ssoid); + authmanager.performOnlyIDPLogOut(req, resp, moasessionid); + + Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl); + } else { + Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl); + + } + + //Remove SSO token + ssomanager.deleteSSOSessionID(req, resp); + + } catch (Exception e) { + resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed."); + return; + + } finally { + - authmanager.performOnlyIDPLogOut(req, resp, moasessionid); - Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl); - } else { - Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl); } - - //Remove SSO token - ssomanager.deleteSSOSessionID(req, resp); - - } catch (Exception e) { - resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Request not allowed."); - return; - - } finally { - - + + //Redirect to Application + resp.setStatus(302); + resp.addHeader("Location", redirectUrl); + } - - //Redirect to Application - resp.setStatus(302); - resp.addHeader("Location", redirectUrl); - } - - - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - doGet(req, resp); - } - - - /** - * Calls the web application initializer. - * - * @see javax.servlet.Servlet#init(ServletConfig) - */ - public void init(ServletConfig servletConfig) throws ServletException { -// try { -// super.init(servletConfig); -// MOAIDAuthInitializer.initialize(); -// Logger.info(MOAIDMessageProvider.getInstance().getMessage("init.00", null)); -// } -// catch (Exception ex) { -// Logger.fatal(MOAIDMessageProvider.getInstance().getMessage("init.02", null), ex); -// throw new ServletException(ex); -// } - } - + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java deleted file mode 100644 index f3e3ae8a4..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java +++ /dev/null @@ -1,122 +0,0 @@ -package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang.StringEscapeUtils;
-
-import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils;
-import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.logging.Logger;
-
-/**
- * Servlet that resumes a suspended process (in case of asynchronous tasks).
- *
- * @author tknall
- *
- */
-public class ProcessEngineSignalServlet extends AuthServlet {
-
- private static final long serialVersionUID = 1L;
-
- /**
- * Sets response headers that prevent caching (code taken from {@link AuthServlet}).
- *
- * @param resp
- * The HttpServletResponse.
- */
- private void setNoCachingHeaders(HttpServletResponse resp) {
- resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
- resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
- resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
- resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
- }
-
- /**
- * Processes a GET request, delegating the call to {@link #doPost(HttpServletRequest, HttpServletResponse)}.
- */
- @Override
- protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
- this.doPost(req, resp);
- }
-
- /**
- * Resumes the current process instance that has been suspended due to an asynchronous task. The process instance is
- * retrieved from the MOA session referred to by the request parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}.
- */
- @Override
- protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
- String sessionID = StringEscapeUtils.escapeHtml(getMoaSessionId(req));
-
- setNoCachingHeaders(resp);
- String pendingRequestID = null;
- try {
-
- if (sessionID == null) {
- throw new IllegalStateException("Unable to determine MOA session id.");
- }
-
- // retrieve moa session
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
- IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
- if (pendingReq == null) {
- Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure.");
- throw new MOAIDException("auth.28", new Object[]{pendingRequestID});
-
- }
-
- AuthenticationSessionExtensions extendedSessionInformation = AuthenticationSessionStoreage.getAuthenticationSessionExtensions(sessionID);
- AuthenticationSession session = BaseAuthenticationServer.getSession(sessionID);
-
- //add transactionID and unique sessionID to Logger
- if (extendedSessionInformation != null)
- TransactionIDUtils.setSessionId(extendedSessionInformation.getUniqueSessionId());
- TransactionIDUtils.setTransactionId(pendingRequestID);
-
- // process instance is mandatory
- if (session.getProcessInstanceId() == null) {
- throw new IllegalStateException("MOA session does not provide process instance id.");
- }
-
- // wake up next task
- getProcessEngine().signal(session.getProcessInstanceId());
-
- } catch (Exception ex) {
- handleError(null, ex, req, resp, pendingRequestID);
-
- } finally {
- //MOASessionDBUtils.closeSession();
- TransactionIDUtils.removeTransactionId();
- TransactionIDUtils.removeSessionId();
-
- }
-
- }
-
- /**
- * Retrieves the current MOA session id from the HttpServletRequest parameter
- * {@link MOAIDAuthConstants#PARAM_SESSIONID}.
- * <p/>
- * Note that this class/method can be overwritten by modules providing their own strategy of retrieving the
- * respective MOA session id.
- *
- * @param request
- * The unterlying HttpServletRequest.
- * @return The current MOA session id.
- */
- public String getMoaSessionId(HttpServletRequest request) {
- return StringEscapeUtils.escapeHtml(request.getParameter(MOAIDAuthConstants.PARAM_SESSIONID));
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index a914659b0..d9386d404 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -23,37 +23,42 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; -import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.SSOManager; -import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLEncoder; - -public class RedirectServlet extends AuthServlet{ - - private static final long serialVersionUID = 1L; +@Controller +public class RedirectServlet { public static final String REDIRCT_PARAM_URL = "redirecturl"; - private static final String DEFAULT_REDIRECTTARGET = "_parent"; + private static final String URL = "URL"; + private static final String TARGET = "TARGET"; - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + @Autowired SSOManager ssoManager; + @Autowired IGUIFormBuilder guiBuilder; + + @RequestMapping(value = "/RedirectServlet", method = RequestMethod.GET) + public void performLogOut(HttpServletRequest req, HttpServletResponse resp) throws IOException { Logger.debug("Receive " + RedirectServlet.class + " Request"); String url = req.getParameter(REDIRCT_PARAM_URL); @@ -62,7 +67,7 @@ public class RedirectServlet extends AuthServlet{ String interIDP = req.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP); Logger.debug("Check URL against online-applications"); - OAAuthParameter oa = null; + IOAAuthParameters oa = null; String redirectTarget = DEFAULT_REDIRECTTARGET; try { oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(url); @@ -76,7 +81,7 @@ public class RedirectServlet extends AuthServlet{ //Redirect is a SAML1 send Artifact redirct if (MiscUtil.isNotEmpty(artifact)) { try { - String test = oa.getFormCustomizaten().get(FormBuildUtils.REDIRECTTARGET); + String test = oa.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET); if (MiscUtil.isNotEmpty(test)) redirectTarget = test; @@ -89,28 +94,28 @@ public class RedirectServlet extends AuthServlet{ if (MiscUtil.isNotEmpty(target)) { // redirectURL = addURLParameter(redirectURL, PARAM_TARGET, // URLEncoder.encode(session.getTarget(), "UTF-8")); - url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, + url = HTTPUtils.addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(target, "UTF-8")); } - url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, + url = HTTPUtils.addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(artifact, "UTF-8")); url = resp.encodeRedirectURL(url); - String redirect_form = RedirectFormBuilder.buildLoginForm(url, redirectTarget); - - resp.setContentType("text/html;charset=UTF-8"); - resp.setStatus(HttpServletResponse.SC_OK); - PrintWriter out = new PrintWriter(resp.getOutputStream()); - out.write(redirect_form); - out.flush(); - + + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_REDIRECT, + null); + config.putCustomParameter(URL, url); + config.putCustomParameter(TARGET, redirectTarget); + guiBuilder.build(resp, config, "RedirectForm.html"); + } else if (MiscUtil.isNotEmpty(interIDP)) { //store IDP identifier and redirect to generate AuthRequst service Logger.info("Receive an interfederation redirect request for IDP " + interIDP); - SSOManager sso = SSOManager.getInstance(); - sso.setInterfederationIDPCookie(req, resp, interIDP); + ssoManager.setInterfederationIDPCookie(req, resp, interIDP); Logger.debug("Redirect to " + url); url = resp.encodeRedirectURL(url); @@ -121,13 +126,12 @@ public class RedirectServlet extends AuthServlet{ } else { Logger.debug("Redirect to " + url); - String redirect_form = RedirectFormBuilder.buildLoginForm(url, DEFAULT_REDIRECTTARGET); - - resp.setContentType("text/html;charset=UTF-8"); - resp.setStatus(HttpServletResponse.SC_OK); - PrintWriter out = new PrintWriter(resp.getOutputStream()); - out.write(redirect_form); - out.flush(); + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_REDIRECT, + null); + config.putCustomParameter(URL, url); + guiBuilder.build(resp, config, "RedirectForm"); } @@ -141,7 +145,7 @@ public class RedirectServlet extends AuthServlet{ } + } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SAML2InterfederationSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SAML2InterfederationSignalServlet.java deleted file mode 100644 index 62ee1ed85..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SAML2InterfederationSignalServlet.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.auth.servlet; - -/** - * @author tlenz - * - */ - -public class SAML2InterfederationSignalServlet extends - ProcessEngineSignalServlet { - - private static final long serialVersionUID = 8208970012249149156L; - - - //TODO: getMOASessionID from SAML2 relayState - //TODO: add WebService EndPoints for pvp2/sp/post and redirect - //TODO: implement SAML2 preprocessing - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java deleted file mode 100644 index 064431a6b..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java +++ /dev/null @@ -1,176 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang.StringEscapeUtils; - -import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.moduls.RequestStorage; -import at.gv.egovernment.moa.id.moduls.SSOManager; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class SSOSendAssertionServlet extends AuthServlet{ - - private static final long serialVersionUID = 1L; - - private static final String PARAM = "value"; - private static final String MODULE = "mod"; - private static final String ACTION = "action"; - private static final String ID = "identifier"; - - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - String id = null; - Logger.debug("Receive " + SSOSendAssertionServlet.class + " Request"); - try { - - Object idObject = req.getParameter(ID); - - if (idObject != null && (idObject instanceof String)) { - id = (String) idObject; - } - - String value = req.getParameter(PARAM); - value = StringEscapeUtils.escapeHtml(value); - if (!ParamValidatorUtils.isValidUseMandate(value)) - throw new WrongParametersException("SSOSendAssertionServlet", PARAM, null); - - //get module and action - Object moduleObject = req.getParameter(MODULE); - String module = null; - if (moduleObject != null && (moduleObject instanceof String)) { - module = (String) moduleObject; - } - - - Object actionObject = req.getParameter(ACTION); - String action = null; - if (actionObject != null && (actionObject instanceof String)) { - action = (String) actionObject; - } - - if (MiscUtil.isEmpty(module) || MiscUtil.isEmpty(action) || MiscUtil.isEmpty(id)) { - Logger.warn("No Moduel or Action parameter received!"); - throw new WrongParametersException("Module or Action is empty", "", "auth.10"); - } - - - SSOManager ssomanager = SSOManager.getInstance(); - //get SSO Cookie for Request - String ssoId = ssomanager.getSSOSessionID(req); - - //check SSO session - if (ssoId != null) { - String correspondingMOASession = ssomanager.existsOldSSOSession(ssoId); - - if (correspondingMOASession != null) { - Logger.warn("Request sends an old SSO Session ID("+ssoId+")! " + - "Invalidate the corresponding MOASession with ID="+ correspondingMOASession); - - - AuthenticationSessionStoreage.destroySession(correspondingMOASession); - - ssomanager.deleteSSOSessionID(req, resp); - } - } - - boolean isValidSSOSession = ssomanager.isValidSSOSession(ssoId, null); - - String moaSessionID = null; - - if (isValidSSOSession) { - - - //check UseMandate flag - String valueString = null;; - if ((value != null) && (value.compareTo("") != 0)) { - valueString = value; - } else { - valueString = "false"; - } - - if (valueString.compareToIgnoreCase("true") == 0) { - moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoId); - AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moaSessionID); - AuthenticationSessionStoreage.setAuthenticated(moaSessionID, true); - - //log event - //String pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID); - IRequest pendingReq = RequestStorage.getPendingRequest(id); - MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED); - - String redirectURL = new DataURLBuilder().buildDataURL(moasession.getAuthURL(), - ModulUtils.buildAuthURL(module, action, id), ""); - - resp.setContentType("text/html"); - resp.setStatus(302); - - - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); - - } - - else { - throw new AuthenticationException("auth.21", new Object[] {}); - } - - } else { - handleError("SSO Session is not valid", null, req, resp, id); - } - - - } catch (MOADatabaseException e) { - handleError("SSO Session is not found", e, req, resp, id); - - } catch (WrongParametersException e) { - handleError("Parameter is not valid", e, req, resp, id); - - } catch (AuthenticationException e) { - handleError(e.getMessage(), e, req, resp, id); - - } catch (Exception e) { - Logger.error("SSOSendAssertion has an interal Error.", e); - } - - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java new file mode 100644 index 000000000..bedc67513 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/UniqueSessionIdentifierInterceptor.java @@ -0,0 +1,86 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet.interceptor; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.servlet.HandlerInterceptor; +import org.springframework.web.servlet.ModelAndView; + +import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.moduls.SSOManager; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class UniqueSessionIdentifierInterceptor implements HandlerInterceptor { + + @Autowired private SSOManager ssomanager; + + /* (non-Javadoc) + * @see org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object) + */ + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) + throws Exception { + + //get SSO Cookie for Request + String ssoId = ssomanager.getSSOSessionID(request); + + //search for unique session identifier + String uniqueSessionIdentifier = ssomanager.getUniqueSessionIdentifier(ssoId); + if (MiscUtil.isEmpty(uniqueSessionIdentifier)) + uniqueSessionIdentifier = Random.nextRandom(); + TransactionIDUtils.setSessionId(uniqueSessionIdentifier); + + request.setAttribute(MOAIDConstants.UNIQUESESSIONIDENTIFIER, uniqueSessionIdentifier); + + return true; + } + + /* (non-Javadoc) + * @see org.springframework.web.servlet.HandlerInterceptor#postHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, org.springframework.web.servlet.ModelAndView) + */ + @Override + public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, + ModelAndView modelAndView) throws Exception { + + } + + /* (non-Javadoc) + * @see org.springframework.web.servlet.HandlerInterceptor#afterCompletion(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, java.lang.Exception) + */ + @Override + public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) + throws Exception { + // TODO Auto-generated method stub + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/VHostUrlRewriteServletFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/VHostUrlRewriteServletFilter.java new file mode 100644 index 000000000..93d74d7ef --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/VHostUrlRewriteServletFilter.java @@ -0,0 +1,185 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet.interceptor; + +import java.io.IOException; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.List; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; + +import org.springframework.context.ApplicationContext; + +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class VHostUrlRewriteServletFilter implements Filter { + + private static final String VHOST_PATH = "/vhost/"; + private static final String AUTHURL = "authURL"; + + + private ApplicationContext context = null; + + public VHostUrlRewriteServletFilter(ApplicationContext context) { + Logger.info("Register vHost Servelt Filter"); + this.context = context; + + } + + /* (non-Javadoc) + * @see javax.servlet.Filter#init(javax.servlet.FilterConfig) + */ + @Override + public void init(FilterConfig filterConfig) throws ServletException { + + } + + /* (non-Javadoc) + * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain) + */ + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) + throws IOException, ServletException { + HttpServletRequest httpReq = (HttpServletRequest) request; + try { + AuthConfiguration authConfig = context.getBean(AuthConfiguration.class); + List<String> configuredPublicURLPrefix = authConfig.getPublicURLPrefix(); + + //check if End-Point is valid + String publicURLString = HTTPUtils.extractAuthURLFromRequest(httpReq); + URL publicURL; + try { + publicURL = new URL(publicURLString); + + } catch (MalformedURLException e) { + Logger.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + publicURLString, e); + throw new ConfigurationException("1299", null, e); + + } + + //check if virtual IDPs are enabled + if (!authConfig.isVirtualIDPsEnabled()) { + Logger.trace("Virtual IDPs are disabled. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0)); + httpReq.setAttribute(AUTHURL, configuredPublicURLPrefix.get(0)); + chain.doFilter(request, response); + + } else { + String authURLString = HTTPUtils.extractAuthServletPathFromRequest(httpReq); + URL authURL; + try { + authURL = new URL(authURLString); + + } catch (MalformedURLException e) { + Logger.error("IDP AuthenticationServiceURL Prefix is not a valid URL." + authURLString, e); + throw new ConfigurationException("1299", null, e); + + } + + Logger.debug("Extract AuthenticationServiceURL: " + authURLString); + URL resultURL = null; + + for (String el : configuredPublicURLPrefix) { + try { + URL configuredURL = new URL(el); + + //get Ports from URL + int configPort = configuredURL.getPort(); + if (configPort == -1) + configPort = configuredURL.getDefaultPort(); + + int authURLPort = authURL.getPort(); + if (authURLPort == -1) + authURLPort = authURL.getDefaultPort(); + + //check AuthURL against ConfigurationURL + if (configuredURL.getHost().equals(authURL.getHost()) && + configPort == authURLPort && + authURL.getPath().startsWith(configuredURL.getPath())) { + Logger.debug("Select configurated PublicURLPrefix: " + configuredURL + + " for authURL: " + authURLString); + resultURL = configuredURL; + } + + } catch (MalformedURLException e) { + Logger.error("Configurated IDP PublicURLPrefix is not a valid URL." + el); + + } + } + + if (resultURL == null) { + Logger.warn("Extract AuthenticationServiceURL: " + authURL + " is NOT found in configuration."); + throw new ConfigurationException("config.25", new Object[]{authURLString}); + + } else { + httpReq.setAttribute(AUTHURL, resultURL.toExternalForm()); + + } + + String servletPath = httpReq.getServletPath(); + if (servletPath.startsWith(VHOST_PATH)) { + Logger.trace("Found V-IDP selection via REST URL ... "); + String vHostDescriptor = resultURL.toExternalForm().substring(0, publicURLString.length()); + String requestedServlet = authURLString.substring(0, vHostDescriptor.length()); + String newURL = publicURL.toExternalForm().concat(requestedServlet); + httpReq.setAttribute(AUTHURL, newURL); + httpReq.getRequestDispatcher(newURL).forward(httpReq, response); + + } else { + Logger.trace("Found V-IDP selection via Domain ..."); + chain.doFilter(request, response); + + } + + } + + } catch (ConfigurationException e) { + + + } + + } + + /* (non-Javadoc) + * @see javax.servlet.Filter#destroy() + */ + @Override + public void destroy() { + // TODO Auto-generated method stub + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java new file mode 100644 index 000000000..87804ea6c --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/interceptor/WebFrontEndSecurityInterceptor.java @@ -0,0 +1,106 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet.interceptor; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.servlet.HandlerInterceptor; +import org.springframework.web.servlet.ModelAndView; + +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class WebFrontEndSecurityInterceptor implements HandlerInterceptor { + + @Autowired AuthConfiguration authConfig; + + /* (non-Javadoc) + * @see org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object) + */ + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) + throws Exception { + + //only for SAML1 GetAuthenticationData webService functionality + String requestedServlet = request.getServletPath(); + if (MiscUtil.isNotEmpty(requestedServlet) && requestedServlet.startsWith("/services/GetAuthenticationData")) { + Logger.debug("SAML1 GetAuthenticationServices allow access without SSL"); + return true; + + } + + //check AuthURL + String authURL = HTTPUtils.extractAuthURLFromRequest(request); + if (!authURL.startsWith("https:") && !authConfig.isHTTPAuthAllowed() && + !authConfig.getPublicURLPrefix().contains(authURL)) { + Logger.info("Receive request, which is not in IDP URL-Prefix whitelist."); + String errorMsg = MOAIDMessageProvider.getInstance().getMessage("auth.07", new Object[] { authURL + "*" }); + Logger.info(errorMsg); + response.sendError( + HttpServletResponse.SC_FORBIDDEN, + errorMsg); + + return false; + } else { + return true; + + } + } + + /* (non-Javadoc) + * @see org.springframework.web.servlet.HandlerInterceptor#postHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, org.springframework.web.servlet.ModelAndView) + */ + @Override + public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, + ModelAndView modelAndView) throws Exception { + + //TODO: add additional headers or checks + + //set security headers + response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, MOAIDAuthConstants.HEADER_VALUE_EXPIRES); + response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, MOAIDAuthConstants.HEADER_VALUE_PRAGMA); + response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); + response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); + + } + + /* (non-Javadoc) + * @see org.springframework.web.servlet.HandlerInterceptor#afterCompletion(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, java.lang.Exception) + */ + @Override + public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) + throws Exception { + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClient.java index 672d2a35e..1548f11b3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClient.java @@ -27,8 +27,15 @@ import java.util.Map; import javax.net.ssl.SSLSocketFactory; import javax.xml.namespace.QName; +import javax.xml.ws.BindingProvider; + +import org.apache.cxf.configuration.jsse.TLSClientParameters; +import org.apache.cxf.endpoint.Client; +import org.apache.cxf.frontend.ClientProxy; +import org.apache.cxf.transport.http.HTTPConduit; +import org.apache.cxf.transports.http.configuration.HTTPClientPolicy; -import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.logging.Logger; @@ -38,20 +45,12 @@ import at.gv.util.wsdl.szrgw.SZRGWType; import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest; import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; -import javax.xml.ws.BindingProvider; - -import org.apache.cxf.configuration.jsse.TLSClientParameters; -import org.apache.cxf.endpoint.Client; -import org.apache.cxf.frontend.ClientProxy; -import org.apache.cxf.transport.http.HTTPConduit; -import org.apache.cxf.transports.http.configuration.HTTPClientPolicy; - public class SZRGWClient { private SSLSocketFactory sslContext = null; - public SZRGWClient(ConnectionParameter szrgwconnection) throws SZRGWClientException { - initial(szrgwconnection); + public SZRGWClient(ConnectionParameterInterface connectionParameters) throws SZRGWClientException { + initial(connectionParameters); } public CreateIdentityLinkResponse sentCreateIDLRequest(CreateIdentityLinkRequest request, String serviceUrl) throws SZRGWClientException { @@ -101,11 +100,11 @@ public class SZRGWClient { } - private void initial(ConnectionParameter szrgwconnection) throws at.gv.egovernment.moa.id.client.SZRGWClientException{ + private void initial(ConnectionParameterInterface connectionParameters) throws at.gv.egovernment.moa.id.client.SZRGWClientException{ try { sslContext = SSLUtils.getSSLSocketFactory( AuthConfigurationProviderFactory.getInstance(), - szrgwconnection); + connectionParameters); } catch (Exception e) { Logger.warn("SZRGW Client initialization FAILED.", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClientException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClientException.java index 2038e3f18..991e748de 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClientException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClientException.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.client; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; public class SZRGWClientException extends MOAIDException{ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/utils/SZRGWClientUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/utils/SZRGWClientUtils.java index b0b2029ec..622eca0a5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/utils/SZRGWClientUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/utils/SZRGWClientUtils.java @@ -31,19 +31,19 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.id.client.SZRGWClient; import at.gv.egovernment.moa.id.client.SZRGWClientException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.util.xsd.mis.MandateIdentifiers; import at.gv.util.xsd.mis.Target; import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest; +import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData; import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; import at.gv.util.xsd.srzgw.MISType; -import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData; import at.gv.util.xsd.srzgw.MISType.Filters; /** @@ -127,7 +127,7 @@ public class SZRGWClientUtils { try { AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); - ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter(); + ConnectionParameterInterface connectionParameters = authConf.getForeignIDConnectionParameter(); String requestID = UUID.randomUUID().toString(); SZRGWClient client = new SZRGWClient(connectionParameters); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationException.java deleted file mode 100644 index a0223853a..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationException.java +++ /dev/null @@ -1,82 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; - -/** - * Exception signalling an error in the configuration. - * - * @author Patrick Peck - * @version $Id$ - */ -public class ConfigurationException extends MOAIDException { - - /** - * - */ - private static final long serialVersionUID = -7199539463319751278L; - -/** - * Create a <code>MOAConfigurationException</code>. - */ - public ConfigurationException(String messageId, Object[] parameters) { - super(messageId, parameters); - } - - /** - * Create a <code>MOAConfigurationException</code>. - */ - public ConfigurationException( - String messageId, - Object[] parameters, - Throwable wrapped) { - - super(messageId, parameters, wrapped); - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java deleted file mode 100644 index 5ec0a5bc6..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.config; - -/** - * @author tlenz - * - */ -public interface ConfigurationProvider { - - /** - * The name of the system property which contains the file name of the - * configuration file. - */ - public static final String CONFIG_PROPERTY_NAME = - "moa.id.configuration"; - - /** - * The name of the system property which contains the file name of the - * configuration file. - */ - public static final String PROXY_CONFIG_PROPERTY_NAME = - "moa.id.proxy.configuration"; - - /** - * The name of the generic configuration property giving the certstore directory path. - */ - public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY = - "DirectoryCertStoreParameters.RootDir"; - - /** - * The name of the generic configuration property switching the ssl revocation checking on/off - */ - public static final String TRUST_MANAGER_REVOCATION_CHECKING = - "TrustManager.RevocationChecking"; - - public String getRootConfigFileDir(); - - public String getDefaultChainingMode(); - - public String getTrustedCACertificates(); - - public String getCertstoreDirectory(); - - public boolean isTrustmanagerrevoationchecking(); -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java index 60d676868..5c2f86732 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java @@ -51,17 +51,17 @@ import java.util.Properties; import org.hibernate.cfg.Configuration; +import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.data.IssuerAndSerial; -import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; import at.gv.egovernment.moa.logging.Logger; import at.gv.util.config.EgovUtilPropertiesConfiguration; @@ -219,9 +219,8 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider config.addAnnotatedClass(AuthenticatedSessionStore.class); config.addAnnotatedClass(OASessionStore.class); config.addAnnotatedClass(OldSSOSessionIDStore.class); - config.addAnnotatedClass(ExceptionStore.class); config.addAnnotatedClass(InterfederationSessionStore.class); - config.addAnnotatedClass(ProcessInstanceStore.class); + //config.addAnnotatedClass(ProcessInstanceStore.class); config.addProperties(moaSessionProp); MOASessionDBUtils.initHibernate(config, moaSessionProp); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameter.java index e38a4f360..9d78c348b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameter.java @@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.config; import java.util.Properties; +import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; import at.gv.egovernment.moa.util.MiscUtil; public abstract class ConnectionParameter implements ConnectionParameterInterface{ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterInterface.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterInterface.java deleted file mode 100644 index 8e95c106d..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterInterface.java +++ /dev/null @@ -1,35 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.config; - -public interface ConnectionParameterInterface { - - - public boolean isHTTPSURL(); - public String getUrl(); - public String getAcceptedServerCertificates(); - - public String getClientKeyStore(); - public String getClientKeyStorePassword(); - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java deleted file mode 100644 index 1f43a0d8a..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java +++ /dev/null @@ -1,60 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.config.auth; - - -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; -import at.gv.egovernment.moa.logging.Logger; - - -public class AuthConfigLoader implements Runnable { - - private static final long INTERVAL = 24 * 60 * 60; // 24 hours - - public void run() { - while (true) { - try { - Thread.sleep(INTERVAL * 1000); - Logger.trace("Check consistence of PVP2X metadata"); - MOAMetadataProvider.reInitialize(); - - - } catch (Throwable e) { - Logger.warn("MOA-ID Configuration validation is not possible, actually. Reuse old configuration.", e); - - } finally { - - - } - } - } - - public static void start() { - // start the session cleanup thread - Thread configLoader = new Thread(new AuthConfigLoader(), "ConfigurationChecker"); - configLoader.setName("ConfigurationChecker"); - configLoader.setDaemon(true); - configLoader.setPriority(Thread.MIN_PRIORITY); - configLoader.start(); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java deleted file mode 100644 index 65dcc7bf3..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java +++ /dev/null @@ -1,157 +0,0 @@ -package at.gv.egovernment.moa.id.config.auth; - -import java.util.List; -import java.util.Map; -import java.util.Properties; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; -import at.gv.util.config.EgovUtilPropertiesConfiguration; - -public interface AuthConfiguration extends ConfigurationProvider{ - - public static final String DEFAULT_X509_CHAININGMODE = "pkix"; - - public Properties getGeneralPVP2ProperiesConfig(); - - public Properties getGeneralOAuth20ProperiesConfig(); - - public ProtocolAllowed getAllowedProtocols(); - - public Map<String, String> getConfigurationWithPrefix(final String Prefix); - - public String getConfigurationWithKey(final String key); - - public int getTransactionTimeOut(); - public int getSSOCreatedTimeOut(); - public int getSSOUpdatedTimeOut(); - - public String getAlternativeSourceID() throws ConfigurationException; - - public List<String> getLegacyAllowedProtocols(); - - public OAAuthParameter getOnlineApplicationParameter(String oaURL); - - public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException; - - public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException; - - public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException; - - public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException; - - public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException; - - public String getMoaSpIdentityLinkTrustProfileID(boolean useTestTrustStore) throws ConfigurationException; - - public List<String> getTransformsInfos() throws ConfigurationException; - - public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException; - - public List<String> getSLRequestTemplates() throws ConfigurationException; - - public String getSLRequestTemplates(String type) throws ConfigurationException; - - public List<String> getDefaultBKUURLs() throws ConfigurationException; - - public String getDefaultBKUURL(String type) throws ConfigurationException; - - public String getSSOTagetIdentifier() throws ConfigurationException; - - public String getSSOFriendlyName(); - - public String getSSOSpecialText(); - - public String getMOASessionEncryptionKey(); - - public String getMOAConfigurationEncryptionKey(); - - public boolean isIdentityLinkResigning(); - - public String getIdentityLinkResigningKey(); - - public boolean isMonitoringActive(); - - public String getMonitoringTestIdentityLinkURL(); - - public String getMonitoringMessageSuccess(); - - public boolean isAdvancedLoggingActive(); - - /** - * Returns the PublicURLPrefix. - * - * @return the PublicURLPrefix (one or more) of this IDP instance. All publicURLPrefix URLs are ends without / - * @throws ConfigurationException if no PublicURLPrefix is found. - */ - public List<String> getPublicURLPrefix() throws ConfigurationException; - - public boolean isVirtualIDPsEnabled(); - - public boolean isPVP2AssertionEncryptionActive(); - - public boolean isCertifiacteQCActive(); - - public STORKConfig getStorkConfig() throws ConfigurationException; - - public EgovUtilPropertiesConfiguration geteGovUtilsConfig(); - - public String getDocumentServiceUrl(); - - /** - * Notify, if the STORK fake IdentityLink functionality is active - * - * @return true/false - */ - public boolean isStorkFakeIdLActive(); - - /** - * Get a list of all STORK countries for which a faked IdentityLink should be created - * - * @return {List<String>} of country codes - */ - public List<String> getStorkFakeIdLCountries(); - - /** - * Get a list of all STORK countries for which no signature is required - * - * @return {List<String>} of country codes - */ - public List<String> getStorkNoSignatureCountries(); - - /** - * Get the MOA-SS key-group identifier for fake IdentityLink signing - * - * @return MOA-SS key-group identifier {String} - */ - public String getStorkFakeIdLResigningKey(); - - - /** - * Notify, if the PVP2x metadata schema validation is active - * - * @return true/false - */ - public boolean isPVPSchemaValidationActive(); - - /** - * Get all configuration values with prefix and wildcard - * - * @param key: Search key. * and % can be used as wildcards - * @return Key/Value pairs {Map<String, String>}, which key maps the search key - */ - Map<String, String> getConfigurationWithWildCard(String key); - - /** - * Get configured default revisions-log event codes which should be logged - * - * @return {List<Integer>} if event codes or null - */ - List<Integer> getDefaultRevisionsLogEventCodes(); - - @Deprecated - public boolean isHTTPAuthAllowed(); -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java index 9812f346d..94bcae672 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java @@ -22,12 +22,10 @@ */ package at.gv.egovernment.moa.id.config.auth; -import java.net.URI; -import java.net.URISyntaxException; +import org.springframework.context.ApplicationContext; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.logging.Logger; /** @@ -44,7 +42,8 @@ public class AuthConfigurationProviderFactory { throws ConfigurationException { if (instance == null) { - reload(); + Logger.fatal("MOA-ID-Auth Configuration is not initialized!!!!!"); + } return instance; } @@ -53,22 +52,9 @@ public class AuthConfigurationProviderFactory { * @return * @throws ConfigurationException */ - public static AuthConfiguration reload() throws ConfigurationException { - String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); - if (fileName == null) { - throw new ConfigurationException("config.01", null); - } - Logger.info("Loading MOA-ID-AUTH configuration " + fileName); - - try { - URI fileURI = new URI(fileName); - instance = new PropertyBasedAuthConfigurationProvider(fileURI); - - } catch (URISyntaxException e){ - Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix.", e); - throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, fileName}); - - } + public static AuthConfiguration reload(ApplicationContext springContext) throws ConfigurationException { + instance = springContext.getBean("moaidauthconfig", AuthConfiguration.class); return instance; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IGarbageCollectorProcessing.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IGarbageCollectorProcessing.java new file mode 100644 index 000000000..a1008e883 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IGarbageCollectorProcessing.java @@ -0,0 +1,36 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.auth; + +/** + * @author tlenz + * + */ +public interface IGarbageCollectorProcessing { + + /** + * This method gets executed by the MOA garbage collector at regular intervals. + * + */ + public void runGarbageCollector(); +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java deleted file mode 100644 index b68f42086..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java +++ /dev/null @@ -1,215 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.config.auth; - -import java.security.PrivateKey; -import java.util.Collection; -import java.util.List; -import java.util.Map; - -import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; -import at.gv.egovernment.moa.id.config.stork.CPEPS; -import at.gv.egovernment.moa.id.config.stork.StorkAttribute; -import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; - -/** - * @author tlenz - * - */ -public interface IOAAuthParameters { - - public static final String ONLINEBKU = "online"; - public static final String HANDYBKU = "handy"; - public static final String LOCALBKU = "local"; - public static final String INDERFEDERATEDIDP = "interfederated"; - - /** - * Get the full key/value configuration for this online application - * - * @return an unmodifiable map of key/value pairs - */ - public Map<String, String> getFullConfiguration(); - - /** - * Get a configuration value from online application key/value configuration - * - * @param key: The key identifier of a configuration value * - * @return The configuration value {String} or null if the key does not exist - */ - public String getConfigurationValue(String key); - - public String getFriendlyName(); - - public String getPublicURLPrefix(); - - public String getOaType(); - - public boolean getBusinessService(); - - public String getTarget(); - - public String getTargetFriendlyName(); - - public boolean isInderfederationIDP(); - - public boolean isSTORKPVPGateway(); - - /** - * @return the identityLinkDomainIdentifier - */ - public String getIdentityLinkDomainIdentifier(); - - /** - * @return the keyBoxIdentifier - */ - public String getKeyBoxIdentifier(); - - public SAML1ConfigurationParameters getSAML1Parameter(); - - /** - * Get a list of online application specific trusted security layer templates - * - * @return a {List<String>} with template URLs, maybe empty but never null - */ - public List<String> getTemplateURL(); - - - /** - * Return the additional AuthBlock text for this online application - * - * @return authblock text {String} or null if no text is configured - */ - public String getAditionalAuthBlockText(); - - /** - * Return an online application specific BKU URL for a requested BKU type - * - * @param bkutype: defines the type of BKU - * @return BKU URL {String} or null if no BKU URL is configured - */ - public String getBKUURL(String bkutype); - - /** - * Return a list of all configured BKU URLs for this online application - * - * @return List<String> of BKU URLs or an empty list if no BKU is configured - */ - public List<String> getBKUURL(); - - public boolean useSSO(); - - public boolean useSSOQuestion(); - - /** - * Return all mandate-profile types configured for this online application - * - * @return the mandateProfiles {List<String>} or null if no profile is defined - */ - public List<String> getMandateProfiles(); - - /** - * @return the identityLinkDomainIdentifierType - */ - public String getIdentityLinkDomainIdentifierType(); - - public boolean isShowMandateCheckBox(); - - public boolean isOnlyMandateAllowed(); - - /** - * Shall we show the stork login in the bku selection frontend? - * - * @return true, if is we should show stork login - */ - public boolean isShowStorkLogin(); - - public Map<String, String> getFormCustomizaten(); - - public Integer getQaaLevel(); - - public boolean isRequireConsentForStorkAttributes(); - - /** - * Return a {Collection} of requested STORK attributes - * - * @return {Collection<StorkAttribute>} maybe empty but never null - */ - public Collection<StorkAttribute> getRequestedSTORKAttributes(); - - public byte[] getBKUSelectionTemplate(); - - public byte[] getSendAssertionTemplate(); - - /** - * Return a {Collection} of configured STORK CPEPS - * - * @return {Collection<CPEPS>} maybe empty but never null - */ - public Collection<CPEPS> getPepsList(); - - public String getIDPAttributQueryServiceURL(); - - /** - * @return - */ - boolean isInboundSSOInterfederationAllowed(); - - /** - * @return - */ - boolean isInterfederationSSOStorageAllowed(); - - /** - * @return - */ - boolean isOutboundSSOInterfederationAllowed(); - - boolean isTestCredentialEnabled(); - - List<String> getTestCredentialOIDs(); - - boolean isUseIDLTestTrustStore(); - boolean isUseAuthBlockTestTestStore(); - - PrivateKey getBPKDecBpkDecryptionKey(); - - /** - * @return - */ - boolean isPassivRequestUsedForInterfederation(); - - /** - * @return - */ - boolean isPerformLocalAuthenticationOnInterfederationError(); - - /** - * Get a {Collection} of configured STORK attribute provider plug-ins - * - * @return {Collection<StorkAttributeProviderPlugins>} maybe empty but never null - */ - public Collection<StorkAttributeProviderPlugin> getStorkAPs(); - - public List<Integer> getReversionsLoggingEventCodes(); - -}
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/MOAGarbageCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/MOAGarbageCollector.java new file mode 100644 index 000000000..1072bec5c --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/MOAGarbageCollector.java @@ -0,0 +1,77 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.config.auth; + + +import java.util.ArrayList; +import java.util.List; + +import at.gv.egovernment.moa.logging.Logger; + +public class MOAGarbageCollector implements Runnable { + + private static final long INTERVAL = 24 * 60 * 60; // 24 hours + private static final List<IGarbageCollectorProcessing> processModules = + new ArrayList<IGarbageCollectorProcessing>(); + + public void run() { + while (true) { + try { + Thread.sleep(INTERVAL * 1000); + + try { + for (IGarbageCollectorProcessing element : processModules) + element.runGarbageCollector(); + + } catch (Throwable e1) { + Logger.warn("Garbage collection FAILED in some module.", e1); + } + + } catch (Throwable e) { + Logger.warn("MOA-ID garbage collection is not possible, actually.", e); + + } finally { + + } + } + } + + /** + * Add a module to MOA internal garbage collector. Every module is executed once a day + * + * @param modul Module which should be executed by the garbage collector. + */ + public static void addModulForGarbageCollection(IGarbageCollectorProcessing modul) { + processModules.add(modul); + + } + + public static void start() { + // start the session cleanup thread + Thread configLoader = new Thread(new MOAGarbageCollector(), "MOAGarbageCollector"); + configLoader.setName("MOAGarbageCollectorr"); + configLoader.setDaemon(true); + configLoader.setPriority(Thread.MIN_PRIORITY); + configLoader.start(); + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index fdd125156..b1bba6c17 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -61,19 +61,19 @@ import org.apache.commons.lang.SerializationUtils; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IStorkConfig; +import at.gv.egovernment.moa.id.commons.api.data.BPKDecryptionParameters; +import at.gv.egovernment.moa.id.commons.api.data.CPEPS; +import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.TargetValidator; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters; -import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; -import at.gv.egovernment.moa.id.config.stork.CPEPS; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; -import at.gv.egovernment.moa.id.config.stork.StorkAttribute; -import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.id.util.ConfigurationEncrytionUtil; -import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; @@ -390,52 +390,6 @@ public boolean isOnlyMandateAllowed() { } } -/* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFormCustomizaten() - */ -@Override -public Map<String, String> getFormCustomizaten() { - Map<String, String> map = new HashMap<String, String>(); - map.putAll(FormBuildUtils.getDefaultMap()); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR))) - map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR))) - map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS))) - map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR))) - map.put(FormBuildUtils.BUTTON_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE))) - map.put(FormBuildUtils.FONTFAMILY, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR))) - map.put(FormBuildUtils.MAIN_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR))) - map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR))) - map.put(FormBuildUtils.HEADER_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT))) - map.put(FormBuildUtils.HEADER_TEXT, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET))) - map.put(FormBuildUtils.REDIRECTTARGET, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT))) - map.put(FormBuildUtils.APPLET_HEIGHT, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT)); - - if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH))) - map.put(FormBuildUtils.APPLET_WIDTH, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH)); - - return map; -} /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getQaaLevel() @@ -615,7 +569,7 @@ public byte[] getSendAssertionTemplate() { public Collection<CPEPS> getPepsList() { Map<String, CPEPS> cPEPSMap = new HashMap<String, CPEPS>(); try { - STORKConfig availableSTORKConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig(); + IStorkConfig availableSTORKConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig(); if (availableSTORKConfig != null) { Set<String> configKeys = oaConfiguration.keySet(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 7b798f522..348b1c45a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -6,6 +6,7 @@ import java.io.FileNotFoundException; import java.io.IOException; import java.net.MalformedURLException; import java.net.URI; +import java.net.URISyntaxException; import java.net.URL; import java.util.ArrayList; import java.util.Arrays; @@ -17,12 +18,15 @@ import java.util.Map; import java.util.Properties; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.config.AutowireCapableBeanFactory; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IStorkConfig; +import at.gv.egovernment.moa.id.commons.api.data.ProtocolAllowed; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentGeneral; @@ -31,14 +35,12 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplicati import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.SecurityLayer; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; -import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; import at.gv.egovernment.moa.logging.Logger; @@ -54,21 +56,44 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide private MOAIDConfiguration configuration; private final Properties properties = new Properties(); - private ApplicationContext context = null; private boolean requireJDBCBackupImplementation = false; - public PropertyBasedAuthConfigurationProvider() { + public PropertyBasedAuthConfigurationProvider(String configFileName) throws ConfigurationException { + if (configFileName == null) { + configFileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); + + if (MiscUtil.isEmpty(configFileName)) + throw new ConfigurationException("config.01", null); + } + + Logger.info("Loading MOA-ID-AUTH configuration " + configFileName); + + try { + URI fileURI = new URI(configFileName); + //instance = new PropertyBasedAuthConfigurationProvider(fileURI); + initialize(fileURI); + + } catch (URISyntaxException e){ + Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix.", e); + throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, configFileName}); + + } } - /** - * The constructor with path to a properties file as argument. - * - * @param fileName the path to the properties file - * @throws ConfigurationException if an error occurs during loading the properties file. - */ - public PropertyBasedAuthConfigurationProvider(URI fileName) throws ConfigurationException { +// /** +// * The constructor with path to a properties file as argument. +// * +// * @param fileName the path to the properties file +// * @throws ConfigurationException if an error occurs during loading the properties file. +// */ +// public PropertyBasedAuthConfigurationProvider(URI fileName) throws ConfigurationException { +// initialize(fileName); +// +// } + + private void initialize(URI fileName) throws ConfigurationException { File propertiesFile = new File(fileName); rootConfigFileDir = propertiesFile.getParent(); try { @@ -87,12 +112,12 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide // JPAPropertiesWithJavaConfig.setLocalProperties(configProp); // System.getProperties().setProperty("location", "file:" + fileName); - context = new ClassPathXmlApplicationContext( - new String[] { "moaid.configuration.beans.xml", - "configuration.beans.xml" - }); - AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); - acbFactory.autowireBean(this); +// context = new ClassPathXmlApplicationContext( +// new String[] { "moaid.configuration.beans.xml", +// "configuration.beans.xml" +// }); +// AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); +// acbFactory.autowireBean(this); //Some databases do not allow the selection of a lob in SQL where expression String dbDriver = properties.getProperty("configuration.hibernate.connection.driver_class"); @@ -133,8 +158,9 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } } + } - + /** * Set the {@link Configuration} for this class. * @param configuration the configuration @@ -197,6 +223,11 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } } + public String getBasicMOAIDConfiguration(final String key) { + return properties.getProperty(key); + + } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertyWithKey(java.lang.String) */ @@ -322,11 +353,19 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide List<String> legacy = new ArrayList<String>(); try { - if (configuration.getBooleanValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_LEGACY, false)) - legacy.add("id_saml1"); - + if (configuration.getBooleanValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_LEGACY, false)) { + try { + Class<?> saml1Protocol = Class.forName("at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol"); + legacy.add(saml1Protocol.getName()); + + } catch (ClassNotFoundException e) { + Logger.warn("SAML1 Protocol implementation is not found, but SAML1 legacy-mode is active.. "); + + } + + } if (configuration.getBooleanValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_LEGACY, false)) - legacy.add(PVP2XProtocol.PATH); + legacy.add(PVP2XProtocol.NAME); } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { Logger.warn("Load legacy protocol configuration property FAILED.", e); @@ -699,13 +738,17 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide */ public String getSSOTagetIdentifier() throws ConfigurationException { try { - return configuration.getStringValue( + String value = configuration.getStringValue( MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET); - + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { Logger.warn("Single Sign-On Target can not be read from configuration.", e); - return null; + } + + return null; } /** @@ -880,8 +923,8 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return a new STORK Configuration or {@code null} * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ - public STORKConfig getStorkConfig() throws ConfigurationException { - STORKConfig result = null; + public IStorkConfig getStorkConfig() throws ConfigurationException { + IStorkConfig result = null; try { Map<String, String> storkProps = configuration.getPropertySubset( MOAIDConfigurationConstants.GENERAL_AUTH_STORK + "."); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/BPKDecryptionParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/BPKDecryptionParameters.java deleted file mode 100644 index b7d5ebed5..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/BPKDecryptionParameters.java +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.config.auth.data; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.Serializable; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.UnrecoverableKeyException; -import java.security.cert.Certificate; - -import org.apache.commons.lang.SerializationUtils; - -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.KeyStoreUtils; - - -/** - * @author tlenz - * - */ -public class BPKDecryptionParameters implements Serializable{ - - private static final long serialVersionUID = 1L; - - private byte[] keyStore = null; - private String keyStorePassword = null; - private String keyAlias = null; - private String keyPassword = null; - - /** - * @return - * @throws IOException - */ - public PrivateKey getPrivateKey() { - InputStream in = null; - try { - in = new ByteArrayInputStream(keyStore); - KeyStore store = KeyStoreUtils.loadKeyStore(in , keyStorePassword); - - char[] chPassword = " ".toCharArray(); - if (keyPassword != null) - chPassword = keyPassword.toCharArray(); - -// Certificate test = store.getCertificate(keyAlias); -// Base64Utils.encode(test.getPublicKey().getEncoded()); - - return (PrivateKey) store.getKey(keyAlias, chPassword); - - - } catch (KeyStoreException e) { - Logger.error("Can not load private key from keystore.", e); - - } catch (IOException e) { - Logger.error("Can not load private key from keystore.", e); - - } catch (UnrecoverableKeyException e) { - Logger.error("Can not load private key from keystore.", e); - - } catch (NoSuchAlgorithmException e) { - Logger.error("Can not load private key from keystore.", e); - - } finally { - if (in != null) { - try { - in.close(); - } catch (IOException e) { - Logger.warn("Close InputStream failed." , e); - } - } - } - - return null; - } - - public byte[] serialize() { - return SerializationUtils.serialize(this); - - } - - /** - * @param keyStore the keyStore to set - */ - public void setKeyStore(byte[] keyStore) { - this.keyStore = keyStore; - } - - /** - * @param keyStorePassword the keyStorePassword to set - */ - public void setKeyStorePassword(String keyStorePassword) { - this.keyStorePassword = keyStorePassword; - } - - /** - * @param keyAlias the keyAlias to set - */ - public void setKeyAlias(String keyAlias) { - this.keyAlias = keyAlias; - } - - /** - * @param keyPassword the keyPassword to set - */ - public void setKeyPassword(String keyPassword) { - this.keyPassword = keyPassword; - } - - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java index 386e04f45..8d70b1444 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java @@ -28,9 +28,10 @@ import java.util.Collection; import java.util.List; import java.util.Map; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.stork.StorkAttribute; -import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin; /** * @author tlenz @@ -197,15 +198,6 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{ } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFormCustomizaten() - */ - @Override - public Map<String, String> getFormCustomizaten() { - // TODO Auto-generated method stub - return null; - } - - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getQaaLevel() */ @Override @@ -254,7 +246,7 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{ * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPepsList() */ @Override - public Collection<at.gv.egovernment.moa.id.config.stork.CPEPS> getPepsList() { + public Collection<at.gv.egovernment.moa.id.commons.api.data.CPEPS> getPepsList() { // TODO Auto-generated method stub return null; } @@ -486,4 +478,13 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{ // TODO Auto-generated method stub return false; } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isRemovePBKFromAuthBlock() + */ + @Override + public boolean isRemovePBKFromAuthBlock() { + // TODO Auto-generated method stub + return false; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/ProtocolAllowed.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/ProtocolAllowed.java deleted file mode 100644 index a04fb1626..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/ProtocolAllowed.java +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.config.auth.data; - -/** - * @author tlenz - * - */ -public class ProtocolAllowed { - - private boolean isSAML1Active = false; - private boolean isPVP21Active = true; - private boolean isOAUTHActive = true; - - /** - * - */ - public ProtocolAllowed() { - - } - - /** - * - */ - public ProtocolAllowed(boolean saml1, boolean pvp21, boolean oauth) { - this.isOAUTHActive = oauth; - this.isPVP21Active = pvp21; - this.isSAML1Active = saml1; - - } - - /** - * @return the isSAML1Active - */ - public boolean isSAML1Active() { - return isSAML1Active; - } - /** - * @param isSAML1Active the isSAML1Active to set - */ - public void setSAML1Active(boolean isSAML1Active) { - this.isSAML1Active = isSAML1Active; - } - /** - * @return the isPVP21Active - */ - public boolean isPVP21Active() { - return isPVP21Active; - } - /** - * @param isPVP21Active the isPVP21Active to set - */ - public void setPVP21Active(boolean isPVP21Active) { - this.isPVP21Active = isPVP21Active; - } - /** - * @return the isOAUTHActive - */ - public boolean isOAUTHActive() { - return isOAUTHActive; - } - /** - * @param isOAUTHActive the isOAUTHActive to set - */ - public void setOAUTHActive(boolean isOAUTHActive) { - this.isOAUTHActive = isOAUTHActive; - } - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/SAML1ConfigurationParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/SAML1ConfigurationParameters.java deleted file mode 100644 index 8ff64f188..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/SAML1ConfigurationParameters.java +++ /dev/null @@ -1,276 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.config.auth.data; - -/** - * @author tlenz - * - */ -public class SAML1ConfigurationParameters { - - private boolean isActive = false; - private boolean provideBaseId = false; - private boolean provideAuthBlock = false; - private boolean provideIdl = false; - private boolean provideCertificate = false; - private boolean provideMandate = false; - private boolean provideAllErrors = true; - private boolean useCondition = false; - private String sourceID = null; - private String condition = new String(); - - - /** - * - */ - public SAML1ConfigurationParameters(boolean isActive, - boolean provideBaseId, boolean provideAuthBlock, - boolean provideIdl, boolean provideCertificate, - boolean provideMandate, boolean provideAllErrors, - boolean useCondition, String condition, - String sourceID) { - this.condition = condition; - this.isActive = isActive; - this.provideAllErrors = provideAllErrors; - this.provideAuthBlock = provideAuthBlock; - this.provideBaseId = provideBaseId; - this.provideCertificate = provideCertificate; - this.provideIdl = provideIdl; - this.provideMandate = provideMandate; - this.useCondition = useCondition; - this.sourceID = sourceID; - - } - - - /** - * - */ - public SAML1ConfigurationParameters() { - - } - - - /** - * Gets the value of the isActive property. - * - * @return - * possible object is - * {@link String } - * - */ - public Boolean isIsActive() { - return this.isActive; - } - - /** - * @param isActive the isActive to set - */ - public void setActive(boolean isActive) { - this.isActive = isActive; - } - - - /** - * @param provideBaseId the provideBaseId to set - */ - public void setProvideBaseId(boolean provideBaseId) { - this.provideBaseId = provideBaseId; - } - - - /** - * @param provideAuthBlock the provideAuthBlock to set - */ - public void setProvideAuthBlock(boolean provideAuthBlock) { - this.provideAuthBlock = provideAuthBlock; - } - - - /** - * @param provideIdl the provideIdl to set - */ - public void setProvideIdl(boolean provideIdl) { - this.provideIdl = provideIdl; - } - - - /** - * @param provideCertificate the provideCertificate to set - */ - public void setProvideCertificate(boolean provideCertificate) { - this.provideCertificate = provideCertificate; - } - - - /** - * @param provideMandate the provideMandate to set - */ - public void setProvideMandate(boolean provideMandate) { - this.provideMandate = provideMandate; - } - - - /** - * @param provideAllErrors the provideAllErrors to set - */ - public void setProvideAllErrors(boolean provideAllErrors) { - this.provideAllErrors = provideAllErrors; - } - - - /** - * @param useCondition the useCondition to set - */ - public void setUseCondition(boolean useCondition) { - this.useCondition = useCondition; - } - - - /** - * @param sourceID the sourceID to set - */ - public void setSourceID(String sourceID) { - this.sourceID = sourceID; - } - - - /** - * @param condition the condition to set - */ - public void setCondition(String condition) { - this.condition = condition; - } - - - /** - * Gets the value of the provideStammzahl property. - * - * @return - * possible object is - * {@link String } - * - */ - public Boolean isProvideStammzahl() { - return this.provideBaseId; - } - - /** - * Gets the value of the provideAUTHBlock property. - * - * @return - * possible object is - * {@link String } - * - */ - public Boolean isProvideAUTHBlock() { - return this.provideAuthBlock; - } - - /** - * Gets the value of the provideIdentityLink property. - * - * @return - * possible object is - * {@link String } - * - */ - public Boolean isProvideIdentityLink() { - return this.provideIdl; - } - - /** - * Gets the value of the provideCertificate property. - * - * @return - * possible object is - * {@link String } - * - */ - public Boolean isProvideCertificate() { - return this.provideCertificate; - } - - /** - * Gets the value of the provideFullMandatorData property. - * - * @return - * possible object is - * {@link String } - * - */ - public Boolean isProvideFullMandatorData() { - return this.provideMandate; - } - - /** - * Gets the value of the useCondition property. - * - * @return - * possible object is - * {@link String } - * - */ - public Boolean isUseCondition() { - return this.useCondition; - } - - /** - * Gets the value of the conditionLength property. - * - * @return - * possible object is - * {@link BigInteger } - * - */ - - public int getConditionLength() { - return condition.length(); - } - - /** - * Gets the value of the sourceID property. - * - * @return - * possible object is - * {@link String } - * - */ - public String getSourceID() { - return this.sourceID; - } - - /** - * Gets the value of the provideAllErrors property. - * - * @return - * possible object is - * {@link String } - * - */ - public Boolean isProvideAllErrors() { - return this.provideAllErrors; - } - -} - diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java deleted file mode 100644 index 887a7e40f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java +++ /dev/null @@ -1,570 +0,0 @@ -///******************************************************************************* -// * Copyright 2014 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// *******************************************************************************/ -//package at.gv.egovernment.moa.id.config.legacy; -// -//import java.io.BufferedInputStream; -//import java.io.File; -//import java.io.FileInputStream; -//import java.io.IOException; -//import java.io.InputStream; -//import java.math.BigInteger; -//import java.net.URI; -//import java.nio.file.Path; -//import java.util.ArrayList; -//import java.util.Arrays; -//import java.util.Collections; -//import java.util.List; -//import java.util.Map; -//import java.util.Properties; -//import java.util.Set; -// -//import org.w3c.dom.Element; -// -//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; -//import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; -//import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; -//import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; -//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; -//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; -//import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; -//import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; -//import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; -//import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; -//import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; -//import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; -//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; -//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; -//import at.gv.egovernment.moa.id.config.ConfigurationException; -//import at.gv.egovernment.moa.id.config.ConfigurationProvider; -// -//import at.gv.egovernment.moa.id.data.IssuerAndSerial; -//import at.gv.egovernment.moa.logging.Logger; -//import at.gv.egovernment.moa.util.Base64Utils; -//import at.gv.egovernment.moa.util.DOMUtils; -//import at.gv.egovernment.moa.util.FileUtils; -//import at.gv.egovernment.moa.util.MiscUtil; -// -//public class BuildFromLegacyConfig { -// -// private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID"; -// -// private static final String SEARCHBKUTEMPLATE_LOCAL = "https://127.0.0.1:3496/"; -// private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at"; -// private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request"; -// -// public static final String AUTH_SESSION_TIMEOUT_PROPERTY = -// "AuthenticationSession.TimeOut"; -// /** -// * The name of the generic configuration property giving the authentication data time out. -// */ -// public static final String AUTH_DATA_TIMEOUT_PROPERTY = -// "AuthenticationData.TimeOut"; -// -// -// public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException { -// InputStream stream = null; -// Element configElem; -// ConfigurationBuilder builder; -// -// Logger.info("Load Legacy-Configuration from file=" + fileName); -// -// try { -// // load the main config file -// stream = new BufferedInputStream(new FileInputStream(fileName)); -// configElem = DOMUtils.parseXmlValidating(stream); -// -// } catch (Throwable t) { -// throw new ConfigurationException("config.03", null, t); -// } -// -// finally { -// try { -// if (stream != null) { -// stream.close(); -// } -// } catch (IOException e) { -// -// } -// } -// -// try { -// String oldbkuonline = ""; -// String oldbkulocal = ""; -// String oldbkuhandy = ""; -// -// // build the internal datastructures -// builder = new ConfigurationBuilder(configElem, rootConfigFileDir); -// -// -// MOAIDConfiguration moaIDConfig = new MOAIDConfiguration(); -// -// AuthComponentGeneral generalAuth = new AuthComponentGeneral(); -// moaIDConfig.setAuthComponentGeneral(generalAuth); -// -// -// //not supported by MOA-ID 2.0 -// //ConnectionParameter bKUConnectionParameter = builder.buildAuthBKUConnectionParameter(); -// //bKUSelectable = (bKUConnectionParameter!=null); -// //bKUSelectionType = builder.buildAuthBKUSelectionType(); -// -// -// //Load generic Config -// Map<String, String> genericConfiguration = builder.buildGenericConfiguration(); -// GeneralConfiguration authGeneral = new GeneralConfiguration(); -// -// if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)) -// authGeneral.setTrustManagerRevocationChecking( -// Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING))); -// else -// authGeneral.setTrustManagerRevocationChecking(true); -// -// if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY)) -// authGeneral.setCertStoreDirectory( -// (String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY)); -// else -// authGeneral.setTrustManagerRevocationChecking(true); -// -// -// //Load Assertion and Session timeouts -// TimeOuts timeOuts = new TimeOuts(); -// if (genericConfiguration.containsKey(AUTH_DATA_TIMEOUT_PROPERTY)) -// timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_DATA_TIMEOUT_PROPERTY)))); -// else -// timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min -// -// if (genericConfiguration.containsKey(AUTH_SESSION_TIMEOUT_PROPERTY)) -// timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_SESSION_TIMEOUT_PROPERTY)))); -// else -// timeOuts.setAssertion(BigInteger.valueOf(30*60)); //default 30min -// -// timeOuts.setMOASessionUpdated(BigInteger.valueOf(15*60)); //default 15min -// authGeneral.setTimeOuts(timeOuts); -// generalAuth.setGeneralConfiguration(authGeneral); -// -// Protocols auth_protocols = new Protocols(); -// generalAuth.setProtocols(auth_protocols); -// -// LegacyAllowed prot_legacy = new LegacyAllowed(); -// auth_protocols.setLegacyAllowed(prot_legacy); -// final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x"); -// prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED); -// -// //set SAML1 config -// SAML1 saml1 = new SAML1(); -// saml1.setIsActive(true); -// if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID)) -// saml1.setSourceID((String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID)); -// auth_protocols.setSAML1(saml1); -// -// //set OAuth config -// OAuth oauth = new OAuth(); -// oauth.setIsActive(true); -// auth_protocols.setOAuth(oauth); -// -// //set PVP2.1 config -// PVP2 prot_pvp2 = new PVP2(); -// auth_protocols.setPVP2(prot_pvp2); -// prot_pvp2.setPublicURLPrefix("https://...."); -// prot_pvp2.setIssuerName("MOA-ID 2.x IDP"); -// -// Organization pvp2_org = new Organization(); -// prot_pvp2.setOrganization(pvp2_org); -// pvp2_org.setDisplayName("OrganisationDisplayName"); -// pvp2_org.setName("OrganisatioName"); -// pvp2_org.setURL("http://testorganisation.at"); -// -// List<Contact> pvp2_contacts = new ArrayList<Contact>(); -// prot_pvp2.setContact(pvp2_contacts); -// -// Contact pvp2_contact = new Contact(); -// pvp2_contact.setCompany("OrganisationDisplayName"); -// pvp2_contact.setGivenName("Max"); -// -// -// List<String> mails = new ArrayList<String>(); -// pvp2_contact.setMail(mails); -// mails.add("max@muster.mann"); -// -// List<String> phones = new ArrayList<String>(); -// pvp2_contact.setPhone(phones); -// phones.add("01 5555 5555"); -// -// pvp2_contact.setSurName("Mustermann"); -// pvp2_contact.setType("technical"); -// pvp2_contacts.add(pvp2_contact); -// -// //SSO -// SSO auth_sso = new SSO(); -// generalAuth.setSSO(auth_sso); -// auth_sso.setTarget(""); -// auth_sso.setFriendlyName(""); -// -// -// //set SecurityLayer Transformations -// String[] transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH); -// String[] transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames); -// -// List<TransformsInfoType> auth_transformInfos = new ArrayList<TransformsInfoType>(); -// if (transformsInfos != null && transformsInfos.length > 0) { -// for (int i=0; i<transformsInfos.length; i++) { -// -// TransformsInfoType transforminfotype = new TransformsInfoType(); -// -// if (transformsInfoFileNames[i] != null && -// transformsInfos[i] != null) { -// String fileURL = FileUtils.makeAbsoluteURL(transformsInfoFileNames[i], rootConfigFileDir); -// Path fileName_ = new File(new URI(fileURL)).toPath().getFileName(); -// transforminfotype.setFilename(fileName_.toString()); -// -// transforminfotype.setTransformation(Base64Utils.encode(transformsInfos[i].getBytes("UTF-8")).getBytes("UTF-8")); -// auth_transformInfos.add(transforminfotype); -// -// } else -// Logger.warn("AuthBlock Transformation " + transformsInfoFileNames[i] -// + "not found."); -// } -// -// } -// -// SecurityLayer auth_securityLayer = new SecurityLayer(); -// auth_securityLayer.setTransformsInfo(auth_transformInfos); -// generalAuth.setSecurityLayer(auth_securityLayer); -// -// -// //set MOASP configuration -// MOASP auth_moaSP = new MOASP(); -// generalAuth.setMOASP(auth_moaSP); -// -// //set MOASP connection -// ConnectionParameter moaSpConnectionParameter = builder.buildMoaSpConnectionParameter(); -// if (moaSpConnectionParameter != null) { -// ConnectionParameterClientAuthType auth_moaSP_connection = -// parseConnectionParameterClientAuth(moaSpConnectionParameter); -// auth_moaSP.setConnectionParameter(auth_moaSP_connection); -// } -// -// //set VerifyIdentityLink -// String moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID(); -// VerifyIdentityLink auth_moaSP_verifyIdentityLink = new VerifyIdentityLink(); -// auth_moaSP_verifyIdentityLink.setTrustProfileID(moaSpIdentityLinkTrustProfileID); -// auth_moaSP.setVerifyIdentityLink(auth_moaSP_verifyIdentityLink); -// -// //set VerifyAuthBlock -// String moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID(); -// VerifyAuthBlock auth_moaSP_verifyAuthBlock = new VerifyAuthBlock(); -// auth_moaSP_verifyAuthBlock.setTrustProfileID(moaSpAuthBlockTrustProfileID); -// String[] moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs(); -// List<String> transformlist = new ArrayList<String>(); -// Collections.addAll(transformlist, moaSpAuthBlockVerifyTransformsInfoIDs); -// auth_moaSP_verifyAuthBlock.setVerifyTransformsInfoProfileID(transformlist); -// auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock); -// -// -// //set IdentityLinkSigners -// IdentityLinkSigners auth_idsigners = new IdentityLinkSigners(); -// generalAuth.setIdentityLinkSigners(auth_idsigners); -// List<String> identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); -// auth_idsigners.setX509SubjectName(identityLinkX509SubjectNames); -// -// -// //not supported by MOA-ID 2.0 -// VerifyInfoboxParameters defaultVerifyInfoboxParameters = null; -//// Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH); -//// if (defaultVerifyInfoboxParamtersElem != null) { -//// defaultVerifyInfoboxParameters = -//// builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID); -//// } -// -// -// //Set ForeignIdentities -// ForeignIdentities auth_foreign = new ForeignIdentities(); -// generalAuth.setForeignIdentities(auth_foreign); -// -// //set Connection parameters -// ConnectionParameter foreignIDConnectionParameter = builder.buildForeignIDConnectionParameter(); -// ConnectionParameterClientAuthType auth_foreign_connection = -// parseConnectionParameterClientAuth(foreignIDConnectionParameter); -// auth_foreign.setConnectionParameter(auth_foreign_connection); -// -// //set OnlineMandates config -// ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter(); -// if (onlineMandatesConnectionParameter != null) { -// OnlineMandates auth_mandates = new OnlineMandates(); -// generalAuth.setOnlineMandates(auth_mandates); -// auth_mandates.setConnectionParameter( -// parseConnectionParameterClientAuth(onlineMandatesConnectionParameter)); -// } -// -// -// //TODO: add auth template configuration!!! -// -// -// if (oldconfig != null) { -// if (oldconfig.getDefaultBKUs() != null) { -// oldbkuhandy = oldconfig.getDefaultBKUs().getHandyBKU(); -// oldbkulocal = oldconfig.getDefaultBKUs().getLocalBKU(); -// oldbkuonline = oldconfig.getDefaultBKUs().getOnlineBKU(); -// } -// } else { -// List<String> trustbkus = builder.getTrustedBKUs(); -// for (String trustbku : trustbkus) { -// if (MiscUtil.isEmpty(oldbkuonline) && trustbku.endsWith(SEARCHBKUTEMPLATE_ONLINE)) -// oldbkuonline = trustbku; -// -// if (MiscUtil.isEmpty(oldbkuhandy) && trustbku.startsWith(SEARCHBKUTEMPLATE_HANDY)) -// oldbkuhandy = trustbku; -// -// if (MiscUtil.isEmpty(oldbkulocal) && trustbku.startsWith(SEARCHBKUTEMPLATE_LOCAL)) -// oldbkulocal = trustbku; -// } -// -// } -// -// -// //set OnlineApplications -// OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID); -// -// ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>(); -// moaIDConfig.setOnlineApplication(moa_oas); -// -// for (OAAuthParameter oa : onlineApplicationAuthParameters) { -// OnlineApplication moa_oa = new OnlineApplication(); -// -// //set general OA configuration -// moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird -// moa_oa.setFriendlyName(oa.getFriendlyName()); -// moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier())); -// moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix()); -// moa_oa.setTarget(oa.getTarget()); -// moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName()); -// moa_oa.setType(oa.getOaType()); -// moa_oa.setIsActive(true); -// -// -// AuthComponentOA oa_auth = new AuthComponentOA(); -// moa_oa.setAuthComponentOA(oa_auth); -// -// //SLLayer Version / useIframe -//// oa_auth.setSlVersion(oa.getSlVersion()); -//// oa_auth.setUseIFrame(false); -//// oa_auth.setUseUTC(oa.getUseUTC()); -// -// //BKUURLs -// BKUURLS bkuurls = new BKUURLS(); -// bkuurls.setOnlineBKU(oldbkuonline); -// bkuurls.setHandyBKU(oldbkuhandy); -// bkuurls.setLocalBKU(oldbkulocal); -// oa_auth.setBKUURLS(bkuurls); -// -// //IdentificationNumber -// IdentificationNumber idnumber = new IdentificationNumber(); -// idnumber.setValue(oa.getIdentityLinkDomainIdentifier()); -// idnumber.setType(oa.getIdentityLinkDomainIdentifierType()); -// oa_auth.setIdentificationNumber(idnumber); -// -// //set Templates -// TemplatesType templates = new TemplatesType(); -// oa_auth.setTemplates(templates); -// templates.setAditionalAuthBlockText(""); -// TemplateType template = new TemplateType(); -// template.setURL(oa.getTemplateURL()); -// ArrayList<TemplateType> template_list = new ArrayList<TemplateType>(); -// template_list.add(template); -// templates.setTemplate(template_list); -// -// -// //TransformsInfo not supported by MOAID 2.0 -// String[] transforminfos = oa.getTransformsInfos(); -// for (String e1 : transforminfos) { -// if (MiscUtil.isNotEmpty(e1)) { -// Logger.warn("OA specific transformation for OA " + oa.getPublicURLPrefix() -// + " are not supported. USE AdditionalAuthBlock text!"); -// } -// } -// -// //VerifyInfoBoxes not supported by MOAID 2.0 -// -// //set Mandates -// Mandates oa_mandates = new Mandates(); -// oa_auth.setMandates(oa_mandates); -// List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>(); -// -// String oldProfiles = oa.getMandateProfiles(); -// if (MiscUtil.isNotEmpty(oldProfiles)) { -// String[] oldprofileList = oldProfiles.split(","); -// for (int i=0; i<oldprofileList.length; i++) { -// MandatesProfileNameItem item = new MandatesProfileNameItem(); -// item.setItem(oldprofileList[i].trim()); -// profileList.add(item); -// } -// oa_mandates.setProfileNameItems(profileList ); -// } -// -// //STORK -// //TODO: OA specific STORK config is deactivated in MOA 1.5.2 -// -// //SSO -// OASSO oa_sso = new OASSO(); -// oa_auth.setOASSO(oa_sso); -// oa_sso.setUseSSO(true); -// oa_sso.setSingleLogOutURL(""); -// oa_sso.setAuthDataFrame(true); -// -// //OA_SAML1 -// OASAML1 oa_saml1 = new OASAML1(); -// oa_auth.setOASAML1(oa_saml1); -// oa_saml1.setConditionLength(BigInteger.valueOf(oa.getConditionLength())); -// oa_saml1.setProvideAUTHBlock(oa.getProvideAuthBlock()); -// oa_saml1.setProvideCertificate(oa.getProvideCertifcate()); -// oa_saml1.setProvideFullMandatorData(oa.getProvideFullMandatorData()); -// oa_saml1.setProvideIdentityLink(oa.getProvideIdentityLink()); -// oa_saml1.setProvideStammzahl(oa.getProvideStammzahl()); -// oa_saml1.setUseCondition(oa.getUseCondition()); -// oa_saml1.setIsActive(true); -// oa_saml1.setProvideAllErrors(false); -// -// //OA_PVP2 -// OAPVP2 oa_pvp2 = new OAPVP2(); -// oa_auth.setOAPVP2(oa_pvp2); -// -// moa_oas.add(moa_oa); -// //ConfigurationDBUtils.save(moa_oa); -// } -// -// //removed from MOAID 2.0 config -// //identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); -// -// -// //set chaining modes -// ChainingModes moa_chainingModes = new ChainingModes(); -// moaIDConfig.setChainingModes(moa_chainingModes); -// -// -// -// String defaultmode = builder.getDefaultChainingMode(); -// ChainingModeType type; -// if (defaultmode.equals(iaik.pki.pathvalidation.ChainingModes.CHAIN_MODE)) -// type = ChainingModeType.CHAINING; -// else -// type = ChainingModeType.PKIX; -// -// -// moa_chainingModes.setSystemDefaultMode(type); -// -// Map<IssuerAndSerial, String> chainingModes = builder.buildChainingModes(); -// List<TrustAnchor> chaining_anchor = new ArrayList<TrustAnchor>(); -// Set<IssuerAndSerial> chaining_anchor_map = chainingModes.keySet(); -// for (IssuerAndSerial e1 : chaining_anchor_map) { -// TrustAnchor trustanchor = new TrustAnchor(); -// -// ChainingModeType type1 = ChainingModeType.fromValue(chainingModes.get(e1)); -// trustanchor.setMode(type1); -// -// trustanchor.setX509IssuerName(e1.getIssuerDN()); -// trustanchor.setX509SerialNumber(e1.getSerial()); -// chaining_anchor.add(trustanchor); -// } -// moa_chainingModes.setTrustAnchor(chaining_anchor); -// -// -// //set trustedCACertificate path -// moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates()); -// -// -// //Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates) -// //trustedBKUs = builder.getTrustedBKUs(); -// //trustedTemplateURLs = builder.getTrustedTemplateURLs(); -// -// -// //set DefaultBKUs -// DefaultBKUs moa_defaultbkus = new DefaultBKUs(); -// moaIDConfig.setDefaultBKUs(moa_defaultbkus); -// moa_defaultbkus.setOnlineBKU(oldbkuonline); -// moa_defaultbkus.setHandyBKU(oldbkuhandy); -// moa_defaultbkus.setLocalBKU(oldbkulocal); -// -// -// //set SLRequest Templates -// SLRequestTemplates moa_slrequesttemp = new SLRequestTemplates(); -// moaIDConfig.setSLRequestTemplates(moa_slrequesttemp); -// moa_slrequesttemp.setOnlineBKU("http://localhost:8080/moa-id-auth/template_onlineBKU.html"); -// moa_slrequesttemp.setHandyBKU("http://localhost:8080/moa-id-auth/template_handyBKU.html"); -// moa_slrequesttemp.setLocalBKU("http://127.0.0.1:8080/moa-id-auth/template_localBKU.html"); -// -// return moaIDConfig; -// -// } catch (Throwable t) { -// throw new ConfigurationException("config.02", null, t); -// } -// } -// -// private static ConnectionParameterClientAuthType parseConnectionParameterClientAuth( -// ConnectionParameter old) { -// ConnectionParameterClientAuthType auth_moaSP_connection = new ConnectionParameterClientAuthType(); -// auth_moaSP_connection.setURL(old.getUrl()); -// -// //TODO: remove from Database config!!!!! -//// auth_moaSP_connection.setAcceptedServerCertificates(old.getAcceptedServerCertificates()); -//// ClientKeyStore auth_moaSP_connection_keyStore = new ClientKeyStore(); -//// auth_moaSP_connection_keyStore.setValue(old.getClientKeyStore()); -//// auth_moaSP_connection_keyStore.setPassword(old.getClientKeyStorePassword()); -//// auth_moaSP_connection.setClientKeyStore(auth_moaSP_connection_keyStore); -// return auth_moaSP_connection; -// } -// -// private static Properties getGeneralPVP2ProperiesConfig(Properties props) { -// Properties configProp = new Properties(); -// for (Object key : props.keySet()) { -// String propPrefix = "protocols.pvp2."; -// if (key.toString().startsWith(propPrefix)) { -// String propertyName = key.toString().substring(propPrefix.length()); -// configProp.put(propertyName, props.get(key.toString())); -// } -// } -// return configProp; -// } -//} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java deleted file mode 100644 index 1d9f738be..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java +++ /dev/null @@ -1,120 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/** - * - */ -package at.gv.egovernment.moa.id.config.legacy; - -import java.net.URL; -import java.util.ArrayList; -import java.util.List; - -import org.opensaml.saml2.metadata.RequestedAttribute; - -/** - * Encpasulates C-PEPS information according MOA configuration - * - * @author bzwattendorfer - * - */ -public class CPEPS { - - /** Country Code of C-PEPS */ - private String countryCode; - - /** URL of C-PEPS */ - private URL pepsURL; - - /** Specific attributes to be requested for this C-PEPS */ - private List<RequestedAttribute> countrySpecificRequestedAttributes = new ArrayList<RequestedAttribute>(); - - /** - * Constructs a C-PEPS - * @param countryCode ISO Country Code of C-PEPS - * @param pepsURL URL of C-PEPS - */ - public CPEPS(String countryCode, URL pepsURL) { - super(); - this.countryCode = countryCode; - this.pepsURL = pepsURL; - } - - /** - * Gets the country code of this C-PEPS - * @return ISO country code - */ - public String getCountryCode() { - return countryCode; - } - - /** - * Sets the country code of this C-PEPS - * @param countryCode ISO country code - */ - public void setCountryCode(String countryCode) { - this.countryCode = countryCode; - } - - /** - * Gets the URL of this C-PEPS - * @return C-PEPS URL - */ - public URL getPepsURL() { - return pepsURL; - } - - /** - * Sets the C-PEPS URL - * @param pepsURL C-PEPS URL - */ - public void setPepsURL(URL pepsURL) { - this.pepsURL = pepsURL; - } - - /** - * Gets the country specific attributes of this C-PEPS - * @return List of country specific attributes - */ - public List<RequestedAttribute> getCountrySpecificRequestedAttributes() { - return countrySpecificRequestedAttributes; - } - - /** - * Sets the country specific attributes - * @param countrySpecificRequestedAttributes List of country specific requested attributes - */ - public void setCountrySpecificRequestedAttributes( - List<RequestedAttribute> countrySpecificRequestedAttributes) { - this.countrySpecificRequestedAttributes = countrySpecificRequestedAttributes; - } - - /** - * Adds a Requested attribute to the country specific attribute List - * @param countrySpecificRequestedAttribute Additional country specific requested attribute to add - */ - public void addCountrySpecificRequestedAttribute(RequestedAttribute countrySpecificRequestedAttribute) { - this.countrySpecificRequestedAttributes.add(countrySpecificRequestedAttribute); - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java deleted file mode 100644 index 6ad45d8c9..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java +++ /dev/null @@ -1,1253 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -import iaik.pki.pathvalidation.ChainingModes; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; - -import java.io.IOException; -import java.math.BigInteger; -import java.security.Principal; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Hashtable; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Vector; - -import org.w3c.dom.Attr; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.w3c.dom.traversal.NodeIterator; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.data.Schema; -import at.gv.egovernment.moa.id.auth.data.SchemaImpl; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.legacy.OAAuthParameter; -import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameter; -import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameters; -import at.gv.egovernment.moa.id.config.legacy.SignatureCreationParameter; -import at.gv.egovernment.moa.id.data.IssuerAndSerial; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.BoolUtils; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.StringUtils; -import at.gv.egovernment.moa.util.XPathException; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * A class that builds configuration data from a DOM based representation. - * - * @author Patrick Peck - * @author Stefan Knirsch - * @version $Id$ - */ -public class ConfigurationBuilder { - - // - // XPath namespace prefix shortcuts - // - /** an XPATH-Expression */ - protected static final String CONF = Constants.MOA_ID_CONFIG_PREFIX + ":"; - /** an XPATH-Expression */ - protected static final String DSIG = Constants.DSIG_PREFIX + ":"; - - /** an XPATH-Expression */ - protected static final String STORK = Constants.STORK_PREFIX + ":"; - - /** an XPATH-Expression */ - protected static final String STORKP= Constants.STORKP_PREFIX + ":"; - - // - // chaining mode constants appearing in the configuration file - // - /** an XPATH-Expression */ - protected static final String CM_CHAINING = "chaining"; - /** an XPATH-Expression */ - protected static final String CM_PKIX = "pkix"; - /** an XPATH-Expression */ - protected static final String DEFAULT_ENCODING = "UTF-8"; - - // - // XPath expressions to select certain parts of the configuration - // - /** an XPATH-Expression */ - protected static final String ROOT = "/" + CONF + "MOA-IDConfiguration/"; - - /** an XPATH-Expression */ - protected static final String AUTH_BKU_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "BKUSelection"; - /** an XPATH-Expression */ - protected static final String AUTH_BKUSELECT_TEMPLATE_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "BKUSelectionTemplate/@URL"; - /** an XPATH-Expression */ - protected static final String AUTH_TEMPLATE_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "Template/@URL"; - /** an XPATH-Expression */ - public static final String AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU"; - - - //protected static final String AUTH_MANDATE_TEMPLATE_XPATH = -// ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "MandateTemplate/@URL"; - /** an XPATH-Expression */ - protected static final String INPUT_PROCESSOR_TEMPLATE_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "InputProcessorSignTemplate/@URL"; - /** an XPATH-Expression */ - public static final String AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "SecurityLayer/" + CONF + "TransformsInfo/@filename"; - /** an XPATH-Expression */ - protected static final String AUTH_MOA_SP_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP"; - /** an XPATH-Expression */ - protected static final String AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyIdentityLink/" + CONF + "TrustProfileID"; - /** an XPATH-Expression */ - protected static final String AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "TrustProfileID"; - /** an XPATH-Expression */ - protected static final String AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "VerifyTransformsInfoProfileID"; - - /** an XPATH-Expression */ - protected static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "IdentityLinkSigners/" + CONF + "X509SubjectName"; - - /** an XPATH-Expression */ - public static final String AUTH_VERIFY_INFOBOXES_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "VerifyInfoboxes"; - - /** an XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities"; - - /** an XPATH-Expression */ - public static final String AUTH_ONLINEMANDATES_XPATH = - ROOT + CONF + "AuthComponent/" + CONF + "OnlineMandates"; - - - - /** an XPATH-Expression */ - protected static final String OA_XPATH = ROOT + CONF + "OnlineApplication"; - /** an XPATH-Expression */ - protected static final String OA_LOGIN_XPATH = ROOT + CONF + "OnlineApplication/@loginURL"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_XPATH = CONF + "AuthComponent"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_IDENT_NUMBER_XPATH = CONF + "IdentificationNumber"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH = - CONF + "Templates/" + CONF + "BKUSelectionTemplate/@URL"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_TEMPLATE_XPATH = - CONF + "Templates/" + CONF + "Template/@URL"; - /** an XPATH-Expression */ - public static final String OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH = - CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU"; - //protected static final String OA_AUTH_COMPONENT_MANDATE_TEMPLATE_XPATH = - //CONF + "Templates/" + CONF + "MandateTemplate/@URL"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH = CONF + "VerifyInfoboxes"; - /** an XPATH-Expression */ - protected static final String OA_AUTH_COMPONENT_MANDATES_PROFILES_XPATH = CONF + "Mandates" + "/" + CONF + "Profiles"; - /** an XPATH-Expression */ - protected static final String CONNECTION_PARAMETER_URL_XPATH = - CONF + "ConnectionParameter/@URL"; - /** an XPATH-Expression */ - protected static final String CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH = - CONF + "ConnectionParameter/" + CONF + "AcceptedServerCertificates"; - /** an XPATH-Expression */ - protected static final String CONNECTION_PARAMETERN_KEYSTORE_XPATH = - CONF + "ConnectionParameter/" + CONF + "ClientKeyStore"; - /** an XPATH-Expression */ - protected static final String CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH = - CONNECTION_PARAMETERN_KEYSTORE_XPATH + "/@password"; - /** an XPATH-Expression */ - protected static final String GENERIC_CONFIGURATION_XPATH = - ROOT + CONF + "GenericConfiguration"; - - /** an XPATH-Expression */ - protected static final String TRUSTED_BKUS = - ROOT + CONF + "TrustedBKUs/" + CONF + "BKUURL"; - - protected static final String TRUSTED_TEMPLATEURLS = - ROOT + CONF + "TrustedTemplateURLs/" + CONF + "TemplateURL"; - - - /** an XPATH-Expression */ - protected static final String CHAINING_MODES_XPATH = - ROOT + CONF + "ChainingModes"; - /** an XPATH-Expression */ - protected static final String CHAINING_MODES_DEFAULT_XPATH = - CHAINING_MODES_XPATH + "/@systemDefaultMode"; - /** an XPATH-Expression */ - protected static final String TRUST_ANCHOR_XPATH = - ROOT + CONF + "ChainingModes/" + CONF + "TrustAnchor"; - /** an XPATH-Expression */ - protected static final String ISSUER_XPATH = DSIG + "X509IssuerName"; - /** an XPATH-Expression */ - protected static final String SERIAL_XPATH = DSIG + "X509SerialNumber"; - /** an XPATH-Expression */ - protected static final String TRUSTED_CA_CERTIFICATES_XPATH = - ROOT + CONF + "TrustedCACertificates"; - - /** an XPATH-Expression */ - protected static final String VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH = CONF + "DefaultTrustProfile"; - /** an XPATH-Expression */ - protected static final String VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH = CONF + "TrustProfileID"; - /** an XPATH-Expression */ - protected static final String VERIFY_INFOBOXES_INFOBOX_XPATH = CONF + "Infobox"; - - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS = - ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "C-PEPS"; - - /** STORK Config AttributeName */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE = "countryCode"; - - /** STORK Config AttributeName */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL = "URL"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER = - ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "SAMLSigningParameter/" + - CONF + "SignatureCreationParameter" ; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_REQUESTED_ATTRIBUTES = - STORK + "RequestedAttribute"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER = - ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "SAMLSigningParameter/" + - CONF + "SignatureVerificationParameter"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE = - CONF + "KeyStore"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME = - CONF + "KeyName"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD = - CONF + "KeyStore/@password"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME_PASSWORD = - CONF + "KeyName/@password"; - - /** STORK Config XPATH-Expression */ - public static final String AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID = - CONF + "TrustProfileID"; - - /** STORK Config XPATH-Expression */ - public static final String OA_AUTH_COMPONENT_STORK_QAA = - CONF + "STORK/" + STORK + "QualityAuthenticationAssuranceLevel"; - - /** STORK Config XPATH-Expression */ - public static final String OA_AUTH_COMPONENT_STORK_REQUESTED_ATTRIBUTE = - CONF + "STORK/" + STORKP + "RequestedAttributes/" + STORK + "RequestedAttribute"; - - /** - * main configuration file directory name used to configure MOA-ID - */ - protected String rootConfigFileDir_; - - /** The root element of the MOA-ID configuration */ - protected Element configElem_; - - /** - * Creates a new <code>MOAConfigurationProvider</code>. - * - * @param configElem The root element of the MOA-ID configuration. - */ - public ConfigurationBuilder(Element configElem, String rootConfigDir) { - configElem_ = configElem; - rootConfigFileDir_ = rootConfigDir; - } - - /** - * Returns the root element of the MOA-ID configuration. - * - * @return The root element of the MOA-ID configuration. - */ - public Element getConfigElem() { - return configElem_; - } - - /** - * Build a ConnectionParameter object containing all information - * of the moa-sp element in the authentication component - * @return ConnectionParameter of the authentication component moa-sp element - */ - public ConnectionParameter buildAuthBKUConnectionParameter() { - - Element authBKU = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_BKU_XPATH); - if (authBKU==null) return null; - return buildConnectionParameter(authBKU); - } - - /** - * Build a ConnectionParameter containing all information - * of the foreignid element in the authentication component - * @return ConnectionParameter of the authentication component foreignid element - */ - public ConnectionParameter buildForeignIDConnectionParameter() { - Element foreignid = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_XPATH); - if (foreignid==null) return null; - return buildConnectionParameter(foreignid); - - } - - /** - * Build a ConnectionParameter containing all information - * of the OnlineMandates element in the authentication component - * @return ConnectionParameter of the authentication component OnlineMandates element - */ - public ConnectionParameter buildOnlineMandatesConnectionParameter() { - Element onlinemandates = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_ONLINEMANDATES_XPATH); - if (onlinemandates==null) return null; - return buildConnectionParameter(onlinemandates); - - } - - /** - * Method buildAuthBKUSelectionType. - * - * Build a string with the configuration value of BKUSelectionAlternative - * - * @return String - */ - public String buildAuthBKUSelectionType() { - - Element authBKU = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_BKU_XPATH); - if (authBKU==null) return null; - return (authBKU).getAttribute("BKUSelectionAlternative"); - } - - /** - * Build a string array with all filenames leading - * to the Transforms Information for the Security Layer - * @param contextNode The node from which should be searched - * @param xpathExpr The XPATH expression for the search - * @return String[] of filenames to the Security Layer Transforms Information - * or <code>null</code> if no transforms are included - */ - public String[] buildTransformsInfoFileNames(Node contextNode, String xpathExpr) { - - List transformsInfoFileNames = new ArrayList(); - - try { - NodeIterator tiIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr); - - Attr tiElem; - while ((tiElem = (Attr) tiIter.nextNode()) != null) { - String tiFileName = tiElem.getNodeValue(); - transformsInfoFileNames.add(tiFileName); - } - - String[] result = new String[transformsInfoFileNames.size()]; - transformsInfoFileNames.toArray(result); - - return result; - } catch (XPathException xpe) { - return new String[0]; - } - } - - - /** - * Loads the <code>transformsInfos</code> from files. - * @throws Exception on any exception thrown - */ - public String[] loadTransformsInfos(String[] transformsInfoFileNames) throws Exception { - - String[] transformsInfos; - - transformsInfos = new String[transformsInfoFileNames.length]; - for (int i = 0; i < transformsInfoFileNames.length; i++) { - - String fileURL = transformsInfoFileNames[i]; - try { - // if fileURL is relative to rootConfigFileDir make it absolute - fileURL = FileUtils.makeAbsoluteURL(fileURL, rootConfigFileDir_); - - String transformsInfo = FileUtils.readURL(fileURL, DEFAULT_ENCODING); - transformsInfos[i] = transformsInfo; - - } catch (IOException e) { - Logger.info("Transformation with URL " + fileURL + " can not be loaded"); - } - } - - return transformsInfos; - } - - /** - * Build a ConnectionParameter bean containing all information - * of the authentication component moa-sp element - * @return ConnectionParameter of the authentication component moa-sp element - */ - public ConnectionParameter buildMoaSpConnectionParameter() { - - Element connectionParameter = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_MOA_SP_XPATH); - if (connectionParameter==null) return null; - return buildConnectionParameter(connectionParameter); - } - - /** - * Return a string with a url-reference to the VerifyIdentityLink trust - * profile id within the moa-sp part of the authentication component - * @return String with a url-reference to the VerifyIdentityLink trust profile ID - */ - public String getMoaSpIdentityLinkTrustProfileID() { - return XPathUtils.getElementValue( - configElem_, - AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH, - ""); - } - /** - * Return a string representation of an URL pointing to trusted CA Certificates - * @return String representation of an URL pointing to trusted CA Certificates - */ - public String getTrustedCACertificates() { - return XPathUtils.getElementValue( - configElem_, - TRUSTED_CA_CERTIFICATES_XPATH,null); - } - - /** - * Return a string with a url-reference to the VerifyAuthBlock trust - * profile id within the moa-sp part of the authentication component - * @return String with a url-reference to the VerifyAuthBlock trust profile ID - */ - public String getMoaSpAuthBlockTrustProfileID() { - return XPathUtils.getElementValue( - configElem_, - AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH, - ""); - } - /** - * Build a string array with references to all verify transform info - * IDs within the moa-sp part of the authentication component - * @return A string array containing all urls to the - * verify transform info IDs - */ - public String[] buildMoaSpAuthBlockVerifyTransformsInfoIDs() { - - List verifyTransformsInfoIDs = new ArrayList(); - NodeIterator vtIter = - XPathUtils.selectNodeIterator( - configElem_, - AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH); - Element vtElem; - - while ((vtElem = (Element) vtIter.nextNode()) != null) { - - String vtInfoIDs = DOMUtils.getText(vtElem); - verifyTransformsInfoIDs.add(vtInfoIDs); - } - String[] result = new String[verifyTransformsInfoIDs.size()]; - verifyTransformsInfoIDs.toArray(result); - - return result; - } - - public List getTrustedBKUs() { - - List trustedBKUs = new ArrayList(); - - NodeIterator bkuIter = XPathUtils.selectNodeIterator(configElem_, TRUSTED_BKUS); - - Element vtElem; - - while ((vtElem = (Element) bkuIter.nextNode()) != null) { - String bkuURL = DOMUtils.getText(vtElem); - trustedBKUs.add(bkuURL); - } - - return trustedBKUs; - - } - -public List getTrustedTemplateURLs() { - - List trustedTemplateURLs = new ArrayList(); - - NodeIterator bkuIter = XPathUtils.selectNodeIterator(configElem_, TRUSTED_TEMPLATEURLS); - - Element vtElem; - - while ((vtElem = (Element) bkuIter.nextNode()) != null) { - String bkuURL = DOMUtils.getText(vtElem); - trustedTemplateURLs.add(bkuURL); - } - - return trustedTemplateURLs; - - } - - /** - * Returns a list containing all X509 Subject Names - * of the Identity Link Signers - * @return a list containing the configured identity-link signer X509 subject names - */ - public List getIdentityLink_X509SubjectNames() { - - Vector x509SubjectNameList = new Vector(); - NodeIterator x509Iter = - XPathUtils.selectNodeIterator( - configElem_, - AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH); - Element x509Elem; - - while ((x509Elem = (Element) x509Iter.nextNode()) != null) { - String vtInfoIDs = DOMUtils.getText(x509Elem); - x509SubjectNameList.add(vtInfoIDs); - } - - // now add the default identity link signers - String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; - for (int i=0; i<identityLinkSignersWithoutOID.length; i++) { - String identityLinkSigner = identityLinkSignersWithoutOID[i]; - if (!x509SubjectNameList.contains(identityLinkSigner)) { - x509SubjectNameList.add(identityLinkSigner); - } - } - - return x509SubjectNameList; - } - - /** - * Build an array of the OnlineApplication Parameters containing information - * about the authentication component - * - * @param defaultVerifyInfoboxParameters Default parameters for verifying additional - * infoboxes. Maybe <code>null</code>. - * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating - * the identity link signer certificate. Needed for - * checking if this ID is not used for validating other - * infoboxes. - * - * @return An OAProxyParameter array containing beans - * with all relevant information for the authentication component of the online - * application - */ - public OAAuthParameter[] buildOnlineApplicationAuthParameters( - VerifyInfoboxParameters defaultVerifyInfoboxParameters, String moaSpIdentityLinkTrustProfileID) - throws ConfigurationException - { - - String bkuSelectionTemplateURL = - XPathUtils.getAttributeValue(configElem_, AUTH_BKUSELECT_TEMPLATE_XPATH, null); - String templateURL = - XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null); - String inputProcessorSignTemplateURL = - XPathUtils.getAttributeValue(configElem_, INPUT_PROCESSOR_TEMPLATE_XPATH, null); - - - List OA_set = new ArrayList(); - NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH); - - for (int i = 0; i < OAIter.getLength(); i++) { - Element oAElem = (Element) OAIter.item(i); - Element authComponent = - (Element) XPathUtils.selectSingleNode(oAElem, OA_AUTH_COMPONENT_XPATH); - - OAAuthParameter oap = new OAAuthParameter(); - String publicURLPrefix = oAElem.getAttribute("publicURLPrefix"); - oap.setPublicURLPrefix(publicURLPrefix); - oap.setKeyBoxIdentier(oAElem.getAttribute("keyBoxIdentifier")); - oap.setFriendlyName(oAElem.getAttribute("friendlyName")); - String targetConfig = oAElem.getAttribute("target"); - String targetFriendlyNameConfig = oAElem.getAttribute("targetFriendlyName"); - - // get the type of the online application - String oaType = oAElem.getAttribute("type"); - oap.setOaType(oaType); - String slVersion = "1.1"; - if ("businessService".equalsIgnoreCase(oaType)) { - if (authComponent==null) { - Logger.error("Missing \"AuthComponent\" for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - Element identificationNumberElem = - (Element) XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_IDENT_NUMBER_XPATH); - if (identificationNumberElem==null) { - Logger.error("Missing \"IdentificationNumber\" for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - Element identificationNumberChild = DOMUtils.getElementFromNodeList(identificationNumberElem.getChildNodes()); - if (identificationNumberChild == null) { - Logger.error("Missing \"IdentificationNumber\" for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - - if (!StringUtils.isEmpty(targetConfig)) { - Logger.error("Target attribute can not be set for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - if (!StringUtils.isEmpty(targetFriendlyNameConfig)) { - Logger.error("Target friendly name attribute can not be set for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - - - if ("false".equalsIgnoreCase(oAElem.getAttribute("calculateHPI"))) { - oap.setIdentityLinkDomainIdentifier(buildIdentityLinkDomainIdentifier(identificationNumberChild)); - //BZ.., setting type of IdLinkDomainIdentifier - oap.setIdentityLinkDomainIdentifierType(identificationNumberChild.getLocalName()); - //..BZ - } else { - // If we have business service and want to dealt with GDA, the security layer can be advised to calulate - // the Health Professional Identifier HPI instead of the wbPK - Logger.info("OA uses HPI for Identification"); - oap.setIdentityLinkDomainIdentifier(Constants.URN_PREFIX_HPI); - } - - // if OA type is "businessSErvice" set slVersion to 1.2 and ignore parameter in config file - Logger.info("OA type is \"businessService\"; setting Security Layer version to 1.2"); - slVersion = "1.2"; - - } else { - - if (StringUtils.isEmpty(targetConfig) && !StringUtils.isEmpty(targetFriendlyNameConfig)) { - Logger.error("Target friendly name attribute can not be set alone for OA of type \"businessService\""); - throw new ConfigurationException("config.02", null); - } - oap.setTarget(targetConfig); - oap.setTargetFriendlyName(targetFriendlyNameConfig); - - if (authComponent!=null) { - slVersion = authComponent.getAttribute("slVersion"); - } - - - } - oap.setSlVersion(slVersion); - //Check if there is an Auth-Block to read from configuration - - if (authComponent!=null) - { - oap.setProvideStammzahl(BoolUtils.valueOf(authComponent.getAttribute("provideStammzahl"))); - oap.setProvideAuthBlock(BoolUtils.valueOf(authComponent.getAttribute("provideAUTHBlock"))); - oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink"))); - oap.setProvideCertificate(BoolUtils.valueOf(authComponent.getAttribute("provideCertificate"))); - oap.setProvideFullMandatorData(BoolUtils.valueOf(authComponent.getAttribute("provideFullMandatorData"))); - oap.setUseUTC(BoolUtils.valueOf(authComponent.getAttribute("useUTC"))); - oap.setUseCondition(BoolUtils.valueOf(authComponent.getAttribute("useCondition"))); - oap.setConditionLength(buildConditionLength(authComponent.getAttribute("conditionLength"))); - oap.setBkuSelectionTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH, bkuSelectionTemplateURL)); - oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL)); - -// System.out.println(publicURLPrefix); -// System.out.println("useCondition: " + oap.getUseCondition()); -// System.out.println("conditionLength: " + oap.getConditionLength()); - - oap.setInputProcessorSignTemplateURL(buildTemplateURL(authComponent, INPUT_PROCESSOR_TEMPLATE_XPATH, inputProcessorSignTemplateURL)); - // load OA specific transforms if present - String[] transformsInfoFileNames = buildTransformsInfoFileNames(authComponent, OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH); - try { - oap.setTransformsInfos(loadTransformsInfos(transformsInfoFileNames)); - } catch (Exception ex) { - Logger.error("Error loading transforms specified for OA \"" + publicURLPrefix + "\"; using default transforms."); - } - Node verifyInfoboxParamtersNode = XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH); - oap.setVerifyInfoboxParameters(buildVerifyInfoboxParameters( - verifyInfoboxParamtersNode, defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID)); - - Node mandateProfilesNode = XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_MANDATES_PROFILES_XPATH); - if (mandateProfilesNode != null) { - if ("businessService".equalsIgnoreCase(oaType)) { - Logger.error("No Online Mandate Modus for OA of type \"businessService\" allowed."); - throw new ConfigurationException("config.02", null); - } - else { - String profiles = DOMUtils.getText(mandateProfilesNode); - oap.setMandateProfiles(profiles); - } - } - - //add STORK Configuration specific to OA (RequestedAttributes, QAALevel) - //QualityAuthenticationAssuranceLevel qaaLevel = buildOaSTORKQAALevel(authComponent); - //if (qaaLevel != null) { - // oap.setQaaLevel(qaaLevel); - // Logger.debug("Using non-MOA-default STORK QAALevel for this OA " + "(" + oap.getPublicURLPrefix() + "): " + qaaLevel.getValue()); - //} - - //RequestedAttributes additionalRequestedAttributes = buildOaSTORKRequestedAttributes(authComponent); - // - //if(!additionalRequestedAttributes.getRequestedAttributes().isEmpty()) { - // //we have additional STORK attributes to request for this OA - // Logger.debug("Using non-MOA-default STORK RequestedAttributes for this OA " + "(" + oap.getPublicURLPrefix() + "): "); - // for (RequestedAttribute addReqAttr : additionalRequestedAttributes.getRequestedAttributes()) { - // if (!SAMLUtil.containsAttribute(oap.getRequestedAttributes().getRequestedAttributes(),addReqAttr.getName())) { - /// addReqAttr.detach(); - // oap.getRequestedAttributes().getRequestedAttributes().add(addReqAttr); - // Logger.debug("Requesting additional attribute: " + addReqAttr.getName() + ", isRequired: " + addReqAttr.isRequired()); - // } - // } - - //} else { - // //do nothing, only request default attributes - //} - - - } - OA_set.add(oap); - } - OAAuthParameter[] result = - new OAAuthParameter[OA_set.size()]; - OA_set.toArray(result); - - return result; - - } - - /** - * Returns the condition length as int - * @param length the condition length as int - * @return - */ - private int buildConditionLength(String length) { - - if (StringUtils.isEmpty(length)) - return -1; - else - return new Integer(length).intValue(); - } - - /** - * Builds the URL for a BKUSelectionTemplate or a Template. The method selects - * the uri string from the MOA ID configuration file via the given xpath expression - * and returns either this string or the default value. - * - * @param oaAuthComponent The AuthComponent element to get the template from. - * @param xpathExpr The xpath expression for selecting the template uri. - * @param defaultURL The default template url. - * @return The template url. This may either the via xpath selected uri - * or, if no template is specified within the online appliacation, - * the default url. Both may be <code>null</code>. - */ - protected String buildTemplateURL(Element oaAuthComponent, String xpathExpr, String defaultURL) { - String templateURL = XPathUtils.getAttributeValue(oaAuthComponent, xpathExpr, defaultURL); - if (templateURL != null) { - templateURL = FileUtils.makeAbsoluteURL(templateURL, rootConfigFileDir_); - } - return templateURL; - } - - - - - - - /** - * Method buildConnectionParameter: internal Method for creating a - * ConnectionParameter object with all data found in the incoming element - * @param root This Element contains the ConnectionParameter - * @return ConnectionParameter - */ - protected ConnectionParameter buildConnectionParameter(Element root) - { - ConnectionParameter result = new ConnectionParameter(); - result.setAcceptedServerCertificates( - XPathUtils.getElementValue(root,CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH,null)); - - result.setAcceptedServerCertificates(FileUtils.makeAbsoluteURL( - result.getAcceptedServerCertificates(), rootConfigFileDir_)); - - result.setUrl( - XPathUtils.getAttributeValue(root, CONNECTION_PARAMETER_URL_XPATH, "")); - result.setClientKeyStore( - XPathUtils.getElementValue(root,CONNECTION_PARAMETERN_KEYSTORE_XPATH,null)); - - result.setClientKeyStore(FileUtils.makeAbsoluteURL( - result.getClientKeyStore(), rootConfigFileDir_)); - - result.setClientKeyStorePassword( - XPathUtils.getAttributeValue(root,CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH,"")); - - if ((result.getAcceptedServerCertificates()==null) - && (result.getUrl()=="") - && (result.getClientKeyStore()==null) - && (result.getClientKeyStorePassword()=="")) - return null; - - return result; - } - - - /** - * Build the mapping of generic configuration properties. - * - * @return a {@link Map} of generic configuration properties (a name to value - * mapping) from the configuration. - */ - public Map buildGenericConfiguration() { - - Map genericConfiguration = new HashMap(); - NodeIterator gcIter = - XPathUtils.selectNodeIterator( - configElem_, - GENERIC_CONFIGURATION_XPATH); - Element gcElem; - - while ((gcElem = (Element) gcIter.nextNode()) != null) { - String gcName = gcElem.getAttribute("name"); - String gcValue = gcElem.getAttribute("value"); - - genericConfiguration.put(gcName, gcValue); - } - - return genericConfiguration; - } - - - /** - * Returns the default chaining mode from the configuration. - * - * @return The default chaining mode. - */ - public String getDefaultChainingMode() { - String defaultChaining = - XPathUtils.getAttributeValue( - configElem_, - CHAINING_MODES_DEFAULT_XPATH, - CM_CHAINING); - - return translateChainingMode(defaultChaining); - - } - /** - * Build the chaining modes for all configured trust anchors. - * - * @return The mapping from trust anchors to chaining modes. - */ - public Map buildChainingModes() { - Map chainingModes = new HashMap(); - NodeIterator trustIter = - XPathUtils.selectNodeIterator(configElem_, TRUST_ANCHOR_XPATH); - Element trustAnchorElem; - - while ((trustAnchorElem = (Element) trustIter.nextNode()) != null) { - IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(trustAnchorElem); - String mode = trustAnchorElem.getAttribute("mode"); - - if (issuerAndSerial != null) { - chainingModes.put(issuerAndSerial, translateChainingMode(mode)); - } - } - - return chainingModes; - } - - /** - * Build an <code>IssuerAndSerial</code> from the DOM representation. - * - * @param root The root element (being of type <code>dsig: - * X509IssuerSerialType</code>. - * @return The issuer and serial number contained in the <code>root</code> - * element or <code>null</code> if could not be built for any reason. - */ - protected IssuerAndSerial buildIssuerAndSerial(Element root) { - String issuer = XPathUtils.getElementValue(root, ISSUER_XPATH, null); - String serial = XPathUtils.getElementValue(root, SERIAL_XPATH, null); - - if (issuer != null && serial != null) { - try { - RFC2253NameParser nameParser = new RFC2253NameParser(issuer); - Principal issuerDN = nameParser.parse(); - - return new IssuerAndSerial(issuerDN, new BigInteger(serial)); - } catch (RFC2253NameParserException e) { - warn("config.09", new Object[] { issuer, serial }, e); - return null; - } catch (NumberFormatException e) { - warn("config.09", new Object[] { issuer, serial }, e); - return null; - } - } - return null; - } - - /** - * Translate the chaining mode from the configuration file to one used in the - * IAIK MOA API. - * - * @param chainingMode The chaining mode from the configuration. - * @return The chaining mode as provided by the <code>ChainingModes</code> - * interface. - * @see iaik.pki.pathvalidation.ChainingModes - */ - protected String translateChainingMode(String chainingMode) { - if (chainingMode.equals(CM_CHAINING)) { - return ChainingModes.CHAIN_MODE; - } else if (chainingMode.equals(CM_PKIX)) { - return ChainingModes.PKIX_MODE; - } else { - return ChainingModes.CHAIN_MODE; - } - } - - /** - * Builds the IdentityLinkDomainIdentifier as needed for providing it to the - * SecurityLayer for computation of the wbPK. - * <p>e.g.:<br> - * input element: - * <br> - * <code><pr:Firmenbuchnummer Identifier="FN">000468 i</pr:Firmenbuchnummer></code> - * <p> - * return value: <code>urn:publicid:gv.at+wbpk+FN468i</code> - * - * @param number The element holding the identification number of the business - * company. - * @return The domain identifier - */ - protected String buildIdentityLinkDomainIdentifier(Element number) { - if (number == null) { - return null; - } - String identificationNumber = number.getFirstChild().getNodeValue(); - String identifier = number.getAttribute("Identifier"); - // remove all blanks - identificationNumber = StringUtils.removeBlanks(identificationNumber); - if (number.getLocalName().equals("Firmenbuchnummer") || identifier.equalsIgnoreCase("fn") || identifier.equalsIgnoreCase("xfn")) { - // delete zeros from the beginning of the number - identificationNumber = StringUtils.deleteLeadingZeros(identificationNumber); - // remove hyphens - identificationNumber = StringUtils.removeToken(identificationNumber, "-"); - } - StringBuffer identityLinkDomainIdentifier = new StringBuffer(Constants.URN_PREFIX_WBPK); - identityLinkDomainIdentifier.append("+"); - if (!identificationNumber.startsWith(identifier)) { - identityLinkDomainIdentifier.append(identifier); - } - identityLinkDomainIdentifier.append("+"); - identityLinkDomainIdentifier.append(identificationNumber); - return identityLinkDomainIdentifier.toString(); - } - - /** - * Builds the parameters for verifying additional infoboxes (additional to the - * IdentityLink infobox). - * - * @param verifyInfoboxesElem The <code>VerifyInfoboxes</code> element from the - * config file. This maybe the global element or the - * elment from an Online application. - * @param defaultVerifyInfoboxParameters Default parameters to be used, if no - * <code>VerifyInfoboxes</code> element is present. - * This only applies to parameters - * of an specific online application and is set to - * <code>null</code> when building the global parameters. - * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating - * the identity link signer certificate. Needed for - * checking if this ID is not used for validating other - * infoboxes. - * - * @return A {@link at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters VerifyInfoboxParameters} - * object needed for verifying additional infoboxes. - * - * @throws ConfigurationException If the trust profile for validating the identity link - * signer certificate is used for validating another infobox. - */ - public VerifyInfoboxParameters buildVerifyInfoboxParameters( - Node verifyInfoboxesElem, - VerifyInfoboxParameters defaultVerifyInfoboxParameters, - String moaSpIdentityLinkTrustProfileID) - throws ConfigurationException - { - - if ((verifyInfoboxesElem == null) && (defaultVerifyInfoboxParameters == null)) { - return null; - } - Vector identifiers = new Vector(); - List defaultIdentifiers = null; - Map defaultInfoboxParameters = null; - if (defaultVerifyInfoboxParameters != null) { - defaultIdentifiers = defaultVerifyInfoboxParameters.getIdentifiers(); - defaultInfoboxParameters = defaultVerifyInfoboxParameters.getInfoboxParameters(); - } - Hashtable infoboxParameters = new Hashtable(); - if (verifyInfoboxesElem != null) { - // get the DefaultTrustProfileID - String defaultTrustProfileID = null; - Node defaultTrustProfileNode = - XPathUtils.selectSingleNode(verifyInfoboxesElem, VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH); - if (defaultTrustProfileNode != null) { - Node trustProfileIDNode = - XPathUtils.selectSingleNode(defaultTrustProfileNode, VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH); - defaultTrustProfileID = trustProfileIDNode.getFirstChild().getNodeValue(); - if (defaultTrustProfileID.equals(moaSpIdentityLinkTrustProfileID)) { - throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID}); - } - } - // get the Infoboxes - NodeList infoboxes = - XPathUtils.selectNodeList(verifyInfoboxesElem, VERIFY_INFOBOXES_INFOBOX_XPATH); - for (int i=0; i<infoboxes.getLength(); i++) { - Element infoBoxElem = (Element)infoboxes.item(i); - // get the identifier of the infobox - String identifier = infoBoxElem.getAttribute("Identifier"); - identifiers.add(identifier); - VerifyInfoboxParameter verifyInfoboxParameter = new VerifyInfoboxParameter(identifier); - verifyInfoboxParameter.setFriendlyName(identifier); - // get the attributes - // (1) required: override global value in any case - verifyInfoboxParameter.setRequired(BoolUtils.valueOf( - infoBoxElem.getAttribute("required"))); - // (2) provideStammzahl: override global value in any case - verifyInfoboxParameter.setProvideStammzahl(BoolUtils.valueOf( - infoBoxElem.getAttribute("provideStammzahl"))); - // (3) proviedIdentityLink: override global value in any case - verifyInfoboxParameter.setProvideIdentityLink(BoolUtils.valueOf( - infoBoxElem.getAttribute("provideIdentityLink"))); - // set default trustprofileID - if (defaultTrustProfileID != null) { - verifyInfoboxParameter.setTrustProfileID(defaultTrustProfileID); - } - // get the parameter elements - boolean localValidatorClass = false; - boolean localFriendlyName = false; - List params = DOMUtils.getChildElements(infoBoxElem); - Iterator it = params.iterator(); - while (it.hasNext()) { - Element paramElem = (Element)it.next(); - String paramName = paramElem.getLocalName(); - if (paramName.equals("FriendlyName")) { - verifyInfoboxParameter.setFriendlyName(paramElem.getFirstChild().getNodeValue()); - localFriendlyName = true; - } else if (paramName.equals("TrustProfileID")) { - String trustProfileID = paramElem.getFirstChild().getNodeValue(); - if (trustProfileID != null) { - if (trustProfileID.equals(moaSpIdentityLinkTrustProfileID)) { - throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID}); - } - verifyInfoboxParameter.setTrustProfileID(trustProfileID); - } - } else if (paramName.equals("ValidatorClass")) { - String validatorClassName = paramElem.getFirstChild().getNodeValue(); - if (validatorClassName != null) { - verifyInfoboxParameter.setValidatorClassName(validatorClassName); - localValidatorClass = true; - } - } else if (paramName.equals("SchemaLocations")) { - List schemaElems = DOMUtils.getChildElements(paramElem); - List schemaLocations = new Vector(schemaElems.size()); - Iterator schemaIterator = schemaElems.iterator(); - while (schemaIterator.hasNext()) { - Element schemaElem = (Element)schemaIterator.next(); - String namespace = schemaElem.getAttribute("namespace"); - String schemaLocation = schemaElem.getAttribute("schemaLocation"); - // avoid adding the same schema twice - Iterator schemaLocationIterator = schemaLocations.iterator(); - boolean add = true; - while (schemaLocationIterator.hasNext()) { - String existingNamespace = ((Schema)schemaLocationIterator.next()).getNamespace(); - if (namespace.equals(existingNamespace)) { - Logger.warn("Multiple schemas specified for namespace \"" + namespace + - "\"; only using the first one."); - add = false; - break; - } - } - if (add) { - schemaLocations.add(new SchemaImpl(namespace, schemaLocation)); - } - } - verifyInfoboxParameter.setSchemaLocations(schemaLocations); - } else if (paramName.equals("ApplicationSpecificParameters")) { - verifyInfoboxParameter.setApplicationSpecificParams(paramElem); - } else if (paramName.equals("ParepSpecificParameters")) { - verifyInfoboxParameter.appendParepSpecificParams(paramElem); - } - } - // use default values for those parameters not yet set by local configuration - if (defaultInfoboxParameters != null) { - Object defaultVerifyIP = defaultInfoboxParameters.get(identifier); - if (defaultVerifyIP != null) { - VerifyInfoboxParameter defaultVerifyInfoboxParameter = - (VerifyInfoboxParameter)defaultVerifyIP; - // if no friendly is set, use default - if (!localFriendlyName) { - verifyInfoboxParameter.setFriendlyName( - defaultVerifyInfoboxParameter.getFriendlyName()); - } - // if no TrustProfileID is set, use default, if available - if (verifyInfoboxParameter.getTrustProfileID() == null) { - verifyInfoboxParameter.setTrustProfileID( - defaultVerifyInfoboxParameter.getTrustProfileID()); - } - // if no local validator class is set, use default - if (!localValidatorClass) { - verifyInfoboxParameter.setValidatorClassName( - defaultVerifyInfoboxParameter.getValidatorClassName()); - } - // if no schema locations set, use default - if (verifyInfoboxParameter.getSchemaLocations() == null) { - verifyInfoboxParameter.setSchemaLocations( - defaultVerifyInfoboxParameter.getSchemaLocations()); - } - // if no application specific parameters set, use default - if (verifyInfoboxParameter.getApplicationSpecificParams() == null) { - verifyInfoboxParameter.setApplicationSpecificParams( - defaultVerifyInfoboxParameter.getApplicationSpecificParams()); - } - } - } - infoboxParameters.put(identifier, verifyInfoboxParameter); - } - // add the infobox identifiers not present within the local configuration to the - // identifier list - if (defaultIdentifiers != null) { - Iterator identifierIterator = defaultIdentifiers.iterator(); - while (identifierIterator.hasNext()) { - String defaultIdentifier = (String)identifierIterator.next(); - if (!identifiers.contains(defaultIdentifier)) { - identifiers.add(defaultIdentifier); - } - } - } - return new VerifyInfoboxParameters(identifiers, infoboxParameters); - } else { - return new VerifyInfoboxParameters(defaultIdentifiers, infoboxParameters); - } - } - - /** - * Creates a SignatureCreationParameter object from the MOA-ID configuration - * This configuration object contains KeyStore and Key data for signature creation (STORK SAML Signature Creation). - * - * @return KeyStore and Key data for signature creation (STORK SAML Signature Creation) - */ - public SignatureCreationParameter buildSTORKSignatureCreationParameter() { - - Logger.debug("Loading STORK signature creation parameters."); - - Element signatureCreationParameterElement = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER); - if (signatureCreationParameterElement == null) { - Logger.debug("No STORK signature parameters found, " + AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER + "is missing."); - return null; - } - - SignatureCreationParameter signatureCreationParameter = new SignatureCreationParameter(); - - Element keyStoreElement = (Element)XPathUtils.selectSingleNode(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE); - if (keyStoreElement==null) { - Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE + "is missing."); - return null; - } - - Element keyNameElement = (Element)XPathUtils.selectSingleNode(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME); - if (keyNameElement==null) { - Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME + "is missing."); - return null; - } - - String keyStorePath = DOMUtils.getText(keyStoreElement); - if (StringUtils.isEmpty(keyStorePath)) { - Logger.error("No KeyStorePath for STORK SAML Signing Certificate provided!"); - return null; - } - signatureCreationParameter.setKeyStorePath(FileUtils.makeAbsoluteURL(keyStorePath, rootConfigFileDir_)); - Logger.trace("Found KeyStorePath for STORK SAML Signing Certificate: " + keyStorePath); - - String keyStorePassword = XPathUtils.getAttributeValue(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD, ""); - signatureCreationParameter.setKeyStorePassword(keyStorePassword); - - String keyName = DOMUtils.getText(keyNameElement); - if (StringUtils.isEmpty(keyName)) { - Logger.warn(AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD + "is missing."); - return null; - } - signatureCreationParameter.setKeyName(keyName); - Logger.trace("Found KeyName for STORK SAML Signing Certificate: " + keyName); - - String keyPassword = XPathUtils.getAttributeValue(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME_PASSWORD, ""); - signatureCreationParameter.setKeyPassword(keyPassword); - - Logger.info("STORK signature creation parameters loaded."); - - return signatureCreationParameter; - - } - - /** - * Method warn. - * @param messageId to identify a country-specific message - * @param parameters for the logger - */ - // - // various utility methods - // - - protected static void warn(String messageId, Object[] parameters) { - Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); - } - - /** - * Method warn. - * @param messageId to identify a country-specific message - * @param args for the logger - * @param t as throwabl - */ - protected static void warn(String messageId, Object[] args, Throwable t) { - Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, args), t); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java deleted file mode 100644 index ab1cd6c2e..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java +++ /dev/null @@ -1,154 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -import at.gv.egovernment.moa.id.config.ConnectionParameterInterface; - -/** - * This bean class is used to store data for various connectionParameter - * within the MOA-ID configuration - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class ConnectionParameter implements ConnectionParameterInterface{ - - /** - * Server URL - */ - private String url; - /** - * File URL for a directory containing PKCS#12 server SSL certificates. - * From these certificates, a X509 trust store will be assembled for use - * by a JSSE <code>TrustManager</code>. - * This field will only be used in case of an HTTPS URL. - */ - private String acceptedServerCertificates; - /** - * File URL of a X509 key store containing the private key to be used - * for an HTTPS connection when the server requires client authentication. - * This field will only be used in case of an HTTPS URL. - */ - private String clientKeyStore; - /** - * Password protecting the client key store. - */ - private String clientKeyStorePassword; - - /** - * Checks whether the URL scheme is <code>"https"</code>. - * @return true in case of an URL starting with <code>"https"</code> - */ - public boolean isHTTPSURL() { - return getUrl().indexOf("https") == 0; - } - - /** - * Returns the url. - * @return String - */ - public String getUrl() { - return url; - } - - /** - * Returns the acceptedServerCertificates. - * @return String - */ - public String getAcceptedServerCertificates() { - return acceptedServerCertificates; - } - - /** - * Sets the acceptedServerCertificates. - * @param acceptedServerCertificates The acceptedServerCertificates to set - */ - public void setAcceptedServerCertificates(String acceptedServerCertificates) { - this.acceptedServerCertificates = acceptedServerCertificates; - } - - /** - * Sets the url. - * @param url The url to set - */ - public void setUrl(String url) { - this.url = url; - } - - /** - * Returns the clientKeyStore. - * @return String - */ - public String getClientKeyStore() { - return clientKeyStore; - } - - /** - * Returns the clientKeyStorePassword. - * @return String - */ - public String getClientKeyStorePassword() { - return clientKeyStorePassword; - } - - /** - * Sets the clientKeyStore. - * @param clientKeyStore The clientKeyStore to set - */ - public void setClientKeyStore(String clientKeyStore) { - this.clientKeyStore = clientKeyStore; - } - - /** - * Sets the clientKeyStorePassword. - * @param clientKeyStorePassword The clientKeyStorePassword to set - */ - public void setClientKeyStorePassword(String clientKeyStorePassword) { - this.clientKeyStorePassword = clientKeyStorePassword; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java deleted file mode 100644 index 6bdbd38d8..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java +++ /dev/null @@ -1,464 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -/** - * Configuration parameters belonging to an online application, - * to use with the MOA ID Auth component. - * - * @author Stefan Knirsch - * @version $Id$ - */ -/** - * - * - * @author Harald Bratko - */ -public class OAAuthParameter extends OAParameter { - /** - * Sercurity Layer version - */ - private String slVersion; - /** - * true, if the Security Layer version is version 1.2, otherwise false - */ - private boolean slVersion12; - /** - * identityLinkDomainIdentifier - * (e.g <code>urn:publicid:gv.at+wbpk+FN468i</code> for a "Firmenbuchnummer") - * <br> - * only used within a business application context for providing it to the - * security layer as input for wbPK computation - */ - private String identityLinkDomainIdentifier; - /** - * key box Identifier (e.g. CertifiedKeypair, SecureSignatureKeypair) - */ - private String keyBoxIdentifier; - /** - * transformations for rendering in the secure viewer of the security layer - * implementation; multiple transformation can be given for different mime types - */ - private String[] transformsInfos; - /** - * determines whether "Stammzahl" is to be included in the authentication data - */ - private boolean provideStammzahl; - /** - * determines whether AUTH block is to be included in the authentication data - */ - private boolean provideAuthBlock; - /** - * determines whether identity link is to be included in the authentication data - */ - private boolean provideIdentityLink; - /** - * determines whether the certificate is to be included in the authentication data - */ - private boolean provideCertificate; - /** - * determines whether the full mandator data (i.e. the mandate) is to be included in the authentication data - */ - private boolean provideFullMandatorData; - - /** determines wheter the IssueInstant of the SAML assertion is in UTC or not*/ - private boolean useUTC; - - /** determines wheter a saml:Condition is added to the SAML assertion or not */ - private boolean useCondition; - - /** determines the validity time of the SAML assertion (if useCondition is true) in seconds */ - private int conditionLength; - /** - * url to a template for web page "Auswahl der Bürgerkartenumgebung" - */ - private String bkuSelectionTemplateURL; - /** - * template for web page "Anmeldung mit Bürgerkarte" - */ - private String templateURL; - - /** - * template for web page "Signatur der Anmeldedaten" - */ - private String inputProcessorSignTemplateURL; - /** - * Parameters for verifying infoboxes. - */ - private VerifyInfoboxParameters verifyInfoboxParameters; - - /** - * Parameter for Mandate profiles - */ - private String mandateProfiles; - - /** - * - * Type for authentication number (e.g. Firmenbuchnummer) - */ - private String identityLinkDomainIdentifierType; - -/** - * Returns <code>true</code> if the Security Layer version is version 1.2, - * otherwise <code>false</code>. - * @return <code>true</code> if the Security Layer version is version 1.2, - * otherwise <code>false</code> - */ - public boolean getSlVersion12() { - return slVersion12; - } - - /** - * Returns the security layer version. - * @return the security layer version. - */ - public String getSlVersion() { - return slVersion; - } - - /** - * Returns the identityLinkDomainIdentifier. - * @return the identityLinkDomainIdentifier. - */ - public String getIdentityLinkDomainIdentifier() { - return identityLinkDomainIdentifier; - } - - /** - * Returns the transformsInfos. - * @return the transformsInfos. - */ - public String[] getTransformsInfos() { - return transformsInfos; - } - - /** - * Returns the provideAuthBlock. - * @return String - */ - public boolean getProvideAuthBlock() { - return provideAuthBlock; - } - - /** - * Returns the provideIdentityLink. - * @return String - */ - public boolean getProvideIdentityLink() { - return provideIdentityLink; - } - - /** - * Returns the provideStammzahl. - * @return String - */ - public boolean getProvideStammzahl() { - return provideStammzahl; - } - - /** - * Returns <code>true</code> if the certificate should be provided within the - * authentication data, otherwise <code>false</code>. - * @return <code>true</code> if the certificate should be provided, - * otherwise <code>false</code> - */ - public boolean getProvideCertifcate() { - return provideCertificate; - } - - /** - * Returns <code>true</code> if the full mandator data should be provided within the - * authentication data, otherwise <code>false</code>. - * @return <code>true</code> if the full mandator data should be provided, - * otherwise <code>false</code> - */ - public boolean getProvideFullMandatorData() { - return provideFullMandatorData; - } - - /** - * Returns <code>true</code> if the IssueInstant should be given in UTC, otherwise <code>false</code>. - * @return <code>true</code> if the IssueInstant should be given in UTC, otherwise <code>false</code>. - */ - public boolean getUseUTC() { - return useUTC; - } - - /** - * Returns <code>true</code> if the SAML assertion should contain a saml:Condition, otherwise <code>false</code>. - * @return <code>true</code> if the SAML assertion should contain a saml:Condition, otherwise <code>false</code>. - */ - public boolean getUseCondition() { - return useCondition; - } - - /** - * Returns the validity time of the SAML assertion (if useCondition is true) in seconds - * @return the validity time of the SAML assertion (if useCondition is true) in seconds - */ - public int getConditionLength() { - return conditionLength; - } - - -/** - * Returns the key box identifier. - * @return String - */ - public String getKeyBoxIdentifier() { - return keyBoxIdentifier; - } - - /** - * Returns the BkuSelectionTemplate url. - * @return The BkuSelectionTemplate url or <code>null</code> if no url for - * a BkuSelectionTemplate is set. - */ - public String getBkuSelectionTemplateURL() { - return bkuSelectionTemplateURL; - } - - /** - * Returns the TemplateURL url. - * @return The TemplateURL url or <code>null</code> if no url for - * a Template is set. - */ - public String getTemplateURL() { - return templateURL; - } - - - /** - * Returns the inputProcessorSignTemplateURL url. - * @return The inputProcessorSignTemplateURL url or <code>null</code> if no url for - * a input processor sign template is set. - */ - public String getInputProcessorSignTemplateURL() { - return inputProcessorSignTemplateURL; - } - - /** - * Returns the parameters for verifying additional infoboxes. - * - * @return The parameters for verifying additional infoboxes. - * Maybe <code>null</code>. - */ - public VerifyInfoboxParameters getVerifyInfoboxParameters() { - return verifyInfoboxParameters; - } - - /** - * Sets the security layer version. - * Also sets <code>slVersion12</code> ({@link #getSlVersion12()}) - * to <code>true</code> if the Security Layer version is 1.2. - * @param slVersion The security layer version to be used. - */ - public void setSlVersion(String slVersion) { - this.slVersion = slVersion; - if ("1.2".equals(slVersion)) { - this.slVersion12 = true; - } - } - /** - * Sets the IdentityLinkDomainIdentifier. - * @param identityLinkDomainIdentifier The IdentityLinkDomainIdentifiern number of the online application. - */ - public void setIdentityLinkDomainIdentifier(String identityLinkDomainIdentifier) { - this.identityLinkDomainIdentifier = identityLinkDomainIdentifier; - } - /** - * Sets the transformsInfos. - * @param transformsInfos The transformsInfos to be used. - */ - public void setTransformsInfos(String[] transformsInfos) { - this.transformsInfos = transformsInfos; - } - - -/** - * Sets the provideAuthBlock. - * @param provideAuthBlock The provideAuthBlock to set - */ - public void setProvideAuthBlock(boolean provideAuthBlock) { - this.provideAuthBlock = provideAuthBlock; - } - - /** - * Sets the provideIdentityLink. - * @param provideIdentityLink The provideIdentityLink to set - */ - public void setProvideIdentityLink(boolean provideIdentityLink) { - this.provideIdentityLink = provideIdentityLink; - } - - /** - * Sets the provideStammzahl. - * @param provideStammzahl The provideStammzahl to set - */ - public void setProvideStammzahl(boolean provideStammzahl) { - this.provideStammzahl = provideStammzahl; - } - - /** - * Sets the provideCertificate variable. - * @param provideCertificate The provideCertificate value to set - */ - public void setProvideCertificate(boolean provideCertificate) { - this.provideCertificate = provideCertificate; - } - - /** - * Sets the provideFullMandatorData variable. - * @param provideFullMandatorData The provideFullMandatorData value to set - */ - public void setProvideFullMandatorData(boolean provideFullMandatorData) { - this.provideFullMandatorData = provideFullMandatorData; - } - - /** - * Sets the useUTC variable. - * @param useUTC The useUTC value to set - */ - public void setUseUTC(boolean useUTC) { - this.useUTC = useUTC; - } - - /** - * Sets the useCondition variable - * @param useCondition The useCondition value to set - */ - public void setUseCondition(boolean useCondition) { - this.useCondition = useCondition; - } - - /** - * Sets the conditionLength variable - * @param conditionLength the conditionLength value to set - */ - public void setConditionLength(int conditionLength) { - this.conditionLength = conditionLength; - } - - - /** - * Sets the key box identifier. - * @param keyBoxIdentifier to set - */ - public void setKeyBoxIdentier(String keyBoxIdentifier) { - this.keyBoxIdentifier = keyBoxIdentifier; - } - - /** - * Sets the BkuSelectionTemplate url. - * @param bkuSelectionTemplateURL The url string specifying the location - * of a BkuSelectionTemplate. - */ - public void setBkuSelectionTemplateURL(String bkuSelectionTemplateURL) { - this.bkuSelectionTemplateURL = bkuSelectionTemplateURL; - } - - /** - * Sets the Template url. - * @param templateURL The url string specifying the location - * of a Template. - */ - public void setTemplateURL(String templateURL) { - this.templateURL = templateURL; - } - - /** - * Sets the input processor sign form template url. - * - * @param inputProcessorSignTemplateURL The url string specifying the - * location of the input processor sign form - */ - public void setInputProcessorSignTemplateURL(String inputProcessorSignTemplateURL) { - this.inputProcessorSignTemplateURL = inputProcessorSignTemplateURL; - } - - /** - * Sets the parameters for verifying additonal (to the identitylink infobox) infoboxes. - * - * @param verifyInfoboxParameters The verifyInfoboxParameters to set. - */ - public void setVerifyInfoboxParameters(VerifyInfoboxParameters verifyInfoboxParameters) { - this.verifyInfoboxParameters = verifyInfoboxParameters; - } - - /** - * Gets the IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer) - * @return IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer) - */ - public String getIdentityLinkDomainIdentifierType() { - return identityLinkDomainIdentifierType; - } - - /** - * Sets the IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer) - * @param identityLinkDomainIdentifierType The IdentityLinkDomainIdentifier to set (e.g. Firmenbuchnummer) - */ - public void setIdentityLinkDomainIdentifierType(String identityLinkDomainIdentifierType) { - this.identityLinkDomainIdentifierType = identityLinkDomainIdentifierType; - } - - /** - * Sets the Mandate/Profiles - * @param profiles - */ - public void setMandateProfiles(String profiles) { - this.mandateProfiles = profiles; - } - - /** - * Returns the Mandates/Profiles - * @return - */ - public String getMandateProfiles() { - return this.mandateProfiles; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java deleted file mode 100644 index 2a4d68726..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java +++ /dev/null @@ -1,186 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -/** - * Configuration parameters belonging to an online application, - * to be used within both, the MOA ID Auth and the - * MOA ID PROXY component. - * - * @author Harald Bratko - */ -public class OAParameter { - - /** - * type of the online application (maybe "PublicService" or "BusinessService") - */ - private String oaType; - - /** - * specifies whether the online application is a business application or not - * (<code>true</code> if value of {@link #oaType} is "businessService" - */ - private boolean businessService; - - /** - * public URL prefix of the online application - */ - private String publicURLPrefix; - - /** - * specifies a human readable name of the Online Application - */ - private String friendlyName; - - /** - * specified a specific target for the Online Application (overwrites the target in der request) - */ - private String target; - /** - * specifies a friendly name for the target - */ - private String targetFriendlyName; - - /** - * Returns the type of the online application. - * @return the type of the online application. - */ - public String getOaType() { - return oaType; - } - - /** - * Returns <code>true</code> is the OA is a businss application, otherwise - * <code>false</code>. - * @return <code>true</code> is the OA is a businss application, otherwise - * <code>false</code> - */ - public boolean getBusinessService() { - return this.businessService; - } - - /** - * Returns the publicURLPrefix. - * @return String - */ - public String getPublicURLPrefix() { - return publicURLPrefix; - } - - /** - * - * Sets the type of the online application. - * If the type is "businessService" the value of <code>businessService</code> - * ({@link #getBusinessService()}) is also set to <code>true</code> - * @param oaType The type of the online application. - */ - public void setOaType(String oaType) { - this.oaType = oaType; - if ("businessService".equalsIgnoreCase(oaType)) { - this.businessService = true; - } - } - - /** - * Sets the publicURLPrefix. - * @param publicURLPrefix The publicURLPrefix to set - */ - public void setPublicURLPrefix(String publicURLPrefix) { - this.publicURLPrefix = publicURLPrefix; - } - - - /** - * Gets the friendly name of the OA - * @return Friendly Name of the OA - */ - public String getFriendlyName() { - return friendlyName; - } - - /** - * Sets the friendly name of the OA - * @param friendlyName - */ - public void setFriendlyName(String friendlyName) { - this.friendlyName = friendlyName; - } - - /** - * Gets the target of the OA - * @return target of the OA - */ - public String getTarget() { - return target; - } - - /** - * Sets the target of the OA - * @param target - */ - public void setTarget(String target) { - this.target = target; - } - - /** - * Gets the target friendly name of the OA - * @return target Friendly Name of the OA - */ - public String getTargetFriendlyName() { - return targetFriendlyName; - } - - /** - * Sets the target friendly name of the OA - * @param targetFriendlyName - */ - public void setTargetFriendlyName(String targetFriendlyName) { - this.targetFriendlyName = targetFriendlyName; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java deleted file mode 100644 index 4666122d2..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java +++ /dev/null @@ -1,112 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/** - * - */ -package at.gv.egovernment.moa.id.config.legacy; - -import java.util.HashMap; -import java.util.Map; - -import at.gv.egovernment.moa.util.StringUtils; - -/** - * Encapsulates several STORK configuration parameters according MOA configuration - * - * @author bzwattendorfer - * - */ -public class STORKConfig { - - /** STORK SAML signature creation parameters */ - private SignatureCreationParameter signatureCreationParameter; - - /** STORK SAML signature verification parameters */ - private SignatureVerificationParameter signatureVerificationParameter; - - /** Map of supported C-PEPSs */ - private Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>(); - - - /** - * Constructs a STORK Config object - * @param signatureCreationParameter STORK SAML Signature creation parameters - * @param signatureVerificationParameter STORK SAML Signature verification parameters - * @param cpepsMap Map of supported C-PEPS - */ - public STORKConfig(SignatureCreationParameter signatureCreationParameter, - SignatureVerificationParameter signatureVerificationParameter, - Map<String, CPEPS> cpepsMap) { - super(); - this.signatureCreationParameter = signatureCreationParameter; - this.signatureVerificationParameter = signatureVerificationParameter; - this.cpepsMap = cpepsMap; - } - - public SignatureCreationParameter getSignatureCreationParameter() { - return signatureCreationParameter; - } - - public void setSignatureCreationParameter( - SignatureCreationParameter signatureCreationParameter) { - this.signatureCreationParameter = signatureCreationParameter; - } - - public SignatureVerificationParameter getSignatureVerificationParameter() { - return signatureVerificationParameter; - } - - public void setSignatureVerificationParameter( - SignatureVerificationParameter signatureVerificationParameter) { - this.signatureVerificationParameter = signatureVerificationParameter; - } - - public Map<String, CPEPS> getCpepsMap() { - return cpepsMap; - } - - public void setCpepsMap(Map<String, CPEPS> cpepsMap) { - this.cpepsMap = cpepsMap; - } - - public boolean isSTORKAuthentication(String ccc) { - - if (StringUtils.isEmpty(ccc) || this.cpepsMap.isEmpty()) - return false; - - if (this.cpepsMap.containsKey(ccc.toUpperCase())) - return true; - else - return false; - - } - - public CPEPS getCPEPS(String ccc) { - if (isSTORKAuthentication(ccc)) - return this.cpepsMap.get(ccc); - else - return null; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java deleted file mode 100644 index 69d4889af..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java +++ /dev/null @@ -1,134 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.gv.egovernment.moa.id.config.legacy; - -/** - * Encapsulates signature creation parameters according MOA configuration - * - * @author bzwattendorfer - * - */ -public class SignatureCreationParameter { - - /** KeyStore Path */ - private String keyStorePath; - - /** KeyStore Password */ - private String keyStorePassword; - - /** Signing Key Name */ - private String keyName; - - /** Signing Key Password */ - private String keyPassword; - - /** - * Gets the KeyStore Path - * @return File Path to KeyStore - */ - public String getKeyStorePath() { - return keyStorePath; - } - - /** - * Sets the KeyStore Path - * @param keyStorePath Path to KeyStore - */ - public void setKeyStorePath(String keyStorePath) { - this.keyStorePath = keyStorePath; - } - - /** - * Gets the KeyStore Password - * @return Password to KeyStore - */ - public String getKeyStorePassword() { - return keyStorePassword; - } - - /** - * Sets the KeyStore Password - * @param keyStorePassword Password to KeyStore - */ - public void setKeyStorePassword(String keyStorePassword) { - this.keyStorePassword = keyStorePassword; - } - - /** - * Gets the Signing Key Name - * @return Siging Key Name - */ - public String getKeyName() { - return keyName; - } - - /** - * Sets the Signing Key Name - * @param keyName Signing Key Name - */ - public void setKeyName(String keyName) { - this.keyName = keyName; - } - - /** - * Gets the Signing Key Password - * @return Signing Key Password - */ - public String getKeyPassword() { - return keyPassword; - } - - /** - * Sets the Signing Key Password - * @param keyPassword Signing Key Password - */ - public void setKeyPassword(String keyPassword) { - this.keyPassword = keyPassword; - } - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java deleted file mode 100644 index 9358d763f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java +++ /dev/null @@ -1,57 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -/** - * - */ -package at.gv.egovernment.moa.id.config.legacy; - -/** - * Encapsulates Signature Verification data for STORK according MOA configuration - * - * @author bzwattendorfer - * - */ -public class SignatureVerificationParameter { - - /** ID of the MOA-SP TrustProfile to be used for STORK SAML signature verification */ - private String trustProfileID; - - /** - * Gets the MOA-SP TrustProfileID - * @return TrustProfileID of MOA-SP for STORK signature verification - */ - public String getTrustProfileID() { - return trustProfileID; - } - - /** - * Sets the MOA-SP TrustProfileID - * @param trustProfileID TrustProfileID of MOA-SP for STORK signature verification - */ - public void setTrustProfileID(String trustProfileID) { - this.trustProfileID = trustProfileID; - } - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java deleted file mode 100644 index 6f00a7b9c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java +++ /dev/null @@ -1,433 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -import java.io.IOException; -import java.util.Iterator; -import java.util.List; - -import javax.xml.transform.TransformerException; - -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -import at.gv.egovernment.moa.id.auth.data.Schema; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.StringUtils; - -/** - * This class is a container for parameters that maybe needed for verifying an infobox. - * - * @author Harald Bratko - */ -public class VerifyInfoboxParameter { - - /** - * The default package name (first part) of a infobox validator class. - */ - public static final String DEFAULT_PACKAGE_TRUNK = "at.gv.egovernment.moa.id.auth.validator."; - - /** - * The identifier of the infobox to be verified. This identifier must exactly the - * identifier of the infobox returned by BKU. - */ - protected String identifier_; - - /** - * The friendly name of the infobox. - * This name is used within browser messages, thus it should be the german equivalent of - * the {@link #identifier_ infobox identifier} (e.g. "<code>Stellvertretungen</code>" - * for "<code>Mandates</code>" or "<code>GDAToken</code>" for - * "<code>EHSPToken</code>". - * <br>If not specified within the config file the {@link #identifier_ infobox identifier} - * will be used. - */ - protected String friendlyName_; - - /** - * The Id of the TrustProfile to be used for validating certificates. - */ - protected String trustProfileID_; - - /** - * The full name of the class to be used for verifying the infobox. - */ - protected String validatorClassName_; - - /** - * Schema location URIs that may be needed by the - * validator to parse infobox tokens. - * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} - * specifying the location of an XML schema. - */ - protected List schemaLocations_; - - /** - * Application specific parameters that may be needed for verifying an infobox. - */ - protected Element applicationSpecificParams_; - - /** - * Specifies if the infobox is be required to be returned by the BKU. - */ - protected boolean required_; - - /** - * Specifies whether the <code>Stammzahl</code> should be passed to the verifying - * application or not. - */ - protected boolean provideStammzahl_; - - /** - * Specifies whether the <code>identity link</code> should be passed to the verifying - * application or not. - */ - protected boolean provideIdentityLink_; - - /** - * Initializes this VerifiyInfoboxParamater with the given identifier and a default - * validator class name. - * - * @param identifier The identifier of the infobox to be verified. - */ - public VerifyInfoboxParameter(String identifier) { - identifier_ = identifier; - StringBuffer sb = new StringBuffer(DEFAULT_PACKAGE_TRUNK); - sb.append(identifier.toLowerCase()); - sb.append("."); - sb.append(identifier.substring(0, 1).toUpperCase()); - sb.append(identifier.substring(1)); - sb.append("Validator"); - validatorClassName_ = sb.toString(); - } - - /** - * Returns application specific parameters. - * Each child element of this element contains a verifying application specific parameter. {@link #applicationSpecificParams_} - * - * @see #applicationSpecificParams_ - * - * @return Application specific parameters. - */ - public Element getApplicationSpecificParams() { - return applicationSpecificParams_; - } - - /** - * Sets the application specific parameters. - * - * @see #applicationSpecificParams_ - * - * @param applicationSpecificParams The application specific parameters to set. - */ - public void setApplicationSpecificParams(Element applicationSpecificParams) { - applicationSpecificParams_ = applicationSpecificParams; - } - - /** - * Appends special application specific parameters for party representation. - * - * @param applicationSpecificParams The application specific parameters for party representation to set. - */ - public void appendParepSpecificParams(Element applicationSpecificParams) { - try { - if (applicationSpecificParams_==null) { - applicationSpecificParams_ = applicationSpecificParams.getOwnerDocument().createElement("ApplicationSpecificParameters"); - } - Element nameSpaceNode = applicationSpecificParams.getOwnerDocument().createElement("NameSpaceNode"); - nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); - NodeList nodeList = XPathAPI.selectNodeList(applicationSpecificParams, "*", nameSpaceNode); - if (null!=nodeList) { - for (int i=0; i<nodeList.getLength(); i++) { - applicationSpecificParams_.appendChild((Node) nodeList.item(i)); - } - } - } catch (TransformerException e) { - //Do nothing - } - } - - /** - * Returns the friendly name. - * - * @see #friendlyName_ - * - * @return The friendly name. - */ - public String getFriendlyName() { - return friendlyName_; - } - - /** - * Sets the friendly name. - * - * @param friendlyName The friendly name to set. - */ - public void setFriendlyName(String friendlyName) { - friendlyName_ = friendlyName; - } - - /** - * Returns the infobox identifier. - * - * @see #identifier_ - * - * @return The infobox identifier. - */ - public String getIdentifier() { - return identifier_; - } - - /** - * Sets the the infobox identifier. - * - * @see #identifier_ - * - * @param identifier The infobox identifier to set. - */ - public void setIdentifier(String identifier) { - identifier_ = identifier; - } - - /** - * Specifies whether the identity link should be passed to the verifying application - * or not. - * - * @return <code>True</code> if the identity link should be passed to the verifying - * application, otherwise <code>false</code>. - */ - public boolean getProvideIdentityLink() { - return provideIdentityLink_; - } - - /** - * Sets the {@link #provideIdentityLink_} parameter. - * - * @param provideIdentityLink <code>True</code> if the identity link should be passed to - * the verifying application, otherwise <code>false</code>. - */ - public void setProvideIdentityLink(boolean provideIdentityLink) { - provideIdentityLink_ = provideIdentityLink; - } - - /** - * Specifies whether the <code>Stammzahl</code> should be passed to the verifying - * application or not. - * - * @return <code>True</code> if the <code>Stammzahl</code> should be passed to the - * verifying application, otherwise <code>false</code>. - */ - public boolean getProvideStammzahl() { - return provideStammzahl_; - } - - /** - * Sets the {@link #provideStammzahl_} parameter. - * - * @param provideStammzahl <code>True</code> if the <code>Stammzahl</code> should be - * passed to the verifying application, otherwise <code>false</code>. - */ - public void setProvideStammzahl(boolean provideStammzahl) { - provideStammzahl_ = provideStammzahl; - } - - /** - * Specifies whether the infobox is required or not. - * - * @return <code>True</code> if the infobox is required to be returned by the BKU, - * otherwise <code>false</code>. - */ - public boolean isRequired() { - return required_; - } - - /** - * Sets the {@link #required_} parameter. - * - * @param required <code>True</code> if the infobox is required to be returned by the - * BKU, otherwise <code>false</code>. - */ - public void setRequired(boolean required) { - required_ = required; - } - - /** - * Schema location URIs that may be needed by the - * validator to parse infobox tokens. - * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} - * specifying the location of an XML schema. - * - * @return A list of {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} objects - * each of them specifying the location of an XML schema. - */ - public List getSchemaLocations() { - return schemaLocations_; - } - - /** - * Sets the schema locations. - * - * @see #schemaLocations_ - * - * @param schemaLocations The schema location list to be set. - */ - public void setSchemaLocations(List schemaLocations) { - schemaLocations_ = schemaLocations; - } - - /** - * Returns the ID of the trust profile to be used for verifying certificates. - * - * @return The ID of the trust profile to be used for verifying certificates. - * Maybe <code>null</code>. - */ - public String getTrustProfileID() { - return trustProfileID_; - } - - /** - * Sets the ID of the trust profile to be used for verifying certificates. - * - * @param trustProfileID The ID of the trust profile to be used for verifying certificates. - */ - public void setTrustProfileID(String trustProfileID) { - trustProfileID_ = trustProfileID; - } - - /** - * Returns the name of the class to be used for verifying this infobox. - * - * @return The name of the class to be used for verifying this infobox. - */ - public String getValidatorClassName() { - return validatorClassName_; - } - - /** - * Sets the name of the class to be used for verifying this infobox. - * - * @param validatorClassName The name of the class to be used for verifying this infobox. - */ - public void setValidatorClassName(String validatorClassName) { - validatorClassName_ = validatorClassName; - } - - /** - * Get a string representation of this object. - * This method is for debugging purposes only. - * - * @return A string representation of this object. - */ - public String toString() { - - StringBuffer buffer = new StringBuffer(1024); - - buffer.append(" <Infobox Identifier=\""); - buffer.append(identifier_); - buffer.append("\" required=\""); - buffer.append(required_); - buffer.append("\" provideStammzahl=\""); - buffer.append(provideStammzahl_); - buffer.append("\" provideIdentityLink=\""); - buffer.append(provideIdentityLink_); - buffer.append("\">"); - buffer.append("\n"); - if (friendlyName_ != null) { - buffer.append(" <FriendlyName>"); - buffer.append(friendlyName_); - buffer.append("</FriendlyName>"); - buffer.append("\n"); - } - if (trustProfileID_ != null) { - buffer.append(" <TrustProfileID>"); - buffer.append(trustProfileID_); - buffer.append("</TrustProfileID>"); - buffer.append("\n"); - } - if (validatorClassName_ != null) { - buffer.append(" <ValidatorClass>"); - buffer.append(validatorClassName_); - buffer.append("</ValidatorClass>"); - buffer.append("\n"); - } - if (schemaLocations_ != null) { - buffer.append(" <SchemaLocations>"); - buffer.append("\n"); - Iterator it = schemaLocations_.iterator(); - while (it.hasNext()) { - buffer.append(" <Schema namespace=\""); - Schema schema = (Schema)it.next(); - buffer.append(schema.getNamespace()); - buffer.append("\" schemaLocation=\""); - buffer.append(schema.getSchemaLocation()); - buffer.append("\"/>\n"); - } - buffer.append(" </SchemaLocations>"); - buffer.append("\n"); - } - if (applicationSpecificParams_ != null) { - try { - String applicationSpecificParams = DOMUtils.serializeNode(applicationSpecificParams_); - buffer.append(" "); - buffer.append(StringUtils.removeXMLDeclaration(applicationSpecificParams)); - buffer.append("\n"); - } catch (TransformerException e) { - // do nothing - } catch (IOException e) { - // do nothing - } - } - buffer.append(" </Infobox>"); - - - return buffer.toString() ; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java deleted file mode 100644 index b7a6b42be..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java +++ /dev/null @@ -1,181 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.legacy; - -import java.util.Hashtable; -import java.util.Iterator; -import java.util.List; -import java.util.Map; - -/** - * This class contains the parameters for verifying all the infoboxes configured for an - * online application. - * - * @author Harald Bratko - */ -public class VerifyInfoboxParameters { - - /** - * A map of {@link VerifyInfoboxParameter} objects. - * Each of these objects contains parameters that maybe needed for validating an - * infobox. - */ - protected Map infoboxParameters_; - - /** - * A list of the identifiers of the infoboxes supported by this - * VerifyInfoboxParameters; - */ - protected List identifiers_; - - /** - * Holds the (comma separated) identifiers of those infoboxes MOA-IF is able to validate - * in the context of the actual online application. - * The string will be added as value of the <code>PushInfobox</code> parameter in the - * HTML form used for reading the infoboxes from the BKU. - */ - protected String pushInfobox_; - - /** - * Initializes this VerifyInfoboxParameters with an empty {@link #infoboxParameters_} - * map. - */ - public VerifyInfoboxParameters() { - infoboxParameters_ = new Hashtable(); - pushInfobox_ = ""; - } - - /** - * Initializes this VerifyInfoboxParameters with the given - * <code>infoboxParameters</code> map and builds the {@link #pushInfobox_} string - * from the keys of the given map. - */ - public VerifyInfoboxParameters(List identifiers, Map infoboxParameters) { - identifiers_ = identifiers; - infoboxParameters_ = infoboxParameters; - // build the pushInfobox string - if ((identifiers != null) && (!identifiers.isEmpty())) { - StringBuffer identifiersSB = new StringBuffer(); - int identifiersNum = identifiers.size(); - int i = 1; - Iterator it = identifiers.iterator(); - while (it.hasNext()) { - identifiersSB.append((String)it.next()); - if (i != identifiersNum) { - identifiersSB.append(","); - } - i++; - } - pushInfobox_ = identifiersSB.toString(); - } else { - pushInfobox_ = ""; - } - } - - /** - * Returns the (comma separated) identifiers of the infoboxes configured for the actual - * online application. - * - * @see #pushInfobox_ - * - * @return The (comma separated) identifiers of the infoboxes configured for the actual - * online application. - */ - public String getPushInfobox() { - return pushInfobox_; - } - - /** - * Sets the {@link #pushInfobox_} string. - * - * @param pushInfobox The pushInfobox string to be set. - */ - public void setPushInfobox(String pushInfobox) { - pushInfobox_ = pushInfobox; - } - - /** - * Returns map of {@link VerifyInfoboxParameter} objects. - * Each of these objects contains parameters that maybe needed for validating an - * infobox. - * - * @return The map of {@link VerifyInfoboxParameter} objects. - */ - public Map getInfoboxParameters() { - return infoboxParameters_; - } - - /** - * Sets the map of {@link VerifyInfoboxParameter} objects. - * - * @see #infoboxParameters_ - * - * @param infoboxParameters The infoboxParameters to set. - */ - public void setInfoboxParameters(Map infoboxParameters) { - infoboxParameters_ = infoboxParameters; - } - - /** - * Returns the identifiers of the supported infoboxes. - * - * @return The identifiers. - */ - public List getIdentifiers() { - return identifiers_; - } - - /** - * Sets the identifiers. - * - * @param identifiers The identifiers to set. - */ - public void setIdentifiers(List identifiers) { - identifiers_ = identifiers; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/CPEPS.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/CPEPS.java deleted file mode 100644 index 3f4be5093..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/CPEPS.java +++ /dev/null @@ -1,138 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/**
- *
- */
-package at.gv.egovernment.moa.id.config.stork;
-
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-
-/**
- * Encpasulates C-PEPS information according MOA configuration
- *
- * @author bzwattendorfer
- *
- */
-public class CPEPS {
-
- /** Country Code of C-PEPS */
- private String countryCode;
-
- /** URL of C-PEPS */
- private URL pepsURL;
-
- private Boolean isXMLSignatureSupported;
-
- /** Specific attributes to be requested for this C-PEPS */
- private List<RequestedAttribute> countrySpecificRequestedAttributes = new ArrayList<RequestedAttribute>();
-
- /**
- * Constructs a C-PEPS
- * @param countryCode ISO Country Code of C-PEPS
- * @param pepsURL URL of C-PEPS
- */
- public CPEPS(String countryCode, URL pepsURL, Boolean isXMLSignatureSupported) {
- super();
- this.countryCode = countryCode;
- this.pepsURL = pepsURL;
- this.isXMLSignatureSupported = isXMLSignatureSupported;
- }
-
- /**
- * Gets the country code of this C-PEPS
- * @return ISO country code
- */
- public String getCountryCode() {
- return countryCode;
- }
-
- /**
- * Sets the country code of this C-PEPS
- * @param countryCode ISO country code
- */
- public void setCountryCode(String countryCode) {
- this.countryCode = countryCode;
- }
-
- /**
- * Gets the URL of this C-PEPS
- * @return C-PEPS URL
- */
- public URL getPepsURL() {
- return pepsURL;
- }
-
- /**
- * Sets the C-PEPS URL
- * @param pepsURL C-PEPS URL
- */
- public void setPepsURL(URL pepsURL) {
- this.pepsURL = pepsURL;
- }
-
- /**
- * Returns weather the C-PEPS supports XMl Signatures or not (important for ERnB)
- */
- public Boolean isXMLSignatureSupported() {
- return isXMLSignatureSupported;
- }
-
- /**
- * Sets weather the C-PEPS supports XMl Signatures or not (important for ERnB)
- * @param isXMLSignatureSupported C-PEPS XML Signature support
- */
- public void setXMLSignatureSupported(boolean isXMLSignatureSupported) {
- this.isXMLSignatureSupported = isXMLSignatureSupported;
- }
-
- /**
- * Gets the country specific attributes of this C-PEPS
- * @return List of country specific attributes
- */
- public List<RequestedAttribute> getCountrySpecificRequestedAttributes() {
- return countrySpecificRequestedAttributes;
- }
-
- /**
- * Sets the country specific attributes
- * @param countrySpecificRequestedAttributes List of country specific requested attributes
- */
- public void setCountrySpecificRequestedAttributes(
- List<RequestedAttribute> countrySpecificRequestedAttributes) {
- this.countrySpecificRequestedAttributes = countrySpecificRequestedAttributes;
- }
-
- /**
- * Adds a Requested attribute to the country specific attribute List
- * @param countrySpecificRequestedAttribute Additional country specific requested attribute to add
- */
- public void addCountrySpecificRequestedAttribute(RequestedAttribute countrySpecificRequestedAttribute) {
- this.countrySpecificRequestedAttributes.add(countrySpecificRequestedAttribute);
- }
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java index 9532aa9ab..8f6dff849 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java @@ -34,8 +34,13 @@ import java.util.Map; import java.util.Properties;
import java.util.Set;
+import at.gv.egovernment.moa.id.commons.api.IStorkConfig;
+import at.gv.egovernment.moa.id.commons.api.data.CPEPS;
+import at.gv.egovernment.moa.id.commons.api.data.SignatureCreationParameter;
+import at.gv.egovernment.moa.id.commons.api.data.SignatureVerificationParameter;
+import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -47,7 +52,7 @@ import at.gv.egovernment.moa.util.StringUtils; * @author bzwattendorfer
*
*/
-public class STORKConfig {
+public class STORKConfig implements IStorkConfig {
/** STORK SAML signature creation parameters */
private Properties props = null;
@@ -118,20 +123,36 @@ public class STORKConfig { }
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.stork.IStorkConfig#getSignatureCreationParameter()
+ */
+ @Override
public SignatureCreationParameter getSignatureCreationParameter() {
return new SignatureCreationParameter(props, basedirectory);
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.stork.IStorkConfig#getSignatureVerificationParameter()
+ */
+ @Override
public SignatureVerificationParameter getSignatureVerificationParameter() {
return sigverifyparam;
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.stork.IStorkConfig#getCpepsMap()
+ */
+ @Override
public Map<String, CPEPS> getCpepsMap() {
return cpepsMap;
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.stork.IStorkConfig#isSTORKAuthentication(java.lang.String)
+ */
+ @Override
public boolean isSTORKAuthentication(String ccc) {
if (StringUtils.isEmpty(ccc) || this.cpepsMap.isEmpty())
@@ -144,6 +165,10 @@ public class STORKConfig { }
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.stork.IStorkConfig#getCPEPS(java.lang.String)
+ */
+ @Override
public CPEPS getCPEPS(String ccc) {
if (isSTORKAuthentication(ccc))
return this.cpepsMap.get(ccc);
@@ -151,6 +176,10 @@ public class STORKConfig { return null;
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.config.stork.IStorkConfig#getStorkAttributes()
+ */
+ @Override
public List<StorkAttribute> getStorkAttributes() {
return attr;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/SignatureCreationParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/SignatureCreationParameter.java deleted file mode 100644 index f188daf0d..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/SignatureCreationParameter.java +++ /dev/null @@ -1,103 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package at.gv.egovernment.moa.id.config.stork;
-
-import java.util.Properties;
-
-/**
- * Encapsulates signature creation parameters according MOA configuration
- *
- * @author bzwattendorfer
- *
- */
-public class SignatureCreationParameter {
-
- private static final String PROPS_PREFIX = "stork.samlsigningparameter.signaturecreation.";
- private static final String PROPS_KEYSTORE_FILE = "keystore.file";
- private static final String PROPS_KEYSTORE_PASS = "keystore.password";
- private static final String PROPS_KEYNAME_NAME = "keyname.name";
- private static final String PROPS_KEYNAME_PASS = "keyname.password";
-
- private Properties props;
- private String basedirectory;
-
- SignatureCreationParameter(Properties props, String basedirectory) {
- this.props = props;
- this.basedirectory = basedirectory;
- }
-
- /**
- * Gets the KeyStore Path
- * @return File Path to KeyStore
- */
- public String getKeyStorePath() {
- return basedirectory + props.getProperty(PROPS_PREFIX+PROPS_KEYSTORE_FILE);
- }
-
- /**
- * Gets the KeyStore Password
- * @return Password to KeyStore
- */
- public String getKeyStorePassword() {
- return props.getProperty(PROPS_PREFIX+PROPS_KEYSTORE_PASS);
- }
-
- /**
- * Gets the Signing Key Name
- * @return Siging Key Name
- */
- public String getKeyName() {
- return props.getProperty(PROPS_PREFIX+PROPS_KEYNAME_NAME);
- }
-
- /**
- * Gets the Signing Key Password
- * @return Signing Key Password
- */
- public String getKeyPassword() {
- return props.getProperty(PROPS_PREFIX+PROPS_KEYNAME_PASS);
- }
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/SignatureVerificationParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/SignatureVerificationParameter.java deleted file mode 100644 index 9b3e24c46..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/SignatureVerificationParameter.java +++ /dev/null @@ -1,53 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/**
- *
- */
-package at.gv.egovernment.moa.id.config.stork;
-
-/**
- * Encapsulates Signature Verification data for STORK according MOA configuration
- *
- * @author bzwattendorfer
- *
- */
-public class SignatureVerificationParameter {
-
- /** ID of the MOA-SP TrustProfile to be used for STORK SAML signature verification */
- private String trustProfileID;
-
- public SignatureVerificationParameter(String trustProfileID2) {
- this.trustProfileID = trustProfileID2;
- }
-
- /**
- * Gets the MOA-SP TrustProfileID
- * @return TrustProfileID of MOA-SP for STORK signature verification
- */
- public String getTrustProfileID() {
- return trustProfileID;
- }
-
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttribute.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttribute.java deleted file mode 100644 index 87ec7fb0c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttribute.java +++ /dev/null @@ -1,27 +0,0 @@ -package at.gv.egovernment.moa.id.config.stork; - -public class StorkAttribute { - - protected Boolean mandatory; - protected String name; - - public StorkAttribute(String name, boolean mandatory) { - this.name = name; - this.mandatory = mandatory; - } - - public Boolean getMandatory() { - return mandatory; - } - public void setMandatory(Boolean mandatory) { - this.mandatory = mandatory; - } - public String getName() { - return name; - } - public void setName(String name) { - this.name = name; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttributeProviderPlugin.java deleted file mode 100644 index 619af2358..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttributeProviderPlugin.java +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.config.stork; - -/** - * @author tlenz - * - */ -public class StorkAttributeProviderPlugin { - private String name = null; - private String url = null; - private String attributes = null; - - /** - * - */ - public StorkAttributeProviderPlugin(String name, String url, String attributes) { - this.name = name; - this.url = url; - this.attributes = attributes; - } - - /** - * @return the name - */ - public String getName() { - return name; - } - /** - * @param name the name to set - */ - public void setName(String name) { - this.name = name; - } - /** - * @return the url - */ - public String getUrl() { - return url; - } - /** - * @param url the url to set - */ - public void setUrl(String url) { - this.url = url; - } - /** - * @return the attributes - */ - public String getAttributes() { - return attributes; - } - /** - * @param attributes the attributes to set - */ - public void setAttributes(String attributes) { - this.attributes = attributes; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java index e2892e70a..d306ec005 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java @@ -29,13 +29,16 @@ import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Date; import java.util.List; +import java.util.Map; +import org.apache.commons.collections4.map.HashedMap; import org.w3c.dom.Element; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; - import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; +import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.DateTimeUtils; @@ -122,9 +125,8 @@ public class AuthenticationData implements IAuthData, Serializable { * STORK attributes from response */ private String ccc = null; - private IPersonalAttributeList storkAttributes = null; - private String storkAuthnResponse; - private STORKAuthnRequest storkRequest = null; + + private Map<String, Object> genericDataStorate = new HashedMap<String, Object>(); private byte[] signerCertificate = null; @@ -145,8 +147,8 @@ public class AuthenticationData implements IAuthData, Serializable { private boolean ssoSession = false; private Date ssoSessionValidTo = null; - private boolean interfederatedSSOSession = false; - private String interfederatedIDP = null; +// private boolean interfederatedSSOSession = false; +// private String interfederatedIDP = null; private String sessionIndex = null; private String nameID = null; @@ -253,16 +255,18 @@ public class AuthenticationData implements IAuthData, Serializable { } /** - * Returns the identificationValue. - * @return String + * Holds the baseID of a citizen + * + * @return baseID */ public String getIdentificationValue() { return identificationValue; } /** - * Returns the identificationType - * @return String + * Holds the type of the baseID + * + * @return baseID-Type */ public String getIdentificationType() { return identificationType; @@ -397,23 +401,6 @@ public class AuthenticationData implements IAuthData, Serializable { this.identityLink = identityLink; } - - /** - * @return the storkAttributes - */ - public IPersonalAttributeList getStorkAttributes() { - return storkAttributes; - } - - - /** - * @param storkAttributes the storkAttributes to set - */ - public void setStorkAttributes(IPersonalAttributeList storkAttributes) { - this.storkAttributes = storkAttributes; - } - - /** * @return the signerCertificate */ @@ -454,6 +441,10 @@ public class AuthenticationData implements IAuthData, Serializable { } public Element getMandate() { + if (mandate == null) + return null; + + //parse Element from mandate XML try { byte[] byteMandate = mandate.getMandate(); String stringMandate = new String(byteMandate); @@ -495,9 +486,47 @@ public class AuthenticationData implements IAuthData, Serializable { * @return */ public String getQAALevel() { - return this.QAALevel; + if (this.QAALevel != null && + this.QAALevel.startsWith(PVPConstants.EIDAS_QAA_PREFIX)) { + String mappedQAA = PVPtoSTORKMapper.getInstance().mapeIDASQAAToSTORKQAA(this.QAALevel); + if (MiscUtil.isNotEmpty(mappedQAA)) + return mappedQAA; + + else { + Logger.error("eIDAS QAA-level:" + this.QAALevel + + " can not be mapped to STORK QAA-level! Use " + + PVPConstants.STORK_QAA_1_1 + " as default value."); + return PVPConstants.STORK_QAA_1_1; + + } + + + } else + return this.QAALevel; } + + public String getEIDASQAALevel() { + if (this.QAALevel != null && + this.QAALevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) { + String mappedQAA = PVPtoSTORKMapper.getInstance().mapSTORKQAAToeIDASQAA(this.QAALevel); + if (MiscUtil.isNotEmpty(mappedQAA)) + return mappedQAA; + + else { + Logger.error("STORK QAA-level:" + this.QAALevel + + " can not be mapped to eIDAS QAA-level! Use " + + PVPConstants.EIDAS_QAA_LOW + " as default value."); + return PVPConstants.EIDAS_QAA_LOW; + + } + + + } else + return this.QAALevel; + + } + /** * @return @@ -516,13 +545,16 @@ public class AuthenticationData implements IAuthData, Serializable { /** + * Store QAA level in eIDAS format to authentication Data + * * @param qAALevel the qAALevel to set + * @throws AssertionAttributeExtractorExeption */ public void setQAALevel(String qAALevel) { - QAALevel = qAALevel; + QAALevel = qAALevel; + } - /** * @return the ssoSession */ @@ -539,35 +571,6 @@ public class AuthenticationData implements IAuthData, Serializable { } /** - * @param storkRequest the storkRequest to set - */ - public void setStorkRequest(STORKAuthnRequest storkRequest) { - this.storkRequest = storkRequest; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.data.IAuthData#getStorkAuthnRequest() - */ - @Override - public STORKAuthnRequest getStorkAuthnRequest() { - return this.storkRequest; - } - - /** - * @return the storkAuthnResponse - */ - public String getStorkAuthnResponse() { - return storkAuthnResponse; - } - - /** - * @param storkAuthnResponse the storkAuthnResponse to set - */ - public void setStorkAuthnResponse(String storkAuthnResponse) { - this.storkAuthnResponse = storkAuthnResponse; - } - - /** * @return the mandateReferenceValue */ public String getMandateReferenceValue() { @@ -582,7 +585,9 @@ public class AuthenticationData implements IAuthData, Serializable { } /** - * @return the ccc + * CountryCode of the citizen which is identified and authenticated + * + * @return the CountryCode <pre>like. AT, SI, ...</pre> */ public String getCcc() { return ccc; @@ -638,33 +643,33 @@ public class AuthenticationData implements IAuthData, Serializable { this.nameIDFormat = nameIDFormat; } - /** - * @return the interfederatedSSOSession - */ - public boolean isInterfederatedSSOSession() { - return interfederatedSSOSession; - } - - /** - * @param interfederatedSSOSession the interfederatedSSOSession to set - */ - public void setInterfederatedSSOSession(boolean interfederatedSSOSession) { - this.interfederatedSSOSession = interfederatedSSOSession; - } - - /** - * @return the interfederatedIDP - */ - public String getInterfederatedIDP() { - return interfederatedIDP; - } - - /** - * @param interfederatedIDP the interfederatedIDP to set - */ - public void setInterfederatedIDP(String interfederatedIDP) { - this.interfederatedIDP = interfederatedIDP; - } +// /** +// * @return the interfederatedSSOSession +// */ +// public boolean isInterfederatedSSOSession() { +// return interfederatedSSOSession; +// } +// +// /** +// * @param interfederatedSSOSession the interfederatedSSOSession to set +// */ +// public void setInterfederatedSSOSession(boolean interfederatedSSOSession) { +// this.interfederatedSSOSession = interfederatedSSOSession; +// } +// +// /** +// * @return the interfederatedIDP +// */ +// public String getInterfederatedIDP() { +// return interfederatedIDP; +// } +// +// /** +// * @param interfederatedIDP the interfederatedIDP to set +// */ +// public void setInterfederatedIDP(String interfederatedIDP) { +// this.interfederatedIDP = interfederatedIDP; +// } /** * @return the ssoSessionValidTo @@ -743,5 +748,68 @@ public class AuthenticationData implements IAuthData, Serializable { public void setIsBusinessService(boolean flag) { this.businessService = flag; - } + } + + /** + * Returns a generic data-object with is stored with a specific identifier + * + * @param key The specific identifier of the data object + * @param clazz The class type which is stored with this key + * @return The data object or null if no data is found with this key + */ + public <T> T getGenericData(String key, final Class<T> clazz) { + if (MiscUtil.isNotEmpty(key)) { + Object data = genericDataStorate.get(key); + + if (data == null) + return null; + + try { + @SuppressWarnings("unchecked") + T test = (T) data; + return test; + + } catch (Exception e) { + Logger.warn("Generic authentication-data object can not be casted to requsted type", e); + return null; + + } + + } + + Logger.warn("Can not load generic session-data with key='null'"); + return null; + + } + + /** + * Store a generic data-object to session with a specific identifier + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface + * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage + */ + public void setGenericData(String key, Object object) throws SessionDataStorageException { + if (MiscUtil.isEmpty(key)) { + Logger.warn("Generic session-data can not be stored with a 'null' key"); + throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null); + + } + + if (object != null) { + if (!Serializable.class.isInstance(object)) { + Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface"); + throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null); + + } + } + + if (genericDataStorate.containsKey(key)) + Logger.debug("Overwrite generic data with key:" + key); + else + Logger.trace("Add generic data with key:" + key + " to session."); + + genericDataStorate.put(key, object); + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ExceptionContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ExceptionContainer.java new file mode 100644 index 000000000..1c6fdcb65 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ExceptionContainer.java @@ -0,0 +1,68 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.data; + +import java.io.Serializable; + +/** + * @author tlenz + * + */ +public class ExceptionContainer implements Serializable { + + private static final long serialVersionUID = 5355860753609684995L; + private Throwable exceptionThrown = null; + private String uniqueSessionID = null; + private String uniqueTransactionID = null; + + /** + * + */ + public ExceptionContainer(String uniqueSessionID, String uniqueTransactionID, Throwable exception) { + this.uniqueSessionID = uniqueSessionID; + this.uniqueTransactionID = uniqueTransactionID; + this.exceptionThrown = exception; + } + + /** + * @return the exceptionThrown + */ + public Throwable getExceptionThrown() { + return exceptionThrown; + } + /** + * @return the uniqueSessionID + */ + public String getUniqueSessionID() { + return uniqueSessionID; + } + /** + * @return the uniqueTransactionID + */ + public String getUniqueTransactionID() { + return uniqueTransactionID; + } + + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java index 09b0d7971..c32564679 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java @@ -27,9 +27,6 @@ import java.util.List; import org.w3c.dom.Element; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; - import at.gv.egovernment.moa.id.auth.data.IdentityLink; /** @@ -43,7 +40,7 @@ public interface IAuthData { boolean isBusinessService(); boolean isSsoSession(); - boolean isInterfederatedSSOSession(); + //boolean isInterfederatedSSOSession(); boolean isUseMandate(); String getFamilyName(); @@ -56,7 +53,7 @@ public interface IAuthData { Date getSsoSessionValidTo(); - String getInterfederatedIDP(); + //String getInterfederatedIDP(); String getIdentificationValue(); String getIdentificationType(); @@ -82,6 +79,7 @@ public interface IAuthData { String getMandateReferenceValue(); String getQAALevel(); + public String getEIDASQAALevel(); String getSessionIndex(); String getNameID(); @@ -89,8 +87,7 @@ public interface IAuthData { boolean isForeigner(); String getCcc(); - STORKAuthnRequest getStorkAuthnRequest(); - String getStorkAuthnResponse(); - IPersonalAttributeList getStorkAttributes(); + + public <T> T getGenericData(String key, final Class<T> clazz); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ISLOInformationContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ISLOInformationContainer.java new file mode 100644 index 000000000..38f6948d3 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/ISLOInformationContainer.java @@ -0,0 +1,70 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.data; + +import java.util.Iterator; +import java.util.List; +import java.util.Map.Entry; +import java.util.Set; + +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; + +/** + * @author tlenz + * + */ +public interface ISLOInformationContainer { + + boolean hasFrontChannelOA(); + + Set<Entry<String, SLOInformationImpl>> getFrontChannelOASessionDescriptions(); + + void removeFrontChannelOA(String oaID); + + Iterator<String> getNextBackChannelOA(); + + SLOInformationImpl getBackChannelOASessionDescripten(String oaID); + + void removeBackChannelOA(String oaID); + + /** + * @return the sloRequest + */ + PVPTargetConfiguration getSloRequest(); + + /** + * @param sloRequest the sloRequest to set + */ + void setSloRequest(PVPTargetConfiguration sloRequest); + + /** + * @return the sloFailedOAs + */ + List<String> getSloFailedOAs(); + + void putFailedOA(String oaID); + + public String getTransactionID(); + + public String getSessionID(); +}
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java index 12fe3c948..81157994e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MISMandate.java @@ -79,7 +79,7 @@ public class MISMandate implements Serializable{ private String oid = null; private byte[] mandate = null; private String owBPK = null; - private boolean isFullMandateIncluded = false; +// private boolean isFullMandateIncluded = false; public String getProfRep() { return oid; @@ -144,18 +144,18 @@ public class MISMandate implements Serializable{ } } - /** - * @return the isFullMandateIncluded - */ - public boolean isFullMandateIncluded() { - return isFullMandateIncluded; - } - /** - * @param isFullMandateIncluded the isFullMandateIncluded to set - */ - public void setFullMandateIncluded(boolean isFullMandateIncluded) { - this.isFullMandateIncluded = isFullMandateIncluded; - } +// /** +// * @return the isFullMandateIncluded +// */ +// public boolean isFullMandateIncluded() { +// return isFullMandateIncluded; +// } +// /** +// * @param isFullMandateIncluded the isFullMandateIncluded to set +// */ +// public void setFullMandateIncluded(boolean isFullMandateIncluded) { +// this.isFullMandateIncluded = isFullMandateIncluded; +// } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/Pair.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/Pair.java new file mode 100644 index 000000000..0b46345d3 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/Pair.java @@ -0,0 +1,45 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.data; + +public class Pair<P1, P2> { + private final P1 first; + private final P2 second; + + private Pair(final P1 newFirst, final P2 newSecond) { + this.first = newFirst; + this.second = newSecond; + } + + public P1 getFirst() { + return this.first; + } + + public P2 getSecond() { + return this.second; + } + + public static <P1, P2> Pair<P1, P2> newInstance(final P1 newFirst, final P2 newSecond) { + return new Pair<P1, P2>(newFirst, newSecond); + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java index a4bba8b19..20588ad0b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationContainer.java @@ -24,171 +24,180 @@ package at.gv.egovernment.moa.id.data; import java.io.Serializable; import java.util.ArrayList; -import java.util.Collection; import java.util.Iterator; import java.util.LinkedHashMap; import java.util.List; import java.util.Map.Entry; import java.util.Set; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.NameID; -import org.opensaml.saml2.metadata.SingleLogoutService; - -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescriptorException; /** * @author tlenz * */ -public class SLOInformationContainer implements Serializable { - +public class SLOInformationContainer implements Serializable, ISLOInformationContainer { + private static final long serialVersionUID = 7148730740582881862L; private PVPTargetConfiguration sloRequest = null; - private LinkedHashMap<String, SLOInformationImpl> activeFrontChannalOAs = null; - private LinkedHashMap<String, SLOInformationImpl> activeBackChannelOAs = null; + private LinkedHashMap<String, SLOInformationImpl> activeFrontChannalOAs; + private LinkedHashMap<String, SLOInformationImpl> activeBackChannelOAs; private List<String> sloFailedOAs = null; + private String transactionID = null; + private String sessionID = null; + /** + * + */ + public SLOInformationContainer() { + this.activeBackChannelOAs = new LinkedHashMap<String, SLOInformationImpl>(); + this.activeFrontChannalOAs = new LinkedHashMap<String, SLOInformationImpl>(); + this.sloFailedOAs = new ArrayList<String>(); + + } - public void parseActiveOAs(List<OASessionStore> dbOAs, String removeOAID) { - if (activeBackChannelOAs == null) - activeBackChannelOAs = new LinkedHashMap<String, SLOInformationImpl>(); - if (activeFrontChannalOAs == null) - activeFrontChannalOAs = new LinkedHashMap<String, SLOInformationImpl>(); - if (dbOAs != null) { - for (OASessionStore oa : dbOAs) { - if (!oa.getOaurlprefix().equals(removeOAID)) { - - //Actually only PVP 2.1 support Single LogOut - if (PVP2XProtocol.PATH.equals(oa.getProtocolType())) { - SingleLogoutService sloDesc; - try { - sloDesc = SingleLogOutBuilder.getRequestSLODescriptor(oa.getOaurlprefix()); - - if (sloDesc.getBinding().equals(SAMLConstants.SAML2_SOAP11_BINDING_URI)) - activeBackChannelOAs.put(oa.getOaurlprefix(), - new SLOInformationImpl( - oa.getAuthURL(), - oa.getAssertionSessionID(), - oa.getUserNameID(), - oa.getUserNameIDFormat(), - oa.getProtocolType(), - sloDesc)); - - else - activeFrontChannalOAs.put(oa.getOaurlprefix(), - new SLOInformationImpl( - oa.getAuthURL(), - oa.getAssertionSessionID(), - oa.getUserNameID(), - oa.getUserNameIDFormat(), - oa.getProtocolType(), - sloDesc)); - - } catch (NOSLOServiceDescriptorException e) { - putFailedOA(oa.getOaurlprefix()); - - } - - } else - putFailedOA(oa.getOaurlprefix()); - } - } - } + /** + * @return the activeFrontChannalOAs + */ + public LinkedHashMap<String, SLOInformationImpl> getActiveFrontChannalOAs() { + return activeFrontChannalOAs; } /** - * @param dbIDPs - * @param value - */ - public void parseActiveIDPs(List<InterfederationSessionStore> dbIDPs, - String removeIDP) { - if (activeBackChannelOAs == null) - activeBackChannelOAs = new LinkedHashMap<String, SLOInformationImpl>(); - if (activeFrontChannalOAs == null) - activeFrontChannalOAs = new LinkedHashMap<String, SLOInformationImpl>(); - - if (dbIDPs != null) { - for (InterfederationSessionStore el : dbIDPs) { - if (!el.getIdpurlprefix().equals(removeIDP)) { - - SingleLogoutService sloDesc; - try { - sloDesc = SingleLogOutBuilder.getRequestSLODescriptor(el.getIdpurlprefix()); - - activeFrontChannalOAs.put(el.getIdpurlprefix(), - new SLOInformationImpl( - el.getAuthURL(), - el.getSessionIndex(), - el.getUserNameID(), - NameID.TRANSIENT, - PVP2XProtocol.PATH, - sloDesc)); - - } catch (NOSLOServiceDescriptorException e) { - putFailedOA(el.getIdpurlprefix()); - - } - } - } - } + * @param activeFrontChannalOAs the activeFrontChannalOAs to set + */ + public void setActiveFrontChannalOAs(LinkedHashMap<String, SLOInformationImpl> activeFrontChannalOAs) { + this.activeFrontChannalOAs = activeFrontChannalOAs; } - + + /** + * @return the activeBackChannelOAs + */ + public LinkedHashMap<String, SLOInformationImpl> getActiveBackChannelOAs() { + return activeBackChannelOAs; + } + + /** + * @param activeBackChannelOAs the activeBackChannelOAs to set + */ + public void setActiveBackChannelOAs(LinkedHashMap<String, SLOInformationImpl> activeBackChannelOAs) { + this.activeBackChannelOAs = activeBackChannelOAs; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#hasFrontChannelOA() + */ + @Override public boolean hasFrontChannelOA() { return !activeFrontChannalOAs.isEmpty(); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#getFrontChannelOASessionDescriptions() + */ + @Override public Set<Entry<String, SLOInformationImpl>> getFrontChannelOASessionDescriptions() { return activeFrontChannalOAs.entrySet(); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#removeFrontChannelOA(java.lang.String) + */ + @Override public void removeFrontChannelOA(String oaID) { activeFrontChannalOAs.remove(oaID); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#getNextBackChannelOA() + */ + @Override public Iterator<String> getNextBackChannelOA() { return activeBackChannelOAs.keySet().iterator(); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#getBackChannelOASessionDescripten(java.lang.String) + */ + @Override public SLOInformationImpl getBackChannelOASessionDescripten(String oaID) { return activeBackChannelOAs.get(oaID); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#removeBackChannelOA(java.lang.String) + */ + @Override public void removeBackChannelOA(String oaID) { activeBackChannelOAs.remove(oaID); } - /** - * @return the sloRequest + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#getSloRequest() */ + @Override public PVPTargetConfiguration getSloRequest() { return sloRequest; } - /** - * @param sloRequest the sloRequest to set + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#setSloRequest(at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration) */ + @Override public void setSloRequest(PVPTargetConfiguration sloRequest) { this.sloRequest = sloRequest; + } - /** - * @return the sloFailedOAs + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#getSloFailedOAs() */ + @Override public List<String> getSloFailedOAs() { return sloFailedOAs; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.ISLOInformationContainer#putFailedOA(java.lang.String) + */ + @Override public void putFailedOA(String oaID) { if (sloFailedOAs == null) sloFailedOAs = new ArrayList<String>(); sloFailedOAs.add(oaID); - } + } + + + /** + * @return the transactionID + */ + public String getTransactionID() { + return transactionID; + } + + + /** + * @param transactionID the transactionID to set + */ + public void setTransactionID(String transactionID) { + this.transactionID = transactionID; + } + + public String getSessionID() { + return this.sessionID; + + } + + + /** + * @param sessionID the sessionID to set + */ + public void setSessionID(String sessionID) { + this.sessionID = sessionID; + } + + + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationImpl.java index 55a56056d..2d84bf472 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationImpl.java @@ -40,16 +40,18 @@ public class SLOInformationImpl implements SLOInformationInterface, Serializable private String binding = null; private String serviceURL = null; private String authURL = null; + private String spEntityID = null; - public SLOInformationImpl(String authURL, String sessionID, String nameID, String nameIDFormat, String protocolType) { - new SLOInformationImpl(authURL, sessionID, nameID, nameIDFormat, protocolType, null); + public SLOInformationImpl(String authURL, String spEntityID, String sessionID, String nameID, String nameIDFormat, String protocolType) { + new SLOInformationImpl(authURL, spEntityID, sessionID, nameID, nameIDFormat, protocolType, null); } - public SLOInformationImpl(String authURL, String sessionID, String nameID, String nameIDFormat, String protocolType, SingleLogoutService sloService) { + public SLOInformationImpl(String authURL, String spEntityID, String sessionID, String nameID, String nameIDFormat, String protocolType, SingleLogoutService sloService) { this.sessionIndex = sessionID; this.nameID = nameID; this.nameIDFormat = nameIDFormat; this.protocolType = protocolType; + this.spEntityID = spEntityID; if (authURL.endsWith("/")) this.authURL = authURL.substring(0, authURL.length()-1); @@ -72,6 +74,14 @@ public class SLOInformationImpl implements SLOInformationInterface, Serializable } + + /** + * @return the spEntityID + */ + public String getSpEntityID() { + return spEntityID; + } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.data.SLOInformationInterface#getSessionIndex() */ @@ -161,6 +171,14 @@ public class SLOInformationImpl implements SLOInformationInterface, Serializable public String getAuthURL() { return authURL; } + + /** + * @param spEntityID the spEntityID to set + */ + public void setSpEntityID(String spEntityID) { + this.spEntityID = spEntityID; + } + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationInterface.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationInterface.java index b2241f8ed..31fdaacfd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationInterface.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/SLOInformationInterface.java @@ -59,5 +59,12 @@ public interface SLOInformationInterface{ */ public String getUserNameIDFormat(); + /** + * Get the unique entityID of this Service-Provider + * + * @return unique identifier, but never null + */ + public String getSpEntityID(); + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/Trible.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/Trible.java new file mode 100644 index 000000000..78e8be452 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/Trible.java @@ -0,0 +1,51 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.data; + +public class Trible<P1, P2, P3> { + private final P1 first; + private final P2 second; + private final P3 third; + + private Trible(final P1 newFirst, final P2 newSecond, final P3 newThird) { + this.first = newFirst; + this.second = newSecond; + this.third = newThird; + } + + public P1 getFirst() { + return this.first; + } + + public P2 getSecond() { + return this.second; + } + + public P3 getThird() { + return this.third; + } + + public static <P1, P2, P3> Trible<P1, P2, P3> newInstance(final P1 newFirst, final P2 newSecond, final P3 newThird) { + return new Trible<P1, P2, P3>(newFirst, newSecond, newThird); + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java deleted file mode 100644 index ce44db215..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ /dev/null @@ -1,626 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.entrypoints; - -import java.io.IOException; -import java.util.Iterator; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; -import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.moduls.AuthenticationManager; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IModulInfo; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.ModulStorage; -import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException; -import at.gv.egovernment.moa.id.moduls.RequestStorage; -import at.gv.egovernment.moa.id.moduls.SSOManager; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestValidatorException; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; -import at.gv.egovernment.moa.id.util.ErrorResponseUtils; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.id.util.legacy.LegacyHelper; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class DispatcherServlet extends AuthServlet{ - - /** - * - */ - private static final long serialVersionUID = 1L; - - public static final String PARAM_TARGET_MODULE = "mod"; - public static final String PARAM_TARGET_ACTION = "action"; - public static final String PARAM_TARGET_PENDINGREQUESTID = "pendingid"; - - @Override - public void init(ServletConfig config) throws ServletException { - try { - super.init(config); - MOAIDAuthInitializer.initialize(); - Logger.info(MOAIDMessageProvider.getInstance().getMessage( - "init.00", null)); - - Logger.info("Dispatcher Servlet initialization finished."); - - } catch (Exception ex) { - Logger.fatal( - MOAIDMessageProvider.getInstance().getMessage("init.02", - null), ex); - - //throw new ServletException(ex); - - } - - } - - protected void processRequest(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { - boolean isValidSSOSession = false; - boolean useSSOOA = false; - String protocolRequestID = null; - - try { - Logger.debug("REQUEST: " + req.getRequestURI()); - Logger.debug("QUERY : " + req.getQueryString()); - - -// *** start of error handling *** - - String errorid = req.getParameter(ERROR_CODE_PARAM); - if (errorid != null) { - - Throwable throwable = DBExceptionStoreImpl.getStore() - .fetchException(errorid); - DBExceptionStoreImpl.getStore().removeException(errorid); - - Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID); - - //Map<String, IRequest> errorRequests = RequestStorage.getPendingRequest(req.getSession()); - - String pendingRequestID = null; - if (idObject != null && (idObject instanceof String)) { - pendingRequestID = (String) idObject; - } - - if (throwable != null) { - - IRequest errorRequest = null; - if (pendingRequestID != null) { - errorRequest = RequestStorage.getPendingRequest(pendingRequestID); - - } - - if (errorRequest != null) { - RequestStorage.removePendingRequest(pendingRequestID); - MOAReversionLogger.getInstance().logEvent(errorRequest, MOAIDEventConstants.TRANSACTION_ERROR); - - try { - IModulInfo handlingModule = ModulStorage - .getModuleByPath(errorRequest - .requestedModule()); - if (handlingModule != null) { - - if (handlingModule.generateErrorMessage( - throwable, req, resp, errorRequest)) { - - //log Error Message - StatisticLogger logger = StatisticLogger.getInstance(); - logger.logErrorOperation(throwable, errorRequest); - - //remove MOASession - AuthenticationSession moaSession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(pendingRequestID); - if (moaSession != null) - AuthenticationManager.getInstance().performOnlyIDPLogOut(req, resp, moaSession.getSessionID()); - - return; - - } else { - handleErrorNoRedirect(throwable.getMessage(), throwable, - req, resp); - - } - } - - } catch (Throwable e) { - Logger.error(e); - handleErrorNoRedirect(throwable.getMessage(), - throwable, req, resp); - } - - } else { - handleErrorNoRedirect(throwable.getMessage(), throwable, - req, resp); - } - - } else - handleErrorNoRedirect(MOAIDMessageProvider.getInstance().getMessage("auth.26", null), - null, req, resp); - - return; - } - -// *** end of error handling *** - - -// *** start of protocol specific stuff *** - - Object moduleObject = req.getParameter(PARAM_TARGET_MODULE); - String module = null; - if (moduleObject != null && (moduleObject instanceof String)) { - module = (String) moduleObject; - } - - if (module == null) { - module = (String) req.getAttribute(PARAM_TARGET_MODULE); - } - - Object actionObject = req.getParameter(PARAM_TARGET_ACTION); - String action = null; - if (actionObject != null && (actionObject instanceof String)) { - action = (String) actionObject; - } - - if (action == null) { - action = req.getParameter(PARAM_TARGET_ACTION); - } - - Logger.debug("dispatching to " + module + " protocol " + action); - - IModulInfo info = ModulStorage.getModuleByPath(module); - - IAction moduleAction = null; - - if (info == null) { - - Iterator<IModulInfo> modules = ModulStorage.getAllModules() - .iterator(); - while (modules.hasNext()) { - info = modules.next(); - moduleAction = info.canHandleRequest(req, resp); - if (moduleAction != null) { - action = moduleAction.getDefaultActionName(); - module = info.getPath(); - break; - } - info = null; - } - - if (moduleAction == null) { - resp.sendError(HttpServletResponse.SC_NOT_FOUND); - Logger.error("Protocol " + module - + " has no module registered"); - return; - } - } - - if (moduleAction == null) { - moduleAction = info.getAction(action); - - if (moduleAction == null) { - resp.sendError(HttpServletResponse.SC_NOT_FOUND); - Logger.error("Action " + action + " is not available!"); - return; - } - } - - //get SSO Cookie for Request - SSOManager ssomanager = SSOManager.getInstance(); - String ssoId = ssomanager.getSSOSessionID(req); - - IRequest protocolRequest = null; - String uniqueSessionIdentifier = null; - - try { - Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID); - - if (idObject != null && (idObject instanceof String)) { - - protocolRequestID = (String) idObject; - protocolRequest = RequestStorage.getPendingRequest(protocolRequestID); - - //get IRequest if it exits - if (protocolRequest != null) { - Logger.debug(DispatcherServlet.class.getName()+": Found PendingRequest with ID " + protocolRequestID); - - } else { - Logger.error("No PendingRequest with ID " + protocolRequestID + " found.!"); - handleErrorNoRedirect("Während des Anmeldevorgangs ist ein Fehler aufgetreten. Bitte versuchen Sie es noch einmal.", - null, req, resp); - return; - } - } else { - try { - - //load unique session identifier with SSO-sessionID - uniqueSessionIdentifier = ssomanager.getUniqueSessionIdentifier(ssoId); - if (MiscUtil.isEmpty(uniqueSessionIdentifier)) - uniqueSessionIdentifier = Random.nextRandom(); - TransactionIDUtils.setSessionId(uniqueSessionIdentifier); - - //set transactionID to Logger - protocolRequestID = Random.nextRandom(); - TransactionIDUtils.setTransactionId(protocolRequestID); - - //log information for security and process reversion - MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.SESSION_CREATED, uniqueSessionIdentifier); - MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_CREATED, protocolRequestID); - MOAReversionLogger.getInstance().logEvent(uniqueSessionIdentifier, protocolRequestID, MOAIDEventConstants.TRANSACTION_IP, req.getRemoteAddr()); - - protocolRequest = info.preProcess(req, resp, action, uniqueSessionIdentifier, protocolRequestID); - - //request is a valid interfederation response - if (protocolRequest != null && - protocolRequest.getInterfederationResponse() != null ) { - Logger.debug("Create new interfederated MOA-Session and add to HTTPRequest"); - - //reload SP protocol implementation - info = ModulStorage.getModuleByPath(protocolRequest.requestedModule()); - moduleAction = info.getAction(protocolRequest.requestedAction()); - - //create interfederated MOASession - String sessionID = - AuthenticationSessionStoreage.createInterfederatedSession(protocolRequest, true, ssoId); - req.getParameterMap().put(MOAIDAuthConstants.PARAM_SESSIONID, new String[]{ sessionID }); - - Logger.info("PreProcessing of SSO interfederation response complete. "); - - //request is a not valid interfederation response - } else if (protocolRequest != null && - MiscUtil.isNotEmpty(protocolRequest.getRequestID())) { - - OAAuthParameter oaParams = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); - if (!oaParams.isPerformLocalAuthenticationOnInterfederationError()) { - // -> send end error to service provider - Logger.info("Federated authentication for entity " + protocolRequest.getOAURL() - + " FAILED. Sending error message to service provider."); - MOAIDException e = new MOAIDException("auth.27", new Object[]{}); - IModulInfo requestedModul = ModulStorage.getModuleByPath(protocolRequest.requestedModule()); - if (!requestedModul.generateErrorMessage(e, req, resp, protocolRequest)) - handleErrorNoRedirect(e.getMessage(), e, req, - resp); - - return; - - } else - //-> Restart local authentication - Logger.info("Restart authentication with stored " + protocolRequest.requestedModule() - + " AuthnRequest for OnlineApplication " + protocolRequest.getOAURL()); - - //request is a new authentication request - } else if (protocolRequest != null && - MiscUtil.isEmpty(protocolRequest.getRequestID())) { - //Start new Authentication - protocolRequest.setModule(module); - - //if preProcessing has not set a specific action from decoded request - // then set the default action - if (MiscUtil.isEmpty(protocolRequest.requestedAction())) - protocolRequest.setAction(action); - else - moduleAction = info.getAction(protocolRequest.requestedAction()); - - protocolRequest.setRequestID(protocolRequestID); - protocolRequest.setSessionIdentifier(uniqueSessionIdentifier); - RequestStorage.setPendingRequest(protocolRequest); - Logger.debug(DispatcherServlet.class.getName()+": Create PendingRequest with ID " + protocolRequestID + "."); - - - } else { - Logger.error("Failed to generate a valid protocol request!"); - resp.setContentType("text/html;charset=UTF-8"); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!"); - return; - - } - - } catch (ProtocolNotActiveException e) { - resp.getWriter().write(e.getMessage()); - resp.setContentType("text/html;charset=UTF-8"); - resp.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage()); - return; - - } catch (AuthnRequestValidatorException e) { - //log Error Message - StatisticLogger logger = StatisticLogger.getInstance(); - logger.logErrorOperation(e, e.getErrorRequest()); - - //TODO: maybe add some error message handling??? - - return; - - }catch (InvalidProtocolRequestException e) { - ErrorResponseUtils utils = ErrorResponseUtils.getInstance(); - String code = utils.mapInternalErrorToExternalError(e.getMessageId()); - String descr = e.getMessage(); - Logger.error("Protocol validation FAILED!"); - resp.setContentType("text/html;charset=UTF-8"); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Protocol validation FAILED!" + - "(Errorcode=" + code + - " | Description=" + descr + ")"); - return; - } catch (ConfigurationException e) { - resp.setContentType("text/html;charset=UTF-8"); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!" + - "(Errorcode=9199" - +" | Description="+ e.getMessage() + ")"); - return; - - } catch (MOAIDException e) { - Logger.error("Failed to generate a valid protocol request!"); - resp.setContentType("text/html;charset=UTF-8"); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "NO valid protocol request received!" + - "(Errorcode=6000" - +" | Description=Das Authentifizierungsprotokoll wurde nicht erkannt oder wird nicht unterst\u00FCzt" + ")"); - return; - - } - } - -// *** end of protocol specific stuff *** - - if (protocolRequest != null) - MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), - protocolRequest, MOAIDEventConstants.AUTHPROTOCOL_TYPE, protocolRequest.requestedModule()); - -// *** start handling authentication *** - - AuthenticationManager authmanager = AuthenticationManager.getInstance(); - - String moasessionID = null; - String newSSOSessionId = null; - AuthenticationSession moasession = null; - IAuthData authData = null; - - boolean needAuthentication = moduleAction.needAuthentication(protocolRequest, req, resp); - - if (needAuthentication) { - - //check if interfederation IDP is requested - ssomanager.checkInterfederationIsRequested(req, resp, protocolRequest); - - //check SSO session - if (ssoId != null) { - String correspondingMOASession = ssomanager.existsOldSSOSession(ssoId); - - if (correspondingMOASession != null) { - Logger.warn("Request sends an old SSO Session ID("+ssoId+")! " + - "Invalidate the corresponding MOASession with ID="+ correspondingMOASession); - - MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), - protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO_INVALID); - - AuthenticationSessionStoreage.destroySession(correspondingMOASession); - ssomanager.deleteSSOSessionID(req, resp); - } - } - - //load Parameters from OnlineApplicationConfiguration - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(protocolRequest.getOAURL()); - - if (oaParam == null) { - throw new AuthenticationException("auth.00", new Object[] { protocolRequest.getOAURL() }); - } - - - isValidSSOSession = ssomanager.isValidSSOSession(ssoId, protocolRequest); - useSSOOA = oaParam.useSSO() || oaParam.isInderfederationIDP(); - - - //if a legacy request is used SSO should not be allowed, actually - boolean isUseMandateRequested = LegacyHelper.isUseMandateRequested(req); - - if (protocolRequest.isPassiv() - && protocolRequest.forceAuth()) { - // conflict! - throw new NoPassivAuthenticationException(); - } - - boolean tryperform = authmanager.tryPerformAuthentication( - req, resp); - - if (tryperform) - MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), - protocolRequest, MOAIDEventConstants.AUTHPROCESS_FINISHED); - else - MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), - protocolRequest, MOAIDEventConstants.AUTHPROCESS_SERVICEPROVIDER, protocolRequest.getOAURL()); - - if (protocolRequest.forceAuth()) { - if (!tryperform) { - authmanager.doAuthentication(req, resp, - protocolRequest); - return; - } - } else if (protocolRequest.isPassiv()) { - if (tryperform || (isValidSSOSession && useSSOOA && !isUseMandateRequested) ) { - // Passive authentication ok! - } else { - throw new NoPassivAuthenticationException(); - } - } else { - if (tryperform || (isValidSSOSession && useSSOOA && !isUseMandateRequested) ) { - // Is authenticated .. proceed - } else { - // Start authentication! - authmanager.doAuthentication(req, resp, - protocolRequest); - return; - } - } - - if ((useSSOOA || isValidSSOSession)) //TODO: SSO with mandates requires an OVS extension - { - - if (useSSOOA && isValidSSOSession) { - - MOAReversionLogger.getInstance().logEvent(protocolRequest.getOnlineApplicationConfiguration(), - protocolRequest, MOAIDEventConstants.AUTHPROCESS_SSO); - - moasessionID = ssomanager.getMOASession(ssoId); - moasession = AuthenticationSessionStoreage.getSession(moasessionID); - - //use new OAParameter - if (oaParam.useSSOQuestion() && !AuthenticationSessionStoreage.isAuthenticated(moasessionID)) { - authmanager.sendTransmitAssertionQuestion(req, resp, protocolRequest, oaParam); - return; - } - - } else { - moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); - moasession = AuthenticationSessionStoreage.getSession(moasessionID); - - } - //save SSO session usage in Database - if (useSSOOA) { - newSSOSessionId = ssomanager.createSSOSessionInformations(moasessionID, protocolRequest.getOAURL()); - - if (MiscUtil.isNotEmpty(newSSOSessionId)) { - ssomanager.setSSOSessionID(req, resp, newSSOSessionId); - - } else { - ssomanager.deleteSSOSessionID(req, resp); - - } - } - - } else { - moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); - moasession = AuthenticationSessionStoreage.getSession(moasessionID); - moasessionID = AuthenticationSessionStoreage.changeSessionID(moasession); - - } - - //build authenticationdata from session information and OA configuration - authData = AuthenticationDataBuilder.buildAuthenticationData(protocolRequest, moasession); - } - -// *** end handling authentication *** - -// *** start finalizing authentication (SSO, final redirects, statistic logging etc) *** - - SLOInformationInterface assertionID = moduleAction.processRequest(protocolRequest, req, resp, authData); - - RequestStorage.removePendingRequest(protocolRequestID); - - if (needAuthentication) { - boolean isSSOSession = MiscUtil.isNotEmpty(newSSOSessionId) && useSSOOA; - - if ((useSSOOA || isSSOSession) //TODO: SSO with mandates requires an OVS extension - && !moasession.getUseMandate()) { - - try { - //Store OA specific SSO session information - AuthenticationSessionStoreage.addSSOInformation(moasessionID, - newSSOSessionId, assertionID, protocolRequest); - - } catch (AuthenticationException e) { - Logger.warn("SSO Session information can not be stored -> SSO is not enabled!"); - - authmanager.performOnlyIDPLogOut(req, resp, moasessionID); - isSSOSession = false; - } - - } else { - authmanager.performOnlyIDPLogOut(req, resp, moasessionID); - } - - //Advanced statistic logging - StatisticLogger logger = StatisticLogger.getInstance(); - logger.logSuccessOperation(protocolRequest, authData, isSSOSession); - - } - -// *** end finalizing authentication *** - - } catch (Throwable e) { - Logger.warn("An authentication error occured: ", e);; - // Try handle module specific, if not possible rethrow - if (!info.generateErrorMessage(e, req, resp, protocolRequest)) - handleErrorNoRedirect(e.getMessage(), e, req, - resp); - - } - - //log transaction_destroy to reversionslog - MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, protocolRequestID); - - } catch (WrongParametersException ex) { - handleWrongParameters(ex, req, resp); - - } catch (MOAIDException ex) { - handleError(null, ex, req, resp, protocolRequestID); - - } catch (Throwable e) { - handleErrorNoRedirect(e.getMessage(), e, req, - resp); - } - - finally { - - - TransactionIDUtils.removeTransactionId(); - TransactionIDUtils.removeSessionId(); - } - - Logger.debug("Clossing Dispatcher processing loop"); - } - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - processRequest(req, resp); - } - - @Override - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - processRequest(req, resp); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index c38bbc68f..a1f2c6558 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -23,9 +23,6 @@ package at.gv.egovernment.moa.id.moduls; import java.io.IOException; -import java.io.PrintWriter; -import java.lang.reflect.InvocationTargetException; -import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.Collection; import java.util.Enumeration; @@ -37,190 +34,484 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.velocity.VelocityContext; -import org.joda.time.DateTime; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.AuthnContextClassRef; -import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; -import org.opensaml.saml2.core.AuthnRequest; -import org.opensaml.saml2.core.Issuer; +import org.apache.commons.lang.StringEscapeUtils; import org.opensaml.saml2.core.LogoutRequest; import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.NameID; -import org.opensaml.saml2.core.NameIDPolicy; -import org.opensaml.saml2.core.NameIDType; -import org.opensaml.saml2.core.RequestedAuthnContext; import org.opensaml.saml2.core.StatusCode; -import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.SingleLogoutService; -import org.opensaml.saml2.metadata.SingleSignOnService; -import org.opensaml.saml2.metadata.provider.MetadataProviderException; -import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.soap.common.SOAPException; import org.opensaml.xml.XMLObject; import org.opensaml.xml.security.SecurityException; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder; -import at.gv.egovernment.moa.id.auth.builder.SendAssertionFormBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; +import at.gv.egovernment.moa.id.auth.modules.SingleSignOnConsentsModuleImpl; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.process.ExecutionContextImpl; import at.gv.egovernment.moa.id.process.ProcessEngine; import at.gv.egovernment.moa.id.process.ProcessExecutionException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.MOASAMLSOAPClient; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.id.util.legacy.LegacyHelper; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; +@Service("MOAID_AuthenticationManager") public class AuthenticationManager extends MOAIDAuthConstants { - private static final AuthenticationManager INSTANCE = new AuthenticationManager(); public static final String MOA_SESSION = "MoaAuthenticationSession"; public static final String MOA_AUTHENTICATED = "MoaAuthenticated"; public static final int SLOTIMEOUT = 30 * 1000; //30 sec - @Autowired - private ProcessEngine processEngine; - - private AuthenticationManager() { + @Autowired private ProcessEngine processEngine; + @Autowired private SSOManager ssoManager; + @Autowired private IRequestStorage requestStoreage; + @Autowired private ITransactionStorage transactionStorage; + @Autowired private IAuthenticationSessionStoreage authenticatedSessionStore; + @Autowired private MOAReversionLogger revisionsLogger; + @Autowired protected AuthConfiguration authConfig; + @Autowired private SingleLogOutBuilder sloBuilder; + @Autowired private SAMLVerificationEngineSP samlVerificationEngine; + @Autowired private IGUIFormBuilder guiBuilder; + + public void performSingleLogOut(HttpServletRequest httpReq, + HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq) throws MOAIDException { + performSingleLogOut(httpReq, httpResp, session, pvpReq, null); + } - public static AuthenticationManager getInstance() { - return INSTANCE; + public void performSingleLogOut(HttpServletRequest httpReq, + HttpServletResponse httpResp, AuthenticationSession session, String authURL) throws MOAIDException { + performSingleLogOut(httpReq, httpResp, session, null, authURL); + } + public void performOnlyIDPLogOut(HttpServletRequest request, + HttpServletResponse response, String moaSessionID) { + Logger.info("Remove active user-session"); + + if(moaSessionID == null) { + moaSessionID = (String) request.getParameter(PARAM_SESSIONID); + } + + if(moaSessionID == null) { + Logger.info("NO MOA Session to logout"); + return; + } + + AuthenticationSession authSession; + try { + authSession = authenticatedSessionStore.getSession(moaSessionID); + + if(authSession == null) { + Logger.info("NO MOA Authentication data for ID " + moaSessionID); + return; + } + + authSession.setAuthenticated(false); + //HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, null); // remove moa session from HTTP Session + + //log Session_Destroy to reversionslog + AuthenticationSessionExtensions sessionExtensions = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSessionID); + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, sessionExtensions.getUniqueSessionId()); + + authenticatedSessionStore.destroySession(moaSessionID); + + //session.invalidate(); + + } catch (MOADatabaseException e) { + Logger.info("NO MOA Authentication data for ID " + moaSessionID); + return; + } + + } + + /** - * Checks if this request can authenticate a MOA Session + * Authenticates the authentication request {pendingReq}, which is actually processed + * + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse + * @param protocolRequest Authentication request which is actually in process + * + * @return Return already authenticated MOASession if exists, otherwise return null + * @throws MOADatabaseException + * @throws MOAIDException + * @throws IOException + * @throws ServletException * - * @param request - * @param response - * @return */ - public boolean tryPerformAuthentication(HttpServletRequest request, - HttpServletResponse response) { + public AuthenticationSession doAuthentication(HttpServletRequest httpReq, + HttpServletResponse httpResp, RequestImpl pendingReq) throws MOADatabaseException, ServletException, IOException, MOAIDException { + + //generic authentication request validation + if (pendingReq.isPassiv() + && pendingReq.forceAuth()) { + // conflict! + throw new NoPassivAuthenticationException(); + } - String sessionID = (String) request.getParameter(PARAM_SESSIONID); - if (sessionID != null) { - Logger.debug("Find MOASession: " + sessionID); - AuthenticationSession authSession; - try { - authSession = AuthenticationSessionStoreage.getSession(sessionID); - - if (authSession != null) { - Logger.info("MOASession found! A: " - + authSession.isAuthenticated() + ", AU " - + authSession.isAuthenticatedUsed()); - if (authSession.isAuthenticated() - && !authSession.isAuthenticatedUsed()) { - authSession.setAuthenticatedUsed(true); - - AuthenticationSessionStoreage.storeSession(authSession); - - return true; // got authenticated - } - } + //get SSO cookie from http request + String ssoId = ssoManager.getSSOSessionID(httpReq); + + //check if interfederation IDP is requested + ssoManager.checkInterfederationIsRequested(httpReq, httpResp, pendingReq); + + //check if SSO session cookie is already used + if (ssoId != null) { + String correspondingMOASession = ssoManager.existsOldSSOSession(ssoId); - } catch (MOADatabaseException e) { - return false; - } catch (BuildException e) { + if (correspondingMOASession != null) { + Logger.warn("Request sends an old SSO Session ID("+ssoId+")! " + + "Invalidate the corresponding MOASession with ID="+ correspondingMOASession); + + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_INVALID); + + authenticatedSessionStore.destroySession(correspondingMOASession); + ssoManager.deleteSSOSessionID(httpReq, httpResp); + } + } + + //check if SSO Session is valid + boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq); + + // check if Service-Provider allows SSO sessions + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); + boolean useSSOOA = oaParam.useSSO() || oaParam.isInderfederationIDP(); + + revisionsLogger.logEvent(oaParam, + pendingReq, MOAIDEventConstants.AUTHPROCESS_SERVICEPROVIDER, pendingReq.getOAURL()); + + //if a legacy request is used SSO should not be allowed in case of mandate authentication + boolean isUseMandateRequested = LegacyHelper.isUseMandateRequested(httpReq); + + //check if SSO is allowed for the actually executed request + //INFO: Actually, useMandate disables SSO functionality!!!!! + boolean isSSOAllowed = (useSSOOA && !isUseMandateRequested); + pendingReq.setNeedSingleSignOnFunctionality(isSSOAllowed); + + //get MOASession from SSO-Cookie if SSO is allowed + AuthenticationSession moaSession = null; + if (isValidSSOSession && isSSOAllowed) { + String moasessionID = ssoManager.getMOASession(ssoId); + moaSession = authenticatedSessionStore.getSession(moasessionID); + + if (moaSession == null) + Logger.info("No MOASession FOUND with provided SSO-Cookie."); + + else { + Logger.debug("Found authenticated MOASession with provided SSO-Cookie."); + revisionsLogger.logEvent(oaParam, pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO); + + } + } + + //check if session is already authenticated + boolean isSessionAuthenticated = tryPerformAuthentication((RequestImpl) pendingReq, moaSession); + + //force new authentication authentication process + if (pendingReq.forceAuth()) { + startAuthenticationProcess(httpReq, httpResp, pendingReq); + return null; + + //perform SSO-Consents evaluation if it it required + } else if (isSessionAuthenticated && oaParam.useSSOQuestion()) { + sendSingleSignOnConsentsEvaluation(httpReq, httpResp, pendingReq); + return null; + + } else if (pendingReq.isPassiv()) { + if (isSessionAuthenticated) { + // Passive authentication ok! + revisionsLogger.logEvent(oaParam, pendingReq, MOAIDEventConstants.AUTHPROCESS_FINISHED); + return moaSession; + + } else { + throw new NoPassivAuthenticationException(); + + } + } else { + if (isSessionAuthenticated) { + // Is authenticated .. proceed + revisionsLogger.logEvent(oaParam, + pendingReq, MOAIDEventConstants.AUTHPROCESS_FINISHED); + return moaSession; + + } else { + // Start authentication! + startAuthenticationProcess(httpReq, httpResp, pendingReq); + return null; + } + } + } + + /** + * Checks if a authenticated MOASession already exists and if {protocolRequest} is authenticated + * + * @param protocolRequest Authentication request which is actually in process + * @param moaSession MOASession with authentication information or null if no active MOASession exists + * + * @return true if session is already authenticated, otherwise false + * @throws MOAIDException + */ + private boolean tryPerformAuthentication(RequestImpl protocolRequest, AuthenticationSession moaSession) { + + //if no MOASession exist -> authentication is required + if (moaSession == null) { + return false; + + } else { + //if MOASession is Found but not authenticated --> authentication is required + if (!moaSession.isAuthenticated()) { return false; } + + //if MOASession is already authenticated and protocol-request is authenticated + // --> no authentication is required any more + else if (moaSession.isAuthenticated() && protocolRequest.isAuthenticated()) { + return true; + + // if MOASession is authenticated and SSO is allowed --> authenticate pendingRequest + } else if (!protocolRequest.isAuthenticated() + && moaSession.isAuthenticated() && protocolRequest.needSingleSignOnFunctionality()) { + Logger.debug("Found active MOASession and SSO is allowed --> pendingRequest is authenticted"); + protocolRequest.setAuthenticated(true); + protocolRequest.setMOASessionIdentifier(moaSession.getSessionID()); + return true; + + } + + // force authentication as backup solution + else { + Logger.warn("Authentication-required check find an unsuspected state --> force authentication"); + return false; + + } } - return false; } - public void performSingleLogOut(HttpServletRequest httpReq, - HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq) throws MOAIDException { - performSingleLogOut(httpReq, httpResp, session, pvpReq, null); + private void startAuthenticationProcess(HttpServletRequest httpReq, + HttpServletResponse httpResp, RequestImpl pendingReq) + throws ServletException, IOException, MOAIDException { + + Logger.info("Starting authentication ..."); + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_START); + + //is legacy allowed + List<String> legacyallowed_prot = authConfig.getLegacyAllowedProtocols(); + boolean legacyallowed = legacyallowed_prot.contains(pendingReq.requestedModule()); + + //check legacy request parameter + boolean legacyparamavail = ParamValidatorUtils.areAllLegacyParametersAvailable(httpReq); + + //create MOASession object + AuthenticationSession moasession; + try { + moasession = authenticatedSessionStore.createSession(pendingReq); + pendingReq.setMOASessionIdentifier(moasession.getSessionID()); + + } catch (MOADatabaseException e1) { + Logger.error("Database Error! MOASession can not be created!"); + throw new MOAIDException("init.04", new Object[] {}); + + } + + //create authentication process execution context + ExecutionContext executionContext = new ExecutionContextImpl(); + + //set interfederation authentication flag + executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH, + MiscUtil.isNotEmpty( + pendingReq.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, String.class))); + + //set legacy mode or BKU-selection flags + boolean leagacyMode = (legacyallowed && legacyparamavail); + executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_ISLEGACYREQUEST, leagacyMode); + executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, !leagacyMode + && MiscUtil.isEmpty(pendingReq.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, String.class))); + + //add leagcy parameters to context + if (leagacyMode) { + Enumeration<String> reqParamNames = httpReq.getParameterNames(); + while(reqParamNames.hasMoreElements()) { + String paramName = reqParamNames.nextElement(); + if (MiscUtil.isNotEmpty(paramName) && + MOAIDAuthConstants.LEGACYPARAMETERWHITELIST.contains(paramName)) + executionContext.put(paramName, + StringEscapeUtils.escapeHtml(httpReq.getParameter(paramName))); + + } + } + + //start process engine + startProcessEngine(pendingReq, executionContext); } - - public void performSingleLogOut(HttpServletRequest httpReq, - HttpServletResponse httpResp, AuthenticationSession session, String authURL) throws MOAIDException { - performSingleLogOut(httpReq, httpResp, session, null, authURL); + + private void sendSingleSignOnConsentsEvaluation(HttpServletRequest request, + HttpServletResponse response, RequestImpl pendingReq) + throws ServletException, IOException, MOAIDException { + + Logger.info("Start SSO user-consents evaluation ..."); + //set authenticated flag to false, because user consents is required + pendingReq.setAuthenticated(false); + + //create execution context + ExecutionContext executionContext = new ExecutionContextImpl(); + executionContext.put(SingleSignOnConsentsModuleImpl.PARAM_SSO_CONSENTS_EVALUATION, true); + + //start process engine + startProcessEngine(pendingReq, executionContext); + } + private void startProcessEngine(RequestImpl pendingReq, ExecutionContext executionContext) throws MOAIDException { + try { + //put pending-request ID on execurtionContext + executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, pendingReq.getRequestID()); + + // create process instance + String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext); + + if (processDefinitionId == null) { + Logger.warn("No suitable process found for SessionID " + pendingReq.getRequestID() ); + throw new MOAIDException("process.02",new Object[] { + pendingReq.getRequestID()}); + } + + String processInstanceId = processEngine.createProcessInstance(processDefinitionId, executionContext); + + // keep process instance id in protocol pending-request + pendingReq.setProcessInstanceId(processInstanceId); + + //store pending-request + requestStoreage.storePendingRequest(pendingReq); + + // start process + processEngine.start(pendingReq); + + } catch (ProcessExecutionException e) { + Throwable cause = e.getCause(); + if (cause != null && cause instanceof TaskExecutionException) { + Throwable taskCause = cause.getCause(); + if (taskCause != null && taskCause instanceof MOAIDException) { + MOAIDException moaTaskCause = (MOAIDException) taskCause; + Logger.warn(taskCause); + throw moaTaskCause; + + } + } + + throw new MOAIDException("process.01", new Object[] { pendingReq.getProcessInstanceId(), pendingReq.getRequestID() }, e); + } + } private void performSingleLogOut(HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession session, PVPTargetConfiguration pvpReq, String authURL) throws MOAIDException { String pvpSLOIssuer = null; String inboundRelayState = null; + String uniqueSessionIdentifier = "notSet"; + String uniqueTransactionIdentifier = "notSet"; + + Logger.debug("Start technical Single LogOut process ... "); if (pvpReq != null) { MOARequest samlReq = (MOARequest) pvpReq.getRequest(); LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest(); pvpSLOIssuer = logOutReq.getIssuer().getValue(); inboundRelayState = samlReq.getRelayState(); + uniqueSessionIdentifier = pvpReq.getUniqueSessionIdentifier(); + uniqueTransactionIdentifier = pvpReq.getUniqueTransactionIdentifier(); + } else { + AuthenticationSessionExtensions sessionExt; + try { + sessionExt = authenticatedSessionStore.getAuthenticationSessionExtensions(session.getSessionID()); + if (sessionExt != null) + uniqueSessionIdentifier = sessionExt.getUniqueSessionId(); + + } catch (MOADatabaseException e) { + Logger.error("Error during database communication. Can not evaluate 'uniqueSessionIdentifier'", e); + + } + uniqueTransactionIdentifier = Random.nextLongRandom(); + revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_IDP_SLO_REQUESTED); + } - SSOManager ssomanager = SSOManager.getInstance(); - //store active OAs to SLOContaine - List<OASessionStore> dbOAs = AuthenticationSessionStoreage.getAllActiveOAFromMOASession(session); - List<InterfederationSessionStore> dbIDPs = AuthenticationSessionStoreage.getAllActiveIDPsFromMOASession(session); - SLOInformationContainer sloContainer = new SLOInformationContainer(); + List<OASessionStore> dbOAs = authenticatedSessionStore.getAllActiveOAFromMOASession(session); + List<InterfederationSessionStore> dbIDPs = authenticatedSessionStore.getAllActiveIDPsFromMOASession(session); + SLOInformationContainer sloContainer = new SLOInformationContainer(); + sloContainer.setTransactionID(uniqueTransactionIdentifier); + sloContainer.setSessionID(uniqueSessionIdentifier); sloContainer.setSloRequest(pvpReq); - sloContainer.parseActiveIDPs(dbIDPs, pvpSLOIssuer); - sloContainer.parseActiveOAs(dbOAs, pvpSLOIssuer); - - //terminate MOASession - try { - AuthenticationSessionStoreage.destroySession(session.getSessionID()); - ssomanager.deleteSSOSessionID(httpReq, httpResp); + + sloBuilder.parseActiveIDPs(sloContainer, dbIDPs, pvpSLOIssuer); + sloBuilder.parseActiveOAs(sloContainer, dbOAs, pvpSLOIssuer); + Logger.debug("Active SSO Service-Provider: " + + " BackChannel:" + sloContainer.getActiveBackChannelOAs().size() + + " FrontChannel:" + sloContainer.getActiveFrontChannalOAs().size() + + " NO_SLO_Support:" + sloContainer.getSloFailedOAs().size()); + + //terminate MOASession + try { + authenticatedSessionStore.destroySession(session.getSessionID()); + ssoManager.deleteSSOSessionID(httpReq, httpResp); + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_DESTROYED, uniqueSessionIdentifier); + + Logger.debug("Active SSO Session on IDP is remove."); + } catch (MOADatabaseException e) { Logger.warn("Delete MOASession FAILED."); sloContainer.putFailedOA(pvpReq.getAuthURL()); } - //start service provider back channel logout process + Logger.trace("Starting Service-Provider logout process ... "); + revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_STARTED); + //start service provider back channel logout process Iterator<String> nextOAInterator = sloContainer.getNextBackChannelOA(); while (nextOAInterator.hasNext()) { SLOInformationImpl sloDescr = sloContainer.getBackChannelOASessionDescripten(nextOAInterator.next()); - LogoutRequest sloReq = SingleLogOutBuilder.buildSLORequestMessage(sloDescr); + LogoutRequest sloReq = sloBuilder.buildSLORequestMessage(sloDescr); try { + Logger.trace("Send backchannel SLO Request to " + sloDescr.getSpEntityID()); List<XMLObject> soapResp = MOASAMLSOAPClient.send(sloDescr.getServiceURL(), sloReq); LogoutResponse sloResp = null; @@ -230,28 +521,27 @@ public class AuthenticationManager extends MOAIDAuthConstants { } if (sloResp == null) { - Logger.warn("Single LogOut for OA " + sloReq.getIssuer().getValue() + Logger.warn("Single LogOut for OA " + sloDescr.getSpEntityID() + " FAILED. NO LogOut response received."); - sloContainer.putFailedOA(sloReq.getIssuer().getValue()); + sloContainer.putFailedOA(sloDescr.getSpEntityID()); } else { - SAMLVerificationEngine engine = new SAMLVerificationEngine(); - engine.verifySLOResponse(sloResp, - TrustEngineFactory.getSignatureKnownKeysTrustEngine()); + samlVerificationEngine.verifySLOResponse(sloResp, + TrustEngineFactory.getSignatureKnownKeysTrustEngine(MOAMetadataProvider.getInstance())); } - SingleLogOutBuilder.checkStatusCode(sloContainer, sloResp); + sloBuilder.checkStatusCode(sloContainer, sloResp); } catch (SOAPException e) { - Logger.warn("Single LogOut for OA " + sloReq.getIssuer().getValue() + Logger.warn("Single LogOut for OA " + sloDescr.getSpEntityID() + " FAILED.", e); - sloContainer.putFailedOA(sloReq.getIssuer().getValue()); + sloContainer.putFailedOA(sloDescr.getSpEntityID()); } catch (SecurityException | InvalidProtocolRequestException e) { - Logger.warn("Single LogOut for OA " + sloReq.getIssuer().getValue() + Logger.warn("Single LogOut for OA " + sloDescr.getSpEntityID() + " FAILED.", e); - sloContainer.putFailedOA(sloReq.getIssuer().getValue()); + sloContainer.putFailedOA(sloDescr.getSpEntityID()); } } @@ -264,9 +554,11 @@ public class AuthenticationManager extends MOAIDAuthConstants { Collection<Entry<String, SLOInformationImpl>> sloDescr = sloContainer.getFrontChannelOASessionDescriptions(); List<String> sloReqList = new ArrayList<String>(); for (Entry<String, SLOInformationImpl> el : sloDescr) { - LogoutRequest sloReq = SingleLogOutBuilder.buildSLORequestMessage(el.getValue()); + Logger.trace("Build frontChannel SLO Request for " + el.getValue().getSpEntityID()); + + LogoutRequest sloReq = sloBuilder.buildSLORequestMessage(el.getValue()); try { - sloReqList.add(SingleLogOutBuilder.getFrontChannelSLOMessageURL(el.getValue().getServiceURL(), el.getValue().getBinding(), + sloReqList.add(sloBuilder.getFrontChannelSLOMessageURL(el.getValue().getServiceURL(), el.getValue().getBinding(), sloReq, httpReq, httpResp, relayState)); } catch (Exception e) { @@ -276,7 +568,8 @@ public class AuthenticationManager extends MOAIDAuthConstants { } } - AssertionStorage.getInstance().put(relayState, sloContainer); + //put SLO process-information into transaction storage + transactionStorage.put(relayState, sloContainer); if (MiscUtil.isEmpty(authURL)) authURL = pvpReq.getAuthURL(); @@ -285,49 +578,82 @@ public class AuthenticationManager extends MOAIDAuthConstants { + "/idpSingleLogout" + "?restart=" + relayState; - VelocityContext context = new VelocityContext(); - context.put("redirectURLs", sloReqList); - context.put("timeoutURL", timeOutURL); - context.put("timeout", SLOTIMEOUT); - ssomanager.printSingleLogOutInfo(context, httpResp); + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, + null); + config.putCustomParameter("redirectURLs", sloReqList); + config.putCustomParameter("timeoutURL", timeOutURL); + config.putCustomParameter("timeout", SLOTIMEOUT); + + guiBuilder.build(httpResp, config, "Single-LogOut GUI"); + } else { if (pvpReq != null) { //send SLO response to SLO request issuer - SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq); - LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq, sloContainer.getSloFailedOAs()); - SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, inboundRelayState); + SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq); + LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, sloContainer.getSloFailedOAs()); + sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, inboundRelayState); } else { //print SLO information directly - VelocityContext context = new VelocityContext(); + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, + null); + if (sloContainer.getSloFailedOAs() == null || - sloContainer.getSloFailedOAs().size() == 0) - context.put("successMsg", + sloContainer.getSloFailedOAs().size() == 0) { + revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID); + config.putCustomParameter("successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.00", null)); - else - context.put("errorMsg", + + } else { + revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); + config.putCustomParameter("errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); - ssomanager.printSingleLogOutInfo(context, httpResp); + + } + guiBuilder.build(httpResp, config, "Single-LogOut GUI"); } } - + + } catch (GUIBuildException e) { + Logger.warn("Can not build GUI:'Single-LogOut'. Msg:" + e.getMessage()); + throw new MOAIDException("builder.09", new Object[]{e.getMessage()}, e); + } catch (MOADatabaseException e) { Logger.error("MOA AssertionDatabase ERROR", e); if (pvpReq != null) { - SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq); - LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); - SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, inboundRelayState); + SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq); + LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); + sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, inboundRelayState); + + revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); }else { //print SLO information directly - VelocityContext context = new VelocityContext(); - context.put("errorMsg", + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SINGLELOGOUT, + null); + + revisionsLogger.logEvent(uniqueSessionIdentifier, uniqueTransactionIdentifier, MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); + config.putCustomParameter("errorMsg", MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); - ssomanager.printSingleLogOutInfo(context, httpResp); + + try { + guiBuilder.build(httpResp, config, "Single-LogOut GUI"); + + } catch (GUIBuildException e1) { + Logger.warn("Can not build GUI:'Single-LogOut'. Msg:" + e.getMessage()); + throw new MOAIDException("builder.09", new Object[]{e.getMessage()}, e); + + } } @@ -336,421 +662,4 @@ public class AuthenticationManager extends MOAIDAuthConstants { e.printStackTrace(); } } - - public void performOnlyIDPLogOut(HttpServletRequest request, - HttpServletResponse response, String moaSessionID) { - Logger.info("Logout"); - - if(moaSessionID == null) { - moaSessionID = (String) request.getParameter(PARAM_SESSIONID); - } - - if(moaSessionID == null) { - Logger.info("NO MOA Session to logout"); - return; - } - - AuthenticationSession authSession; - try { - authSession = AuthenticationSessionStoreage - .getSession(moaSessionID); - - if(authSession == null) { - Logger.info("NO MOA Authentication data for ID " + moaSessionID); - return; - } - - authSession.setAuthenticated(false); - //HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, null); // remove moa session from HTTP Session - - //log Session_Destroy to reversionslog - AuthenticationSessionExtensions sessionExtensions = AuthenticationSessionStoreage.getAuthenticationSessionExtensions(moaSessionID); - MOAReversionLogger.getInstance().logEvent(MOAIDEventConstants.SESSION_DESTROYED, sessionExtensions.getUniqueSessionId()); - - AuthenticationSessionStoreage.destroySession(moaSessionID); - - //session.invalidate(); - - } catch (MOADatabaseException e) { - Logger.info("NO MOA Authentication data for ID " + moaSessionID); - return; - } - - } - - public void doAuthentication(HttpServletRequest request, - HttpServletResponse response, IRequest target) - throws ServletException, IOException, MOAIDException { - - Logger.info("Starting authentication ..."); - MOAReversionLogger.getInstance().logEvent(target.getOnlineApplicationConfiguration(), - target, MOAIDEventConstants.AUTHPROCESS_START); - - if (MiscUtil.isEmpty(target.getRequestedIDP())) { - perfomLocalAuthentication(request, response, target); - - } else { - Logger.info("Use IDP " + target.getRequestedIDP() + " for authentication ..."); - MOAReversionLogger.getInstance().logEvent(target.getOnlineApplicationConfiguration(), - target, MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION); - buildPVP21AuthenticationRequest(request, response, target); - - } - } - - public void sendTransmitAssertionQuestion(HttpServletRequest request, - HttpServletResponse response, IRequest target, OAAuthParameter oaParam) - throws ServletException, IOException, MOAIDException { - - String form = SendAssertionFormBuilder.buildForm(target.requestedModule(), - target.requestedAction(), target.getRequestID(), oaParam, - target.getAuthURL()); - - MOAReversionLogger.getInstance().logEvent(target.getOnlineApplicationConfiguration(), - target, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_START); - - response.setContentType("text/html;charset=UTF-8"); - PrintWriter out = new PrintWriter(response.getOutputStream()); - out.print(form); - out.flush(); - } - - private void buildPVP21AuthenticationRequest(HttpServletRequest request, - HttpServletResponse response, IRequest target) - throws ServletException, IOException, MOAIDException { - - boolean requiredLocalAuthentication = true; - - Logger.debug("Build PVP 2.1 authentication request"); - - //get IDP metadata - - OAAuthParameter idp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(target.getRequestedIDP()); - OAAuthParameter sp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(target.getOAURL()); - - if (!idp.isInderfederationIDP() || !idp.isInboundSSOInterfederationAllowed()) { - Logger.info("Requested interfederation IDP " + target.getRequestedIDP() + " is not valid for interfederation."); - Logger.debug("isInderfederationIDP:" + String.valueOf(idp.isInderfederationIDP()) - + " isInboundSSOAllowed:" + String.valueOf(idp.isInboundSSOInterfederationAllowed())); - Logger.info("Switch to local authentication on this IDP ... "); - - perfomLocalAuthentication(request, response, target); - return; - - } - - try { - EntityDescriptor idpEntity = MOAMetadataProvider.getInstance(). - getEntityDescriptor(target.getRequestedIDP()); - - if (idpEntity != null ) { - - //fetch endpoint from IDP metadata - SingleSignOnService redirectEndpoint = null; - for (SingleSignOnService sss : - idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) { - - // use POST binding as default if it exists - //TODO: maybe use RedirectBinding as default - if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { - redirectEndpoint = sss; - - } else if ( sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) && - redirectEndpoint == null ) - redirectEndpoint = sss; - } - - if (redirectEndpoint != null) { - - AuthnRequest authReq = SAML2Utils - .createSAMLObject(AuthnRequest.class); - SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); - authReq.setID(gen.generateIdentifier()); - - //send passive AuthnRequest - authReq.setIsPassive(idp.isPassivRequestUsedForInterfederation()); - - authReq.setAssertionConsumerServiceIndex(0); - authReq.setIssueInstant(new DateTime()); - Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - String serviceURL = PVPConfiguration.getInstance().getIDPPublicPath().get(0); - issuer.setValue(serviceURL); - - issuer.setFormat(NameIDType.ENTITY); - authReq.setIssuer(issuer); - NameIDPolicy policy = SAML2Utils - .createSAMLObject(NameIDPolicy.class); - policy.setAllowCreate(true); - policy.setFormat(NameID.TRANSIENT); - authReq.setNameIDPolicy(policy); - - authReq.setDestination(redirectEndpoint.getLocation()); - - RequestedAuthnContext reqAuthContext = - SAML2Utils.createSAMLObject(RequestedAuthnContext.class); - - AuthnContextClassRef authnClassRef = - SAML2Utils.createSAMLObject(AuthnContextClassRef.class); - - //check if STORK protocol module is in ClassPath - Class<?> storkRequstTemplate = null; - Integer storkSecClass = null; - try { - storkRequstTemplate = Class.forName("at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest"); - if (storkRequstTemplate != null && - storkRequstTemplate.isInstance(target)) { - Object storkAuthnRequest = target.getClass().getMethod("getStorkAuthnRequest", null).invoke(target, null); - storkSecClass = (Integer) storkAuthnRequest.getClass().getMethod("getQaa", null).invoke(storkAuthnRequest, null); - - } - - } catch (ClassNotFoundException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) { - - - } - - if (sp != null && sp.isSTORKPVPGateway()) { - //use PVP SecClass instead of STORK QAA level - String secClass = null; - if (storkRequstTemplate != null && - storkRequstTemplate.isInstance(target)) { - - try { - secClass = PVPtoSTORKMapper.getInstance().mapToSecClass( - PVPConstants.STORK_QAA_PREFIX + String.valueOf(storkSecClass)); - - } catch (Exception e) { - Logger.warn("STORK-QAA level can not read from STORK request. Use default QAA 4", e); - - } - } - - if (MiscUtil.isNotEmpty(secClass)) - authnClassRef.setAuthnContextClassRef(secClass); - else - authnClassRef.setAuthnContextClassRef("http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3"); - - } else { - if (storkRequstTemplate != null && - storkRequstTemplate.isInstance(target)) { - //use requested QAA level from STORK request - try { - authnClassRef.setAuthnContextClassRef( - PVPConstants.STORK_QAA_PREFIX + String.valueOf(storkSecClass)); - Logger.debug("Use STORK-QAA level " + authnClassRef.getAuthnContextClassRef() - + " from STORK request"); - - } catch (Exception e) { - Logger.warn("STORK-QAA level can not read from STORK request. Use default QAA 4", e); - - } - - } - - if (MiscUtil.isEmpty(authnClassRef.getAuthnContextClassRef())) - //TODO: switch to eIDAS QAA-levels - authnClassRef.setAuthnContextClassRef("http://www.stork.gov.eu/1.0/citizenQAALevel/4"); - - } - - reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM); - reqAuthContext.getAuthnContextClassRefs().add(authnClassRef); - authReq.setRequestedAuthnContext(reqAuthContext); - - IEncoder binding = null; - if (redirectEndpoint.getBinding().equals( - SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { - binding = new RedirectBinding(); - - } else if (redirectEndpoint.getBinding().equals( - SAMLConstants.SAML2_POST_BINDING_URI)) { - binding = new PostBinding(); - - } - - binding.encodeRequest(request, response, authReq, - redirectEndpoint.getLocation(), target.getRequestID()); - - //build and send request without an error - requiredLocalAuthentication = false; - - MOAReversionLogger.getInstance().logEvent(target.getOnlineApplicationConfiguration(), - target, MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION_IDP, idpEntity.getEntityID()); - - - } else { - Logger.warn("Requested IDP " + target.getRequestedIDP() - + " does not support POST or Redirect Binding."); - - } - - } else { - Logger.warn("Requested IDP " + target.getRequestedIDP() - + " is not found in InterFederation configuration"); - - } - - } catch (MetadataProviderException e) { - Logger.error("IDP metadata error." , e); - - } catch (NoSuchAlgorithmException e) { - Logger.error("Build IDP authentication request FAILED.", e); - - } catch (MessageEncodingException e) { - Logger.error("Build IDP authentication request FAILED.", e); - - } catch (SecurityException e) { - Logger.error("Build IDP authentication request FAILED.", e); - - } - - if (requiredLocalAuthentication) { - Logger.info("Switch to local authentication on this IDP ... "); - if (idp.isPerformLocalAuthenticationOnInterfederationError()) - perfomLocalAuthentication(request, response, target); - - else - throw new AuthenticationException("auth.29", new String[]{target.getRequestedIDP()}); - } - } - - - private void perfomLocalAuthentication(HttpServletRequest request, - HttpServletResponse response, IRequest target) - throws ServletException, IOException, MOAIDException { - Logger.debug("Starting authentication on this IDP ..."); - - response.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - response.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - List<String> legacyallowed_prot = AuthConfigurationProviderFactory.getInstance().getLegacyAllowedProtocols(); - - //is legacy allowed - boolean legacyallowed = legacyallowed_prot.contains(target.requestedModule()); - - //check legacy request parameter - boolean legacyparamavail = ParamValidatorUtils.areAllLegacyParametersAvailable(request); - - AuthenticationSession moasession; - try { - //check if an MOASession exists and if not create an new MOASession - //moasession = getORCreateMOASession(request); - moasession = AuthenticationSessionStoreage.createSession(target); - - } catch (MOADatabaseException e1) { - Logger.error("Database Error! MOASession can not be created!"); - throw new MOAIDException("init.04", new Object[] {}); - } - - try { - - if (legacyallowed && legacyparamavail) { - - // create execution context - ExecutionContext executionContext = new ExecutionContextImpl(); - executionContext.put(MOAIDAuthConstants.PARAM_SESSIONID, moasession.getSessionID()); - executionContext.put("pendingRequestID", target.getRequestID()); - - executionContext.put("isLegacyRequest", true); - - Enumeration<String> reqParamNames = request.getParameterNames(); - while(reqParamNames.hasMoreElements()) { - String paramName = reqParamNames.nextElement(); - if (MiscUtil.isNotEmpty(paramName)) - executionContext.put(paramName, request.getParameter(paramName)); - - } - - // create process instance - String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext); - - if (processDefinitionId == null) { - Logger.warn("No suitable process found for SessionID " + moasession.getSessionID() ); - throw new MOAIDException("process.02",new Object[] { - moasession.getSessionID()}); - } - - String processInstanceId = processEngine.createProcessInstance(processDefinitionId, executionContext); - - // keep process instance id in moa session - moasession.setProcessInstanceId(processInstanceId); - - // make sure moa session has been persisted before running the process - try { - AuthenticationSessionStoreage.storeSession(moasession); - } catch (MOADatabaseException e) { - Logger.error("Database Error! MOASession is not stored!"); - throw new MOAIDException("init.04", new Object[] { - moasession.getSessionID()}); - } - - // start process - processEngine.start(processInstanceId); - - } else { - MOAReversionLogger.getInstance().logEvent(target.getOnlineApplicationConfiguration(), - target, MOAIDEventConstants.AUTHPROCESS_BKUSELECTION_INIT); - - //load Parameters from OnlineApplicationConfiguration - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(target.getOAURL()); - - if (oaParam == null) { - throw new AuthenticationException("auth.00", new Object[] { target.getOAURL() }); - } - - else { - - //check if an MOASession exists and if not create an new MOASession - //moasession = getORCreateMOASession(request); - - //set OnlineApplication configuration in Session - moasession.setOAURLRequested(target.getOAURL()); - moasession.setAction(target.requestedAction()); - moasession.setModul(target.requestedModule()); - } - - //Build authentication form - - - String publicURLPreFix = target.getAuthURL(); - if (publicURLPreFix.endsWith("/")) - publicURLPreFix = publicURLPreFix.substring(0, publicURLPreFix.length() - 1); - String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), - target.requestedAction(), oaParam, publicURLPreFix, moasession.getSessionID()); - - //store MOASession - try { - AuthenticationSessionStoreage.storeSession(moasession, target.getRequestID()); - } catch (MOADatabaseException e) { - Logger.error("Database Error! MOASession is not stored!"); - throw new MOAIDException("init.04", new Object[] { - moasession.getSessionID()}); - } - - //set MOAIDSession - //request.getSession().setAttribute(MOA_SESSION, moasession.getSessionID()); - - response.setContentType("text/html;charset=UTF-8"); - PrintWriter out = new PrintWriter(response.getOutputStream()); - out.print(loginForm); - out.flush(); - } - } catch (ProcessExecutionException e) { - Throwable cause = e.getCause(); - if (cause != null && cause instanceof TaskExecutionException) { - Throwable taskCause = cause.getCause(); - if (taskCause != null && taskCause instanceof MOAIDException) { - MOAIDException moaTaskCause = (MOAIDException) taskCause; - Logger.warn(taskCause); - throw moaTaskCause; - - } - } - - throw new MOAIDException("process.01", new Object[] { moasession.getProcessInstanceId(), moasession }, e); - } - } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java index fda92d71a..ae2771427 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java @@ -25,9 +25,8 @@ package at.gv.egovernment.moa.id.moduls; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IModulInfo.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IModulInfo.java index bdbb1b458..b9b161bb6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IModulInfo.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IModulInfo.java @@ -25,22 +25,14 @@ package at.gv.egovernment.moa.id.moduls; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.IRequest; + public interface IModulInfo { //public List<ServletInfo> getServlets(); public String getName(); public String getPath(); - - public IAction getAction(String action); - - public IRequest preProcess(HttpServletRequest request, - HttpServletResponse response, String action, String sessionID, String transactionID) - throws MOAIDException; - - public IAction canHandleRequest(HttpServletRequest request, - HttpServletResponse response); - + public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java deleted file mode 100644 index 4ae271bbc..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java +++ /dev/null @@ -1,61 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.moduls; - -import java.util.Date; -import java.util.List; - -import org.opensaml.saml2.core.Attribute; - -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; - -public interface IRequest { - public String getOAURL(); - public boolean isPassiv(); - public boolean forceAuth(); - public boolean isSSOSupported(); - public String requestedModule(); - public String requestedAction(); - public void setModule(String module); - public void setAction(String action); - public String getTarget(); - public void setRequestID(String id); - public String getRequestID(); - public String getSessionIdentifier(); - public void setSessionIdentifier(String sessionIdentifier); - public String getRequestedIDP(); - public MOAResponse getInterfederationResponse(); - public List<Attribute> getRequestedAttributes(); - public IOAAuthParameters getOnlineApplicationConfiguration(); - - /** - * get the IDP URL PreFix, which was used for authentication request - * - * @return IDP URL PreFix <String>. The URL prefix always ends without / - */ - public String getAuthURL(); - public String getAuthURLWithOutSlash(); - - //public void setTarget(); -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequestStorage.java new file mode 100644 index 000000000..987d92e16 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequestStorage.java @@ -0,0 +1,43 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.moduls; + +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; + +/** + * @author tlenz + * + */ +public interface IRequestStorage { + + public IRequest getPendingRequest(String pendingReqID); + + public void storePendingRequest(IRequest pendingRequest) throws MOAIDException; + + public void removePendingRequest(String requestID); + + public String changePendingRequestID(IRequest pendingRequest) throws MOAIDException, MOADatabaseException; + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulStorage.java deleted file mode 100644 index e65d77326..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulStorage.java +++ /dev/null @@ -1,94 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.moduls; - -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; -import java.util.ServiceLoader; - -import at.gv.egovernment.moa.logging.Logger; - -public class ModulStorage { - -// private static final String[] modulClasses = new String[]{ -//// "at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol", -// "at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol", -// "at.gv.egovernment.moa.id.protocols.stork2.STORKProtocol", -// "at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20Protocol" -// }; - - private static ServiceLoader<IModulInfo> protocolModuleLoader = - ServiceLoader.load(IModulInfo.class); - private static List<IModulInfo> registeredModules = new ArrayList<IModulInfo>(); - - - public static List<IModulInfo> getAllModules() { - return registeredModules; - } - - public static IModulInfo getModuleByPath(String modname) { - Iterator<IModulInfo> it = registeredModules.iterator(); - while (it.hasNext()) { - IModulInfo info = it.next(); - if (info.getPath().equals(modname)) { - return info; - } - } - return null; - } - - static { - Logger.info("Loading protocol modules:"); - if (protocolModuleLoader != null ) { - Iterator<IModulInfo> moduleLoaderInterator = protocolModuleLoader.iterator(); - while (moduleLoaderInterator.hasNext()) { - try { - IModulInfo modul = moduleLoaderInterator.next(); - Logger.info("Loading Modul Information: " + modul.getName()); - registeredModules.add(modul); - - } catch(Throwable e) { - Logger.error("Check configuration! " + "Some protocol modul" + - " is not a valid IModulInfo", e); - } - } - } - -// for(int i = 0; i < modulClasses.length; i++) { -// String modulClassName = modulClasses[i]; -// try { -// @SuppressWarnings("unchecked") -// Class<IModulInfo> moduleClass = (Class<IModulInfo>)Class.forName(modulClassName); -// IModulInfo module = moduleClass.newInstance(); -// Logger.info("Loading Modul Information: " + module.getName()); -// registeredModules.add(module); -// } catch(Throwable e) { -// Logger.error("Check configuration! " + modulClassName + -// " is not a valid IModulInfo", e); -// } -// } - Logger.info("Loading modules done"); - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java deleted file mode 100644 index 99b7f4217..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ModulUtils.java +++ /dev/null @@ -1,46 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.moduls; - -import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet; - - -public class ModulUtils { - - public static final String UNAUTHDISPATCHER = "dispatcher"; - public static final String AUTHDISPATCHER = "dispatcher"; - - public static String buildUnauthURL(String modul, String action, String pendingRequestID) { - return UNAUTHDISPATCHER + "?" + - DispatcherServlet.PARAM_TARGET_MODULE + "=" + modul + "&" + - DispatcherServlet.PARAM_TARGET_ACTION + "=" + action + "&" + - DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID; - } - - public static String buildAuthURL(String modul, String action, String pendingRequestID) { - return AUTHDISPATCHER + - "?" + DispatcherServlet.PARAM_TARGET_MODULE + "=" + modul + "&" + - DispatcherServlet.PARAM_TARGET_ACTION + "=" + action + "&" + - DispatcherServlet.PARAM_TARGET_PENDINGREQUESTID + "=" + pendingRequestID; - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/NoPassivAuthenticationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/NoPassivAuthenticationException.java index 6551b88a3..f1db466e9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/NoPassivAuthenticationException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/NoPassivAuthenticationException.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.moduls; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; public class NoPassivAuthenticationException extends MOAIDException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java index cdaade1bb..85e4dc99b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java @@ -25,45 +25,80 @@ package at.gv.egovernment.moa.id.moduls; import java.io.Serializable; import java.net.MalformedURLException; import java.net.URL; +import java.util.Collection; +import java.util.HashMap; import java.util.List; +import java.util.Map; import javax.servlet.http.HttpServletRequest; -import org.opensaml.saml2.core.Attribute; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public abstract class RequestImpl implements IRequest, Serializable{ - private static final long serialVersionUID = 1L; + public static final String DATAID_INTERFEDERATIOIDP_URL = "interIDPURL"; + public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "interIDPResponse"; + public static final String DATAID_REQUESTED_ATTRIBUTES = "requestedAttributes"; + public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "interIDPEntityID"; - private String oaURL; - private boolean passiv = false; - private boolean force = false; - private boolean ssosupport = false; + public static final String eIDAS_GENERIC_REQ_DATA_COUNTRY = "country"; + + private static final long serialVersionUID = 1L; + private String module = null; private String action = null; - private String target = null; + private String requestID; - private String sessionIdentifier; - private IOAAuthParameters OAConfiguration = null; + private String moaSessionIdentifier; + private String processInstanceId; + + private String uniqueTransactionIdentifer; + private String uniqueSessionIdentifer; + + private String oaURL; private String authURL = null; + + private IOAAuthParameters OAConfiguration = null; + + private boolean passiv = false; + private boolean force = false; + private boolean needSSO = false; + private boolean isAbortedByUser = false; + + //every request needs authentication by default + private boolean needAuthentication = true; - //MOA-ID interfederation - private String requestedIDP = null; - private MOAResponse response = null; + //every request is not authenticated by default + private boolean isAuthenticated = false; + + private Map<String, Object> genericDataStorage = new HashMap<String, Object>(); + /** * @throws ConfigurationException * */ - public RequestImpl(HttpServletRequest req) throws ConfigurationException { + public final void initialize(HttpServletRequest req) throws ConfigurationException { + //set requestID + requestID = Random.nextRandom(); + + //set unique transaction identifier for logging + uniqueTransactionIdentifer = Random.nextRandom(); + TransactionIDUtils.setTransactionId(uniqueTransactionIdentifer); + + + //check if End-Point is valid String authURLString = HTTPUtils.extractAuthURLFromRequest(req); URL authURL; try { @@ -122,15 +157,24 @@ public abstract class RequestImpl implements IRequest, Serializable{ this.authURL = resultURL.toExternalForm(); } - } + } + + //set unique session identifier + String uniqueID = (String) req.getAttribute(MOAIDConstants.UNIQUESESSIONIDENTIFIER); + if (MiscUtil.isNotEmpty(uniqueID)) + uniqueSessionIdentifer = uniqueID; + + else + Logger.warn("No unique session-identifier FOUND, but it should be allready set into request!?!"); + } /** * This method map the protocol specific requested attributes to PVP 2.1 attributes. * - * @return List of PVP 2.1 attributes with maps all protocol specific attributes + * @return List of PVP 2.1 attribute names with maps all protocol specific attributes */ - public abstract List<Attribute> getRequestedAttributes(); + public abstract Collection<String> getRequestedAttributes(); public void setOAURL(String value) { oaURL = value; @@ -156,83 +200,44 @@ public abstract class RequestImpl implements IRequest, Serializable{ this.force = force; } - public boolean isSSOSupported() { - return ssosupport; - } - - public String requestedModule() { - return module; - } - public String requestedAction() { return action; } - public void setSsosupport(boolean ssosupport) { - this.ssosupport = ssosupport; - } - - public void setModule(String module) { - this.module = module; - } - public void setAction(String action) { this.action = action; } - - public String getTarget() { - return target; - } - public void setTarget(String target) { - this.target = target; - } - - public void setRequestID(String id) { - this.requestID = id; - - } - - public String getRequestID() { - return requestID; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestedIDP() + /** + * @return the module */ - @Override - public String getRequestedIDP() { - return requestedIDP; + public String requestedModule() { + return module; } /** - * @param requestedIDP the requestedIDP to set + * @param module the module to set */ - public void setRequestedIDP(String requestedIDP) { - this.requestedIDP = requestedIDP; + public void setModule(String module) { + this.module = module; } - /** - * @return the response - */ - public MOAResponse getInterfederationResponse() { - return response; + public void setRequestID(String id) { + this.requestID = id; + } - /** - * @param response the response to set - */ - public void setInterfederationResponse(MOAResponse response) { - this.response = response; + public String getRequestID() { + return requestID; } - public String getSessionIdentifier() { - return this.sessionIdentifier; + public String getMOASessionIdentifier() { + return this.moaSessionIdentifier; } - public void setSessionIdentifier(String sessionIdentifier) { - this.sessionIdentifier = sessionIdentifier; + public void setMOASessionIdentifier(String moaSessionIdentifier) { + this.moaSessionIdentifier = moaSessionIdentifier; } @@ -246,6 +251,36 @@ public abstract class RequestImpl implements IRequest, Serializable{ } + public String getUniqueTransactionIdentifier() { + return this.uniqueTransactionIdentifer; + + } + + public String getUniqueSessionIdentifier() { + return this.uniqueSessionIdentifer; + + } + + public String getProcessInstanceId() { + return this.processInstanceId; + + } + + public void setUniqueTransactionIdentifier(String id) { + this.uniqueTransactionIdentifer = id; + + } + + public void setUniqueSessionIdentifier(String id) { + this.uniqueSessionIdentifer = id; + + } + + public void setProcessInstanceId(String id) { + this.processInstanceId = id; + + } + /** * @return the authURL */ @@ -261,11 +296,108 @@ public abstract class RequestImpl implements IRequest, Serializable{ } -// /** -// * @param authURL the authURL to set -// */ -// public void setAuthURL(String authURL) { -// this.authURL = authURL; -// } + /** + * @return the needAuthentication + */ + public boolean isNeedAuthentication() { + return needAuthentication; + } + + /** + * @param needAuthentication the needAuthentication to set + */ + public void setNeedAuthentication(boolean needAuthentication) { + this.needAuthentication = needAuthentication; + } + + /** + * @return the isAuthenticated + */ + public boolean isAuthenticated() { + return isAuthenticated; + } + + /** + * @param isAuthenticated the isAuthenticated to set + */ + public void setAuthenticated(boolean isAuthenticated) { + this.isAuthenticated = isAuthenticated; + } + + public boolean needSingleSignOnFunctionality() { + return needSSO; + } + public void setNeedSingleSignOnFunctionality(boolean needSSO) { + this.needSSO = needSSO; + + } + + public boolean isAbortedByUser() { + return this.isAbortedByUser; + } + + public void setAbortedByUser(boolean isAborted) { + this.isAbortedByUser = isAborted; + + } + + public Object getGenericData(String key) { + if (MiscUtil.isNotEmpty(key)) { + return genericDataStorage.get(key); + + } + + Logger.warn("Can not load generic request-data with key='null'"); + return null; + } + + public <T> T getGenericData(String key, final Class<T> clazz) { + if (MiscUtil.isNotEmpty(key)) { + Object data = genericDataStorage.get(key); + + if (data == null) + return null; + + try { + @SuppressWarnings("unchecked") + T test = (T) data; + return test; + + } catch (Exception e) { + Logger.warn("Generic request-data object can not be casted to requested type", e); + return null; + + } + + } + + Logger.warn("Can not load generic request-data with key='null'"); + return null; + + } + + public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { + if (MiscUtil.isEmpty(key)) { + Logger.warn("Generic request-data can not be stored with a 'null' key"); + throw new SessionDataStorageException("Generic request-data can not be stored with a 'null' key", null); + + } + + if (object != null) { + if (!Serializable.class.isInstance(object)) { + Logger.warn("Generic request-data can only store objects which implements the 'Seralizable' interface"); + throw new SessionDataStorageException("Generic request-data can only store objects which implements the 'Seralizable' interface", null); + + } + } + + if (genericDataStorage.containsKey(key)) + Logger.debug("Overwrite generic request-data with key:" + key); + else + Logger.trace("Add generic request-data with key:" + key + " to session."); + + genericDataStorage.put(key, object); + + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java index f0b12431a..1b550881e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java @@ -22,39 +22,53 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.moduls; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAO; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; +import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; -public class RequestStorage { +@Service("RequestStorage") +public class RequestStorage implements IRequestStorage{ - public static IRequest getPendingRequest(String pendingReqID) { + @Autowired ITransactionStorage transactionStorage; + @Autowired ProcessInstanceStoreDAO processInstanceStore; + + @Override + public IRequest getPendingRequest(String pendingReqID) { try { - AssertionStorage storage = AssertionStorage.getInstance(); - IRequest pendingRequest = storage.get(pendingReqID, IRequest.class); - + IRequest pendingRequest = transactionStorage.get(pendingReqID, IRequest.class); + if (pendingRequest == null) { + Logger.info("No PendingRequst found with pendingRequestID " + pendingReqID); + return null; + + } + //set transactionID and sessionID to Logger - TransactionIDUtils.setTransactionId(((IRequest)pendingRequest).getRequestID()); - TransactionIDUtils.setSessionId(((IRequest)pendingRequest).getSessionIdentifier()); + TransactionIDUtils.setTransactionId(pendingRequest.getUniqueTransactionIdentifier()); + TransactionIDUtils.setSessionId(pendingRequest.getUniqueSessionIdentifier()); return pendingRequest; - } catch (MOADatabaseException e) { + } catch (MOADatabaseException | NullPointerException e) { Logger.info("No PendingRequst found with pendingRequestID " + pendingReqID); return null; } } - public static void setPendingRequest(Object pendingRequest) throws MOAIDException { - try { - AssertionStorage storage = AssertionStorage.getInstance(); - + @Override + public void storePendingRequest(IRequest pendingRequest) throws MOAIDException { + try { if (pendingRequest instanceof IRequest) { - storage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest); + transactionStorage.put(((IRequest)pendingRequest).getRequestID(), pendingRequest); } else { throw new MOAIDException("auth.20", null); @@ -69,12 +83,53 @@ public class RequestStorage { } - public static void removePendingRequest(String requestID) { + @Override + public void removePendingRequest(String requestID) { if (requestID != null) { - AssertionStorage storage = AssertionStorage.getInstance(); - storage.remove(requestID); + //remove process-management execution instance + try { + IRequest pendingReq = getPendingRequest(requestID); + + if (pendingReq != null && + pendingReq.getProcessInstanceId() != null) { + processInstanceStore.remove(pendingReq.getProcessInstanceId()); + + } + + } catch (MOADatabaseException e) { + Logger.warn("Removing process associated with pending-request:" + requestID + " FAILED.", e); + + } + + transactionStorage.remove(requestID); + + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.IRequestStorage#changePendingRequestID(at.gv.egovernment.moa.id.moduls.IRequest) + */ + @Override + public String changePendingRequestID(IRequest pendingRequest) throws MOAIDException, MOADatabaseException { + + if (pendingRequest instanceof RequestImpl) { + String newRequestID = Random.nextRandom(); + String oldRequestID = pendingRequest.getRequestID(); + + Logger.debug("Change pendingRequestID from " + pendingRequest.getRequestID() + + " to " + newRequestID); + + ((RequestImpl)pendingRequest).setRequestID(newRequestID); + transactionStorage.changeKey(oldRequestID, newRequestID, pendingRequest); + + return newRequestID; + + } else { + Logger.error("PendingRequest object is not of type 'RequestImpl.class'"); + throw new MOAIDException("internal.00", null); } + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index 2a618272f..bc7dd272b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -22,13 +22,6 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.moduls; -import java.io.BufferedReader; -import java.io.File; -import java.io.FileInputStream; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.StringWriter; -import java.net.URI; import java.util.Date; import java.util.List; @@ -36,56 +29,59 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; import org.hibernate.Query; import org.hibernate.Session; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -public class SSOManager { - +@Service("MOAID_SSOManager") +public class SSOManager { private static final String HTMLTEMPLATESDIR = "htmlTemplates/"; private static final String HTMLTEMPLATEFULL = "slo_template.html"; + public static String CONTEXTPATH = "contextPath"; private static final String SSOCOOKIE = "MOA_ID_SSO"; private static final String SSOINTERFEDERATION = "MOA_INTERFEDERATION_SSO"; - private static final int DEFAULTSSOTIMEOUT = 15 * 60; // sec - private static final int INTERFEDERATIONCOOKIEMAXAGE = 5 * 60;// sec + + @Autowired private IAuthenticationSessionStoreage authenticatedSessionStore; + @Autowired protected AuthConfiguration authConfig; - private static SSOManager instance = null; - - public static SSOManager getInstance() { - if (instance == null) { - instance = new SSOManager(); - - } - - return instance; - } - + /** + * Check if interfederation IDP is requested via HTTP GET parameter or if interfederation cookie exists. + * Set the requested interfederation IDP as attribte of the {protocolRequest} + * + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse + * @param protocolRequest Authentication request which is actually in process + * @throws SessionDataStorageException + * + **/ public void checkInterfederationIsRequested(HttpServletRequest httpReq, HttpServletResponse httpResp, - IRequest protocolRequest) { + IRequest protocolRequest) throws SessionDataStorageException { String interIDP = httpReq.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP); - if (MiscUtil.isNotEmpty(protocolRequest.getRequestedIDP())) { - Logger.debug("Protocolspecific preprocessing already set interfederation IDP " + protocolRequest.getRequestedIDP()); + String interfederationIDP = + protocolRequest.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, String.class); + if (MiscUtil.isNotEmpty(interfederationIDP)) { + Logger.debug("Protocolspecific preprocessing already set interfederation IDP " + interfederationIDP); return; } @@ -95,14 +91,14 @@ public class SSOManager { RequestImpl moaReq = (RequestImpl) protocolRequest; if (MiscUtil.isNotEmpty(interIDP)) { Logger.info("Receive SSO request for interfederation IDP " + interIDP); - moaReq.setRequestedIDP(interIDP); + moaReq.setGenericDataToSession(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, interIDP); } else { //check if IDP cookie is set String cookie = getValueFromCookie(httpReq, SSOINTERFEDERATION); if (MiscUtil.isNotEmpty(cookie)) { Logger.info("Receive SSO request for interfederated IDP from Cookie " + cookie); - moaReq.setRequestedIDP(cookie); + moaReq.setGenericDataToSession(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, cookie); deleteCookie(httpReq, httpResp, SSOINTERFEDERATION); } @@ -120,7 +116,7 @@ public class SSOManager { } - public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) throws ConfigurationException { + public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) throws ConfigurationException, SessionDataStorageException { // search SSO Session if (ssoSessionID == null) { @@ -128,7 +124,7 @@ public class SSOManager { return false; } - AuthenticatedSessionStore storedSession = AuthenticationSessionStoreage.isValidSessionWithSSOID(ssoSessionID, null); + AuthenticatedSessionStore storedSession = authenticatedSessionStore.isValidSessionWithSSOID(ssoSessionID); if (storedSession == null) return false; @@ -137,25 +133,29 @@ public class SSOManager { //check if session is out of lifetime Date now = new Date(); - long maxSSOSessionTime = AuthConfigurationProviderFactory.getInstance().getSSOCreatedTimeOut() * 1000; + long maxSSOSessionTime = authConfig.getSSOCreatedTimeOut() * 1000; Date ssoSessionValidTo = new Date(storedSession.getCreated().getTime() + maxSSOSessionTime); if (now.after(ssoSessionValidTo)) { Logger.info("Found outdated SSO session information. Start reauthentication process ... "); return false; } - //check if request starts an interfederated SSO session + //check if stored SSO session is a federated SSO session if (protocolRequest != null && - protocolRequest instanceof RequestImpl && - storedSession.isInterfederatedSSOSession() && - !storedSession.isAuthenticated()) { - - if (MiscUtil.isEmpty(((RequestImpl) protocolRequest).getRequestedIDP())) { - InterfederationSessionStore selectedIDP = AuthenticationSessionStoreage.searchInterfederatedIDPFORSSOWithMOASession(storedSession.getSessionid()); + storedSession.isInterfederatedSSOSession()) { + //in case of federated SSO session, jump to federated IDP for authentication + + String interfederationIDP = + protocolRequest.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, String.class); + + if (MiscUtil.isEmpty(interfederationIDP)) { + InterfederationSessionStore selectedIDP = authenticatedSessionStore.searchInterfederatedIDPFORSSOWithMOASession(storedSession.getSessionid()); if (selectedIDP != null) { //no local SSO session exist -> request interfederated IDP - ((RequestImpl) protocolRequest).setRequestedIDP(selectedIDP.getIdpurlprefix()); + Logger.info("SSO Session refer to federated IDP: " + selectedIDP.getIdpurlprefix()); + protocolRequest.setGenericDataToSession( + RequestImpl.DATAID_INTERFEDERATIOIDP_URL, selectedIDP.getIdpurlprefix()); } else { Logger.warn("MOASession is marked as interfederated SSO session but no interfederated IDP is found. Switch to local authentication ..."); @@ -174,16 +174,17 @@ public class SSOManager { } public String getMOASession(String ssoSessionID) { - return AuthenticationSessionStoreage.getMOASessionSSOID(ssoSessionID); + return authenticatedSessionStore.getMOASessionSSOID(ssoSessionID); } + //TODO: refactor for faster DB access public String getUniqueSessionIdentifier(String ssoSessionID) { try { if (MiscUtil.isNotEmpty(ssoSessionID)) { - String moaSessionID = AuthenticationSessionStoreage.getMOASessionSSOID(ssoSessionID); + String moaSessionID = authenticatedSessionStore.getMOASessionSSOID(ssoSessionID); if (MiscUtil.isNotEmpty(moaSessionID)) { - AuthenticationSessionExtensions extSessionInformation = AuthenticationSessionStoreage.getAuthenticationSessionExtensions(moaSessionID); + AuthenticationSessionExtensions extSessionInformation = authenticatedSessionStore.getAuthenticationSessionExtensions(moaSessionID); return extSessionInformation.getUniqueSessionId(); } @@ -253,14 +254,6 @@ public class SSOManager { } public void setSSOSessionID(HttpServletRequest httpReq, HttpServletResponse httpResp, String ssoId) { - int ssoTimeOut; - try { - ssoTimeOut = (int) AuthConfigurationProviderFactory.getInstance().getSSOCreatedTimeOut(); - - } catch (ConfigurationException e) { - Logger.info("SSO Timeout can not be loaded from MOA-ID configuration. Use default Timeout with " + DEFAULTSSOTIMEOUT); - ssoTimeOut = DEFAULTSSOTIMEOUT; - } setCookie(httpReq, httpResp, SSOCOOKIE, ssoId, -1); } @@ -285,12 +278,12 @@ public class SSOManager { if (MiscUtil.isNotEmpty(ssoSessionID)) { - AuthenticatedSessionStore storedSession = AuthenticationSessionStoreage.isValidSessionWithSSOID(ssoSessionID, null); + AuthenticatedSessionStore storedSession = authenticatedSessionStore.isValidSessionWithSSOID(ssoSessionID); if (storedSession == null) return false; - InterfederationSessionStore selectedIDP = AuthenticationSessionStoreage.searchInterfederatedIDPFORSSOWithMOASessionIDPID(storedSession.getSessionid(), entityID); + InterfederationSessionStore selectedIDP = authenticatedSessionStore.searchInterfederatedIDPFORSSOWithMOASessionIDPID(storedSession.getSessionid(), entityID); if (selectedIDP != null) { //no local SSO session exist -> request interfederated IDP @@ -309,68 +302,7 @@ public class SSOManager { return false; } - - public void printSingleLogOutInfo(VelocityContext context, HttpServletResponse httpResp) throws MOAIDException { - try { - Logger.trace("Initialize VelocityEngine..."); - - InputStream is = null; - String pathLocation = null; - try { - String rootconfigdir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); - pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; - File file = new File(new URI(pathLocation)); - is = new FileInputStream(file); - evaluateSLOTemplate(context, httpResp, is); - - } catch (Exception e) { - Logger.warn("SLO Template is not found in configuration directory (" + - pathLocation + "). Load template from project library ... "); - - try { - pathLocation = "resources/templates/" + HTMLTEMPLATEFULL; - is = Thread.currentThread() - .getContextClassLoader() - .getResourceAsStream(pathLocation); - evaluateSLOTemplate(context, httpResp, is); - - } catch (Exception e1) { - Logger.error("Single LogOut form can not created.", e); - throw new MOAIDException("Create Single LogOut information FAILED.", null, e); - } - - } finally { - if (is != null) - is.close(); - - } - - } catch (Exception e) { - Logger.error("Single LogOut form can not created.", e); - throw new MOAIDException("Create Single LogOut information FAILED.", null, e); - } - } - - private void evaluateSLOTemplate(VelocityContext context, HttpServletResponse httpResp, InputStream is) throws Exception { - - VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); - - BufferedReader reader = new BufferedReader(new InputStreamReader(is )); - - //set default elements to velocity context - context.put("contextpath", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()); - - StringWriter writer = new StringWriter(); - //velocityEngine.evaluate(context, writer, "SLO_Template", reader); - engine.evaluate(context, writer, "SLO Template", reader); - - - httpResp.setContentType("text/html;charset=UTF-8"); - httpResp.getOutputStream().write(writer.toString().getBytes("UTF-8")); - - } - private String getValueFromCookie(HttpServletRequest httpReq, String cookieName) { Cookie[] cookies = httpReq.getCookies(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ServletInfo.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ServletInfo.java deleted file mode 100644 index 807f789ce..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ServletInfo.java +++ /dev/null @@ -1,53 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.moduls; - -import javax.servlet.http.HttpServlet; - - -public class ServletInfo { - Class<? extends HttpServlet> servletClass; - String servletTarget; - ServletType type; - - public ServletInfo(Class<? extends HttpServlet> servletClass, - String servletTarget, ServletType type) { - super(); - this.servletClass = servletClass; - this.servletTarget = servletTarget; - this.type = type; - } - - public HttpServlet getServletInstance() - throws InstantiationException, IllegalAccessException { - return servletClass.newInstance(); - } - - public String getTarget() { - return servletTarget; - } - - public ServletType getType() { - return type; - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ServletType.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ServletType.java deleted file mode 100644 index c8fbfb558..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/ServletType.java +++ /dev/null @@ -1,27 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.moduls; - -public enum ServletType { - UNAUTH, AUTH, NONE -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/opemsaml/MOAStringRedirectDeflateEncoder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/opemsaml/MOAStringRedirectDeflateEncoder.java index ece1a805d..acbb67b34 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/opemsaml/MOAStringRedirectDeflateEncoder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/opemsaml/MOAStringRedirectDeflateEncoder.java @@ -27,6 +27,7 @@ import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; import org.opensaml.ws.message.MessageContext; import org.opensaml.ws.message.encoder.MessageEncodingException; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; import at.gv.egovernment.moa.logging.Logger; /** @@ -45,6 +46,9 @@ public class MOAStringRedirectDeflateEncoder extends HTTPRedirectDeflateEncoder "Invalid message context type, this encoder only support SAMLMessageContext"); } + //load default PVP security configurations + MOADefaultBootstrap.initializeDefaultPVPConfiguration(); + SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext; String endpointURL = getEndpointURL(samlMsgCtx).buildURL(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngine.java index 5cf84abed..44f622fa0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngine.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngine.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.process; import java.io.InputStream; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.model.ProcessDefinition; @@ -61,6 +62,17 @@ public interface ProcessEngine { */ String createProcessInstance(String processDefinitionId) throws ProcessExecutionException; + + /** + * Delete a process instance + * + * @param processInstanceId + * The identifier of the respective process. + * @throws ProcessExecutionException + * Thrown in case of error, e.g. when a {@code processInstanceId} is referenced that does not exist. + */ + void deleteProcessInstance(String processInstanceId) throws ProcessExecutionException; + /** * Returns the process instance with a given {@code processInstanceId}. * @@ -75,24 +87,24 @@ public interface ProcessEngine { ProcessInstance getProcessInstance(String processInstanceId); /** - * Starts the process using the given {@code processInstanceId}. + * Starts the process using the given {@code pendingReq}. * - * @param processInstanceId - * The process instance id. + * @param pendingReq + * The protocol request for which a process should be started. * @throws ProcessExecutionException * Thrown in case of error. */ - void start(String processInstanceId) throws ProcessExecutionException; + void start(IRequest pendingReq) throws ProcessExecutionException; /** * Resumes process execution after an asynchronous task has been executed. * - * @param processInstanceId + * @param pendingReq * The process instance id. * @throws ProcessExecutionException * Thrown in case of error. */ - void signal(String processInstanceId) throws ProcessExecutionException; + void signal(IRequest pendingReq) throws ProcessExecutionException; }
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngineImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngineImpl.java index 096e5ee9e..f9986dccb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngineImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/ProcessEngineImpl.java @@ -12,8 +12,11 @@ import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.slf4j.MDC; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; -import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.ExpressionEvaluationContext; @@ -21,13 +24,13 @@ import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator; import at.gv.egovernment.moa.id.process.api.Task; import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAO; -import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAOImpl; import at.gv.egovernment.moa.id.process.model.EndEvent; import at.gv.egovernment.moa.id.process.model.ProcessDefinition; import at.gv.egovernment.moa.id.process.model.ProcessNode; import at.gv.egovernment.moa.id.process.model.StartEvent; import at.gv.egovernment.moa.id.process.model.TaskInfo; import at.gv.egovernment.moa.id.process.model.Transition; +import at.gv.egovernment.moa.util.MiscUtil; /** * Process engine implementation allowing starting and continuing processes as well as providing means for cleanup actions. @@ -36,10 +39,11 @@ public class ProcessEngineImpl implements ProcessEngine { private Logger log = LoggerFactory.getLogger(getClass()); + @Autowired ProcessInstanceStoreDAO piStoreDao; + @Autowired ApplicationContext context; + private ProcessDefinitionParser pdp = new ProcessDefinitionParser(); - ProcessInstanceStoreDAO piStoreDao = ProcessInstanceStoreDAOImpl.getInstance(); - private Map<String, ProcessDefinition> processDefinitions = new ConcurrentHashMap<String, ProcessDefinition>(); private final static String MDC_CTX_PI_NAME = "processInstanceId"; @@ -114,10 +118,16 @@ public class ProcessEngineImpl implements ProcessEngine { } @Override - public void start(String processInstanceId) throws ProcessExecutionException { - + public void start(IRequest pendingReq) throws ProcessExecutionException { try { - ProcessInstance pi = loadProcessInstance(processInstanceId); + if (MiscUtil.isEmpty(pendingReq.getProcessInstanceId())) { + log.error("Pending-request with id:" + pendingReq.getRequestID() + + " includes NO 'ProcessInstanceId'"); + throw new ProcessExecutionException("Pending-request with id:" + pendingReq.getRequestID() + + " includes NO 'ProcessInstanceId'"); + } + + ProcessInstance pi = loadProcessInstance(pendingReq.getProcessInstanceId()); MDC.put(MDC_CTX_PI_NAME, pi.getId()); @@ -127,9 +137,12 @@ public class ProcessEngineImpl implements ProcessEngine { log.info("Starting process instance '{}'.", pi.getId()); // execute process pi.setState(ProcessInstanceState.STARTED); - execute(pi); + execute(pi, pendingReq); - saveOrUpdateProcessInstance(pi); + //store ProcessInstance if it is not already ended + if (!ProcessInstanceState.ENDED.equals(pi.getState())) + saveOrUpdateProcessInstance(pi); + } catch (MOADatabaseException e) { throw new ProcessExecutionException("Unable to load/save process instance.", e); @@ -139,10 +152,17 @@ public class ProcessEngineImpl implements ProcessEngine { } @Override - public void signal(String processInstanceId) throws ProcessExecutionException { + public void signal(IRequest pendingReq) throws ProcessExecutionException { try { - ProcessInstance pi = loadProcessInstance(processInstanceId); + if (MiscUtil.isEmpty(pendingReq.getProcessInstanceId())) { + log.error("Pending-request with id:" + pendingReq.getRequestID() + + " includes NO 'ProcessInstanceId'"); + throw new ProcessExecutionException("Pending-request with id:" + pendingReq.getRequestID() + + " includes NO 'ProcessInstanceId'"); + } + + ProcessInstance pi = loadProcessInstance(pendingReq.getProcessInstanceId()); MDC.put(MDC_CTX_PI_NAME, pi.getId()); @@ -152,9 +172,16 @@ public class ProcessEngineImpl implements ProcessEngine { log.info("Waking up process instance '{}'.", pi.getId()); pi.setState(ProcessInstanceState.STARTED); - execute(pi); - saveOrUpdateProcessInstance(pi); + //put pending-request ID on execution-context because it could be changed + pi.getExecutionContext().put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, pendingReq.getRequestID()); + + execute(pi, pendingReq); + + //store ProcessInstance if it is not already ended + if (!ProcessInstanceState.ENDED.equals(pi.getState())) + saveOrUpdateProcessInstance(pi); + } catch (MOADatabaseException e) { throw new ProcessExecutionException("Unable to load/save process instance.", e); @@ -176,17 +203,21 @@ public class ProcessEngineImpl implements ProcessEngine { if (clazz != null) { log.debug("Instantiating task implementing class '{}'.", clazz); - Class<?> instanceClass = null; + Object instanceClass = null; try { - instanceClass = Class.forName(clazz, true, Thread.currentThread().getContextClassLoader()); + instanceClass = context.getBean(clazz); + } catch (Exception e) { throw new ProcessExecutionException("Unable to get class '" + clazz + "' associated with task '" + ti.getId() + "' .", e); + } - if (!Task.class.isAssignableFrom(instanceClass)) { + if (instanceClass == null || !(instanceClass instanceof Task)) { throw new ProcessExecutionException("Class '" + clazz + "' associated with task '" + ti.getId() + "' is not assignable to " + Task.class.getName() + "."); + } try { - task = (Task) instanceClass.newInstance(); + task = (Task) instanceClass; + } catch (Exception e) { throw new ProcessExecutionException("Unable to instantiate class '" + clazz + "' associated with task '" + ti.getId() + "' .", e); } @@ -198,9 +229,10 @@ public class ProcessEngineImpl implements ProcessEngine { /** * Starts/executes a given process instance. * @param pi The process instance. + * @param pendingReq * @throws ProcessExecutionException Thrown in case of error. */ - private void execute(final ProcessInstance pi) throws ProcessExecutionException { + private void execute(final ProcessInstance pi, IRequest pendingReq) throws ProcessExecutionException { if (ProcessInstanceState.ENDED.equals(pi.getState())) { throw new ProcessExecutionException("Process for instance '" + pi.getId() + "' has already been ended."); } @@ -221,7 +253,7 @@ public class ProcessEngineImpl implements ProcessEngine { try { log.info("Executing task implementation for task '{}'.", ti.getId()); log.debug("Execution context before task execution: {}", pi.getExecutionContext().keySet()); - task.execute(pi.getExecutionContext()); + pendingReq = task.execute(pendingReq, pi.getExecutionContext()); log.info("Returned from execution of task '{}'.", ti.getId()); log.debug("Execution context after task execution: {}", pi.getExecutionContext().keySet()); } catch (Throwable t) { @@ -239,8 +271,10 @@ public class ProcessEngineImpl implements ProcessEngine { try { piStoreDao.remove(pi.getId()); + } catch (MOADatabaseException e) { throw new ProcessExecutionException("Unable to remove process instance.", e); + } pi.setState(ProcessInstanceState.ENDED); log.debug("Final process context: {}", pi.getExecutionContext().keySet()); @@ -278,7 +312,7 @@ public class ProcessEngineImpl implements ProcessEngine { // continue execution in case of StartEvent or Task if (processNode instanceof StartEvent || processNode instanceof TaskInfo) { - execute(pi); + execute(pi, pendingReq); } } @@ -352,5 +386,25 @@ public class ProcessEngineImpl implements ProcessEngine { return pi; } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.ProcessEngine#deleteProcessInstance(java.lang.String) + */ + @Override + public void deleteProcessInstance(String processInstanceId) throws ProcessExecutionException { + if (MiscUtil.isEmpty(processInstanceId)) { + throw new ProcessExecutionException("Unable to remove process instance: ProcessInstanceId is empty"); + + } + + try { + piStoreDao.remove(processInstanceId); + + } catch (MOADatabaseException e) { + throw new ProcessExecutionException("Unable to remove process instance.", e); + + } + + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/api/Task.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/api/Task.java index 343b8fe0c..cff85ad60 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/api/Task.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/api/Task.java @@ -1,6 +1,7 @@ package at.gv.egovernment.moa.id.process.api; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.api.IRequest; /** @@ -13,11 +14,13 @@ public interface Task { /** * Executes this task. - * + * @param pendingReq + * Provides the current processed protocol request * @param executionContext * Provides execution related information. + * @return The pending-request object, because Process-management works recursive * @throws Exception An exception upon task execution. */ - void execute(ExecutionContext executionContext) throws TaskExecutionException; + IRequest execute(IRequest pendingReq, ExecutionContext executionContext) throws TaskExecutionException; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStore.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStore.java index d690c37bf..3620f2950 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStore.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStore.java @@ -17,7 +17,9 @@ import at.gv.egovernment.moa.id.process.ProcessInstanceState; @Entity @Table(name = "processinstance") -public class ProcessInstanceStore { +public class ProcessInstanceStore implements Serializable{ + + private static final long serialVersionUID = -6147519767313903808L; /** * A process instance identifier qualifies as natural primary key by satisfying these requirements diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java index a75a5de8c..a9a9322ad 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/dao/ProcessInstanceStoreDAOImpl.java @@ -1,33 +1,30 @@ package at.gv.egovernment.moa.id.process.dao; -import org.hibernate.Criteria; -import org.hibernate.Session; -import org.hibernate.Transaction; -import org.hibernate.criterion.Restrictions; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; /** * Database backed implementation of the {@link ProcessInstanceStoreDAO} * interface. */ +@Service("ProcessInstanceStoreage") public class ProcessInstanceStoreDAOImpl implements ProcessInstanceStoreDAO { private Logger log = LoggerFactory.getLogger(getClass()); - private static ProcessInstanceStoreDAO instance = new ProcessInstanceStoreDAOImpl(); - - public static ProcessInstanceStoreDAO getInstance() { - return instance; - } - + @Autowired ITransactionStorage transactionStorage; + @Override public void saveOrUpdate(ProcessInstanceStore pIStore) throws MOADatabaseException { try { - MOASessionDBUtils.saveOrUpdate(pIStore); + transactionStorage.put(pIStore.getProcessInstanceId(), pIStore); + +// MOASessionDBUtils.saveOrUpdate(pIStore); log.debug("Store process instance with='{}' in the database.", pIStore.getProcessInstanceId()); } catch (MOADatabaseException e) { log.warn("ProcessInstanceStore could not be persisted to the database."); @@ -39,31 +36,35 @@ public class ProcessInstanceStoreDAOImpl implements ProcessInstanceStoreDAO { public ProcessInstanceStore load(String processInstanceId) throws MOADatabaseException { log.debug("Retrieve the ProcessInstanceStore for id='{}' from the database.", processInstanceId); - Session session = MOASessionDBUtils.getCurrentSession(); - + + +// Session session = MOASessionDBUtils.getCurrentSession(); +// ProcessInstanceStore result = null; - Transaction tx = null; - synchronized (session) { +// Transaction tx = null; +// synchronized (session) { try { - tx = session.beginTransaction(); - // select all where processInstanceId equals processInstanceId - Criteria criteria = session.createCriteria(ProcessInstanceStore.class); - criteria.add(Restrictions.eq("processInstanceId", processInstanceId)); - result = (ProcessInstanceStore) criteria.uniqueResult(); - tx.commit(); - + result = transactionStorage.get(processInstanceId, ProcessInstanceStore.class); + +// tx = session.beginTransaction(); +// // select all where processInstanceId equals processInstanceId +// Criteria criteria = session.createCriteria(ProcessInstanceStore.class); +// criteria.add(Restrictions.eq("processInstanceId", processInstanceId)); +// result = (ProcessInstanceStore) criteria.uniqueResult(); +// tx.commit(); +// } catch (Exception e) { log.error("There are multiple persisted processes with the same process instance id '{}'", - processInstanceId); - if (tx != null) { - tx.rollback(); - } + processInstanceId); +// if (tx != null) { +// tx.rollback(); +// } throw e; } finally { //MOASessionDBUtils.closeSession(); } - } +// } if (result != null) { log.debug("Found process instance store for instance '{}'.", processInstanceId); } else { @@ -75,14 +76,16 @@ public class ProcessInstanceStoreDAOImpl implements ProcessInstanceStoreDAO { @Override public void remove(String processInstanceId) throws MOADatabaseException { - log.debug("Delete the ProcessInstanceStore for id='{}' from the database.", processInstanceId); - ProcessInstanceStore toBeDeleted = load(processInstanceId); - if (toBeDeleted != null) { - if (!MOASessionDBUtils.delete(toBeDeleted)) { - log.warn("Could not delete the ProcessInstanceStore with process instance id '{}'", processInstanceId); - throw new MOADatabaseException("Could not delete the ProcessInstanceStore with process instance id '" - + processInstanceId + "'."); - } + log.debug("Delete the ProcessInstanceStore for id='{}' from the database.", processInstanceId); + //ProcessInstanceStore toBeDeleted = load(processInstanceId); + + if (transactionStorage.containsKey(processInstanceId)) { + transactionStorage.remove(processInstanceId); +// if (!MOASessionDBUtils.delete(toBeDeleted)) { +// log.warn("Could not delete the ProcessInstanceStore with process instance id '{}'", processInstanceId); +// throw new MOADatabaseException("Could not delete the ProcessInstanceStore with process instance id '" +// + processInstanceId + "'."); +// } } else log.trace("ProcessInstanceStore for id='{}' was not found and could therefore not be deleted.", processInstanceId); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/springweb/MoaIdTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/springweb/MoaIdTask.java index fb75fc8d7..dd0d87dd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/springweb/MoaIdTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/process/springweb/MoaIdTask.java @@ -9,6 +9,7 @@ import org.springframework.web.context.request.ServletRequestAttributes; import org.springframework.web.filter.RequestContextFilter; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -32,6 +33,7 @@ import at.gv.egovernment.moa.id.process.api.Task; * </pre> * * @author tknall + * @author tlenz * */ public abstract class MoaIdTask implements Task { @@ -55,8 +57,31 @@ public abstract class MoaIdTask implements Task { public abstract void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException; + /** + * Executes the task providing the underlying {@link ExecutionContext} {@code executionContext} + * and the {@link IRequest} {@code pendingReq }as well as the + * respective {@link HttpServletRequest} and {@link HttpServletResponse}. + * + * This method sets the pending-request object of the task implementation and starts the + * {@code execute} method of the task + * + * @param pendingReq The pending-request object (never {@code null}). + * @param executionContext The execution context (never {@code null}). + * @param request The HttpServletRequest (never {@code null}). + * @param response The HttpServletResponse (never {@code null}). + * @return The pending-request object, because Process-management works recursive + * + * @throws IllegalStateException + * Thrown in case the task is being run within the required environment. Refer to javadoc for + * further information. + * @throws Exception + * Thrown in case of error executing the task. + */ + protected abstract IRequest internalExecute(IRequest pendingReq, ExecutionContext executionContext, HttpServletRequest request, + HttpServletResponse response) throws TaskExecutionException; + @Override - public void execute(ExecutionContext executionContext) throws TaskExecutionException { + public IRequest execute(IRequest pendingReq, ExecutionContext executionContext) throws TaskExecutionException { RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes(); if (requestAttributes != null && requestAttributes instanceof ServletRequestAttributes) { HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest(); @@ -65,7 +90,7 @@ public abstract class MoaIdTask implements Task { throw new IllegalStateException( "Spring's RequestContextHolder did not provide HttpServletResponse. Did you forget to set the required org.springframework.web.filter.RequestContextFilter in your web.xml."); } - execute(executionContext, request, response); + return internalExecute(pendingReq, executionContext, request, response); } else { throw new IllegalStateException("Task needs to be executed within a Spring web environment."); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/AbstractAuthProtocolModulController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/AbstractAuthProtocolModulController.java new file mode 100644 index 000000000..79afba412 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/AbstractAuthProtocolModulController.java @@ -0,0 +1,300 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.servlet.AbstractController; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.SLOInformationInterface; +import at.gv.egovernment.moa.id.moduls.AuthenticationManager; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IModulInfo; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import at.gv.egovernment.moa.id.moduls.SSOManager; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ + +public abstract class AbstractAuthProtocolModulController extends AbstractController implements IModulInfo { + + public static final String FINALIZEPROTOCOL_ENDPOINT = "finalizeAuthProtocol"; + + @Autowired protected ApplicationContext applicationContext; + @Autowired private SSOManager ssomanager; + @Autowired protected AuthenticationManager authmanager; + @Autowired protected IAuthenticationSessionStoreage authenticatedSessionStorage; + @Autowired private AuthenticationDataBuilder authDataBuilder; + + /** + * Initialize an authentication process for this protocol request + * + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse + * @param protocolRequest Authentication request which is actually in process + * @throws IOException + */ + protected void performAuthentication(HttpServletRequest req, HttpServletResponse resp, + RequestImpl pendingReq) throws IOException { + try { + if (pendingReq.isNeedAuthentication()) { + //request needs authentication --> start authentication process ... + + //load Parameters from OnlineApplicationConfiguration + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); + + if (oaParam == null) { + throw new AuthenticationException("auth.00", new Object[] { pendingReq.getOAURL() }); + } + + + AuthenticationSession moaSession = authmanager.doAuthentication(req, resp, pendingReq); + if (moaSession != null) { + //authenticated MOASession already exists --> protocol-specific postProcessing can start directly + finalizeAuthenticationProcess(req, resp, pendingReq, moaSession); + + //transaction is finished, log transaction finished event + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier()); + + } + + } else { + executeProtocolSpecificAction(req, resp, pendingReq, null); + + } + + } catch (Exception e) { + buildProtocolSpecificErrorResponse(e, req, resp, pendingReq); + + removeUserSession(pendingReq, req, resp); + + } + } + + + protected String createNewSSOSessionCookie(HttpServletRequest req, HttpServletResponse resp, + IRequest pendingReq, AuthenticationSession moaSession) { + Logger.debug("Add SSO information to MOASession."); + + //Store SSO information into database + String newSSOSessionId = ssomanager.createSSOSessionInformations(moaSession.getSessionID(), + pendingReq.getOAURL()); + + //set SSO cookie to response + if (MiscUtil.isNotEmpty(newSSOSessionId)) { + ssomanager.setSSOSessionID(req, resp, newSSOSessionId); + + } else { + ssomanager.deleteSSOSessionID(req, resp); + + } + + return newSSOSessionId; + } + + /** + * Finalize the requested protocol operation + * + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse + * @param protocolRequest Authentication request which is actually in process + * @param moaSession MOASession object, which is used to generate the protocol specific authentication information + * @throws Exception + */ + protected void finalizeAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp, + IRequest pendingReq, AuthenticationSession moaSession) throws Exception { + + String newSSOSessionId = null; + + //if Single Sign-On functionality is enabled for this request + if (pendingReq.needSingleSignOnFunctionality()) { + newSSOSessionId = createNewSSOSessionCookie(req, resp, pendingReq, moaSession); + + } + + //build authenticationdata from session information and OA configuration + IAuthData authData = authDataBuilder.buildAuthenticationData(pendingReq, moaSession); + + //execute the protocol-specific action + SLOInformationInterface sloInformation = executeProtocolSpecificAction(req, resp, pendingReq, authData); + + //check if SSO + boolean isSSOCookieSetted = MiscUtil.isNotEmpty(newSSOSessionId); + + //Store OA specific SSO session information if an SSO cookie is set + if (isSSOCookieSetted) { + try { + authenticatedSessionStorage.addSSOInformation(moaSession.getSessionID(), + newSSOSessionId, sloInformation, pendingReq); + + } catch (AuthenticationException e) { + Logger.warn("SSO Session information can not be stored -> SSO is not enabled!"); + authmanager.performOnlyIDPLogOut(req, resp, moaSession.getSessionID()); + + } + + } else { + //remove MOASession from database + authmanager.performOnlyIDPLogOut(req, resp, moaSession.getSessionID()); + + } + + //Advanced statistic logging + statisticLogger.logSuccessOperation(pendingReq, authData, isSSOCookieSetted); + + } + + /** + * Executes the requested protocol action + * + * @param httpReq HttpServletRequest + * @param httpResp HttpServletResponse + * @param protocolRequest Authentication request which is actually in process + * @param authData Service-provider specific authentication data + * + * @return Return Single LogOut information or null if protocol supports no SSO + * + * @throws Exception + */ + private SLOInformationInterface executeProtocolSpecificAction(HttpServletRequest httpReq, HttpServletResponse httpResp, + IRequest pendingReq, IAuthData authData) throws Exception { + try { + // request needs no authentication --> start request processing + Class<?> clazz = Class.forName(pendingReq.requestedAction()); + if (clazz == null || + !IAction.class.isAssignableFrom(clazz)) { + Logger.fatal("Requested protocol-action processing Class is NULL or does not implement the IAction interface."); + throw new Exception("Requested protocol-action processing Class is NULL or does not implement the IAction interface."); + + } + + IAction protocolAction = (IAction) applicationContext.getBean(clazz); + return protocolAction.processRequest(pendingReq, httpReq, httpResp, authData); + + } catch (ClassNotFoundException e) { + Logger.fatal("Requested Auth. protocol processing Class is NULL or does not implement the IAction interface."); + throw new Exception("Requested Auth. protocol processing Class is NULL or does not implement the IAction interface."); + } + + } + + protected void removeUserSession(IRequest pendingReq, HttpServletRequest req, + HttpServletResponse resp) { + try { + AuthenticationSession moaSession = authenticatedSessionStorage.getSession( + pendingReq.getMOASessionIdentifier()); + + if (moaSession != null) + authmanager.performOnlyIDPLogOut(req, resp, moaSession.getSessionID()); + + } catch (MOADatabaseException e) { + Logger.error("Remove user-session FAILED." , e); + + } + + + } + + protected void buildProtocolSpecificErrorResponse(Throwable throwable, HttpServletRequest req, + HttpServletResponse resp, IRequest protocolRequest) throws IOException { + try { + + Class<?> clazz = Class.forName(protocolRequest.requestedModule()); + + if (clazz == null || + !IModulInfo.class.isAssignableFrom(clazz)) { + Logger.fatal("Requested protocol module Class is NULL or does not implement the IModulInfo interface."); + throw new Exception("Requested protocol module Class is NULL or does not implement the IModulInfo interface."); + + } + + IModulInfo handlingModule = (IModulInfo) applicationContext.getBean(clazz); + + if (handlingModule.generateErrorMessage( + throwable, req, resp, protocolRequest)) { + + //log Error to technical log + logExceptionToTechnicalLog(throwable); + + //log Error Message + statisticLogger.logErrorOperation(throwable, protocolRequest); + + return; + + } else { + handleErrorNoRedirect(throwable, req, resp, true); + + } + + } catch (Throwable e) { + Logger.error(e); + handleErrorNoRedirect(throwable, req, resp, true); + + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IModulInfo#getName() + */ + @Override + public abstract String getName(); + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IModulInfo#getPath() + */ + @Override + public abstract String getPath(); + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IModulInfo#generateErrorMessage(java.lang.Throwable, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.moduls.IRequest) + */ + @Override + public abstract boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, + IRequest protocolRequest) throws Throwable; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IModulInfo#validate(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.moduls.IRequest) + */ + @Override + public abstract boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending); + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java new file mode 100644 index 000000000..0da43d818 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/ProtocolFinalizationController.java @@ -0,0 +1,215 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.data.ExceptionContainer; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Controller +public class ProtocolFinalizationController extends AbstractAuthProtocolModulController { + + @RequestMapping(value = "/finalizeAuthProtocol", method = {RequestMethod.GET}) + public void finalizeAuthProtocol(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException { + + //read pendingRequest from http request + Object idObject = req.getParameter(PARAM_TARGET_PENDINGREQUESTID); + IRequest pendingReq = null; + String pendingRequestID = null; + if (idObject != null && (idObject instanceof String)) { + pendingRequestID = (String) idObject; + pendingReq = requestStorage.getPendingRequest(pendingRequestID); + + } + + //receive an authentication error + String errorid = req.getParameter(ERROR_CODE_PARAM); + if (errorid != null) { + try { + //load stored exception from database + ExceptionContainer container = transactionStorage.get(errorid, ExceptionContainer.class); + if (container != null) { + //remove exception if it was found + transactionStorage.remove(errorid); + + Throwable throwable = container.getExceptionThrown(); + + if (pendingReq != null) { + //build protocol-specific error message if possible + buildProtocolSpecificErrorResponse(throwable, req, resp, pendingReq); + + //remove active user-session + removeUserSession(pendingReq, req, resp); + + return; + + } else { + handleErrorNoRedirect(throwable, req, resp, true); + + } + } else { + handleErrorNoRedirect(new Exception( + MOAIDMessageProvider.getInstance().getMessage("auth.26", null)), + req, resp, false); + + } + + } catch (Throwable e) { + Logger.error(e); + + handleErrorNoRedirect(e, req, resp, false); + + } + + // receive a pending request + } else { + if (pendingReq == null) { + Logger.error("No PendingRequest with ID " + pendingRequestID + " found.!"); + handleErrorNoRedirect(new MOAIDException("auth.28", new Object[]{pendingRequestID}), req, resp, false); + return; + + } + try { + Logger.debug("Finalize PendingRequest with ID " + pendingRequestID); + + //get MOASession from database + String sessionID = pendingReq.getMOASessionIdentifier(); + + // check parameter + if (!ParamValidatorUtils.isValidSessionID(sessionID)) { + throw new WrongParametersException("FinalizeAuthProtocol", PARAM_SESSIONID, "auth.12"); + + } + + //load MOASession from database + AuthenticationSession moaSession = authenticatedSessionStorage.getSession(sessionID); + if (moaSession == null) { + Logger.error("No MOASession with ID " + sessionID + " found.!"); + handleErrorNoRedirect(new MOAIDException("auth.02", new Object[]{sessionID}), req, resp, true); + + } else { + + //check if pending-request has 'abortedByUser' flag set + if (pendingReq.isAbortedByUser()) { + //send authentication aborted error to Service Provider + buildProtocolSpecificErrorResponse( + new AuthenticationException("auth.21", new Object[] {}), + req, resp, pendingReq); + + //do not remove the full active SSO-Session + // in case of only one Service-Provider authentication request is aborted + if ( !(moaSession.isAuthenticated() + && pendingReq.needSingleSignOnFunctionality()) ) { + removeUserSession(pendingReq, req, resp); + + } + + //check if MOASession and pending-request are authenticated + } else if (moaSession.isAuthenticated() && pendingReq.isAuthenticated()) { + finalizeAuthenticationProcess(req, resp, pendingReq, moaSession); + + } else { + //suspect state: pending-request is not aborted but also are not authenticated + Logger.error("MOASession oder Pending-Request are not authenticated --> Abort authentication process!"); + handleErrorNoRedirect(new MOAIDException("auth.20", null), req, resp, true); + + } + } + + } catch (Exception e) { + Logger.error("Finalize authentication protocol FAILED." , e); + buildProtocolSpecificErrorResponse(e, req, resp, pendingReq); + + removeUserSession(pendingReq, req, resp); + + } + } + + //remove pending-request + if (pendingReq != null) { + requestStorage.removePendingRequest(pendingReq.getRequestID()); + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_DESTROYED, pendingReq.getUniqueTransactionIdentifier()); + + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController#getName() + */ + @Override + public String getName() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController#getPath() + */ + @Override + public String getPath() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController#generateErrorMessage(java.lang.Throwable, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.moduls.IRequest) + */ + @Override + public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, + IRequest protocolRequest) throws Throwable { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController#validate(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.moduls.IRequest) + */ + @Override + public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { + // TODO Auto-generated method stub + return false; + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BPKAttributeBuilder.java index 048293fc2..eff839e4e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BPKAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BPKAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BirthdateAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BirthdateAttributeBuilder.java index 7cbdeca66..f1d88f877 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BirthdateAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/BirthdateAttributeBuilder.java @@ -25,8 +25,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import java.text.DateFormat; import java.text.SimpleDateFormat; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDAuthBlock.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDAuthBlock.java index 2d15edc7b..dab3810e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDAuthBlock.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDAuthBlock.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import java.io.IOException; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCcsURL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCcsURL.java index 998377472..623acd18e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCcsURL.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCcsURL.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCitizenQAALevelAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCitizenQAALevelAttributeBuilder.java index 14199d808..cfc6b102c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCitizenQAALevelAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDCitizenQAALevelAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDIdentityLinkBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDIdentityLinkBuilder.java index 13addc1fd..9e5d4198c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDIdentityLinkBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDIdentityLinkBuilder.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import java.io.IOException; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDIssuingNationAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDIssuingNationAttributeBuilder.java index 3d7260af1..fc80ad7fe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDIssuingNationAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDIssuingNationAttributeBuilder.java @@ -22,10 +22,10 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; +import at.gv.egovernment.moa.util.MiscUtil; public class EIDIssuingNationAttributeBuilder implements IPVPAttributeBuilder { @@ -36,9 +36,12 @@ public class EIDIssuingNationAttributeBuilder implements IPVPAttributeBuilder { public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { String countryCode = authData.getCcc(); - - return g.buildStringAttribute(EID_ISSUING_NATION_FRIENDLY_NAME, - EID_ISSUING_NATION_NAME, countryCode); + if (MiscUtil.isNotEmpty(countryCode)) + return g.buildStringAttribute(EID_ISSUING_NATION_FRIENDLY_NAME, + EID_ISSUING_NATION_NAME, countryCode); + + else + return null; } public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java index 84b791708..b1474acda 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java @@ -24,7 +24,8 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import java.io.IOException; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; @@ -47,7 +48,8 @@ public class EIDSTORKTOKEN implements IPVPAttributeBuilder { throw new UnavailableAttributeException(EID_STORK_TOKEN_NAME); } else { - String storkResponse = authData.getStorkAuthnResponse(); + String storkResponse = authData.getGenericData( + AuthenticationSessionStorageConstants.STORK_RESPONSE, String.class); if ( MiscUtil.isEmpty(storkResponse) ) { throw new UnavailableAttributeException(EID_STORK_TOKEN_NAME); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSectorForIDAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSectorForIDAttributeBuilder.java index 2ca56a791..c3300d60f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSectorForIDAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSectorForIDAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSignerCertificate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSignerCertificate.java index 204c0c15d..1172d3cec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSignerCertificate.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSignerCertificate.java @@ -25,7 +25,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import java.io.IOException; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSourcePIN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSourcePIN.java index 0437cd687..a6a5f1dd4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSourcePIN.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSourcePIN.java @@ -22,8 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributePolicyException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSourcePINType.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSourcePINType.java index 58f18ee23..1d836802a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSourcePINType.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSourcePINType.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java index 76866c336..9dfbe00b2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/GivenNameAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/GivenNameAttributeBuilder.java index 61771de66..af87a319a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/GivenNameAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/GivenNameAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/HolderOfKey.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/HolderOfKey.java new file mode 100644 index 000000000..1d3faff2d --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/HolderOfKey.java @@ -0,0 +1,67 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.protocols.builder.attributes; + +import java.io.IOException; + +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; + +public class HolderOfKey implements IPVPAttributeBuilder { + + public String getName() { + return PVP_HOLDEROFKEY_NAME; + } + + public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, + IAttributeGenerator<ATT> g) throws AttributeException { + + try { + byte[] certEncoded = authData.getGenericData( + MOAIDAuthConstants.MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE, + byte[].class); + + if (certEncoded != null) { + return g.buildStringAttribute(PVP_HOLDEROFKEY_FRIENDLY_NAME, PVP_HOLDEROFKEY_NAME, + Base64Utils.encode(certEncoded)); + + } + + } + catch (IOException e) { + Logger.info("Encode AuthBlock BASE64 failed."); + } + throw new UnavailableAttributeException(PVP_HOLDEROFKEY_NAME); + + } + + public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { + return g.buildEmptyAttribute(PVP_HOLDEROFKEY_NAME, PVP_HOLDEROFKEY_NAME); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/IAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/IAttributeBuilder.java index ace4c0be0..5b44f02aa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/IAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/IAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateFullMandateAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateFullMandateAttributeBuilder.java index 27d3845ff..53cfbecc1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateFullMandateAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateFullMandateAttributeBuilder.java @@ -26,10 +26,7 @@ import java.io.IOException; import javax.xml.transform.TransformerException; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; @@ -48,7 +45,7 @@ public class MandateFullMandateAttributeBuilder implements IPVPAttributeBuilder if (authData.isUseMandate()) { //only provide full mandate if it is included. //In case of federation only a short mandate could be include - if (authData.getMandate() != null && authData.getMISMandate().isFullMandateIncluded()) { + if (authData.getMandate() != null) { String fullMandate; try { fullMandate = DOMUtils.serializeNode(authData diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonFullNameAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonFullNameAttributeBuilder.java index 7144ebe6d..97043a3a0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonFullNameAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonFullNameAttributeBuilder.java @@ -26,13 +26,13 @@ import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class MandateLegalPersonFullNameAttributeBuilder implements IPVPAttributeBuilder { @@ -43,22 +43,32 @@ public class MandateLegalPersonFullNameAttributeBuilder implements IPVPAttribute public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { if (authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if (mandate == null) { - throw new NoMandateDataAttributeException(); - } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if (mandateObject == null) { - throw new NoMandateDataAttributeException(); - } - CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody(); - if (corporation == null) { - Logger.error("No corporation mandate"); - throw new NoMandateDataAttributeException(); - } + //get PVP attribute directly, if exists + String fullName = authData.getGenericData(MANDATE_LEG_PER_FULL_NAME_NAME, String.class); + + if (MiscUtil.isEmpty(fullName)) { + Element mandate = authData.getMandate(); + if (mandate == null) { + throw new NoMandateDataAttributeException(); + + } + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if (mandateObject == null) { + throw new NoMandateDataAttributeException(); + + } + CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody(); + if (corporation == null) { + Logger.error("No corporation mandate"); + throw new NoMandateDataAttributeException(); + + } + fullName = corporation.getFullName(); + } return g.buildStringAttribute(MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME, MANDATE_LEG_PER_FULL_NAME_NAME, - corporation.getFullName()); + fullName); + } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinAttributeBuilder.java index 12dc8877b..46472c983 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinAttributeBuilder.java @@ -26,14 +26,13 @@ import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType; -import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class MandateLegalPersonSourcePinAttributeBuilder implements IPVPAttributeBuilder { @@ -44,36 +43,39 @@ public class MandateLegalPersonSourcePinAttributeBuilder implements IPVPAttribu public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { if(authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if(mandate == null) { - throw new NoMandateDataAttributeException(); + + //get PVP attribute directly, if exists + String sourcePin = authData.getGenericData(MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class); + + if (MiscUtil.isEmpty(sourcePin)) { + Element mandate = authData.getMandate(); + if(mandate == null) { + throw new NoMandateDataAttributeException(); + + } + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if(mandateObject == null) { + throw new NoMandateDataAttributeException(); + + } + CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody(); + if(corporation == null) { + Logger.error("No corporation mandate"); + throw new NoMandateDataAttributeException(); + + } + if(corporation.getIdentification().size() == 0) { + Logger.error("Failed to generate IdentificationType"); + throw new NoMandateDataAttributeException(); + + } + + sourcePin = corporation.getIdentification().get(0).getValue().getValue(); + } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if(mandateObject == null) { - throw new NoMandateDataAttributeException(); - } - CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody(); - if(corporation == null) { - Logger.error("No corporation mandate"); - throw new NoMandateDataAttributeException(); - } - IdentificationType id = null; - if(corporation.getIdentification().size() == 0) { - Logger.error("Failed to generate IdentificationType"); - throw new NoMandateDataAttributeException(); - } - id = corporation.getIdentification().get(0); - /*if(authSession.getBusinessService()) { - id = MandateBuilder.getWBPKIdentification(corporation); - } else { - id = MandateBuilder.getBPKIdentification(corporation); - }*/ - /*if(id == null) { - Logger.error("Failed to generate IdentificationType"); - throw new NoMandateDataAttributeException(); - }*/ + return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, - MANDATE_LEG_PER_SOURCE_PIN_NAME, id.getValue().getValue()); + MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePin); } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinTypeAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinTypeAttributeBuilder.java index a7a9a757b..41c35dad3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinTypeAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateLegalPersonSourcePinTypeAttributeBuilder.java @@ -26,14 +26,13 @@ import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType; -import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class MandateLegalPersonSourcePinTypeAttributeBuilder implements IPVPAttributeBuilder { @@ -44,32 +43,37 @@ public class MandateLegalPersonSourcePinTypeAttributeBuilder implements IPVPAttr public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { if (authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if (mandate == null) { - throw new NoMandateDataAttributeException(); + //get PVP attribute directly, if exists + String sourcePinType = authData.getGenericData(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, String.class); + + if (MiscUtil.isEmpty(sourcePinType)) { + Element mandate = authData.getMandate(); + if (mandate == null) { + throw new NoMandateDataAttributeException(); + + } + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if (mandateObject == null) { + throw new NoMandateDataAttributeException(); + + } + CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody(); + if (corporation == null) { + Logger.error("No corporate mandate"); + throw new NoMandateDataAttributeException(); + + } + if (corporation.getIdentification().size() == 0) { + Logger.error("Failed to generate IdentificationType"); + throw new NoMandateDataAttributeException(); + + } + sourcePinType = corporation.getIdentification().get(0).getType(); + } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if (mandateObject == null) { - throw new NoMandateDataAttributeException(); - } - CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody(); - if (corporation == null) { - Logger.error("No corporate mandate"); - throw new NoMandateDataAttributeException(); - } - IdentificationType id = null; - if (corporation.getIdentification().size() == 0) { - Logger.error("Failed to generate IdentificationType"); - throw new NoMandateDataAttributeException(); - } - id = corporation.getIdentification().get(0); - /* - * id = MandateBuilder.getBPKIdentification(corporate); if (id == null) { - * Logger.error("Failed to generate IdentificationType"); throw new - * NoMandateDataAttributeException(); } - */ + return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, - id.getType()); + sourcePinType); } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java index be6372913..df8f86f7e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java @@ -29,14 +29,14 @@ import at.gv.e_government.reference.namespace.persondata._20020228_.Identificati import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.MiscUtil; public class MandateNaturalPersonBPKAttributeBuilder implements IPVPAttributeBuilder { @@ -45,49 +45,53 @@ public class MandateNaturalPersonBPKAttributeBuilder implements IPVPAttributeBui } public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - if (authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if (mandate == null) { - throw new NoMandateDataAttributeException(); - } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if (mandateObject == null) { - throw new NoMandateDataAttributeException(); - } - PhysicalPersonType physicalPerson = mandateObject.getMandator().getPhysicalPerson(); - if (physicalPerson == null) { - Logger.error("No physicalPerson mandate"); - throw new NoMandateDataAttributeException(); - } - IdentificationType id = null; - id = physicalPerson.getIdentification().get(0); - if (id == null) { - Logger.error("Failed to generate IdentificationType"); - throw new NoMandateDataAttributeException(); - } + IAttributeGenerator<ATT> g) throws AttributeException { + if (authData.isUseMandate()) { - String bpk; - try { + //get PVP attribute directly, if exists + String bpk = authData.getGenericData(MANDATE_NAT_PER_BPK_NAME, String.class); + + if (MiscUtil.isEmpty(bpk)) { + //read bPK from mandate if it is not directly included + Element mandate = authData.getMandate(); + if (mandate == null) { + throw new NoMandateDataAttributeException(); + } + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if (mandateObject == null) { + throw new NoMandateDataAttributeException(); + } + PhysicalPersonType physicalPerson = mandateObject.getMandator().getPhysicalPerson(); + if (physicalPerson == null) { + Logger.error("No physicalPerson mandate"); + throw new NoMandateDataAttributeException(); + } + IdentificationType id = null; + id = physicalPerson.getIdentification().get(0); + if (id == null) { + Logger.error("Failed to generate IdentificationType"); + throw new NoMandateDataAttributeException(); + } - if (id.getType().equals(Constants.URN_PREFIX_BASEID)) { - if (oaParam.getBusinessService()) { - bpk = new BPKBuilder().buildWBPK(id.getValue().getValue(), oaParam.getIdentityLinkDomainIdentifier()); + try { + if (id.getType().equals(Constants.URN_PREFIX_BASEID)) { + if (oaParam.getBusinessService()) { + bpk = new BPKBuilder().buildWBPK(id.getValue().getValue(), oaParam.getIdentityLinkDomainIdentifier()); + + } else { + bpk = new BPKBuilder().buildBPK(id.getValue().getValue(), oaParam.getTarget()); + + } - } + } else + bpk = id.getValue().getValue(); - else { - bpk = new BPKBuilder().buildBPK(id.getValue().getValue(), oaParam.getTarget()); - - } + } + catch (BuildException e) { + Logger.error("Failed to generate IdentificationType"); + throw new NoMandateDataAttributeException(); - } else - bpk = id.getValue().getValue(); - - } - catch (BuildException e) { - Logger.error("Failed to generate IdentificationType"); - throw new NoMandateDataAttributeException(); + } } return g.buildStringAttribute(MANDATE_NAT_PER_BPK_FRIENDLY_NAME, MANDATE_NAT_PER_BPK_NAME, bpk); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBirthDateAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBirthDateAttributeBuilder.java index e644f49e4..a64880889 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBirthDateAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBirthDateAttributeBuilder.java @@ -31,14 +31,14 @@ import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.InvalidDateFormatAttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class MandateNaturalPersonBirthDateAttributeBuilder implements IPVPAttributeBuilder { @@ -49,33 +49,56 @@ public class MandateNaturalPersonBirthDateAttributeBuilder implements IPVPAttrib public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { if (authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if (mandate == null) { - throw new NoMandateDataAttributeException(); - } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if (mandateObject == null) { - throw new NoMandateDataAttributeException(); - } - PhysicalPersonType physicalPerson = mandateObject.getMandator().getPhysicalPerson(); - if (physicalPerson == null) { - Logger.error("No physicalPerson mandate"); - throw new NoMandateDataAttributeException(); - } - String dateOfBirth = physicalPerson.getDateOfBirth(); - try { - DateFormat mandateFormat = new SimpleDateFormat(MandateBuilder.MANDATE_DATE_OF_BIRTH_FORMAT); - Date date = mandateFormat.parse(dateOfBirth); - DateFormat pvpDateFormat = new SimpleDateFormat(MANDATE_NAT_PER_BIRTHDATE_FORMAT_PATTERN); - String dateString = pvpDateFormat.format(date); + //get PVP attribute directly, if exists + String birthDayString = authData.getGenericData(MANDATE_NAT_PER_BIRTHDATE_NAME, String.class); + + if (MiscUtil.isEmpty(birthDayString)) { + //read bPK from mandate if it is not directly included + Element mandate = authData.getMandate(); + if (mandate == null) { + throw new NoMandateDataAttributeException(); + } + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if (mandateObject == null) { + throw new NoMandateDataAttributeException(); + } + PhysicalPersonType physicalPerson = mandateObject.getMandator().getPhysicalPerson(); + if (physicalPerson == null) { + Logger.error("No physicalPerson mandate"); + throw new NoMandateDataAttributeException(); + } + + String dateOfBirth = physicalPerson.getDateOfBirth(); + try { + DateFormat mandateFormat = new SimpleDateFormat(MandateBuilder.MANDATE_DATE_OF_BIRTH_FORMAT); + mandateFormat.setLenient(false); + Date date = mandateFormat.parse(dateOfBirth); + DateFormat pvpDateFormat = new SimpleDateFormat(MANDATE_NAT_PER_BIRTHDATE_FORMAT_PATTERN); + birthDayString = pvpDateFormat.format(date); + + } + catch (ParseException e) { + Logger.warn("MIS mandate birthday has an incorrect formt. (Value:" + dateOfBirth, e); + throw new InvalidDateFormatAttributeException(); + + } + + } else { + try { + DateFormat pvpDateFormat = new SimpleDateFormat(MANDATE_NAT_PER_BIRTHDATE_FORMAT_PATTERN); + pvpDateFormat.setLenient(false); + pvpDateFormat.parse(birthDayString); + + } catch (ParseException e) { + Logger.warn("Format of direct included PVP Attribute " + MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME + + " has an incorrect formt. (Value:" + birthDayString, e); + throw new InvalidDateFormatAttributeException(); + } - return g.buildStringAttribute(MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, MANDATE_NAT_PER_BIRTHDATE_NAME, dateString); - } - catch (ParseException e) { - e.printStackTrace(); - throw new InvalidDateFormatAttributeException(); } + + return g.buildStringAttribute(MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, MANDATE_NAT_PER_BIRTHDATE_NAME, birthDayString); } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonFamilyNameAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonFamilyNameAttributeBuilder.java index fa3ad691d..085579108 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonFamilyNameAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonFamilyNameAttributeBuilder.java @@ -29,13 +29,13 @@ import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType.FamilyName; import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class MandateNaturalPersonFamilyNameAttributeBuilder implements IPVPAttributeBuilder { @@ -46,29 +46,38 @@ public class MandateNaturalPersonFamilyNameAttributeBuilder implements IPVPAttr public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { if(authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if(mandate == null) { - throw new NoMandateDataAttributeException(); - } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if(mandateObject == null) { - throw new NoMandateDataAttributeException(); - } - PhysicalPersonType physicalPerson = mandateObject.getMandator().getPhysicalPerson(); - if(physicalPerson == null) { - Logger.error("No physicalPerson mandate"); - throw new NoMandateDataAttributeException(); - } - StringBuilder sb = new StringBuilder(); - Iterator<FamilyName> fNamesit = physicalPerson.getName().getFamilyName().iterator(); + //get PVP attribute directly, if exists + String familyName = authData.getGenericData(MANDATE_NAT_PER_FAMILY_NAME_NAME, String.class); - while(fNamesit.hasNext()) { - sb.append(" " + fNamesit.next().getValue()); + if (MiscUtil.isEmpty(familyName)) { + //read mandator familyName from mandate if it is not directly included + Element mandate = authData.getMandate(); + if(mandate == null) { + throw new NoMandateDataAttributeException(); + } + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if(mandateObject == null) { + throw new NoMandateDataAttributeException(); + } + PhysicalPersonType physicalPerson = mandateObject.getMandator().getPhysicalPerson(); + if(physicalPerson == null) { + Logger.error("No physicalPerson mandate"); + throw new NoMandateDataAttributeException(); + } + + StringBuilder sb = new StringBuilder(); + Iterator<FamilyName> fNamesit = physicalPerson.getName().getFamilyName().iterator(); + + while(fNamesit.hasNext()) + sb.append(" " + fNamesit.next().getValue()); + + familyName = sb.toString(); + } return g.buildStringAttribute(MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, - MANDATE_NAT_PER_FAMILY_NAME_NAME, sb.toString()); + MANDATE_NAT_PER_FAMILY_NAME_NAME, familyName); } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonGivenNameAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonGivenNameAttributeBuilder.java index 4c725c1c5..4cd2ca670 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonGivenNameAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonGivenNameAttributeBuilder.java @@ -28,13 +28,13 @@ import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class MandateNaturalPersonGivenNameAttributeBuilder implements IPVPAttributeBuilder { @@ -44,29 +44,36 @@ public class MandateNaturalPersonGivenNameAttributeBuilder implements IPVPAttrib public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { - if (authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if (mandate == null) { - throw new NoMandateDataAttributeException(); - } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if (mandateObject == null) { - throw new NoMandateDataAttributeException(); - } - PhysicalPersonType physicalPerson = mandateObject.getMandator().getPhysicalPerson(); - if (physicalPerson == null) { - Logger.error("No physicalPerson mandate"); - throw new NoMandateDataAttributeException(); - } - - StringBuilder sb = new StringBuilder(); - Iterator<String> gNamesit = physicalPerson.getName().getGivenName().iterator(); + if (authData.isUseMandate()) { + //get PVP attribute directly, if exists + String givenName = authData.getGenericData(MANDATE_NAT_PER_GIVEN_NAME_NAME, String.class); - while (gNamesit.hasNext()) { - sb.append(" " + gNamesit.next()); + if (MiscUtil.isEmpty(givenName)) { + Element mandate = authData.getMandate(); + if (mandate == null) { + throw new NoMandateDataAttributeException(); + } + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if (mandateObject == null) { + throw new NoMandateDataAttributeException(); + } + PhysicalPersonType physicalPerson = mandateObject.getMandator().getPhysicalPerson(); + if (physicalPerson == null) { + Logger.error("No physicalPerson mandate"); + throw new NoMandateDataAttributeException(); + } + + StringBuilder sb = new StringBuilder(); + Iterator<String> gNamesit = physicalPerson.getName().getGivenName().iterator(); + + while (gNamesit.hasNext()) + sb.append(" " + gNamesit.next()); + + givenName = sb.toString(); + } - return g.buildStringAttribute(MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, MANDATE_NAT_PER_GIVEN_NAME_NAME, sb.toString()); + return g.buildStringAttribute(MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, MANDATE_NAT_PER_GIVEN_NAME_NAME, givenName); } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonSourcePinAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonSourcePinAttributeBuilder.java index 53eca141e..69a731e53 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonSourcePinAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonSourcePinAttributeBuilder.java @@ -28,7 +28,7 @@ import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType; import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.IAuthData; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonSourcePinTypeAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonSourcePinTypeAttributeBuilder.java index 46562c506..41a821c98 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonSourcePinTypeAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonSourcePinTypeAttributeBuilder.java @@ -27,7 +27,7 @@ import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType; import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepDescAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepDescAttributeBuilder.java index e70326114..b4eed85d0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepDescAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepDescAttributeBuilder.java @@ -25,8 +25,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; @@ -42,35 +41,37 @@ public class MandateProfRepDescAttributeBuilder implements IPVPAttributeBuilder public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { - if(authData.isUseMandate()) { - String text = null; + if(authData.isUseMandate()) { + String profRepName = authData.getGenericData(MANDATE_PROF_REP_DESC_NAME, String.class); - MISMandate misMandate = authData.getMISMandate(); - - if(misMandate == null) { - throw new NoMandateDataAttributeException(); - } - - text = misMandate.getTextualDescriptionOfOID(); - - if (MiscUtil.isEmpty(text)) { - Element mandate = authData.getMandate(); - if (mandate == null) { + if (MiscUtil.isEmpty(profRepName)) { + MISMandate misMandate = authData.getMISMandate(); + + if(misMandate == null) { throw new NoMandateDataAttributeException(); } - Mandate mandateObject = MandateBuilder.buildMandate(authData.getMandate()); - if (mandateObject == null) { - throw new NoMandateDataAttributeException(); - } - - text = mandateObject.getAnnotation(); + profRepName = misMandate.getTextualDescriptionOfOID(); + + if (MiscUtil.isEmpty(profRepName)) { + Element mandate = authData.getMandate(); + if (mandate == null) { + throw new NoMandateDataAttributeException(); + } + Mandate mandateObject = MandateBuilder.buildMandate(authData.getMandate()); + if (mandateObject == null) { + throw new NoMandateDataAttributeException(); + } + + profRepName = mandateObject.getAnnotation(); + + } } - if(MiscUtil.isNotEmpty(text)) + if(MiscUtil.isNotEmpty(profRepName)) return g.buildStringAttribute(MANDATE_PROF_REP_DESC_FRIENDLY_NAME, - MANDATE_PROF_REP_DESC_NAME, text); + MANDATE_PROF_REP_DESC_NAME, profRepName); } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepOIDAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepOIDAttributeBuilder.java index 89e9198b6..bef9afd8f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepOIDAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateProfRepOIDAttributeBuilder.java @@ -22,8 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; @@ -38,19 +37,23 @@ public class MandateProfRepOIDAttributeBuilder implements IPVPAttributeBuilder { public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { - if (authData.isUseMandate()) { + if (authData.isUseMandate()) { + String profRepOID = authData.getGenericData(MANDATE_PROF_REP_OID_NAME, String.class); - MISMandate mandate = authData.getMISMandate(); - if (mandate == null) { - throw new NoMandateDataAttributeException(); + if (MiscUtil.isEmpty(profRepOID)) { + MISMandate mandate = authData.getMISMandate(); + if (mandate == null) { + throw new NoMandateDataAttributeException(); + } + + profRepOID = mandate.getProfRep(); + } - - String oid = mandate.getProfRep(); - if(MiscUtil.isEmpty(oid)) + if(MiscUtil.isEmpty(profRepOID)) return null; else - return g.buildStringAttribute(MANDATE_PROF_REP_OID_FRIENDLY_NAME, MANDATE_PROF_REP_OID_NAME, oid); + return g.buildStringAttribute(MANDATE_PROF_REP_OID_FRIENDLY_NAME, MANDATE_PROF_REP_OID_NAME, profRepOID); } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateReferenceValueAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateReferenceValueAttributeBuilder.java index a1fa6c2a8..5ad562ffa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateReferenceValueAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateReferenceValueAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateTypeAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateTypeAttributeBuilder.java index 040174e26..a531e31fc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateTypeAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateTypeAttributeBuilder.java @@ -25,12 +25,12 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes; import org.w3c.dom.Element; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.util.MandateBuilder; +import at.gv.egovernment.moa.util.MiscUtil; public class MandateTypeAttributeBuilder implements IPVPAttributeBuilder { @@ -40,17 +40,26 @@ public class MandateTypeAttributeBuilder implements IPVPAttributeBuilder { public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g) throws AttributeException { - if (authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if (mandate == null) { - throw new NoMandateDataAttributeException(); - } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if (mandateObject == null) { - throw new NoMandateDataAttributeException(); - } + if (authData.isUseMandate()) { + //get PVP attribute directly, if exists + String mandateType = authData.getGenericData(MANDATE_TYPE_NAME, String.class); - return g.buildStringAttribute(MANDATE_TYPE_FRIENDLY_NAME, MANDATE_TYPE_NAME, mandateObject.getAnnotation()); + if (MiscUtil.isEmpty(mandateType)) { + Element mandate = authData.getMandate(); + if (mandate == null) { + throw new NoMandateDataAttributeException(); + + } + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if (mandateObject == null) { + throw new NoMandateDataAttributeException(); + + } + mandateType = mandateObject.getAnnotation(); + + } + + return g.buildStringAttribute(MANDATE_TYPE_FRIENDLY_NAME, MANDATE_TYPE_NAME, mandateType); } return null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateTypeOIDAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateTypeOIDAttributeBuilder.java new file mode 100644 index 000000000..b967ad42c --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateTypeOIDAttributeBuilder.java @@ -0,0 +1,59 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.protocols.builder.attributes; + +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +public class MandateTypeOIDAttributeBuilder implements IPVPAttributeBuilder { + + public String getName() { + return MANDATE_TYPE_OID_NAME; + } + + public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, + IAttributeGenerator<ATT> g) throws AttributeException { + if (authData.isUseMandate()) { + //get PVP attribute directly, if exists + String mandateType = authData.getGenericData(MANDATE_TYPE_OID_NAME, String.class); + + if (MiscUtil.isEmpty(mandateType)) { + Logger.info("MIS Mandate does not include 'Mandate-Type OID'."); + return null; + + } + + return g.buildStringAttribute(MANDATE_TYPE_OID_FRIENDLY_NAME, MANDATE_TYPE_OID_NAME, mandateType); + } + return null; + + } + + public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { + return g.buildEmptyAttribute(MANDATE_TYPE_OID_FRIENDLY_NAME, MANDATE_TYPE_OID_NAME); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/PVPVersionAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/PVPVersionAttributeBuilder.java index 456634fb1..285a6977f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/PVPVersionAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/PVPVersionAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/PrincipalNameAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/PrincipalNameAttributeBuilder.java index 33f3a1d05..b2465b5c1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/PrincipalNameAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/PrincipalNameAttributeBuilder.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.builder.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java index 9327cabd7..2168316ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java @@ -24,6 +24,8 @@ package at.gv.egovernment.moa.id.protocols.pvp2x; import java.util.ArrayList; +import java.util.Arrays; +import java.util.Date; import java.util.List; import javax.servlet.http.HttpServletRequest; @@ -36,30 +38,49 @@ import org.opensaml.saml2.core.AttributeQuery; import org.opensaml.saml2.core.Response; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.xml.security.SecurityException; - -import java.util.Arrays; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; +import at.gv.egovernment.moa.id.auth.builder.DynamicOAAuthParameterBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; +import at.gv.egovernment.moa.id.data.Trible; import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AuthResponseBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; /** * @author tlenz * */ +@Service("AttributQueryAction") public class AttributQueryAction implements IAction { + @Autowired private IAuthenticationSessionStoreage authenticationSessionStorage; + @Autowired private AuthenticationDataBuilder authDataBuilder; + @Autowired private IDPCredentialProvider pvpCredentials; + @Autowired private AuthConfiguration authConfig; + private final static List<String> DEFAULTSTORKATTRIBUTES = Arrays.asList( new String[]{PVPConstants.EID_STORK_TOKEN_NAME}); @@ -73,43 +94,57 @@ public class AttributQueryAction implements IAction { * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData) */ @Override - public SLOInformationInterface processRequest(IRequest req, + public SLOInformationInterface processRequest(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { - if (req instanceof PVPTargetConfiguration && - ((PVPTargetConfiguration) req).getRequest() instanceof MOARequest && - ((MOARequest)((PVPTargetConfiguration) req).getRequest()).getSamlRequest() instanceof AttributeQuery) { - - AttributeQuery attrQuery = (AttributeQuery)((MOARequest)((PVPTargetConfiguration) req).getRequest()).getSamlRequest(); + if (pendingReq instanceof PVPTargetConfiguration && + ((PVPTargetConfiguration) pendingReq).getRequest() instanceof MOARequest && + ((MOARequest)((PVPTargetConfiguration) pendingReq).getRequest()).getSamlRequest() instanceof AttributeQuery) { - //load moaSession - String nameID = attrQuery.getSubject().getNameID().getValue(); - - AuthenticationSession session = AuthenticationSessionStoreage.getSessionWithUserNameID(nameID); - if (session == null) { - Logger.warn("AttributeQuery nameID does not match to an active single sign-on session."); - throw new AttributQueryException("AttributeQuery nameID does not match to an active single sign-on session.", null); - - } - + //set time reference DateTime date = new DateTime(); - //generate authData - authData = AuthenticationDataBuilder.buildAuthenticationData(req, session, attrQuery.getAttributes()); - - //add default attributes in case of mandates or STORK is in use - List<String> attrList = addDefaultAttributes(attrQuery, authData); - - //build PVP 2.1 assertion - Assertion assertion = PVP2AssertionBuilder.buildAssertion(req.getAuthURL(), attrQuery, attrList, authData, date, authData.getSessionIndex()); - - //build PVP 2.1 response - Response authResponse = AuthResponseBuilder.buildResponse(req.getAuthURL(), attrQuery, date, assertion); - try { + //get Single Sign-On information for the Service-Provider + // which sends the Attribute-Query request + AuthenticationSession moaSession = authenticationSessionStorage.getSession(pendingReq.getMOASessionIdentifier()); + if (moaSession == null) { + Logger.warn("No MOASession with ID:" + pendingReq.getMOASessionIdentifier() + " FOUND."); + throw new MOAIDException("auth.02", new Object[]{pendingReq.getMOASessionIdentifier()}); + } + + InterfederationSessionStore nextIDPInformation = + authenticationSessionStorage.searchInterfederatedIDPFORAttributeQueryWithSessionID(moaSession.getSessionID()); + + AttributeQuery attrQuery = + (AttributeQuery)((MOARequest)((PVPTargetConfiguration) pendingReq).getRequest()).getSamlRequest(); + + //build PVP 2.1 response-attribute information for this AttributQueryRequest + Trible<List<Attribute>, Date, String> responseInfo = + buildResponseInformationForAttributQuery(pendingReq, moaSession, attrQuery.getAttributes(), nextIDPInformation); + + Logger.debug("AttributQuery return " + responseInfo.getFirst().size() + + " attributes with QAA-Level:" + responseInfo.getThird() + + " validTo:" + responseInfo.getSecond().toString()); + + //build PVP 2.1 assertion + + String issuerEntityID = PVPConfiguration.getInstance().getIDPSSOMetadataService( + pendingReq.getAuthURL()); + + Assertion assertion = PVP2AssertionBuilder.buildAssertion(issuerEntityID, + attrQuery, responseInfo.getFirst(), date, new DateTime(responseInfo.getSecond().getTime()), + responseInfo.getThird(), authData.getSessionIndex()); + + //build PVP 2.1 response + Response authResponse = AuthResponseBuilder.buildResponse( + MOAMetadataProvider.getInstance(), issuerEntityID, attrQuery, date, + assertion, authConfig.isPVP2AssertionEncryptionActive()); + SoapBinding decoder = new SoapBinding(); - decoder.encodeRespone(httpReq, httpResp, authResponse, null, null); + decoder.encodeRespone(httpReq, httpResp, authResponse, null, null, + pvpCredentials.getIDPAssertionSigningCredential()); return null; } catch (MessageEncodingException e) { @@ -120,6 +155,11 @@ public class AttributQueryAction implements IAction { Logger.error("Security exception", e); throw new MOAIDException("pvp2.01", null, e); + } catch (MOADatabaseException e) { + Logger.error("MOASession with SessionID=" + pendingReq.getMOASessionIdentifier() + + " is not found in Database", e); + throw new MOAIDException("init.04", new Object[] { pendingReq.getMOASessionIdentifier() }); + } } else { @@ -145,32 +185,145 @@ public class AttributQueryAction implements IAction { public String getDefaultActionName() { return PVP2XProtocol.ATTRIBUTEQUERY; } + + private Trible<List<Attribute>, Date, String> buildResponseInformationForAttributQuery(IRequest pendingReq, + AuthenticationSession session, List<Attribute> reqAttributes, InterfederationSessionStore nextIDPInformation) throws MOAIDException { + try { + //mark AttributeQuery as used if it exists + OASessionStore activeOA = authenticationSessionStorage.searchActiveOASSOSession(session, pendingReq.getOAURL(), pendingReq.requestedModule()); + if (activeOA != null) { + //mark + if ( pendingReq instanceof PVPTargetConfiguration && + ((PVPTargetConfiguration) pendingReq).getRequest() instanceof MOARequest && + ((PVPTargetConfiguration) pendingReq).getRequest().getInboundMessage() instanceof AttributeQuery) { + try { + activeOA.setAttributeQueryUsed(true); + MOASessionDBUtils.saveOrUpdate(activeOA); + + } catch (MOADatabaseException e) { + Logger.error("MOASession interfederation information can not stored to database.", e); + + } + } + } + + //build OnlineApplication dynamic from requested attributes (AttributeQuerry Request) and configuration + IOAAuthParameters spConfig = DynamicOAAuthParameterBuilder.buildFromAttributeQuery(reqAttributes); + + //search federated IDP information for this MOASession + if (nextIDPInformation != null) { + Logger.info("Find active federated IDP information." + + ". --> Request next IDP:" + nextIDPInformation.getIdpurlprefix() + + " for authentication information."); + + //load configuration of next IDP + IOAAuthParameters idpLoaded = authConfig.getOnlineApplicationParameter(nextIDPInformation.getIdpurlprefix()); + if (idpLoaded == null || !(idpLoaded instanceof OAAuthParameter)) { + Logger.warn("Configuration for federated IDP:" + nextIDPInformation.getIdpurlprefix() + + "is not loadable."); + throw new MOAIDException("auth.32", new Object[]{nextIDPInformation.getIdpurlprefix()}); + + } + + OAAuthParameter idp = (OAAuthParameter) idpLoaded; + + //check if next IDP config allows inbound messages + if (!idp.isInboundSSOInterfederationAllowed()) { + Logger.warn("Configuration for federated IDP:" + nextIDPInformation.getIdpurlprefix() + + "disallow inbound authentication messages."); + throw new MOAIDException("auth.33", new Object[]{nextIDPInformation.getIdpurlprefix()}); + + } + + //check next IDP service area policy. BusinessService IDPs can only request wbPKs + if (!spConfig.getBusinessService() && !idp.isIDPPublicService()) { + Logger.error("Interfederated IDP " + idp.getPublicURLPrefix() + + " has a BusinessService-IDP but requests PublicService attributes."); + throw new MOAIDException("auth.34", new Object[]{nextIDPInformation.getIdpurlprefix()}); + + } + + //validation complete --> start AttributeQuery Request + AssertionAttributeExtractor extractor = authDataBuilder.getAuthDataFromAttributeQuery(reqAttributes, + nextIDPInformation.getUserNameID(), idp); + + try { + //mark attribute request as used + if (nextIDPInformation.isStoreSSOInformation()) { + nextIDPInformation.setAttributesRequested(true); + MOASessionDBUtils.saveOrUpdate(nextIDPInformation); - private List<String> addDefaultAttributes(AttributeQuery query, IAuthData authData) { + //delete federated IDP from Session + } else { + MOASessionDBUtils.delete(nextIDPInformation); + + } + + } catch (MOADatabaseException e) { + Logger.error("MOASession interfederation information can not stored to database.", e); + + } + + return Trible.newInstance( + extractor.getAllResponseAttributesFromFirstAttributeStatement(), + extractor.getAssertionNotOnOrAfter(), + extractor.getQAALevel()); + + } else { + Logger.debug("Build authData for AttributQuery from local MOASession."); + IAuthData authData = authDataBuilder.buildAuthenticationData(pendingReq, session, spConfig); + + //add default attributes in case of mandates or STORK is in use + List<String> attrList = addDefaultAttributes(reqAttributes, authData); - List<String> reqAttributs = new ArrayList<String>(); + //build Set of response attributes + List<Attribute> respAttr = PVPAttributeBuilder.buildSetOfResponseAttributes(authData, attrList); + + return Trible.newInstance(respAttr, authData.getSsoSessionValidTo(), authData.getQAALevel()); + + } + + } catch (MOAIDException e) { + throw e; + } + } + + /** + * Add additional PVP Attribute-Names in respect to current MOASession. + *<br><br> + * <pre>As example: if current MOASession includes mandates but mandate attributes are not requested, + * this method a a minimum set of mandate attribute-names</pre> + * + * @param reqAttr From Service Provider requested attributes + * @param authData AuthenticationData + * @return List of PVP attribute-names + */ + private List<String> addDefaultAttributes(List<Attribute> reqAttr, IAuthData authData) { - for (Attribute attr : query.getAttributes()) { - reqAttributs.add(attr.getName()); + List<String> reqAttributeNames = new ArrayList<String>(); + + for (Attribute attr : reqAttr) { + reqAttributeNames.add(attr.getName()); } //add default STORK attributes if it is a STORK authentication - if (authData.isForeigner() && !reqAttributs.containsAll(DEFAULTSTORKATTRIBUTES)) { + if (authData.isForeigner() && !reqAttributeNames.containsAll(DEFAULTSTORKATTRIBUTES)) { for (String el : DEFAULTSTORKATTRIBUTES) { - if (!reqAttributs.contains(el)) - reqAttributs.add(el); + if (!reqAttributeNames.contains(el)) + reqAttributeNames.add(el); } } //add default mandate attributes if it is a authentication with mandates - if (authData.isUseMandate() && !reqAttributs.containsAll(DEFAULTMANDATEATTRIBUTES)) { + if (authData.isUseMandate() && !reqAttributeNames.containsAll(DEFAULTMANDATEATTRIBUTES)) { for (String el : DEFAULTMANDATEATTRIBUTES) { - if (!reqAttributs.contains(el)) - reqAttributs.add(el); + if (!reqAttributeNames.contains(el)) + reqAttributeNames.add(el); } } - return reqAttributs; + return reqAttributeNames; } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java index 04b7854b1..8de44a2e8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java @@ -25,27 +25,114 @@ package at.gv.egovernment.moa.id.protocols.pvp2x; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import org.joda.time.DateTime; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.core.Assertion; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.metadata.AssertionConsumerService; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.ws.message.encoder.MessageEncodingException; +import org.opensaml.xml.security.SecurityException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler.RequestManager; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AuthResponseBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException; +import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.logging.Logger; +@Service("PVPAuthenticationRequestAction") public class AuthenticationAction implements IAction { - + @Autowired IDPCredentialProvider pvpCredentials; + @Autowired AuthConfiguration authConfig; + public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { PVPTargetConfiguration pvpRequest = (PVPTargetConfiguration) req; - SLOInformationImpl sloInformation = (SLOInformationImpl) RequestManager.getInstance().handle(pvpRequest, httpReq, httpResp, authData); + //get basic information + MOARequest moaRequest = (MOARequest) pvpRequest.getRequest(); + AuthnRequest authnRequest = (AuthnRequest) moaRequest.getSamlRequest(); + EntityDescriptor peerEntity = moaRequest.getEntityMetadata(); + + AssertionConsumerService consumerService = + SAML2Utils.createSAMLObject(AssertionConsumerService.class); + consumerService.setBinding(pvpRequest.getBinding()); + consumerService.setLocation(pvpRequest.getConsumerURL()); + + DateTime date = new DateTime(); + + SLOInformationImpl sloInformation = new SLOInformationImpl(); - //set protocol type - sloInformation.setProtocolType(req.requestedModule()); + //change to entity value from entity name to IDP EntityID (URL) +// String issuerEntityID = pvpRequest.getAuthURL(); +// if (issuerEntityID.endsWith("/")) +// issuerEntityID = issuerEntityID.substring(0, issuerEntityID.length()-1); + + String issuerEntityID = PVPConfiguration.getInstance().getIDPSSOMetadataService( + pvpRequest.getAuthURL()); + + //build Assertion + Assertion assertion = PVP2AssertionBuilder.buildAssertion(issuerEntityID, pvpRequest, authnRequest, authData, + peerEntity, date, consumerService, sloInformation); + + Response authResponse = AuthResponseBuilder.buildResponse( + MOAMetadataProvider.getInstance(), issuerEntityID, authnRequest, + date, assertion, authConfig.isPVP2AssertionEncryptionActive()); + + IEncoder binding = null; + + if (consumerService.getBinding().equals( + SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { + binding = new RedirectBinding(); + + } else if (consumerService.getBinding().equals( + SAMLConstants.SAML2_POST_BINDING_URI)) { + binding = new PostBinding(); + + } + + if (binding == null) { + throw new BindingNotSupportedException(consumerService.getBinding()); + } + + try { + binding.encodeRespone(httpReq, httpResp, authResponse, + consumerService.getLocation(), moaRequest.getRelayState(), + pvpCredentials.getIDPAssertionSigningCredential()); + + //set protocol type + sloInformation.setProtocolType(req.requestedModule()); + sloInformation.setSpEntityID(req.getOnlineApplicationConfiguration().getPublicURLPrefix()); + return sloInformation; + + } catch (MessageEncodingException e) { + Logger.error("Message Encoding exception", e); + throw new MOAIDException("pvp2.01", null, e); + + } catch (SecurityException e) { + Logger.error("Security exception", e); + throw new MOAIDException("pvp2.01", null, e); + + } - return sloInformation; } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, @@ -54,7 +141,8 @@ public class AuthenticationAction implements IAction { } public String getDefaultActionName() { - return (PVP2XProtocol.REDIRECT); + return "PVPAuthenticationRequestAction"; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java index 50f91df44..2a688da68 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java @@ -22,150 +22,44 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x; -import java.io.StringWriter; -import java.util.List; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; -import org.joda.time.DateTime; -import org.opensaml.Configuration; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.NameIDType; -import org.opensaml.saml2.metadata.AssertionConsumerService; -import org.opensaml.saml2.metadata.AttributeConsumingService; -import org.opensaml.saml2.metadata.ContactPerson; -import org.opensaml.saml2.metadata.EntitiesDescriptor; -import org.opensaml.saml2.metadata.EntityDescriptor; -import org.opensaml.saml2.metadata.IDPSSODescriptor; -import org.opensaml.saml2.metadata.KeyDescriptor; -import org.opensaml.saml2.metadata.LocalizedString; -import org.opensaml.saml2.metadata.NameIDFormat; -import org.opensaml.saml2.metadata.RoleDescriptor; -import org.opensaml.saml2.metadata.SPSSODescriptor; -import org.opensaml.saml2.metadata.ServiceName; -import org.opensaml.saml2.metadata.SingleLogoutService; -import org.opensaml.saml2.metadata.SingleSignOnService; -import org.opensaml.xml.io.Marshaller; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.SecurityHelper; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.credential.UsageType; -import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; -import org.opensaml.xml.security.x509.X509Credential; -import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory; -import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.Signer; -import org.w3c.dom.Document; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPMetadataBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IDPPVPMetadataConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; import at.gv.egovernment.moa.logging.Logger; +@Service("pvpMetadataService") public class MetadataAction implements IAction { - private static final int VALIDUNTIL_IN_HOURS = 24; - + + + @Autowired private MOAReversionLogger revisionsLogger; + @Autowired private IDPCredentialProvider credentialProvider; + @Autowired private PVPMetadataBuilder metadatabuilder; + public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { try { - - MOAReversionLogger.getInstance().logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_PVP_METADATA); - - EntitiesDescriptor idpEntitiesDescriptor = - SAML2Utils.createSAMLObject(EntitiesDescriptor.class); - - idpEntitiesDescriptor.setName(PVPConfiguration.getInstance().getIDPIssuerName()); - - idpEntitiesDescriptor.setID(SAML2Utils.getSecureIdentifier()); - - DateTime date = new DateTime(); + revisionsLogger.logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_PVP_METADATA); - idpEntitiesDescriptor.setValidUntil(date.plusHours(VALIDUNTIL_IN_HOURS)); - - EntityDescriptor idpEntityDescriptor = SAML2Utils - .createSAMLObject(EntityDescriptor.class); - - idpEntitiesDescriptor.getEntityDescriptors().add(idpEntityDescriptor); + //build metadata + IPVPMetadataBuilderConfiguration metadataConfig = + new IDPPVPMetadataConfiguration(req.getAuthURLWithOutSlash(), credentialProvider); - //TODO: maybe change EntityID to Metadata URL - //idpEntityDescriptor - // .setEntityID(PVPConfiguration.getInstance().getIDPSSOMetadataService()); - - idpEntityDescriptor - .setEntityID(req.getAuthURLWithOutSlash()); - - idpEntityDescriptor.setValidUntil(date.plusDays(VALIDUNTIL_IN_HOURS)); - - List<ContactPerson> persons = PVPConfiguration.getInstance() - .getIDPContacts(); - - idpEntityDescriptor.getContactPersons().addAll(persons); - - idpEntityDescriptor.setOrganization(PVPConfiguration.getInstance() - .getIDPOrganisation()); - - X509KeyInfoGeneratorFactory keyInfoFactory = new X509KeyInfoGeneratorFactory(); - //keyInfoFactory.setEmitPublicKeyValue(true); - keyInfoFactory.setEmitEntityIDAsKeyName(true); - keyInfoFactory.setEmitEntityCertificate(true); - - KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance(); - - Credential metadataSigningCredential = CredentialProvider.getIDPMetaDataSigningCredential(); - Signature signature = CredentialProvider - .getIDPSignature(metadataSigningCredential); - - //set KeyInfo Element - SecurityHelper.prepareSignatureParams(signature, metadataSigningCredential, null, null); - - idpEntitiesDescriptor.setSignature(signature); - - //set IDP metadata - idpEntityDescriptor.getRoleDescriptors().add(generateIDPMetadata(req, keyInfoGenerator)); - - //set SP metadata for interfederation - idpEntityDescriptor.getRoleDescriptors().add(generateSPMetadata(req, keyInfoGenerator)); - - DocumentBuilder builder; - DocumentBuilderFactory factory = DocumentBuilderFactory - .newInstance(); - - builder = factory.newDocumentBuilder(); - Document document = builder.newDocument(); - Marshaller out = Configuration.getMarshallerFactory() - .getMarshaller(idpEntitiesDescriptor); - out.marshall(idpEntitiesDescriptor, document); - - Signer.signObject(signature); - - Transformer transformer = TransformerFactory.newInstance() - .newTransformer(); - - StringWriter sw = new StringWriter(); - StreamResult sr = new StreamResult(sw); - DOMSource source = new DOMSource(document); - transformer.transform(source, sr); - sw.close(); - - String metadataXML = sw.toString(); + String metadataXML = metadatabuilder.buildPVPMetadata(metadataConfig); Logger.debug("METADATA: " + metadataXML); httpResp.setContentType("text/xml"); @@ -186,232 +80,12 @@ public class MetadataAction implements IAction { return false; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName() + */ + @Override public String getDefaultActionName() { - return (PVP2XProtocol.METADATA); + return "IDP - PVP Metadata action"; } - private RoleDescriptor generateSPMetadata(IRequest req, KeyInfoGenerator keyInfoGenerator) throws CredentialsNotAvailableException, SecurityException, ConfigurationException { - - Logger.debug("Set SP Metadata key information"); - - SPSSODescriptor spSSODescriptor = SAML2Utils - .createSAMLObject(SPSSODescriptor.class); - - spSSODescriptor.setAuthnRequestsSigned(true); - spSSODescriptor.setWantAssertionsSigned(false); - - - //Set AuthRequest Signing certificate - X509Credential authcredential = CredentialProvider.getIDPAssertionSigningCredential(); - - KeyDescriptor signKeyDescriptor = SAML2Utils - .createSAMLObject(KeyDescriptor.class); - signKeyDescriptor.setUse(UsageType.SIGNING); - signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential)); - spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); - - - //set AuthRequest encryption certificate - - X509Credential authEncCredential = CredentialProvider.getIDPAssertionEncryptionCredential(); - - if (authEncCredential != null) { - KeyDescriptor encryKeyDescriptor = SAML2Utils - .createSAMLObject(KeyDescriptor.class); - encryKeyDescriptor.setUse(UsageType.ENCRYPTION); - encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential)); - spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor); - - } else { - Logger.warn("No Assertion Encryption-Key defined. This setting is not recommended!"); - - } - - NameIDFormat persistentnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - persistentnameIDFormat.setFormat(NameIDType.PERSISTENT); - - spSSODescriptor.getNameIDFormats().add(persistentnameIDFormat); - - NameIDFormat transientnameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - transientnameIDFormat.setFormat(NameIDType.TRANSIENT); - - spSSODescriptor.getNameIDFormats().add(transientnameIDFormat); - - NameIDFormat unspecifiednameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED); - - spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat); - - //add assertion consumer services - AssertionConsumerService postassertionConsumerService = - SAML2Utils.createSAMLObject(AssertionConsumerService.class); - postassertionConsumerService.setIndex(0); - postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); - postassertionConsumerService.setLocation(PVPConfiguration - .getInstance().getSPSSOPostService(req.getAuthURL())); - postassertionConsumerService.setIsDefault(true); - spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService); - - AssertionConsumerService redirectassertionConsumerService = - SAML2Utils.createSAMLObject(AssertionConsumerService.class); - redirectassertionConsumerService.setIndex(1); - redirectassertionConsumerService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); - redirectassertionConsumerService.setLocation(PVPConfiguration - .getInstance().getSPSSORedirectService(req.getAuthURL())); - spSSODescriptor.getAssertionConsumerServices().add(redirectassertionConsumerService); - - - //add SLO descriptor -// SingleLogoutService postSLOService = -// SAML2Utils.createSAMLObject(SingleLogoutService.class); -// postSLOService.setLocation(PVPConfiguration -// .getInstance().getIDPSSOPostService()); -// postSLOService -// .setBinding(SAMLConstants.SAML2_POST_BINDING_URI); -// spSSODescriptor.getSingleLogoutServices().add(postSLOService); - - SingleLogoutService redirectSLOService = - SAML2Utils.createSAMLObject(SingleLogoutService.class); - redirectSLOService.setLocation(PVPConfiguration - .getInstance().getSPSSORedirectService(req.getAuthURL())); - redirectSLOService - .setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); - spSSODescriptor.getSingleLogoutServices().add(redirectSLOService); - - - spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS); - - AttributeConsumingService attributeService = - SAML2Utils.createSAMLObject(AttributeConsumingService.class); - - attributeService.setIndex(0); - attributeService.setIsDefault(true); - ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class); - serviceName.setName(new LocalizedString("Default Service", "de")); - attributeService.getNames().add(serviceName); - - return spSSODescriptor; - } - - private IDPSSODescriptor generateIDPMetadata(IRequest req, KeyInfoGenerator keyInfoGenerator) throws ConfigurationException, CredentialsNotAvailableException, SecurityException { - - -// //set SignatureMethode -// signature.setSignatureAlgorithm(PVPConstants.DEFAULT_SIGNING_METHODE); -// -// //set DigestMethode -// List<ContentReference> contentList = signature.getContentReferences(); -// for (ContentReference content : contentList) { -// -// if (content instanceof SAMLObjectContentReference) { -// -// SAMLObjectContentReference el = (SAMLObjectContentReference) content; -// el.setDigestAlgorithm(PVPConstants.DEFAULT_DIGESTMETHODE); -// -// } -// } - - -// KeyInfoBuilder metadataKeyInfoBuilder = new KeyInfoBuilder(); -// KeyInfo metadataKeyInfo = metadataKeyInfoBuilder.buildObject(); -// //KeyInfoHelper.addCertificate(metadataKeyInfo, metadataSigningCredential.); -// signature.setKeyInfo(metadataKeyInfo ); - - - IDPSSODescriptor idpSSODescriptor = SAML2Utils - .createSAMLObject(IDPSSODescriptor.class); - - idpSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS); - - idpSSODescriptor.setWantAuthnRequestsSigned(true); - - if (PVPConfiguration.getInstance().getIDPSSOPostService(req.getAuthURL()) != null) { - //add SSO descriptor - SingleSignOnService postSingleSignOnService = SAML2Utils - .createSAMLObject(SingleSignOnService.class); - postSingleSignOnService.setLocation(PVPConfiguration - .getInstance().getIDPSSOPostService(req.getAuthURL())); - postSingleSignOnService - .setBinding(SAMLConstants.SAML2_POST_BINDING_URI); - idpSSODescriptor.getSingleSignOnServices().add( - postSingleSignOnService); - - //add SLO descriptor -// SingleLogoutService postSLOService = -// SAML2Utils.createSAMLObject(SingleLogoutService.class); -// postSLOService.setLocation(PVPConfiguration -// .getInstance().getIDPSSOPostService()); -// postSLOService -// .setBinding(SAMLConstants.SAML2_POST_BINDING_URI); -// idpSSODescriptor.getSingleLogoutServices().add(postSLOService); - - } - - if (PVPConfiguration.getInstance().getIDPSSORedirectService(req.getAuthURL()) != null) { - //add SSO descriptor - SingleSignOnService redirectSingleSignOnService = SAML2Utils - .createSAMLObject(SingleSignOnService.class); - redirectSingleSignOnService.setLocation(PVPConfiguration - .getInstance().getIDPSSORedirectService(req.getAuthURL())); - redirectSingleSignOnService - .setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); - idpSSODescriptor.getSingleSignOnServices().add( - redirectSingleSignOnService); - - //add SLO descriptor - SingleLogoutService redirectSLOService = - SAML2Utils.createSAMLObject(SingleLogoutService.class); - redirectSLOService.setLocation(PVPConfiguration - .getInstance().getIDPSSORedirectService(req.getAuthURL())); - redirectSLOService - .setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); - idpSSODescriptor.getSingleLogoutServices().add(redirectSLOService); - } - - /*if (PVPConfiguration.getInstance().getIDPResolveSOAPService() != null) { - ArtifactResolutionService artifactResolutionService = SAML2Utils - .createSAMLObject(ArtifactResolutionService.class); - - artifactResolutionService - .setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI); - artifactResolutionService.setLocation(PVPConfiguration - .getInstance().getIDPResolveSOAPService()); - - artifactResolutionService.setIndex(0); - - idpSSODescriptor.getArtifactResolutionServices().add( - artifactResolutionService); - }*/ - - //set assertion signing key - Credential assertionSigingCredential = CredentialProvider - .getIDPAssertionSigningCredential(); - - KeyDescriptor signKeyDescriptor = SAML2Utils - .createSAMLObject(KeyDescriptor.class); - signKeyDescriptor.setUse(UsageType.SIGNING); - signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(assertionSigingCredential)); - idpSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); - - idpSSODescriptor.getAttributes().addAll(PVPAttributeBuilder.buildSupportedEmptyAttributes()); - - NameIDFormat persistenNameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - persistenNameIDFormat.setFormat(NameIDType.PERSISTENT); - - idpSSODescriptor.getNameIDFormats().add(persistenNameIDFormat); - - NameIDFormat transientNameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - transientNameIDFormat.setFormat(NameIDType.TRANSIENT); - - idpSSODescriptor.getNameIDFormats().add(transientNameIDFormat); - - NameIDFormat unspecifiedNameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); - unspecifiedNameIDFormat.setFormat(NameIDType.UNSPECIFIED); - - idpSSODescriptor.getNameIDFormats().add(unspecifiedNameIDFormat); - - return idpSSODescriptor; - - } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index ee5685e5f..bca080ba6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -22,16 +22,11 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x; -import java.io.IOException; -import java.util.ArrayList; import java.util.Arrays; -import java.util.HashMap; -import java.util.Iterator; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.TransformerException; import org.apache.commons.lang.StringEscapeUtils; import org.joda.time.DateTime; @@ -52,29 +47,29 @@ import org.opensaml.saml2.metadata.AttributeConsumingService; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.ws.security.SecurityPolicyException; -import org.opensaml.xml.io.MarshallingException; import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.x509.X509Credential; import org.opensaml.xml.signature.SignableXMLObject; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityLogAdapter; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IModulInfo; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException; -import at.gv.egovernment.moa.id.moduls.RequestImpl; -import at.gv.egovernment.moa.id.moduls.RequestStorage; -import at.gv.egovernment.moa.id.moduls.SSOManager; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder; +import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding; @@ -91,20 +86,25 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SLOException; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AuthnRequestValidator; -import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; import at.gv.egovernment.moa.id.util.ErrorResponseUtils; import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.VelocityLogAdapter; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { +@Controller +public class PVP2XProtocol extends AbstractAuthProtocolModulController { + @Autowired IDPCredentialProvider pvpCredentials; + @Autowired SAMLVerificationEngineSP samlVerificationEngine; + public static final String NAME = PVP2XProtocol.class.getName(); public static final String PATH = "id_pvp2x"; @@ -114,46 +114,15 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { public static final String METADATA = "Metadata"; public static final String ATTRIBUTEQUERY = "AttributeQuery"; public static final String SINGLELOGOUT = "SingleLogOut"; - - public static final String ENDPOINT_IDP = "idp"; - public static final String ENDPOINT_SP = "sp"; - - public static final String PARAMETER_ENDPOINT = "endpointtype"; - - private static List<IDecoder> decoder = new ArrayList<IDecoder>(); - - private static HashMap<String, IAction> actions = new HashMap<String, IAction>(); public static final List<String> DEFAULTREQUESTEDATTRFORINTERFEDERATION = Arrays.asList( new String[] { PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME }); - static { - decoder.add(new PostBinding()); - decoder.add(new RedirectBinding()); - decoder.add(new SoapBinding()); - - actions.put(REDIRECT, new AuthenticationAction()); - actions.put(POST, new AuthenticationAction()); - actions.put(METADATA, new MetadataAction()); - actions.put(ATTRIBUTEQUERY, new AttributQueryAction()); - actions.put(SINGLELOGOUT, new SingleLogOutAction()); - - //TODO: insert getArtifact action - - instance = new PVP2XProtocol(); - + static { new VelocityLogAdapter(); - } - - private static PVP2XProtocol instance = null; - - public static PVP2XProtocol getInstance() { - if (instance == null) { - instance = new PVP2XProtocol(); - } - return instance; + } public String getName() { @@ -163,162 +132,241 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { public String getPath() { return PATH; } - - private IDecoder findDecoder(String action, HttpServletRequest req) { - Iterator<IDecoder> decoderIT = decoder.iterator(); - while (decoderIT.hasNext()) { - IDecoder decoder = decoderIT.next(); - if (decoder.handleDecode(action, req)) { - return decoder; - } - } - - return null; + + public PVP2XProtocol() { + super(); } - - private boolean isServiceProviderEndPointUsed(HttpServletRequest req) throws InvalidProtocolRequestException { - Object obj = req.getParameter(PARAMETER_ENDPOINT); - if (obj instanceof String) { - String param = (String) obj; - if (MiscUtil.isNotEmpty(param)) { - if (ENDPOINT_IDP.equals(param)) - return false; - - else if (ENDPOINT_SP.equals(param)) - return true; - } + + //PVP2.x metadata end-point + @RequestMapping(value = "/pvp2/metadata", method = {RequestMethod.POST, RequestMethod.GET}) + public void PVPMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException { + if (!authConfig.getAllowedProtocols().isPVP21Active()) { + Logger.info("PVP2.1 is deaktivated!"); + throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }); + } + //create pendingRequest object + PVPTargetConfiguration pendingReq = applicationContext.getBean(PVPTargetConfiguration.class); + pendingReq.initialize(req); + pendingReq.setModule(NAME); + + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); + + MetadataAction metadataAction = applicationContext.getBean(MetadataAction.class); + metadataAction.processRequest(pendingReq, + req, resp, null); - Logger.error("No valid PVP 2.1 entpoint descriptor"); - throw new InvalidProtocolRequestException("pvp2.20", new Object[] {}); } - public PVP2XProtocol() { - super(); + //PVP2.x IDP POST-Binding end-point + @RequestMapping(value = "/pvp2/post", method = {RequestMethod.POST}) + public void PVPIDPPostRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException { + if (!authConfig.getAllowedProtocols().isPVP21Active()) { + Logger.info("PVP2.1 is deaktivated!"); + throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }); + + } + + try { + //create pendingRequest object + PVPTargetConfiguration pendingReq = applicationContext.getBean(PVPTargetConfiguration.class); + pendingReq.initialize(req); + pendingReq.setModule(NAME); + + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier()); + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier()); + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); + + //get POST-Binding decoder implementation + InboundMessage msg = (InboundMessage) new PostBinding().decode( + req, resp, MOAMetadataProvider.getInstance(), false, + new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService(pendingReq.getAuthURL()))); + pendingReq.setRequest(msg); + + //preProcess Message + preProcess(req, resp, pendingReq); + + } catch (SecurityPolicyException e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); + + } catch (SecurityException e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()}); + + } catch (MOAIDException e) { + throw e; + + } catch (Throwable e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + + throw new MOAIDException("pvp2.24", new Object[] {e.getMessage()}); + } } - public IRequest preProcess(HttpServletRequest request, - HttpServletResponse response, String action, - String sessionId, String transactionId) throws MOAIDException { - - + //PVP2.x IDP Redirect-Binding end-point + @RequestMapping(value = "/pvp2/redirect", method = {RequestMethod.GET}) + public void PVPIDPRedirecttRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException { if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isPVP21Active()) { Logger.info("PVP2.1 is deaktivated!"); throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }); } - - if(METADATA.equals(action)) { - return new PVPTargetConfiguration(request); + try { + //create pendingRequest object + PVPTargetConfiguration pendingReq = applicationContext.getBean(PVPTargetConfiguration.class); + pendingReq.initialize(req); + pendingReq.setModule(NAME); + + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier()); + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier()); + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); + + //get POST-Binding decoder implementation + InboundMessage msg = (InboundMessage) new RedirectBinding().decode( + req, resp, MOAMetadataProvider.getInstance(), false, + new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService(pendingReq.getAuthURL()))); + pendingReq.setRequest(msg); + + //preProcess Message + preProcess(req, resp, pendingReq); + + } catch (SecurityPolicyException e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); + + } catch (SecurityException e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()}); + + } catch (MOAIDException e) { + throw e; + + } catch (Throwable e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + + throw new MOAIDException("pvp2.24", new Object[] {e.getMessage()}); + } + } + + + //PVP2.x IDP SOAP-Binding end-point + @RequestMapping(value = "/pvp2/soap", method = {RequestMethod.POST}) + public void PVPIDPSOAPRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException { + if (!authConfig.getAllowedProtocols().isPVP21Active()) { + Logger.info("PVP2.1 is deaktivated!"); + throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }); } - IDecoder decoder = findDecoder(action, request); - if (decoder == null) { - return null; - } try { + //create pendingRequest object + PVPTargetConfiguration pendingReq = applicationContext.getBean(PVPTargetConfiguration.class); + pendingReq.initialize(req); + pendingReq.setModule(NAME); + + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier()); + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier()); + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); + + //get POST-Binding decoder implementation + InboundMessage msg = (InboundMessage) new SoapBinding().decode( + req, resp, MOAMetadataProvider.getInstance(), false, + new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService(pendingReq.getAuthURL()))); + pendingReq.setRequest(msg); + + //preProcess Message + preProcess(req, resp, pendingReq); - InboundMessage msg = (InboundMessage) decoder.decode(request, response, isServiceProviderEndPointUsed(request)); + } catch (SecurityPolicyException e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); + } catch (SecurityException e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()}); + + } catch (MOAIDException e) { + throw e; + + } catch (Throwable e) { + String samlRequest = req.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID protocol request: " + samlRequest, e); + + throw new MOAIDException("pvp2.24", new Object[] {e.getMessage()}); + } + } + + + + private void preProcess(HttpServletRequest request, + HttpServletResponse response, PVPTargetConfiguration pendingReq) throws Throwable { + + InboundMessage msg = pendingReq.getRequest(); + if (MiscUtil.isEmpty(msg.getEntityID())) { throw new InvalidProtocolRequestException("pvp2.20", new Object[] {}); } if(!msg.isVerified()) { - SAMLVerificationEngine engine = new SAMLVerificationEngine(); - engine.verify(msg, TrustEngineFactory.getSignatureKnownKeysTrustEngine()); + samlVerificationEngine.verify(msg, + TrustEngineFactory.getSignatureKnownKeysTrustEngine(MOAMetadataProvider.getInstance())); msg.setVerified(true); } if (msg instanceof MOARequest && ((MOARequest)msg).getSamlRequest() instanceof AuthnRequest) - return preProcessAuthRequest(request, response, (MOARequest) msg, sessionId, transactionId); + preProcessAuthRequest(request, response, pendingReq); else if (msg instanceof MOARequest && ((MOARequest)msg).getSamlRequest() instanceof AttributeQuery) - return preProcessAttributQueryRequest(request, response, (MOARequest) msg, sessionId, transactionId); + preProcessAttributQueryRequest(request, response, pendingReq); else if (msg instanceof MOARequest && ((MOARequest)msg).getSamlRequest() instanceof LogoutRequest) - return preProcessLogOut(request, response, msg, sessionId, transactionId); + preProcessLogOut(request, response, pendingReq); else if (msg instanceof MOAResponse && ((MOAResponse)msg).getResponse() instanceof LogoutResponse) - return preProcessLogOut(request, response, msg, sessionId, transactionId); - - else if (msg instanceof MOAResponse && - ((MOAResponse)msg).getResponse() instanceof Response) { - //load service provider AuthRequest from session - - IRequest obj = RequestStorage.getPendingRequest(msg.getRelayState()); - if (obj instanceof RequestImpl) { - RequestImpl iReqSP = (RequestImpl) obj; - - MOAReversionLogger.getInstance().logEvent(iReqSP, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_AUTHRESPONSE); - - MOAResponse processedMsg = preProcessAuthResponse((MOAResponse) msg); - - if ( processedMsg != null ) { - iReqSP.setInterfederationResponse(processedMsg); - - MOAReversionLogger.getInstance().logEvent(iReqSP, MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION_REVEIVED); - - Logger.info("Receive a valid assertion from IDP " + msg.getEntityID() - + ". Switch to original transaction with ID " + iReqSP.getRequestID()); - TransactionIDUtils.setTransactionId(iReqSP.getRequestID()); - TransactionIDUtils.setSessionId(iReqSP.getSessionIdentifier()); - - } else { - Logger.info("Interfederated IDP " + msg.getEntityID() + " has NO valid SSO session." - +". Switch back local authentication process ..."); - - SSOManager ssomanager = SSOManager.getInstance(); - ssomanager.removeInterfederatedSSOIDP(msg.getEntityID(), request); - - iReqSP.setRequestedIDP(null); - - } - - return iReqSP; - - } - - Logger.error("Stored PVP21 authrequest from service provider has an unsuppored type."); - return null; - - } else { + preProcessLogOut(request, response, pendingReq); + + else { Logger.error("Receive unsupported PVP21 message"); throw new MOAIDException("Unsupported PVP21 message", new Object[] {}); } - } catch (PVP2Exception e) { - throw e; - - } catch (SecurityPolicyException e) { - String samlRequest = request.getParameter("SAMLRequest"); - Logger.warn("Receive INVALID protocol request: " + samlRequest, e); - throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROTOCOL_TYPE, PATH); - } catch (SecurityException e) { - String samlRequest = request.getParameter("SAMLRequest"); - Logger.warn("Receive INVALID protocol request: " + samlRequest, e); - throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()}); - - } catch (InvalidProtocolRequestException e) { - String samlRequest = request.getParameter("SAMLRequest"); - Logger.warn("Receive INVALID protocol request: " + samlRequest, e); - throw e; - - } catch (Throwable e) { - String samlRequest = request.getParameter("SAMLRequest"); - Logger.warn("Receive INVALID protocol request: " + samlRequest, e); - - throw new MOAIDException(e.getMessage(), new Object[] {}); - } + //switch to session authentication + performAuthentication(request, response, pendingReq); } public boolean generateErrorMessage(Throwable e, @@ -395,11 +443,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { encoder = new RedirectBinding(); - - } else if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) { - // TODO: not supported YET!! - //binding = new ArtifactBinding(); - + } else if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { encoder = new PostBinding(); @@ -416,31 +460,13 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { if (pvpRequest.getRequest() != null) relayState = pvpRequest.getRequest().getRelayState(); + X509Credential signCred = pvpCredentials.getIDPAssertionSigningCredential(); + encoder.encodeRespone(request, response, samlResponse, pvpRequest.getConsumerURL(), - relayState); + relayState, signCred); return true; } - public IAction getAction(String action) { - return actions.get(action); - } - - public IAction canHandleRequest(HttpServletRequest request, - HttpServletResponse response) { - if(request.getParameter("SAMLRequest") != null && request.getMethod().equals("GET")) { - return getAction(REDIRECT); - - } else if(request.getParameter("SAMLRequest") != null && request.getMethod().equals("POST")) { - return getAction(POST); - - } - - if(METADATA.equals(request.getParameter("action"))) { - return getAction(METADATA); - } - return null; - } - public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { @@ -456,12 +482,10 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { * @return * @throws MOAIDException */ - private IRequest preProcessLogOut(HttpServletRequest request, - HttpServletResponse response, InboundMessage inMsg, - String sessionId, String transactionId) throws MOAIDException { + private void preProcessLogOut(HttpServletRequest request, + HttpServletResponse response, PVPTargetConfiguration pendingReq) throws MOAIDException { - PVPTargetConfiguration config = new PVPTargetConfiguration(request); - + InboundMessage inMsg = pendingReq.getRequest(); MOARequest msg; if (inMsg instanceof MOARequest && ((MOARequest)inMsg).getSamlRequest() instanceof LogoutRequest) { @@ -476,15 +500,15 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { String oaURL = metadata.getEntityID(); oaURL = StringEscapeUtils.escapeHtml(oaURL); - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaURL); + IOAAuthParameters oa = authConfig.getOnlineApplicationParameter(oaURL); Logger.info("Dispatch PVP2 SingleLogOut: OAURL=" + oaURL + " Binding=" + msg.getRequestBinding()); - config.setOAURL(oaURL); - config.setOnlineApplicationConfiguration(oa); - config.setBinding(msg.getRequestBinding()); + pendingReq.setOAURL(oaURL); + pendingReq.setOnlineApplicationConfiguration(oa); + pendingReq.setBinding(msg.getRequestBinding()); - MOAReversionLogger.getInstance().logEvent(sessionId, transactionId, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_SLO); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_SLO); @@ -522,23 +546,26 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { throw new MOAIDException("Unsupported request", new Object[] {}); - config.setRequest(inMsg); - config.setAction(SINGLELOGOUT); - return config; + pendingReq.setRequest(inMsg); + pendingReq.setAction(SINGLELOGOUT); + + //Single LogOut Request needs no authentication + pendingReq.setNeedAuthentication(false); + + //set protocol action, which should be executed + pendingReq.setAction(SingleLogOutAction.class.getName()); } /** * PreProcess AttributeQuery request * @param request * @param response - * @param moaRequest - * @return + * @param pendingReq * @throws Throwable */ - private IRequest preProcessAttributQueryRequest(HttpServletRequest request, - HttpServletResponse response, MOARequest moaRequest, - String sessionId, String transactionId) throws Throwable { - + private void preProcessAttributQueryRequest(HttpServletRequest request, + HttpServletResponse response, PVPTargetConfiguration pendingReq) throws Throwable { + MOARequest moaRequest = ((MOARequest)pendingReq.getRequest()); AttributeQuery attrQuery = (AttributeQuery) moaRequest.getSamlRequest(); moaRequest.setEntityID(attrQuery.getIssuer().getValue()); @@ -556,7 +583,7 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.12"); - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaRequest.getEntityID()); + IOAAuthParameters oa = authConfig.getOnlineApplicationParameter(moaRequest.getEntityID()); if (!oa.isInderfederationIDP()) { Logger.warn("AttributeQuery requests are only allowed for interfederation IDPs."); throw new AttributQueryException("AttributeQuery requests are only allowed for interfederation IDPs.", null); @@ -568,30 +595,48 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { throw new AttributQueryException("Interfederation IDP does not allow outgoing SSO interfederation.", null); } + + //check active MOASession + String nameID = attrQuery.getSubject().getNameID().getValue(); + AuthenticationSession session = authenticatedSessionStorage.getSessionWithUserNameID(nameID); + if (session == null) { + Logger.warn("AttributeQuery nameID does not match to an active single sign-on session."); + throw new AttributQueryException("auth.31", null); - PVPTargetConfiguration config = new PVPTargetConfiguration(request); - config.setRequest(moaRequest); - config.setOAURL(moaRequest.getEntityID()); - config.setOnlineApplicationConfiguration(oa); - config.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI); + } + + //set preProcessed information into pending-request + pendingReq.setRequest(moaRequest); + pendingReq.setOAURL(moaRequest.getEntityID()); + pendingReq.setOnlineApplicationConfiguration(oa); + pendingReq.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI); + + //Attribute-Query Request needs authentication, because session MUST be already authenticated + pendingReq.setNeedAuthentication(false); + + //set protocol action, which should be executed after authentication + pendingReq.setAction(AttributQueryAction.class.getName()); + + //add moasession + pendingReq.setMOASessionIdentifier(session.getSessionID()); + + //write revisionslog entry + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_ATTRIBUTQUERY); - MOAReversionLogger.getInstance().logEvent(sessionId, transactionId, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_ATTRIBUTQUERY); - return config; } /** * PreProcess Authn request * @param request * @param response - * @param moaRequest - * @return + * @param pendingReq * @throws Throwable */ - private IRequest preProcessAuthRequest(HttpServletRequest request, - HttpServletResponse response, MOARequest moaRequest, - String sessionId, String transactionId) throws Throwable { - + private void preProcessAuthRequest(HttpServletRequest request, + HttpServletResponse response, PVPTargetConfiguration pendingReq) throws Throwable { + + MOARequest moaRequest = ((MOARequest)pendingReq.getRequest()); SignableXMLObject samlReq = moaRequest.getSamlRequest(); if(!(samlReq instanceof AuthnRequest)) { @@ -618,7 +663,6 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { } - //parse AssertionConsumerService AssertionConsumerService consumerService = null; if (MiscUtil.isNotEmpty(authnRequest.getAssertionConsumerServiceURL()) && @@ -693,63 +737,28 @@ public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { String oaURL = moaRequest.getEntityMetadata().getEntityID(); oaURL = StringEscapeUtils.escapeHtml(oaURL); - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaURL); + IOAAuthParameters oa = authConfig.getOnlineApplicationParameter(oaURL); Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + consumerService.getBinding()); - PVPTargetConfiguration config = new PVPTargetConfiguration(request); - config.setOAURL(oaURL); - config.setOnlineApplicationConfiguration(oa); - config.setBinding(consumerService.getBinding()); - config.setRequest(moaRequest); - config.setConsumerURL(consumerService.getLocation()); + pendingReq.setOAURL(oaURL); + pendingReq.setOnlineApplicationConfiguration(oa); + pendingReq.setBinding(consumerService.getBinding()); + pendingReq.setRequest(moaRequest); + pendingReq.setConsumerURL(consumerService.getLocation()); //parse AuthRequest - config.setPassiv(authReq.isPassive()); - config.setForce(authReq.isForceAuthn()); + pendingReq.setPassiv(authReq.isPassive()); + pendingReq.setForce(authReq.isForceAuthn()); + //AuthnRequest needs authentication + pendingReq.setNeedAuthentication(true); - MOAReversionLogger.getInstance().logEvent(sessionId, transactionId, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_AUTHREQUEST); + //set protocol action, which should be executed after authentication + pendingReq.setAction(AuthenticationAction.class.getName()); - return config; - } - - /** - * PreProcess AuthResponse and Assertion - * @param msg - */ - private MOAResponse preProcessAuthResponse(MOAResponse msg) { - Logger.debug("Start PVP21 assertion processing... "); - Response samlResp = (Response) msg.getResponse(); - - try { - if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { - - //validate PVP 2.1 assertion - SAMLVerificationEngine.validateAssertion(samlResp, true); - - msg.setSAMLMessage(SAML2Utils.asDOMDocument(samlResp).getDocumentElement()); - return msg; - - } else { - Logger.debug("Receive StatusCode " + samlResp.getStatus().getStatusCode().getValue() - + " from interfederated IDP."); - - } - - } catch (IOException e) { - Logger.warn("Interfederation response marshaling FAILED.", e); - - } catch (MarshallingException e) { - Logger.warn("Interfederation response marshaling FAILED.", e); - - } catch (TransformerException e) { - Logger.warn("Interfederation response marshaling FAILED.", e); - - } catch (AssertionValidationExeption e) { - //error is already logged, to nothing - } + //write revisionslog entry + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_AUTHREQUEST); - return null; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java index 5062646b6..0dd309154 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java @@ -25,27 +25,20 @@ package at.gv.egovernment.moa.id.protocols.pvp2x; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.artifact.SAMLArtifactMap; import org.opensaml.xml.io.MarshallingException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.StoredAssertion; -import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; +@Service("PVPAssertionStorage") public class PVPAssertionStorage implements SAMLArtifactMap { - - private static PVPAssertionStorage instance = null; - - public static PVPAssertionStorage getInstance() { - if(instance == null) { - instance = new PVPAssertionStorage(); - } - return instance; - } - - //private Map<String, SAMLArtifactMapEntry> assertions = new HashMap<String, SAMLArtifactMapEntry>(); - private AssertionStorage assertions = AssertionStorage.getInstance(); + @Autowired private ITransactionStorage transactionStorage; + public boolean contains(String artifact) { - return assertions.containsKey(artifact); + return transactionStorage.containsKey(artifact); } public void put(String artifact, String relyingPartyId, String issuerId, @@ -56,7 +49,7 @@ public class PVPAssertionStorage implements SAMLArtifactMap { samlMessage); try { - assertions.put(artifact, assertion); + transactionStorage.put(artifact, assertion); } catch (MOADatabaseException e) { // TODO Insert Error Handling, if Assertion could not be stored @@ -66,7 +59,7 @@ public class PVPAssertionStorage implements SAMLArtifactMap { public SAMLArtifactMapEntry get(String artifact) { try { - return assertions.get(artifact, SAMLArtifactMapEntry.class); + return transactionStorage.get(artifact, SAMLArtifactMapEntry.class); } catch (MOADatabaseException e) { // TODO Insert Error Handling, if Assertion could not be read @@ -76,7 +69,7 @@ public class PVPAssertionStorage implements SAMLArtifactMap { } public void remove(String artifact) { - assertions.remove(artifact); + transactionStorage.remove(artifact); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java index 168f2362a..73d6e978e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java @@ -31,7 +31,7 @@ public interface PVPConstants { public static final String DEFAULT_SIGNING_METHODE = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256; public static final String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256; - public static final String DEFAULT_SYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128; + public static final String DEFAULT_SYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256; public static final String DEFAULT_ASYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP; @@ -41,6 +41,11 @@ public interface PVPConstants { public static final String STORK_QAA_1_3 = "http://www.stork.gov.eu/1.0/citizenQAALevel/3"; public static final String STORK_QAA_1_4 = "http://www.stork.gov.eu/1.0/citizenQAALevel/4"; + public static final String EIDAS_QAA_PREFIX = "http://eidas.europa.eu/LoA/"; + public static final String EIDAS_QAA_LOW = EIDAS_QAA_PREFIX + "low"; + public static final String EIDAS_QAA_SUBSTANTIAL = EIDAS_QAA_PREFIX + "substantial"; + public static final String EIDAS_QAA_HIGH = EIDAS_QAA_PREFIX + "high"; + public static final String STORK_ATTRIBUTE_PREFIX = "http://www.stork.gov.eu/"; public static final String URN_OID_PREFIX = "urn:oid:"; @@ -185,6 +190,11 @@ public interface PVPConstants { public static final String MANDATE_TYPE_FRIENDLY_NAME = "MANDATE-TYPE"; public static final int MANDATE_TYPE_MAX_LENGTH = 256; + public static final String MANDATE_TYPE_OID_OID = "1.2.40.0.10.2.1.1.261.106"; + public static final String MANDATE_TYPE_OID_NAME = URN_OID_PREFIX + MANDATE_TYPE_OID_OID; + public static final String MANDATE_TYPE_OID_FRIENDLY_NAME = "MANDATE-TYPE-OID"; + public static final int MANDATE_TYPE_OID_MAX_LENGTH = 256; + public static final String MANDATE_NAT_PER_SOURCE_PIN_OID = "1.2.40.0.10.2.1.1.261.70"; public static final String MANDATE_NAT_PER_SOURCE_PIN_NAME = URN_OID_PREFIX + MANDATE_NAT_PER_SOURCE_PIN_OID; public static final String MANDATE_NAT_PER_SOURCE_PIN_FRIENDLY_NAME = "MANDATOR-NATURAL-PERSON-SOURCE-PIN"; @@ -269,4 +279,8 @@ public interface PVPConstants { public static final String CHARGE_CODE_NAME = URN_OID_PREFIX + CHARGE_CODE_OID; public static final String CHARGE_CODE_FRIENDLY_NAME = "CHARGE-CODE"; public static final int CHARGE_CODE_MAX_LENGTH = 32767; + + public static final String PVP_HOLDEROFKEY_OID = "1.2.40.0.10.2.1.1.261.xx.xx"; + public static final String PVP_HOLDEROFKEY_NAME = URN_OID_PREFIX + PVP_HOLDEROFKEY_OID; + public static final String PVP_HOLDEROFKEY_FRIENDLY_NAME = "HOLDER-OF-KEY-CERTIFICATE"; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java index 0b402a0fd..e7f2a7d4b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java @@ -22,44 +22,39 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x; +import java.util.Collection; import java.util.HashMap; import java.util.List; import java.util.Map; -import javax.servlet.http.HttpServletRequest; - import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.core.impl.AuthnRequestImpl; import org.opensaml.saml2.metadata.AttributeConsumingService; import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.springframework.beans.factory.config.BeanDefinition; +import org.springframework.context.annotation.Scope; +import org.springframework.stereotype.Component; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.RequestImpl; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; import at.gv.egovernment.moa.logging.Logger; +@Component("PVPTargetConfiguration") +@Scope(value = BeanDefinition.SCOPE_PROTOTYPE) public class PVPTargetConfiguration extends RequestImpl { - /** - * @param req - * @throws ConfigurationException - */ - public PVPTargetConfiguration(HttpServletRequest req) - throws ConfigurationException { - super(req); - - } - + public static final String DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP = "useMinimalFrontChannelResponse"; + public static final String DATAID_INTERFEDERATION_NAMEID = "federatedNameID"; + public static final String DATAID_INTERFEDERATION_QAALEVEL = "federatedQAALevel"; + + public static final String DATAID_INTERFEDERATION_REQUESTID = "authnReqID"; + private static final long serialVersionUID = 4889919265919638188L; + InboundMessage request; String binding; String consumerURL; @@ -93,15 +88,13 @@ public class PVPTargetConfiguration extends RequestImpl { * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public List<Attribute> getRequestedAttributes() { + public Collection<String> getRequestedAttributes() { Map<String, String> reqAttr = new HashMap<String, String>(); for (String el : PVP2XProtocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION) reqAttr.put(el, ""); - try { - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); - + try { SPSSODescriptor spSSODescriptor = getRequest().getEntityMetadata().getSPSSODescriptor(SAMLConstants.SAML20P_NS); if (spSSODescriptor.getAttributeConsumingServices() != null && spSSODescriptor.getAttributeConsumingServices().size() > 0) { @@ -137,15 +130,13 @@ public class PVPTargetConfiguration extends RequestImpl { reqAttr.put(attr.getName(), ""); } - return AttributQueryBuilder.buildSAML2AttributeList(oa, reqAttr.keySet().iterator()); + //return attributQueryBuilder.buildSAML2AttributeList(this.getOnlineApplicationConfiguration(), reqAttr.keySet().iterator()); + return reqAttr.keySet(); } catch (NoMetadataInformationException e) { Logger.warn("NO metadata found for Entity " + getRequest().getEntityID()); return null; - } catch (ConfigurationException e) { - Logger.error("Load configuration for OA " + getOAURL() + " FAILED", e); - return null; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java index 582f5939d..af6c79140 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java @@ -34,31 +34,37 @@ import org.hibernate.HibernateException; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.Transaction; +import org.hibernate.resource.transaction.spi.TransactionStatus; import org.opensaml.saml2.core.LogoutRequest; import org.opensaml.saml2.core.LogoutResponse; import org.opensaml.saml2.metadata.SingleLogoutService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.ISLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SLOException; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -68,8 +74,17 @@ import at.gv.egovernment.moa.util.URLEncoder; * @author tlenz * */ +@Service("pvpSingleLogOutService") public class SingleLogOutAction implements IAction { + @Autowired private SSOManager ssomanager; + @Autowired private AuthenticationManager authManager; + @Autowired private IAuthenticationSessionStoreage authenticationSessionStorage; + @Autowired private ITransactionStorage transactionStorage; + @Autowired private SingleLogOutBuilder sloBuilder; + @Autowired private MOAReversionLogger revisionsLogger; + + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData) */ @@ -87,7 +102,7 @@ public class SingleLogOutAction implements IAction { LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest(); AuthenticationSession session = - AuthenticationSessionStoreage.searchMOASessionWithNameIDandOAID( + authenticationSessionStorage.searchMOASessionWithNameIDandOAID( logOutReq.getIssuer().getValue(), logOutReq.getNameID().getValue()); @@ -96,36 +111,34 @@ public class SingleLogOutAction implements IAction { + logOutReq.getNameID().getValue() + " and OA " + logOutReq.getIssuer().getValue()); Logger.info("Search active SSO session with SSO session cookie"); - SSOManager ssomanager = SSOManager.getInstance(); String ssoID = ssomanager.getSSOSessionID(httpReq); if (MiscUtil.isEmpty(ssoID)) { Logger.info("Can not find active Session. Single LogOut not possible!"); - SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq); - //LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); - LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq, null); + SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq); + //LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); + LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null); Logger.info("Sending SLO success message to requester ..."); - SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); + sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); return null; } else { String moasession = ssomanager.getMOASession(ssoID); try { - session = AuthenticationSessionStoreage.getSession(moasession); + session = authenticationSessionStorage.getSession(moasession); } catch (MOADatabaseException e) { Logger.info("Can not find active Session. Single LogOut not possible!"); - SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq); - //LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); - LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq, null); + SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(pvpReq); + //LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI); + LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null); Logger.info("Sending SLO success message to requester ..."); - SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); + sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState()); return null; } } } - - AuthenticationManager authManager = AuthenticationManager.getInstance(); + authManager.performSingleLogOut(httpReq, httpResp, session, pvpReq); } else if (pvpReq.getRequest() instanceof MOAResponse && @@ -169,10 +182,10 @@ public class SingleLogOutAction implements IAction { Object data = SerializationUtils.deserialize(element.getAssertion()); if (data instanceof SLOInformationContainer) { - SLOInformationContainer sloContainer = (SLOInformationContainer) data; + ISLOInformationContainer sloContainer = (ISLOInformationContainer) data; //check status - SingleLogOutBuilder.checkStatusCode(sloContainer, logOutResp); + sloBuilder.checkStatusCode(sloContainer, logOutResp); if (sloContainer.hasFrontChannelOA()) { try { @@ -218,9 +231,9 @@ public class SingleLogOutAction implements IAction { String redirectURL = null; if (sloContainer.getSloRequest() != null) { //send SLO response to SLO request issuer - SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(sloContainer.getSloRequest()); - LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs()); - redirectURL = SingleLogOutBuilder.getFrontChannelSLOMessageURL(sloService, message, httpReq, httpResp, sloContainer.getSloRequest().getRequest().getRelayState()); + SingleLogoutService sloService = sloBuilder.getResponseSLODescriptor(sloContainer.getSloRequest()); + LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs()); + redirectURL = sloBuilder.getFrontChannelSLOMessageURL(sloService, message, httpReq, httpResp, sloContainer.getSloRequest().getRequest().getRelayState()); } else { //print SLO information directly @@ -230,12 +243,18 @@ public class SingleLogOutAction implements IAction { String statusCode = null; if (sloContainer.getSloFailedOAs() == null || - sloContainer.getSloFailedOAs().size() == 0) + sloContainer.getSloFailedOAs().size() == 0) { statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS; - else + revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), + MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID); + + } else { + revisionsLogger.logEvent(sloContainer.getSessionID(), sloContainer.getTransactionID(), + MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID); statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; - - AssertionStorage.getInstance().put(artifact, statusCode); + + } + transactionStorage.put(artifact, statusCode); redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); } @@ -265,7 +284,7 @@ public class SingleLogOutAction implements IAction { throw new AuthenticationException("pvp2.13", new Object[]{}); } finally { - if (tx != null && !tx.wasCommitted()) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) { tx.commit(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java deleted file mode 100644 index 4d353ffcd..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java +++ /dev/null @@ -1,121 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.binding; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.app.VelocityEngine; -import org.apache.velocity.runtime.RuntimeConstants; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.binding.encoding.HTTPArtifactEncoder; -import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.StatusResponseType; -import org.opensaml.saml2.metadata.SingleSignOnService; -import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; -import org.opensaml.ws.message.decoder.MessageDecodingException; -import org.opensaml.ws.message.encoder.MessageEncodingException; -import org.opensaml.ws.transport.http.HttpServletResponseAdapter; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.signature.Signature; - -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPAssertionStorage; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; - -public class ArtifactBinding implements IDecoder, IEncoder { - - public void encodeRequest(HttpServletRequest req, HttpServletResponse resp, - RequestAbstractType request, String targetLocation, String relayState) - throws MessageEncodingException, SecurityException { - - } - - public void encodeRespone(HttpServletRequest req, HttpServletResponse resp, - StatusResponseType response, String targetLocation, String relayState) - throws MessageEncodingException, SecurityException { - try { - Credential credentials = CredentialProvider - .getIDPAssertionSigningCredential(); - - Signature signer = CredentialProvider.getIDPSignature(credentials); - response.setSignature(signer); - - VelocityEngine engine = new VelocityEngine(); - engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); - engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); - engine.setProperty("classpath.resource.loader.class", - "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); - engine.init(); - - HTTPArtifactEncoder encoder = new HTTPArtifactEncoder(engine, - "resources/templates/pvp_postbinding_template.html", - PVPAssertionStorage.getInstance()); - - encoder.setPostEncoding(false); - HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( - resp, true); - BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); - SingleSignOnService service = new SingleSignOnServiceBuilder() - .buildObject(); - service.setBinding(SAMLConstants.SAML2_ARTIFACT_BINDING_URI); - service.setLocation(targetLocation); - context.setOutboundSAMLMessageSigningCredential(credentials); - context.setPeerEntityEndpoint(service); - context.setOutboundSAMLMessage(response); - context.setOutboundMessageTransport(responseAdapter); - - encoder.encode(context); - } catch (CredentialsNotAvailableException e) { - e.printStackTrace(); - throw new SecurityException(e); - - } catch (Exception e) { - throw new SecurityException(e); - } - } - - public InboundMessageInterface decode(HttpServletRequest req, - HttpServletResponse resp, boolean isSPEndPoint) throws MessageDecodingException, - SecurityException { - - return null; - } - - - public boolean handleDecode(String action, HttpServletRequest req) { - - return false; - } - - public String getSAML2BindingName() { - return SAMLConstants.SAML2_ARTIFACT_BINDING_URI; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IDecoder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IDecoder.java index 6619876dc..71c5a46a4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IDecoder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IDecoder.java @@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.binding; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.opensaml.common.binding.decoding.URIComparator; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.xml.security.SecurityException; @@ -33,7 +35,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface public interface IDecoder { public InboundMessageInterface decode(HttpServletRequest req, - HttpServletResponse resp, boolean isSPEndPoint) + HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSPEndPoint, URIComparator comparator) throws MessageDecodingException, SecurityException, PVP2Exception; public boolean handleDecode(String action, HttpServletRequest req); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java index de5548a44..3b2fb3687 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java @@ -29,24 +29,40 @@ import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.credential.Credential; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; public interface IEncoder { + + /** + * + * @param req The http request + * @param resp The http response + * @param request The SAML2 request object + * @param targetLocation URL, where the request should be transmit + * @param relayState token for session handling + * @param credentials Credential to sign the request object + * @throws MessageEncodingException + * @throws SecurityException + * @throws PVP2Exception + */ public void encodeRequest(HttpServletRequest req, - HttpServletResponse resp, RequestAbstractType request, String targetLocation, String relayState) + HttpServletResponse resp, RequestAbstractType request, String targetLocation, String relayState, Credential credentials) throws MessageEncodingException, SecurityException, PVP2Exception; /** * Encoder SAML Response * @param req The http request * @param resp The http response - * @param response The repsonse object - * @param targetLocation + * @param response The SAML2 repsonse object + * @param targetLocation URL, where the request should be transmit + * @param relayState token for session handling + * @param credentials Credential to sign the response object * @throws MessageEncodingException * @throws SecurityException */ public void encodeRespone(HttpServletRequest req, - HttpServletResponse resp, StatusResponseType response, String targetLocation, String relayState) + HttpServletResponse resp, StatusResponseType response, String targetLocation, String relayState, Credential credentials) throws MessageEncodingException, SecurityException, PVP2Exception; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOAURICompare.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOAURICompare.java index 6080f8a33..7bb64a106 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOAURICompare.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOAURICompare.java @@ -24,6 +24,8 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.binding; import org.opensaml.common.binding.decoding.URIComparator; +import at.gv.egovernment.moa.logging.Logger; + public class MOAURICompare implements URIComparator { /** @@ -40,8 +42,12 @@ public class MOAURICompare implements URIComparator { if (this.serviceURL.equals(uri1)) return true; - else + else { + Logger.warn("PVP request destination-endpoint: " + uri1 + + " does not match to IDP endpoint:" + serviceURL); return false; + + } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java index 8a6b09376..9977e607b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java @@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.velocity.app.VelocityEngine; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; +import org.opensaml.common.binding.decoding.URIComparator; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.saml2.binding.encoding.HTTPPostEncoder; @@ -37,6 +38,7 @@ import org.opensaml.saml2.metadata.IDPSSODescriptor; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.saml2.metadata.SingleSignOnService; import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.security.SecurityPolicyResolver; @@ -46,35 +48,33 @@ import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.x509.X509Credential; +import org.opensaml.xml.security.credential.Credential; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.validation.MOAPVPSignedRequestPolicyRule; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; public class PostBinding implements IDecoder, IEncoder { - + public void encodeRequest(HttpServletRequest req, HttpServletResponse resp, - RequestAbstractType request, String targetLocation, String relayState) + RequestAbstractType request, String targetLocation, String relayState, Credential credentials) throws MessageEncodingException, SecurityException { try { - X509Credential credentials = CredentialProvider - .getIDPAssertionSigningCredential(); +// X509Credential credentials = credentialProvider +// .getIDPAssertionSigningCredential(); + //load default PVP security configurations + MOADefaultBootstrap.initializeDefaultPVPConfiguration(); + VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); HTTPPostEncoder encoder = new HTTPPostEncoder(engine, "resources/templates/pvp_postbinding_template.html"); @@ -93,9 +93,9 @@ public class PostBinding implements IDecoder, IEncoder { encoder.encode(context); - } catch (CredentialsNotAvailableException e) { - e.printStackTrace(); - throw new SecurityException(e); +// } catch (CredentialsNotAvailableException e) { +// e.printStackTrace(); +// throw new SecurityException(e); } catch (Exception e) { e.printStackTrace(); throw new SecurityException(e); @@ -103,13 +103,16 @@ public class PostBinding implements IDecoder, IEncoder { } public void encodeRespone(HttpServletRequest req, HttpServletResponse resp, - StatusResponseType response, String targetLocation, String relayState) + StatusResponseType response, String targetLocation, String relayState, Credential credentials) throws MessageEncodingException, SecurityException { try { - X509Credential credentials = CredentialProvider - .getIDPAssertionSigningCredential(); +// X509Credential credentials = credentialProvider +// .getIDPAssertionSigningCredential(); + //load default PVP security configurations + MOADefaultBootstrap.initializeDefaultPVPConfiguration(); + Logger.debug("create SAML POSTBinding response"); VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); @@ -131,9 +134,9 @@ public class PostBinding implements IDecoder, IEncoder { context.setRelayState(relayState); encoder.encode(context); - } catch (CredentialsNotAvailableException e) { - e.printStackTrace(); - throw new SecurityException(e); +// } catch (CredentialsNotAvailableException e) { +// e.printStackTrace(); +// throw new SecurityException(e); } catch (Exception e) { e.printStackTrace(); throw new SecurityException(e); @@ -141,35 +144,30 @@ public class PostBinding implements IDecoder, IEncoder { } public InboundMessageInterface decode(HttpServletRequest req, - HttpServletResponse resp, boolean isSPEndPoint) throws MessageDecodingException, + HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSPEndPoint, URIComparator comparator) throws MessageDecodingException, SecurityException { HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool()); BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>(); messageContext .setInboundMessageTransport(new HttpServletRequestAdapter(req)); - try { - //set metadata descriptor type - if (isSPEndPoint) { - messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService(HTTPUtils.extractAuthURLFromRequest(req)))); - - } else { - messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService(HTTPUtils.extractAuthURLFromRequest(req)))); - } - - } catch (ConfigurationException e) { - throw new SecurityException(e); + //set metadata descriptor type + if (isSPEndPoint) { + messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); + decode.setURIComparator(comparator); + + } else { + messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); + decode.setURIComparator(comparator); } - messageContext.setMetadataProvider(MOAMetadataProvider.getInstance()); + messageContext.setMetadataProvider(metadataProvider); //set security policy context BasicSecurityPolicy policy = new BasicSecurityPolicy(); policy.getPolicyRules().add( - new MOAPVPSignedRequestPolicyRule( - TrustEngineFactory.getSignatureKnownKeysTrustEngine(), + new MOAPVPSignedRequestPolicyRule(metadataProvider, + TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider), messageContext.getPeerEntityRole())); SecurityPolicyResolver secResolver = new StaticSecurityPolicyResolver(policy); messageContext.setSecurityPolicyResolver(secResolver); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java index 0a459a9be..279038967 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java @@ -27,6 +27,7 @@ import javax.servlet.http.HttpServletResponse; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; +import org.opensaml.common.binding.decoding.URIComparator; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.decoding.HTTPRedirectDeflateDecoder; import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; @@ -38,6 +39,7 @@ import org.opensaml.saml2.metadata.IDPSSODescriptor; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.saml2.metadata.SingleSignOnService; import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.security.SecurityPolicyResolver; @@ -47,33 +49,32 @@ import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.x509.X509Credential; +import org.opensaml.xml.security.credential.Credential; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IMOARefreshableMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; -import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; public class RedirectBinding implements IDecoder, IEncoder { - + public void encodeRequest(HttpServletRequest req, HttpServletResponse resp, - RequestAbstractType request, String targetLocation, String relayState) + RequestAbstractType request, String targetLocation, String relayState, Credential credentials) throws MessageEncodingException, SecurityException { - try { - X509Credential credentials = CredentialProvider - .getIDPAssertionSigningCredential(); +// try { +// X509Credential credentials = credentialProvider +// .getIDPAssertionSigningCredential(); + //load default PVP security configurations + MOADefaultBootstrap.initializeDefaultPVPConfiguration(); + Logger.debug("create SAML RedirectBinding response"); HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder(); @@ -91,19 +92,22 @@ public class RedirectBinding implements IDecoder, IEncoder { context.setRelayState(relayState); encoder.encode(context); - } catch (CredentialsNotAvailableException e) { - e.printStackTrace(); - throw new SecurityException(e); - } +// } catch (CredentialsNotAvailableException e) { +// e.printStackTrace(); +// throw new SecurityException(e); +// } } public void encodeRespone(HttpServletRequest req, HttpServletResponse resp, - StatusResponseType response, String targetLocation, String relayState) - throws MessageEncodingException, SecurityException { - try { - X509Credential credentials = CredentialProvider - .getIDPAssertionSigningCredential(); + StatusResponseType response, String targetLocation, String relayState, + Credential credentials) throws MessageEncodingException, SecurityException { +// try { +// X509Credential credentials = credentialProvider +// .getIDPAssertionSigningCredential(); + //load default PVP security configurations + MOADefaultBootstrap.initializeDefaultPVPConfiguration(); + Logger.debug("create SAML RedirectBinding response"); HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder(); @@ -121,14 +125,14 @@ public class RedirectBinding implements IDecoder, IEncoder { context.setRelayState(relayState); encoder.encode(context); - } catch (CredentialsNotAvailableException e) { - e.printStackTrace(); - throw new SecurityException(e); - } +// } catch (CredentialsNotAvailableException e) { +// e.printStackTrace(); +// throw new SecurityException(e); +// } } public InboundMessageInterface decode(HttpServletRequest req, - HttpServletResponse resp, boolean isSPEndPoint) throws MessageDecodingException, + HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSPEndPoint, URIComparator comparator) throws MessageDecodingException, SecurityException { HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder( @@ -138,26 +142,20 @@ public class RedirectBinding implements IDecoder, IEncoder { messageContext .setInboundMessageTransport(new HttpServletRequestAdapter(req)); - try { - //set metadata descriptor type - if (isSPEndPoint) { - messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSORedirectService(HTTPUtils.extractAuthURLFromRequest(req)))); - - } else { - messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService(HTTPUtils.extractAuthURLFromRequest(req)))); - } - - } catch (ConfigurationException e) { - throw new SecurityException(e); + //set metadata descriptor type + if (isSPEndPoint) { + messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); + decode.setURIComparator(comparator); + } else { + messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); + decode.setURIComparator(comparator); } - messageContext.setMetadataProvider(MOAMetadataProvider.getInstance()); + messageContext.setMetadataProvider(metadataProvider); SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule( - TrustEngineFactory.getSignatureKnownKeysTrustEngine()); + TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider)); SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule(); BasicSecurityPolicy policy = new BasicSecurityPolicy(); policy.getPolicyRules().add(signatureRule); @@ -182,20 +180,27 @@ public class RedirectBinding implements IDecoder, IEncoder { if (MiscUtil.isEmpty(messageContext.getInboundMessageIssuer())) { throw e; - } - Logger.debug("PVP2X message validation FAILED. Relead metadata for entityID: " + messageContext.getPeerEntityId()); - if (!MOAMetadataProvider.getInstance().refreshMetadataProvider(messageContext.getInboundMessageIssuer())) - throw e; + } - else { - Logger.trace("PVP2X metadata reload finished. Check validate message again."); - decode.decode(messageContext); + if (metadataProvider instanceof IMOARefreshableMetadataProvider) { + Logger.debug("PVP2X message validation FAILED. Reload metadata for entityID: " + messageContext.getInboundMessageIssuer()); + if (!((IMOARefreshableMetadataProvider) metadataProvider).refreshMetadataProvider(messageContext.getInboundMessageIssuer())) + throw e; + + else { + Logger.trace("PVP2X metadata reload finished. Check validate message again."); + decode.decode(messageContext); - //check signature - signatureRule.evaluate(messageContext); + //check signature + signatureRule.evaluate(messageContext); + } + Logger.trace("Second PVP2X message validation finished"); + + } else { + throw e; + } - Logger.trace("Second PVP2X message validation finished"); } InboundMessage msg = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java index 2ef861e20..25b22f0ad 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java @@ -29,11 +29,13 @@ import javax.servlet.http.HttpServletResponse; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; +import org.opensaml.common.binding.decoding.URIComparator; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder; import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.soap.soap11.Envelope; @@ -45,22 +47,25 @@ import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.signature.SignableXMLObject; +import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; public class SoapBinding implements IDecoder, IEncoder { + @Autowired private IDPCredentialProvider credentialProvider; + public InboundMessageInterface decode(HttpServletRequest req, - HttpServletResponse resp, boolean isSPEndPoint) throws MessageDecodingException, + HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSPEndPoint, URIComparator comparator) throws MessageDecodingException, SecurityException, PVP2Exception { HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool()); BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = @@ -68,7 +73,7 @@ public class SoapBinding implements IDecoder, IEncoder { messageContext .setInboundMessageTransport(new HttpServletRequestAdapter( req)); - messageContext.setMetadataProvider(MOAMetadataProvider.getInstance()); + messageContext.setMetadataProvider(metadataProvider); //TODO: update in a futher version: // requires a special SignedSOAPRequestPolicyRole because @@ -130,17 +135,20 @@ public class SoapBinding implements IDecoder, IEncoder { } public void encodeRequest(HttpServletRequest req, HttpServletResponse resp, - RequestAbstractType request, String targetLocation, String relayState) + RequestAbstractType request, String targetLocation, String relayState, Credential credentials) throws MessageEncodingException, SecurityException, PVP2Exception { } public void encodeRespone(HttpServletRequest req, HttpServletResponse resp, - StatusResponseType response, String targetLocation, String relayState) + StatusResponseType response, String targetLocation, String relayState, Credential credentials) throws MessageEncodingException, SecurityException, PVP2Exception { - try { - Credential credentials = CredentialProvider - .getIDPAssertionSigningCredential(); +// try { +// Credential credentials = credentialProvider +// .getIDPAssertionSigningCredential(); + + //load default PVP security configurations + MOADefaultBootstrap.initializeDefaultPVPConfiguration(); HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder(); HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter( @@ -151,10 +159,10 @@ public class SoapBinding implements IDecoder, IEncoder { context.setOutboundMessageTransport(responseAdapter); encoder.encode(context); - } catch (CredentialsNotAvailableException e) { - e.printStackTrace(); - throw new SecurityException(e); - } +// } catch (CredentialsNotAvailableException e) { +// e.printStackTrace(); +// throw new SecurityException(e); +// } } public String getSAML2BindingName() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AttributQueryBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AttributQueryBuilder.java index ebbafd4e3..2df72637d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AttributQueryBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AttributQueryBuilder.java @@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder; import java.util.ArrayList; import java.util.Iterator; import java.util.List; -import java.util.Set; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; @@ -46,17 +45,18 @@ import org.opensaml.xml.signature.Signature; import org.opensaml.xml.signature.SignatureConstants; import org.opensaml.xml.signature.SignatureException; import org.opensaml.xml.signature.Signer; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import org.w3c.dom.Document; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.SamlAttributeGenerator; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -65,9 +65,12 @@ import at.gv.egovernment.moa.util.Constants; * @author tlenz * */ +@Service("AttributQueryBuilder") public class AttributQueryBuilder { - public static List<Attribute> buildSAML2AttributeList(IOAAuthParameters oa, Iterator<String> iterator) { + @Autowired IDPCredentialProvider credentialProvider; + + public List<Attribute> buildSAML2AttributeList(IOAAuthParameters oa, Iterator<String> iterator) { Logger.debug("Build OA specific Attributes for AttributQuery request"); @@ -103,7 +106,7 @@ public class AttributQueryBuilder { } - public static AttributeQuery buildAttributQueryRequest(String nameID, + public AttributeQuery buildAttributQueryRequest(String nameID, String endpoint, List<Attribute> requestedAttributes) throws AttributQueryException { @@ -136,7 +139,7 @@ public class AttributQueryBuilder { query.setDestination(endpoint); - X509Credential idpSigningCredential = CredentialProvider.getIDPAssertionSigningCredential(); + X509Credential idpSigningCredential = credentialProvider.getIDPAssertionSigningCredential(); Signature signer = SAML2Utils.createSAMLObject(Signature.class); signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java index 24c2626e3..78ddab488 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java @@ -23,7 +23,6 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder; import java.util.ArrayList; -import java.util.Date; import java.util.List; import org.joda.time.DateTime; @@ -38,6 +37,7 @@ import org.opensaml.saml2.core.Response; import org.opensaml.saml2.encryption.Encrypter; import org.opensaml.saml2.encryption.Encrypter.KeyPlacement; import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.security.MetadataCredentialResolver; import org.opensaml.security.MetadataCriteria; import org.opensaml.xml.encryption.EncryptionException; @@ -51,12 +51,9 @@ import org.opensaml.xml.security.criteria.UsageCriteria; import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; import org.opensaml.xml.security.x509.X509Credential; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionEncryptionException; -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; @@ -66,15 +63,12 @@ import at.gv.egovernment.moa.logging.Logger; */ public class AuthResponseBuilder { - public static Response buildResponse(String authURL, RequestAbstractType req, DateTime date, Assertion assertion) throws InvalidAssertionEncryptionException, ConfigurationException { + public static Response buildResponse(MetadataProvider metadataProvider, String issuerEntityID, RequestAbstractType req, DateTime date, Assertion assertion, boolean enableEncryption) throws InvalidAssertionEncryptionException, ConfigurationException { Response authResponse = SAML2Utils.createSAMLObject(Response.class); Issuer nissuer = SAML2Utils.createSAMLObject(Issuer.class); - //change to entity value from entity name to IDP EntityID (URL) - if (authURL.endsWith("/")) - authURL = authURL.substring(0, authURL.length()-1); - nissuer.setValue(authURL); + nissuer.setValue(issuerEntityID); nissuer.setFormat(NameID.ENTITY); authResponse.setIssuer(nissuer); authResponse.setInResponseTo(req.getID()); @@ -91,7 +85,7 @@ public class AuthResponseBuilder { //check, if metadata includes an encryption key MetadataCredentialResolver mdCredResolver = - new MetadataCredentialResolver(MOAMetadataProvider.getInstance()); + new MetadataCredentialResolver(metadataProvider); CriteriaSet criteriaSet = new CriteriaSet(); criteriaSet.add( new EntityIDCriteria(req.getIssuer().getValue()) ); @@ -107,9 +101,8 @@ public class AuthResponseBuilder { throw new InvalidAssertionEncryptionException(); } - - boolean isEncryptionActive = AuthConfigurationProviderFactory.getInstance().isPVP2AssertionEncryptionActive(); - if (encryptionCredentials != null && isEncryptionActive) { + + if (encryptionCredentials != null && enableEncryption) { //encrypt SAML2 assertion try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java index 23ea4d7ee..b82e6c1f0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java @@ -23,30 +23,29 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder; import java.util.ArrayList; +import java.util.Collection; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.ServiceLoader; import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.metadata.RequestedAttribute; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator; - -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.data.IAuthData; - import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.SamlAttributeGenerator; - import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.InvalidDateFormatAttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.NoMandateDataAttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException; - import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidDateFormatException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.UnprovideableAttributeException; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; public class PVPAttributeBuilder { @@ -148,4 +147,61 @@ public class PVPAttributeBuilder { return attributes; } + public static RequestedAttribute buildReqAttribute(String name, String friendlyName, boolean required) { + RequestedAttribute attribute = SAML2Utils.createSAMLObject(RequestedAttribute.class); + attribute.setIsRequired(required); + attribute.setName(name); + attribute.setFriendlyName(friendlyName); + attribute.setNameFormat(Attribute.URI_REFERENCE); + return attribute; + } + + /** + * Build a set of PVP Response-Attributes + * <br><br> + * <b>INFO:</b> If a specific attribute can not be build, a info is logged, but no execpetion is thrown. + * Therefore, the return List must not include all requested attributes. + * + * @param authData AuthenticationData <code>IAuthData</code> which is used to build the attribute values, but never <code>null</code> + * @param reqAttributenName List of PVP attribute names which are requested, but never <code>null</code> + * @return List of PVP attributes, but never <code>null</code> + */ + public static List<Attribute> buildSetOfResponseAttributes(IAuthData authData, + Collection<String> reqAttributenName) { + List<Attribute> attrList = new ArrayList<Attribute>(); + if (reqAttributenName != null) { + Iterator<String> it = reqAttributenName.iterator(); + while (it.hasNext()) { + String reqAttributName = it.next(); + try { + Attribute attr = PVPAttributeBuilder.buildAttribute( + reqAttributName, null, authData); + if (attr == null) { + Logger.info( + "Attribute generation failed! for " + + reqAttributName); + + } else { + attrList.add(attr); + + } + + } catch (PVP2Exception e) { + Logger.info( + "Attribute generation failed! for " + + reqAttributName); + + } catch (Exception e) { + Logger.warn( + "General Attribute generation failed! for " + + reqAttributName, e); + + } + } + } + + return attrList; + } + + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java new file mode 100644 index 000000000..01ef4a43d --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java @@ -0,0 +1,218 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.builder; + +import java.security.NoSuchAlgorithmException; + +import javax.servlet.http.HttpServletResponse; + +import org.joda.time.DateTime; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.core.AuthnContextClassRef; +import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.saml2.core.Issuer; +import org.opensaml.saml2.core.NameID; +import org.opensaml.saml2.core.NameIDPolicy; +import org.opensaml.saml2.core.NameIDType; +import org.opensaml.saml2.core.RequestedAuthnContext; +import org.opensaml.saml2.core.Subject; +import org.opensaml.saml2.core.SubjectConfirmation; +import org.opensaml.saml2.core.SubjectConfirmationData; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.SingleSignOnService; +import org.opensaml.ws.message.encoder.MessageEncodingException; +import org.opensaml.xml.security.SecurityException; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestBuildException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Service("PVPAuthnRequestBuilder") +public class PVPAuthnRequestBuilder { + + + /** + * Build a PVP2.x specific authentication request + * + * @param pendingReq Currently processed pendingRequest + * @param config AuthnRequest builder configuration, never null + * @param idpEntity SAML2 EntityDescriptor of the IDP, which receive this AuthnRequest, never null + * @param httpResp + * @throws NoSuchAlgorithmException + * @throws SecurityException + * @throws PVP2Exception + * @throws MessageEncodingException + */ + public void buildAuthnRequest(IRequest pendingReq, IPVPAuthnRequestBuilderConfiguruation config, + HttpServletResponse httpResp) throws NoSuchAlgorithmException, MessageEncodingException, PVP2Exception, SecurityException { + //get IDP Entity element from config + EntityDescriptor idpEntity = config.getIDPEntityDescriptor(); + + AuthnRequest authReq = SAML2Utils + .createSAMLObject(AuthnRequest.class); + + //select SingleSignOn Service endpoint from IDP metadata + SingleSignOnService endpoint = null; + for (SingleSignOnService sss : + idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) { + + // use POST binding as default if it exists + if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { + endpoint = sss; + + } else if ( sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI) + && endpoint == null ) + endpoint = sss; + + } + + if (endpoint == null) { + Logger.warn("Building AuthnRequest FAILED: > Requested IDP " + idpEntity.getEntityID() + + " does not support POST or Redirect Binding."); + throw new AuthnRequestBuildException("sp.pvp2.00", new Object[]{config.getSPNameForLogging(), idpEntity.getEntityID()}); + + } else + authReq.setDestination(endpoint.getLocation()); + + + //set basic AuthnRequest information + String reqID = config.getRequestID(); + if (MiscUtil.isNotEmpty(reqID)) + authReq.setID(reqID); + + else { + SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator(); + authReq.setID(gen.generateIdentifier()); + + } + + authReq.setIssueInstant(new DateTime()); + + //set isPassive flag + if (config.isPassivRequest() == null) + authReq.setIsPassive(false); + else + authReq.setIsPassive(config.isPassivRequest()); + + //set EntityID of the service provider + Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); + issuer.setFormat(NameIDType.ENTITY); + issuer.setValue(config.getSPEntityID()); + authReq.setIssuer(issuer); + + //set AssertionConsumerService ID + if (config.getAssertionConsumerServiceId() != null) + authReq.setAssertionConsumerServiceIndex(config.getAssertionConsumerServiceId()); + + //set NameIDPolicy + if (config.getNameIDPolicyFormat() != null) { + NameIDPolicy policy = SAML2Utils.createSAMLObject(NameIDPolicy.class); + policy.setAllowCreate(config.getNameIDPolicyAllowCreation()); + policy.setFormat(config.getNameIDPolicyFormat()); + authReq.setNameIDPolicy(policy); + } + + //set requested QAA level + if (config.getAuthnContextClassRef() != null) { + RequestedAuthnContext reqAuthContext = SAML2Utils.createSAMLObject(RequestedAuthnContext.class); + AuthnContextClassRef authnClassRef = SAML2Utils.createSAMLObject(AuthnContextClassRef.class); + + authnClassRef.setAuthnContextClassRef(config.getAuthnContextClassRef()); + + if (config.getAuthnContextComparison() == null) + reqAuthContext.setComparison(AuthnContextComparisonTypeEnumeration.MINIMUM); + else + reqAuthContext.setComparison(config.getAuthnContextComparison()); + + reqAuthContext.getAuthnContextClassRefs().add(authnClassRef); + authReq.setRequestedAuthnContext(reqAuthContext); + } + + //set request Subject element + if (MiscUtil.isNotEmpty(config.getSubjectNameID())) { + Subject reqSubject = SAML2Utils.createSAMLObject(Subject.class); + NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class); + + subjectNameID.setValue(config.getSubjectNameID()); + if (MiscUtil.isNotEmpty(config.getSubjectNameIDQualifier())) + subjectNameID.setNameQualifier(config.getSubjectNameIDQualifier()); + + if (MiscUtil.isNotEmpty(config.getSubjectNameIDFormat())) + subjectNameID.setFormat(config.getSubjectNameIDFormat()); + else + subjectNameID.setFormat(NameID.TRANSIENT); + + reqSubject.setNameID(subjectNameID); + + if (config.getSubjectConformationDate() != null) { + SubjectConfirmation subjectConformation = SAML2Utils.createSAMLObject(SubjectConfirmation.class); + SubjectConfirmationData subjectConformDate = SAML2Utils.createSAMLObject(SubjectConfirmationData.class); + subjectConformation.setSubjectConfirmationData(subjectConformDate); + reqSubject.getSubjectConfirmations().add(subjectConformation ); + + if (config.getSubjectConformationMethode() != null) + subjectConformation.setMethod(config.getSubjectConformationMethode()); + + subjectConformDate.setDOM(config.getSubjectConformationDate()); + + } + + authReq.setSubject(reqSubject ); + + } + + //TODO: implement requested attributes + //maybe: config.getRequestedAttributes(); + + //select message encoder + IEncoder binding = null; + if (endpoint.getBinding().equals( + SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { + binding = new RedirectBinding(); + + } else if (endpoint.getBinding().equals( + SAMLConstants.SAML2_POST_BINDING_URI)) { + binding = new PostBinding(); + + } + + //encode message + binding.encodeRequest(null, httpResp, authReq, + endpoint.getLocation(), pendingReq.getRequestID(), config.getAuthnRequestSigningCredential()); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java new file mode 100644 index 000000000..855925272 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java @@ -0,0 +1,463 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.builder; + +import java.io.IOException; +import java.io.StringWriter; +import java.security.PrivateKey; +import java.security.interfaces.RSAPrivateKey; +import java.util.List; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.TransformerFactoryConfigurationError; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.joda.time.DateTime; +import org.opensaml.Configuration; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.metadata.AssertionConsumerService; +import org.opensaml.saml2.metadata.AttributeConsumingService; +import org.opensaml.saml2.metadata.ContactPerson; +import org.opensaml.saml2.metadata.EntitiesDescriptor; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.IDPSSODescriptor; +import org.opensaml.saml2.metadata.KeyDescriptor; +import org.opensaml.saml2.metadata.LocalizedString; +import org.opensaml.saml2.metadata.NameIDFormat; +import org.opensaml.saml2.metadata.Organization; +import org.opensaml.saml2.metadata.RequestedAttribute; +import org.opensaml.saml2.metadata.RoleDescriptor; +import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml2.metadata.ServiceName; +import org.opensaml.saml2.metadata.SingleLogoutService; +import org.opensaml.saml2.metadata.SingleSignOnService; +import org.opensaml.xml.io.Marshaller; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.SecurityHelper; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.credential.UsageType; +import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; +import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; +import org.opensaml.xml.signature.SignatureException; +import org.opensaml.xml.signature.Signer; +import org.springframework.stereotype.Service; +import org.w3c.dom.Document; + +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ + +@Service("PVPMetadataBuilder") +public class PVPMetadataBuilder { + + X509KeyInfoGeneratorFactory keyInfoFactory = null; + + /** + * + */ + public PVPMetadataBuilder() { + keyInfoFactory = new X509KeyInfoGeneratorFactory(); + keyInfoFactory.setEmitEntityIDAsKeyName(true); + keyInfoFactory.setEmitEntityCertificate(true); + + } + + + /** + * + * Build PVP 2.1 conform SAML2 metadata + * + * @param config + * PVPMetadataBuilder configuration + * + * @return PVP metadata as XML String + * @throws SecurityException + * @throws ConfigurationException + * @throws CredentialsNotAvailableException + * @throws TransformerFactoryConfigurationError + * @throws MarshallingException + * @throws TransformerException + * @throws ParserConfigurationException + * @throws IOException + * @throws SignatureException + */ + public String buildPVPMetadata(IPVPMetadataBuilderConfiguration config) throws CredentialsNotAvailableException, ConfigurationException, SecurityException, TransformerFactoryConfigurationError, MarshallingException, TransformerException, ParserConfigurationException, IOException, SignatureException { + DateTime date = new DateTime(); + EntityDescriptor entityDescriptor = SAML2Utils + .createSAMLObject(EntityDescriptor.class); + + //set entityID + entityDescriptor.setEntityID(config.getEntityID()); + + //set contact and organisation information + List<ContactPerson> contactPersons = config.getContactPersonInformation(); + if (contactPersons != null) + entityDescriptor.getContactPersons().addAll(contactPersons); + + Organization organisation = config.getOrgansiationInformation(); + if (organisation != null) + entityDescriptor.setOrganization(organisation); + + //set IDP metadata + if (config.buildIDPSSODescriptor()) { + RoleDescriptor idpSSODesc = generateIDPMetadata(config); + if (idpSSODesc != null) + entityDescriptor.getRoleDescriptors().add(idpSSODesc); + + } + + //set SP metadata for interfederation + if (config.buildSPSSODescriptor()) { + RoleDescriptor spSSODesc = generateSPMetadata(config); + if (spSSODesc != null) + entityDescriptor.getRoleDescriptors().add(spSSODesc); + + } + + //set metadata signature parameters + Credential metadataSignCred = config.getMetadataSigningCredentials(); + Signature signature = getIDPSignature(metadataSignCred); + SecurityHelper.prepareSignatureParams(signature, metadataSignCred, null, null); + + + //initialize XML document builder + DocumentBuilder builder; + DocumentBuilderFactory factory = DocumentBuilderFactory + .newInstance(); + + builder = factory.newDocumentBuilder(); + Document document = builder.newDocument(); + + + //build entities descriptor + if (config.buildEntitiesDescriptorAsRootElement()) { + EntitiesDescriptor entitiesDescriptor = + SAML2Utils.createSAMLObject(EntitiesDescriptor.class); + entitiesDescriptor.setName(config.getEntityFriendlyName()); + entitiesDescriptor.setID(SAML2Utils.getSecureIdentifier()); + entitiesDescriptor.setValidUntil(date.plusHours(config.getMetadataValidUntil())); + entitiesDescriptor.getEntityDescriptors().add(entityDescriptor); + + entitiesDescriptor.setSignature(signature); + + //marshall document + Marshaller out = Configuration.getMarshallerFactory() + .getMarshaller(entitiesDescriptor); + out.marshall(entitiesDescriptor, document); + + } else { + entityDescriptor.setValidUntil(date.plusHours(config.getMetadataValidUntil())); + entityDescriptor.setID(SAML2Utils.getSecureIdentifier()); + + entityDescriptor.setSignature(signature); + + + + //marshall document + Marshaller out = Configuration.getMarshallerFactory() + .getMarshaller(entityDescriptor); + out.marshall(entityDescriptor, document); + + } + + //sign metadata + Signer.signObject(signature); + + //transform metadata object to XML string + Transformer transformer = TransformerFactory.newInstance() + .newTransformer(); + + StringWriter sw = new StringWriter(); + StreamResult sr = new StreamResult(sw); + DOMSource source = new DOMSource(document); + transformer.transform(source, sr); + sw.close(); + + return sw.toString(); + } + + + private RoleDescriptor generateSPMetadata(IPVPMetadataBuilderConfiguration config) throws CredentialsNotAvailableException, SecurityException, ConfigurationException { + SPSSODescriptor spSSODescriptor = SAML2Utils.createSAMLObject(SPSSODescriptor.class); + spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS); + spSSODescriptor.setAuthnRequestsSigned(config.wantAuthnRequestSigned()); + spSSODescriptor.setWantAssertionsSigned(config.wantAssertionSigned()); + + KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance(); + + //Set AuthRequest Signing certificate + Credential authcredential = config.getRequestorResponseSigningCredentials(); + if (authcredential == null) { + Logger.warn("SP Metadata generation FAILED! --> Builder has NO request signing-credential. "); + return null; + + } else { + KeyDescriptor signKeyDescriptor = SAML2Utils + .createSAMLObject(KeyDescriptor.class); + signKeyDescriptor.setUse(UsageType.SIGNING); + signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential)); + spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); + + } + + //Set assertion encryption credentials + Credential authEncCredential = config.getEncryptionCredentials(); + + if (authEncCredential != null) { + KeyDescriptor encryKeyDescriptor = SAML2Utils + .createSAMLObject(KeyDescriptor.class); + encryKeyDescriptor.setUse(UsageType.ENCRYPTION); + encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential)); + spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor); + + } else { + Logger.warn("No Assertion Encryption-Key defined. This setting is not recommended!"); + + } + + //check nameID formates + if (config.getSPAllowedNameITTypes() == null || config.getSPAllowedNameITTypes().size() == 0) { + Logger.warn("SP Metadata generation FAILED! --> Builder has NO provideable SAML2 nameIDFormats. "); + return null; + + } else { + for (String format : config.getSPAllowedNameITTypes()) { + NameIDFormat nameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); + nameIDFormat.setFormat(format); + spSSODescriptor.getNameIDFormats().add(nameIDFormat); + + } + } + + + //add POST-Binding assertion consumer services + if (MiscUtil.isNotEmpty(config.getSPAssertionConsumerServicePostBindingURL())) { + AssertionConsumerService postassertionConsumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class); + postassertionConsumerService.setIndex(0); + postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); + postassertionConsumerService.setLocation(config.getSPAssertionConsumerServicePostBindingURL()); + postassertionConsumerService.setIsDefault(true); + spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService); + + } + + //add POST-Binding assertion consumer services + if (MiscUtil.isNotEmpty(config.getSPAssertionConsumerServiceRedirectBindingURL())) { + AssertionConsumerService redirectassertionConsumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class); + redirectassertionConsumerService.setIndex(1); + redirectassertionConsumerService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); + redirectassertionConsumerService.setLocation(config.getSPAssertionConsumerServiceRedirectBindingURL()); + spSSODescriptor.getAssertionConsumerServices().add(redirectassertionConsumerService); + + } + + //validate WebSSO endpoints + if (spSSODescriptor.getAssertionConsumerServices().size() == 0) { + Logger.warn("SP Metadata generation FAILED! --> NO SAML2 AssertionConsumerService endpoint found. "); + return null; + + } + + //add POST-Binding SLO descriptor + if (MiscUtil.isNotEmpty(config.getSPSLOPostBindingURL())) { + SingleLogoutService postSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class); + postSLOService.setLocation(config.getSPSLOPostBindingURL()); + postSLOService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); + spSSODescriptor.getSingleLogoutServices().add(postSLOService); + + } + + //add POST-Binding SLO descriptor + if (MiscUtil.isNotEmpty(config.getSPSLORedirectBindingURL())) { + SingleLogoutService redirectSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class); + redirectSLOService.setLocation(config.getSPSLORedirectBindingURL()); + redirectSLOService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); + spSSODescriptor.getSingleLogoutServices().add(redirectSLOService); + + } + + //add POST-Binding SLO descriptor + if (MiscUtil.isNotEmpty(config.getSPSLOSOAPBindingURL())) { + SingleLogoutService soapSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class); + soapSLOService.setLocation(config.getSPSLOSOAPBindingURL()); + soapSLOService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI); + spSSODescriptor.getSingleLogoutServices().add(soapSLOService); + + } + + + //add required attributes + List<RequestedAttribute> reqSPAttr = config.getSPRequiredAttributes(); + AttributeConsumingService attributeService = SAML2Utils.createSAMLObject(AttributeConsumingService.class); + + attributeService.setIndex(0); + attributeService.setIsDefault(true); + ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class); + serviceName.setName(new LocalizedString("Default Service", "en")); + attributeService.getNames().add(serviceName); + + if (reqSPAttr != null && reqSPAttr.size() > 0) { + Logger.debug("Add " + reqSPAttr.size() + " attributes to SP metadata"); + attributeService.getRequestAttributes().addAll(reqSPAttr); + + } else { + Logger.debug("SP metadata contains NO requested attributes."); + + } + + spSSODescriptor.getAttributeConsumingServices().add(attributeService); + + return spSSODescriptor; + } + + private IDPSSODescriptor generateIDPMetadata(IPVPMetadataBuilderConfiguration config) throws ConfigurationException, CredentialsNotAvailableException, SecurityException { + //check response signing credential + Credential responseSignCred = config.getRequestorResponseSigningCredentials(); + if (responseSignCred == null) { + Logger.warn("IDP Metadata generation FAILED! --> Builder has NO Response signing credential. "); + return null; + + } + + //check nameID formates + if (config.getIDPPossibleNameITTypes() == null || config.getIDPPossibleNameITTypes().size() == 0) { + Logger.warn("IDP Metadata generation FAILED! --> Builder has NO provideable SAML2 nameIDFormats. "); + return null; + + } + + // build SAML2 IDP-SSO descriptor element + IDPSSODescriptor idpSSODescriptor = SAML2Utils + .createSAMLObject(IDPSSODescriptor.class); + + idpSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS); + + //set ass default value, because PVP 2.x specification defines this feature as MUST + idpSSODescriptor.setWantAuthnRequestsSigned(config.wantAuthnRequestSigned()); + + // add WebSSO descriptor for POST-Binding + if (MiscUtil.isNotEmpty(config.getIDPWebSSOPostBindingURL())) { + SingleSignOnService postSingleSignOnService = SAML2Utils.createSAMLObject(SingleSignOnService.class); + postSingleSignOnService.setLocation(config.getIDPWebSSOPostBindingURL()); + postSingleSignOnService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); + idpSSODescriptor.getSingleSignOnServices().add(postSingleSignOnService); + + } + + // add WebSSO descriptor for Redirect-Binding + if (MiscUtil.isNotEmpty(config.getIDPWebSSORedirectBindingURL())) { + SingleSignOnService postSingleSignOnService = SAML2Utils.createSAMLObject(SingleSignOnService.class); + postSingleSignOnService.setLocation(config.getIDPWebSSORedirectBindingURL()); + postSingleSignOnService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); + idpSSODescriptor.getSingleSignOnServices().add(postSingleSignOnService); + + } + + //add Single LogOut POST-Binding endpoing + if (MiscUtil.isNotEmpty(config.getIDPSLOPostBindingURL())) { + SingleLogoutService postSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class); + postSLOService.setLocation(config.getIDPSLOPostBindingURL()); + postSLOService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); + idpSSODescriptor.getSingleLogoutServices().add(postSLOService); + + } + + //add Single LogOut Redirect-Binding endpoing + if (MiscUtil.isNotEmpty(config.getIDPSLORedirectBindingURL())) { + SingleLogoutService redirectSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class); + redirectSLOService.setLocation(config.getIDPSLORedirectBindingURL()); + redirectSLOService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); + idpSSODescriptor.getSingleLogoutServices().add(redirectSLOService); + + } + + //validate WebSSO endpoints + if (idpSSODescriptor.getSingleSignOnServices().size() == 0) { + Logger.warn("IDP Metadata generation FAILED! --> NO SAML2 SingleSignOnService endpoint found. "); + return null; + + } + + //set assertion signing key + KeyDescriptor signKeyDescriptor = SAML2Utils + .createSAMLObject(KeyDescriptor.class); + signKeyDescriptor.setUse(UsageType.SIGNING); + KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance(); + signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(config.getRequestorResponseSigningCredentials())); + idpSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); + + //set IDP attribute set + idpSSODescriptor.getAttributes().addAll(config.getIDPPossibleAttributes()); + + //set providable nameID formats + for (String format : config.getIDPPossibleNameITTypes()) { + NameIDFormat nameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class); + nameIDFormat.setFormat(format); + idpSSODescriptor.getNameIDFormats().add(nameIDFormat); + + } + + return idpSSODescriptor; + + } + + private Signature getIDPSignature(Credential credentials) { + PrivateKey privatekey = credentials.getPrivateKey(); + Signature signer = SAML2Utils.createSAMLObject(Signature.class); + + if (privatekey instanceof RSAPrivateKey) { + signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); + + } else if (privatekey instanceof iaik.security.ecc.ecdsa.ECPrivateKey) { + signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1); + + } else { + Logger.warn("Could NOT evaluate the Private-Key type from " + credentials.getEntityId() + " credential."); + + + } + + signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + signer.setSigningCredential(credentials); + return signer; + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java index dbbc21ec9..e5c897aa6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java @@ -23,6 +23,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder; import java.security.NoSuchAlgorithmException; +import java.util.LinkedHashMap; import java.util.List; import javax.servlet.http.HttpServletRequest; @@ -57,35 +58,45 @@ import org.opensaml.xml.security.x509.X509Credential; import org.opensaml.xml.signature.Signature; import org.opensaml.xml.signature.SignatureConstants; import org.opensaml.xml.signature.Signer; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import org.w3c.dom.Document; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.data.ISLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.opemsaml.MOAStringRedirectDeflateEncoder; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescriptorException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; /** * @author tlenz * */ +@Service("PVP_SingleLogOutBuilder") public class SingleLogOutBuilder { - public static void checkStatusCode(SLOInformationContainer sloContainer, LogoutResponse logOutResp) { + @Autowired private IDPCredentialProvider credentialProvider; + + public void checkStatusCode(ISLOInformationContainer sloContainer, LogoutResponse logOutResp) { Status status = logOutResp.getStatus(); if (!status.getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { String message = " Message: "; @@ -111,12 +122,12 @@ public class SingleLogOutBuilder { * @param relayState * @return */ - public static String getFrontChannelSLOMessageURL(String serviceURL, String bindingType, + public String getFrontChannelSLOMessageURL(String serviceURL, String bindingType, RequestAbstractType sloReq, HttpServletRequest httpReq, HttpServletResponse httpResp, String relayState) throws MOAIDException { try { - X509Credential credentials = CredentialProvider + X509Credential credentials = credentialProvider .getIDPAssertionSigningCredential(); Logger.debug("create SAML RedirectBinding response"); @@ -143,12 +154,12 @@ public class SingleLogOutBuilder { } } - public static String getFrontChannelSLOMessageURL(SingleLogoutService service, + public String getFrontChannelSLOMessageURL(SingleLogoutService service, StatusResponseType sloResp, HttpServletRequest httpReq, HttpServletResponse httpResp, String relayState) throws MOAIDException { try { - X509Credential credentials = CredentialProvider + X509Credential credentials = credentialProvider .getIDPAssertionSigningCredential(); Logger.debug("create SAML RedirectBinding response"); @@ -171,7 +182,7 @@ public class SingleLogOutBuilder { } } - public static void sendFrontChannelSLOMessage(SingleLogoutService consumerService, + public void sendFrontChannelSLOMessage(SingleLogoutService consumerService, LogoutResponse sloResp, HttpServletRequest req, HttpServletResponse resp, String relayState) throws MOAIDException { IEncoder binding = null; @@ -191,7 +202,8 @@ public class SingleLogOutBuilder { try { binding.encodeRespone(req, resp, sloResp, - consumerService.getLocation(), relayState); + consumerService.getLocation(), relayState, + credentialProvider.getIDPAssertionSigningCredential()); } catch (MessageEncodingException e) { Logger.error("Message Encoding exception", e); @@ -205,7 +217,7 @@ public class SingleLogOutBuilder { } - public static LogoutRequest buildSLORequestMessage(SLOInformationImpl sloInfo) throws ConfigurationException, MOAIDException { + public LogoutRequest buildSLORequestMessage(SLOInformationImpl sloInfo) throws ConfigurationException, MOAIDException { LogoutRequest sloReq = SAML2Utils.createSAMLObject(LogoutRequest.class); SecureRandomIdentifierGenerator gen; @@ -221,7 +233,7 @@ public class SingleLogOutBuilder { DateTime now = new DateTime(); Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - issuer.setValue(sloInfo.getAuthURL()); + issuer.setValue(PVPConfiguration.getInstance().getIDPSSOMetadataService(sloInfo.getAuthURL())); issuer.setFormat(NameID.ENTITY); sloReq.setIssuer(issuer); sloReq.setIssueInstant(now); @@ -236,7 +248,7 @@ public class SingleLogOutBuilder { //sign message try { - X509Credential idpSigningCredential = CredentialProvider.getIDPAssertionSigningCredential(); + X509Credential idpSigningCredential = credentialProvider.getIDPAssertionSigningCredential(); Signature signer = SAML2Utils.createSAMLObject(Signature.class); signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); @@ -265,7 +277,7 @@ public class SingleLogOutBuilder { return sloReq; } - public static LogoutResponse buildSLOErrorResponse(SingleLogoutService sloService, PVPTargetConfiguration spRequest, String firstLevelStatusCode) throws ConfigurationException, MOAIDException { + public LogoutResponse buildSLOErrorResponse(SingleLogoutService sloService, PVPTargetConfiguration spRequest, String firstLevelStatusCode) throws ConfigurationException, MOAIDException { LogoutResponse sloResp = buildBasicResponse(sloService, spRequest); Status status = SAML2Utils.createSAMLObject(Status.class); @@ -282,7 +294,7 @@ public class SingleLogOutBuilder { return sloResp; } - public static LogoutResponse buildSLOResponseMessage(SingleLogoutService sloService, PVPTargetConfiguration spRequest, List<String> failedOAs) throws MOAIDException { + public LogoutResponse buildSLOResponseMessage(SingleLogoutService sloService, PVPTargetConfiguration spRequest, List<String> failedOAs) throws MOAIDException { LogoutResponse sloResp = buildBasicResponse(sloService, spRequest); Status status; @@ -307,10 +319,11 @@ public class SingleLogOutBuilder { } - private static LogoutResponse buildBasicResponse(SingleLogoutService sloService, PVPTargetConfiguration spRequest) throws ConfigurationException, MOAIDException { + private LogoutResponse buildBasicResponse(SingleLogoutService sloService, PVPTargetConfiguration spRequest) throws ConfigurationException, MOAIDException { LogoutResponse sloResp = SAML2Utils.createSAMLObject(LogoutResponse.class); Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - issuer.setValue(spRequest.getAuthURLWithOutSlash()); + issuer.setValue(PVPConfiguration.getInstance().getIDPSSOMetadataService( + spRequest.getAuthURLWithOutSlash())); issuer.setFormat(NameID.ENTITY); sloResp.setIssuer(issuer); sloResp.setIssueInstant(new DateTime()); @@ -338,7 +351,7 @@ public class SingleLogOutBuilder { } - public static SingleLogoutService getRequestSLODescriptor(String entityID) throws NOSLOServiceDescriptorException { + public SingleLogoutService getRequestSLODescriptor(String entityID) throws NOSLOServiceDescriptorException { try { EntityDescriptor entity = MOAMetadataProvider.getInstance().getEntityDescriptor(entityID); SSODescriptor spsso = entity.getSPSSODescriptor(SAMLConstants.SAML20P_NS); @@ -379,7 +392,7 @@ public class SingleLogOutBuilder { } - public static SingleLogoutService getResponseSLODescriptor(PVPTargetConfiguration spRequest) throws NoMetadataInformationException, NOSLOServiceDescriptorException { + public SingleLogoutService getResponseSLODescriptor(PVPTargetConfiguration spRequest) throws NoMetadataInformationException, NOSLOServiceDescriptorException { MOARequest moaReq = (MOARequest) spRequest.getRequest(); EntityDescriptor metadata = moaReq.getEntityMetadata(); SSODescriptor ssodesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS); @@ -415,4 +428,94 @@ public class SingleLogOutBuilder { return sloService; } + public void parseActiveOAs(SLOInformationContainer container, + List<OASessionStore> dbOAs, String removeOAID) { + if (container.getActiveBackChannelOAs() == null) + container.setActiveBackChannelOAs(new LinkedHashMap<String, SLOInformationImpl>()); + if (container.getActiveFrontChannalOAs() == null) + container.setActiveFrontChannalOAs(new LinkedHashMap<String, SLOInformationImpl>()); + + + if (dbOAs != null) { + for (OASessionStore oa : dbOAs) { + if (!oa.getOaurlprefix().equals(removeOAID)) { + + //Actually only PVP 2.1 support Single LogOut + if (PVP2XProtocol.NAME.equals(oa.getProtocolType())) { + SingleLogoutService sloDesc; + try { + sloDesc = getRequestSLODescriptor(oa.getOaurlprefix()); + + if (sloDesc.getBinding().equals(SAMLConstants.SAML2_SOAP11_BINDING_URI)) + container.getActiveBackChannelOAs().put(oa.getOaurlprefix(), + new SLOInformationImpl( + oa.getAuthURL(), + oa.getOaurlprefix(), + oa.getAssertionSessionID(), + oa.getUserNameID(), + oa.getUserNameIDFormat(), + oa.getProtocolType(), + sloDesc)); + + else + container.getActiveFrontChannalOAs().put(oa.getOaurlprefix(), + new SLOInformationImpl( + oa.getAuthURL(), + oa.getOaurlprefix(), + oa.getAssertionSessionID(), + oa.getUserNameID(), + oa.getUserNameIDFormat(), + oa.getProtocolType(), + sloDesc)); + + } catch (NOSLOServiceDescriptorException e) { + container.putFailedOA(oa.getOaurlprefix()); + + } + + } else + container.putFailedOA(oa.getOaurlprefix()); + } + } + } + } + + /** + * @param dbIDPs + * @param value + */ + public void parseActiveIDPs(SLOInformationContainer container, + List<InterfederationSessionStore> dbIDPs, String removeIDP) { + if (container.getActiveBackChannelOAs() == null) + container.setActiveBackChannelOAs(new LinkedHashMap<String, SLOInformationImpl>()); + if (container.getActiveFrontChannalOAs() == null) + container.setActiveFrontChannalOAs(new LinkedHashMap<String, SLOInformationImpl>()); + + if (dbIDPs != null) { + for (InterfederationSessionStore el : dbIDPs) { + if (!el.getIdpurlprefix().equals(removeIDP)) { + + SingleLogoutService sloDesc; + try { + sloDesc = getRequestSLODescriptor(el.getIdpurlprefix()); + + container.getActiveFrontChannalOAs().put(el.getIdpurlprefix(), + new SLOInformationImpl( + el.getAuthURL(), + el.getIdpurlprefix(), + el.getSessionIndex(), + el.getUserNameID(), + NameID.TRANSIENT, + PVP2XProtocol.NAME, + sloDesc)); + + } catch (NOSLOServiceDescriptorException e) { + container.putFailedOA(el.getIdpurlprefix()); + + } + } + } + } + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index 065118e2b..483bcb1ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -55,30 +55,25 @@ import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.w3c.dom.Element; - import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType; import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType; import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.QAANotSupportedException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.UnprovideableAttributeException; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.id.util.MandateBuilder; import at.gv.egovernment.moa.id.util.QAALevelVerifier; @@ -90,45 +85,24 @@ import at.gv.egovernment.moa.util.MiscUtil; public class PVP2AssertionBuilder implements PVPConstants { - public static Assertion buildAssertion(String authURL, AttributeQuery attrQuery, - List<String> reqAttributes, IAuthData authData, DateTime date, String sessionIndex) throws ConfigurationException { - - + /** + * Build a PVP assertion as response for a SAML2 AttributeQuery request + * + * @param issuerEntityID EnitiyID, which should be used for this IDP response + * @param attrQuery AttributeQuery request from Service-Provider + * @param attrList List of PVP response attributes + * @param now Current time + * @param validTo ValidTo time of the assertion + * @param qaaLevel QAA level of the authentication + * @param sessionIndex SAML2 SessionIndex, which should be included * + * @return PVP 2.1 Assertion + * @throws ConfigurationException + */ + public static Assertion buildAssertion(String issuerEntityID, AttributeQuery attrQuery, + List<Attribute> attrList, DateTime now, DateTime validTo, String qaaLevel, String sessionIndex) throws ConfigurationException { + AuthnContextClassRef authnContextClassRef = SAML2Utils.createSAMLObject(AuthnContextClassRef.class); - authnContextClassRef.setAuthnContextClassRef(authData.getQAALevel()); - - List<Attribute> attrList = new ArrayList<Attribute>(); - if (reqAttributes != null) { - Iterator<String> it = reqAttributes.iterator(); - while (it.hasNext()) { - String reqAttributName = it.next(); - try { - Attribute attr = PVPAttributeBuilder.buildAttribute( - reqAttributName, null, authData); - if (attr == null) { - Logger.error( - "Attribute generation failed! for " - + reqAttributName); - - } else { - attrList.add(attr); - - } - - } catch (PVP2Exception e) { - Logger.error( - "Attribute generation failed! for " - + reqAttributName); - - } catch (Exception e) { - Logger.error( - "General Attribute generation failed! for " - + reqAttributName, e); - - } - } - } - + authnContextClassRef.setAuthnContextClassRef(qaaLevel); NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class); subjectNameID.setFormat(attrQuery.getSubject().getNameID().getFormat()); @@ -136,26 +110,38 @@ public class PVP2AssertionBuilder implements PVPConstants { SubjectConfirmationData subjectConfirmationData = null; - return buildGenericAssertion(authURL, attrQuery.getIssuer().getValue(), date, + return buildGenericAssertion(issuerEntityID, attrQuery.getIssuer().getValue(), now, authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex, - new DateTime(authData.getSsoSessionValidTo().getTime())); + validTo); } - - public static Assertion buildAssertion(String authURL, AuthnRequest authnRequest, + + + /** + * Build a PVP 2.1 assertion as response of a SAML2 AuthnRequest + * + * @param issuerEntityID EnitiyID, which should be used for this IDP response + * @param pendingReq Current processed pendingRequest DAO + * @param authnRequest Current processed PVP AuthnRequest + * @param authData AuthenticationData of the user, which is already authenticated + * @param peerEntity SAML2 EntityDescriptor of the service-provider, which receives the response + * @param date TimeStamp + * @param assertionConsumerService SAML2 endpoint of the service-provider, which should be used + * @param sloInformation Single LogOut information DAO + * @return + * @throws MOAIDException + */ + public static Assertion buildAssertion(String issuerEntityID, PVPTargetConfiguration pendingReq, AuthnRequest authnRequest, IAuthData authData, EntityDescriptor peerEntity, DateTime date, AssertionConsumerService assertionConsumerService, SLOInformationImpl sloInformation) throws MOAIDException { - RequestedAuthnContext reqAuthnContext = authnRequest .getRequestedAuthnContext(); AuthnContextClassRef authnContextClassRef = SAML2Utils .createSAMLObject(AuthnContextClassRef.class); - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter( - peerEntity.getEntityID()); + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); if (reqAuthnContext == null) { authnContextClassRef.setAuthnContextClassRef(authData.getQAALevel()); @@ -288,36 +274,75 @@ public class PVP2AssertionBuilder implements PVPConstants { } NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class); - + //build nameID and nameID Format from moasession + //TODO: nameID generation if (authData.isUseMandate()) { - Element mandate = authData.getMandate(); - if(mandate == null) { - throw new NoMandateDataAvailableException(); - } - Mandate mandateObject = MandateBuilder.buildMandate(mandate); - if(mandateObject == null) { - throw new NoMandateDataAvailableException(); - } - CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody(); - PhysicalPersonType pysicalperson = mandateObject.getMandator().getPhysicalPerson(); + String bpktype = null; + String bpk = null; - IdentificationType id; - if(corporation != null && corporation.getIdentification().size() > 0) - id = corporation.getIdentification().get(0); - + Element mandate = authData.getMandate(); + if(mandate != null) { + Logger.debug("Read mandator bPK|baseID from full-mandate ... "); + Mandate mandateObject = MandateBuilder.buildMandate(mandate); + if(mandateObject == null) { + throw new NoMandateDataAvailableException(); + } + CorporateBodyType corporation = mandateObject.getMandator().getCorporateBody(); + PhysicalPersonType pysicalperson = mandateObject.getMandator().getPhysicalPerson(); - else if (pysicalperson != null && pysicalperson.getIdentification().size() > 0) - id = pysicalperson.getIdentification().get(0); + IdentificationType id; + if(corporation != null && corporation.getIdentification().size() > 0) + id = corporation.getIdentification().get(0); + + + else if (pysicalperson != null && pysicalperson.getIdentification().size() > 0) + id = pysicalperson.getIdentification().get(0); + + else { + Logger.error("Failed to generate IdentificationType"); + throw new NoMandateDataAvailableException(); + } + + bpktype = id.getType(); + bpk = id.getValue().getValue(); + + } else { + Logger.debug("Read mandator bPK|baseID from PVP attributes ... "); + bpk = authData.getGenericData(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME, String.class); + bpktype = authData.getGenericData(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_TYPE_NAME, String.class); - else { - Logger.error("Failed to generate IdentificationType"); - throw new NoMandateDataAvailableException(); + if (MiscUtil.isEmpty(bpk)) { + //no sourcePin is included --> search for bPK + bpk = authData.getGenericData(PVPConstants.MANDATE_NAT_PER_BPK_NAME, String.class); + + //set bPK-Type from configuration, because it MUST be equal to service-provider type + if (oaParam.getBusinessService()) { + if (oaParam.getIdentityLinkDomainIdentifier().startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) + bpktype = oaParam.getIdentityLinkDomainIdentifier(); + else + bpktype = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier(); + + } else { + if (oaParam.getTarget().startsWith(Constants.URN_PREFIX_CDID + "+")) + bpktype = oaParam.getTarget(); + else + bpktype = Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget(); + + } + + } else { + //sourcePin is include --> check sourcePinType + if (MiscUtil.isEmpty(bpktype)) + bpktype = Constants.URN_PREFIX_BASEID; + + } } - - String bpktype = id.getType(); - String bpk = id.getValue().getValue(); + if (MiscUtil.isEmpty(bpk) || MiscUtil.isEmpty(bpktype)) { + throw new NoMandateDataAvailableException(); + + } if (bpktype.equals(Constants.URN_PREFIX_BASEID)) { if (oaParam.getBusinessService()) { @@ -340,7 +365,7 @@ public class PVP2AssertionBuilder implements PVPConstants { subjectNameID.setNameQualifier(bpktype); subjectNameID.setValue(bpk); } - + } else { subjectNameID.setNameQualifier(authData.getBPKType()); subjectNameID.setValue(authData.getBPK()); @@ -401,13 +426,17 @@ public class PVP2AssertionBuilder implements PVPConstants { subjectNameID.setValue(authData.getNameID()); sessionIndex = authData.getSessionIndex(); - } else + } + + // + if (MiscUtil.isEmpty(sessionIndex)) sessionIndex = SAML2Utils.getSecureIdentifier(); SubjectConfirmationData subjectConfirmationData = SAML2Utils .createSAMLObject(SubjectConfirmationData.class); subjectConfirmationData.setInResponseTo(authnRequest.getID()); subjectConfirmationData.setNotOnOrAfter(new DateTime(authData.getSsoSessionValidTo().getTime())); +// subjectConfirmationData.setNotBefore(date); subjectConfirmationData.setRecipient(assertionConsumerService.getLocation()); @@ -416,12 +445,12 @@ public class PVP2AssertionBuilder implements PVPConstants { sloInformation.setNameIDFormat(subjectNameID.getFormat()); sloInformation.setSessionIndex(sessionIndex); - return buildGenericAssertion(authURL, peerEntity.getEntityID(), date, authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex, subjectConfirmationData.getNotOnOrAfter()); + return buildGenericAssertion(issuerEntityID, peerEntity.getEntityID(), date, authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex, subjectConfirmationData.getNotOnOrAfter()); } /** * - * @param authURL IDP PublicURL PreFix + * @param issuer IDP EntityID * @param entityID Service Provider EntityID * @param date * @param authnContextClassRef @@ -434,7 +463,7 @@ public class PVP2AssertionBuilder implements PVPConstants { * @throws ConfigurationException */ - private static Assertion buildGenericAssertion(String authURL, String entityID, DateTime date, + public static Assertion buildGenericAssertion(String issuer, String entityID, DateTime date, AuthnContextClassRef authnContextClassRef, List<Attribute> attrList, NameID subjectNameID, SubjectConfirmationData subjectConfirmationData, String sessionIndex, DateTime isValidTo) throws ConfigurationException { @@ -484,14 +513,14 @@ public class PVP2AssertionBuilder implements PVPConstants { assertion.setConditions(conditions); - Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class); - - if (authURL.endsWith("/")) - authURL = authURL.substring(0, authURL.length()-1); - issuer.setValue(authURL); - issuer.setFormat(NameID.ENTITY); + Issuer issuerObj = SAML2Utils.createSAMLObject(Issuer.class); + + if (issuer.endsWith("/")) + issuer = issuer.substring(0, issuer.length()-1); + issuerObj.setValue(issuer); + issuerObj.setFormat(NameID.ENTITY); - assertion.setIssuer(issuer); + assertion.setIssuer(issuerObj); assertion.setSubject(subject); assertion.setID(SAML2Utils.getSecureIdentifier()); assertion.setIssueInstant(date); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java new file mode 100644 index 000000000..c0fb5bf5b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java @@ -0,0 +1,319 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.config; + +import java.util.Arrays; +import java.util.List; + +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.NameIDType; +import org.opensaml.saml2.metadata.ContactPerson; +import org.opensaml.saml2.metadata.Organization; +import org.opensaml.saml2.metadata.RequestedAttribute; +import org.opensaml.xml.security.credential.Credential; + +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class IDPPVPMetadataConfiguration implements IPVPMetadataBuilderConfiguration { + + private static final int VALIDUNTIL_IN_HOURS = 24; + + private String authURL; + private IDPCredentialProvider credentialProvider; + + public IDPPVPMetadataConfiguration(String authURL, IDPCredentialProvider credentialProvider) { + this.authURL = authURL; + this.credentialProvider = credentialProvider; + + } + + public String getDefaultActionName() { + return (PVP2XProtocol.METADATA); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getMetadataValidUntil() + */ + @Override + public int getMetadataValidUntil() { + return VALIDUNTIL_IN_HOURS; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildEntitiesDescriptorAsRootElement() + */ + @Override + public boolean buildEntitiesDescriptorAsRootElement() { + return true; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildIDPSSODescriptor() + */ + @Override + public boolean buildIDPSSODescriptor() { + return true; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildSPSSODescriptor() + */ + @Override + public boolean buildSPSSODescriptor() { + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEntityID() + */ + @Override + public String getEntityID() { + try { + return PVPConfiguration.getInstance().getIDPSSOMetadataService(authURL); + + } catch (ConfigurationException e) { + Logger.error("Can not load Metadata entry: EntityID", e); + return null; + + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEntityFriendlyName() + */ + @Override + public String getEntityFriendlyName() { + try { + return PVPConfiguration.getInstance().getIDPIssuerName(); + + } catch (ConfigurationException e) { + Logger.error("Can not load Metadata entry: EntityID friendlyName.", e); + return null; + + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getContactPersonInformation() + */ + @Override + public List<ContactPerson> getContactPersonInformation() { + try { + return PVPConfiguration.getInstance().getIDPContacts(); + + } catch (ConfigurationException e) { + Logger.warn("Can not load Metadata entry: Contect Person", e); + return null; + + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getOrgansiationInformation() + */ + @Override + public Organization getOrgansiationInformation() { + try { + return PVPConfiguration.getInstance().getIDPOrganisation(); + + } catch (ConfigurationException e) { + Logger.warn("Can not load Metadata entry: Organisation", e); + return null; + + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getMetadataSigningCredentials() + */ + @Override + public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPMetaDataSigningCredential(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getRequestorResponseSigningCredentials() + */ + @Override + public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPAssertionSigningCredential(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEncryptionCredentials() + */ + @Override + public Credential getEncryptionCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPAssertionEncryptionCredential(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPWebSSOPostBindingURL() + */ + @Override + public String getIDPWebSSOPostBindingURL() { + return authURL + PVPConfiguration.PVP2_IDP_POST; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPWebSSORedirectBindingURL() + */ + @Override + public String getIDPWebSSORedirectBindingURL() { + return authURL + PVPConfiguration.PVP2_IDP_REDIRECT; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPSLOPostBindingURL() + */ + @Override + public String getIDPSLOPostBindingURL() { + return authURL + PVPConfiguration.PVP2_IDP_POST; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPSLORedirectBindingURL() + */ + @Override + public String getIDPSLORedirectBindingURL() { + return authURL + PVPConfiguration.PVP2_IDP_REDIRECT; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAssertionConsumerServicePostBindingURL() + */ + @Override + public String getSPAssertionConsumerServicePostBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAssertionConsumerServiceRedirectBindingURL() + */ + @Override + public String getSPAssertionConsumerServiceRedirectBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLOPostBindingURL() + */ + @Override + public String getSPSLOPostBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLORedirectBindingURL() + */ + @Override + public String getSPSLORedirectBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLOSOAPBindingURL() + */ + @Override + public String getSPSLOSOAPBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPPossibleAttributes() + */ + @Override + public List<Attribute> getIDPPossibleAttributes() { + return PVPAttributeBuilder.buildSupportedEmptyAttributes(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPPossibleNameITTypes() + */ + @Override + public List<String> getIDPPossibleNameITTypes() { + return Arrays.asList(NameIDType.PERSISTENT, + NameIDType.TRANSIENT, + NameIDType.UNSPECIFIED); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPRequiredAttributes() + */ + @Override + public List<RequestedAttribute> getSPRequiredAttributes() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAllowedNameITTypes() + */ + @Override + public List<String> getSPAllowedNameITTypes() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#getSPNameForLogging() + */ + @Override + public String getSPNameForLogging() { + return "MOA-ID-Auth"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAssertionSigned() + */ + @Override + public boolean wantAssertionSigned() { + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAuthnRequestSigned() + */ + @Override + public boolean wantAuthnRequestSigned() { + return true; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPAuthnRequestBuilderConfiguruation.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPAuthnRequestBuilderConfiguruation.java new file mode 100644 index 000000000..814a2387d --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPAuthnRequestBuilderConfiguruation.java @@ -0,0 +1,162 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.config; + +import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.xml.security.credential.Credential; +import org.w3c.dom.Element; + +/** + * @author tlenz + * + */ +public interface IPVPAuthnRequestBuilderConfiguruation { + + /** + * Defines a unique name for this PVP Service-provider, which is used for logging + * + * @return + */ + public String getSPNameForLogging(); + + /** + * If true, the SAML2 isPassive flag is set in the AuthnRequest + * + * @return + */ + public Boolean isPassivRequest(); + + /** + * Define the ID of the AssertionConsumerService, + * which defines the required attributes in service-provider metadata. + * + * @return + */ + public Integer getAssertionConsumerServiceId(); + + /** + * Define the SAML2 EntityID of the service provider. + * + * @return + */ + public String getSPEntityID(); + + /** + * Define the SAML2 NameIDPolicy + * + * @return Service-Provider EntityID, but never null + */ + public String getNameIDPolicyFormat(); + + /** + * Define the AuthnContextClassRefernece of this request + * + * Example: + * http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3 + * http://www.stork.gov.eu/1.0/citizenQAALevel/4 + * + * + * @return + */ + public String getAuthnContextClassRef(); + + /** + * Define the AuthnContextComparison model, which should be used + * + * @return + */ + public AuthnContextComparisonTypeEnumeration getAuthnContextComparison(); + + + /** + * Define the credential, which should be used to sign the AuthnRequest + * + * @return + */ + public Credential getAuthnRequestSigningCredential(); + + + /** + * Define the SAML2 EntityDescriptor of the IDP, which should receive the AuthnRequest + * + * @return Credential, but never null. + */ + public EntityDescriptor getIDPEntityDescriptor(); + + /** + * Set the SAML2 NameIDPolicy allow-creation flag + * + * @return EntityDescriptor, but never null. + */ + public boolean getNameIDPolicyAllowCreation(); + + + /** + * Set the requested SubjectNameID + * + * @return SubjectNameID, or null if no SubjectNameID should be used + */ + public String getSubjectNameID(); + + /** + * Define the qualifier of the <code>SubjectNameID</code> + * <br><br> + * Like: 'urn:publicid:gv.at:cdid+BF' + * + * @return qualifier, or null if no qualifier should be set + */ + public String getSubjectNameIDQualifier(); + + /** + * Define the format of the subjectNameID, which is included in authn-request + * + * + * @return nameIDFormat, of SAML2 'transient' if nothing is defined + */ + public String getSubjectNameIDFormat(); + + /** + * Define a SP specific SAML2 requestID + * + * @return requestID, or null if the requestID should be generated automatically + */ + public String getRequestID(); + + /** + * Defines the 'method' attribute in 'SubjectConformation' element + * + * @return method, or null if no method should set + */ + public String getSubjectConformationMethode(); + + /** + * Define the information, which should be added as 'subjectConformationDate' + * in 'SubjectConformation' element + * + * @return subjectConformation information or null if no subjectConformation should be set + */ + public Element getSubjectConformationDate(); + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPMetadataBuilderConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPMetadataBuilderConfiguration.java new file mode 100644 index 000000000..3a8404cae --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPMetadataBuilderConfiguration.java @@ -0,0 +1,238 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.config; + +import java.util.List; + +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.metadata.ContactPerson; +import org.opensaml.saml2.metadata.Organization; +import org.opensaml.saml2.metadata.RequestedAttribute; +import org.opensaml.xml.security.credential.Credential; + +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; + +/** + * @author tlenz + * + */ +public interface IPVPMetadataBuilderConfiguration { + + + /** + * Defines a unique name for this PVP Service-provider, which is used for logging + * + * @return + */ + public String getSPNameForLogging(); + + /** + * Set metadata valid area + * + * @return valid until in hours [h] + */ + public int getMetadataValidUntil(); + + /** + * Build a SAML2 Entities element as metadata root element + * + * @return true, if the metadata should start with entities element + */ + public boolean buildEntitiesDescriptorAsRootElement(); + + /** + * + * + * @return true, if an IDP SSO-descriptor element should be generated + */ + public boolean buildIDPSSODescriptor(); + + /** + * + * + * @return true, if an SP SSO-descriptor element should be generated + */ + public boolean buildSPSSODescriptor(); + + /** + * Set the PVP entityID for this SAML2 metadata. + * The entityID must be an URL and must be start with the public-URL prefix of the server + * + * @return PVP entityID postfix as String + */ + public String getEntityID(); + + /** + * Set a friendlyName for this PVP entity + * + * @return + */ + public String getEntityFriendlyName(); + + /** + * Set the contact information for this metadata entity + * + * @return + */ + public List<ContactPerson> getContactPersonInformation(); + + /** + * Set organisation information for this metadata entity + * + * @return + */ + public Organization getOrgansiationInformation(); + + + /** + * Set the credential for metadata signing + * + * @return + * @throws CredentialsNotAvailableException + */ + public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException; + + /** + * Set the credential for request/response signing + * IDP metadata: this credential is used for SAML2 response signing + * SP metadata: this credential is used for SAML2 response signing + * + * @return + * @throws CredentialsNotAvailableException + */ + public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException; + + /** + * Set the credential for response encryption + * + * @return + * @throws CredentialsNotAvailableException + */ + public Credential getEncryptionCredentials() throws CredentialsNotAvailableException; + + /** + * Set the IDP Post-Binding URL for WebSSO + * + * @return + */ + public String getIDPWebSSOPostBindingURL(); + + /** + * Set the IDP Redirect-Binding URL for WebSSO + * + * @return + */ + public String getIDPWebSSORedirectBindingURL(); + + /** + * Set the IDP Post-Binding URL for Single LogOut + * + * @return + */ + public String getIDPSLOPostBindingURL(); + + /** + * Set the IDP Redirect-Binding URL for Single LogOut + * + * @return + */ + public String getIDPSLORedirectBindingURL(); + + /** + * Set the SP Post-Binding URL for for the Assertion-Consumer Service + * + * @return + */ + public String getSPAssertionConsumerServicePostBindingURL(); + + /** + * Set the SP Redirect-Binding URL for the Assertion-Consumer Service + * + * @return + */ + public String getSPAssertionConsumerServiceRedirectBindingURL(); + + /** + * Set the SP Post-Binding URL for Single LogOut + * + * @return + */ + public String getSPSLOPostBindingURL(); + + /** + * Set the SP Redirect-Binding URL for Single LogOut + * + * @return + */ + public String getSPSLORedirectBindingURL(); + + /** + * Set the SP SOAP-Binding URL for Single LogOut + * + * @return + */ + public String getSPSLOSOAPBindingURL(); + + + /** + * Set all SAML2 attributes which could be provided by this IDP + * + * @return + */ + public List<Attribute> getIDPPossibleAttributes(); + + /** + * Set all nameID types which could be provided by this IDP + * + * @return a List of SAML2 nameID types + */ + public List<String> getIDPPossibleNameITTypes(); + + /** + * Set all SAML2 attributes which are required by the SP + * + * @return + */ + public List<RequestedAttribute> getSPRequiredAttributes(); + + /** + * Set all nameID types which allowed from the SP + * + * @return a List of SAML2 nameID types + */ + public List<String> getSPAllowedNameITTypes(); + + /** + * Set the 'wantAssertionSigned' attribute in SP metadata + * + * @return + */ + public boolean wantAssertionSigned(); + + /** + * Set the 'wantAuthnRequestSigned' attribute + * + * @return + */ + public boolean wantAuthnRequestSigned(); +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/MOADefaultBootstrap.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/MOADefaultBootstrap.java index 80789cd12..b731e2a95 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/MOADefaultBootstrap.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/MOADefaultBootstrap.java @@ -50,7 +50,10 @@ public class MOADefaultBootstrap extends DefaultBootstrap { } - + public static void initializeDefaultPVPConfiguration() { + initializeGlobalSecurityConfiguration(); + + } /** * Initializes the default global security configuration. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index 47d7a29b3..480656e30 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -22,15 +22,12 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.config; -import iaik.x509.X509Certificate; - import java.io.IOException; import java.net.URL; import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.Properties; import java.util.jar.Attributes; import java.util.jar.Manifest; @@ -47,16 +44,15 @@ import org.opensaml.saml2.metadata.OrganizationURL; import org.opensaml.saml2.metadata.SurName; import org.opensaml.saml2.metadata.TelephoneNumber; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; -import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; public class PVPConfiguration { @@ -79,18 +75,6 @@ public class PVPConfiguration { public static final String PVP_CONFIG_FILE = "pvp2config.properties"; - public static final String IDP_JAVAKEYSTORE = "idp.ks.file"; - public static final String IDP_KS_PASS = "idp.ks.kspassword"; - - public static final String IDP_KEYALIASMETADATA = "idp.ks.metadata.alias"; - public static final String IDP_KEY_PASSMETADATA = "idp.ks.metadata.keypassword"; - - public static final String IDP_KEYALIASASSERTION = "idp.ks.assertion.sign.alias"; - public static final String IDP_KEY_PASSASSERTION = "idp.ks.assertion.sign.keypassword"; - - public static final String IDP_KEYALIASENCRYTPION = "sp.ks.assertion.encryption.alias"; - public static final String IDP_KEY_PASSENCRYTPION = "sp.ks.assertion.encryption.keypassword"; - public static final String IDP_ISSUER_NAME = "servicename"; public static final String IDP_ORG_NAME = "name.short"; @@ -107,18 +91,18 @@ public class PVPConfiguration { private static String moaIDVersion = null; //PVP2 generalpvpconfigdb; - Properties props; - String rootDir = null; + //Properties props; + //String rootDir = null; private PVPConfiguration() { - try { - //generalpvpconfigdb = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig(); - props = AuthConfigurationProviderFactory.getInstance().getGeneralPVP2ProperiesConfig(); - rootDir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); - - } catch (ConfigurationException e) { - e.printStackTrace(); - } +// try { +// //generalpvpconfigdb = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig(); +// //props = AuthConfigurationProviderFactory.getInstance().getGeneralPVP2ProperiesConfig(); +// //rootDir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); +// +// } catch (ConfigurationException e) { +// e.printStackTrace(); +// } } public List<String> getIDPPublicPath() throws ConfigurationException { @@ -162,38 +146,6 @@ public class PVPConfiguration { public String getIDPSSOMetadataService(String publicURLPrefix) throws ConfigurationException { return publicURLPrefix + PVP2_METADATA; } - - public String getIDPKeyStoreFilename() { - return FileUtils.makeAbsoluteURL(props.getProperty(IDP_JAVAKEYSTORE), rootDir); - } - - public String getIDPKeyStorePassword() { - return props.getProperty(IDP_KS_PASS).trim(); - } - - public String getIDPKeyAliasMetadata() { - return props.getProperty(IDP_KEYALIASMETADATA).trim(); - } - - public String getIDPKeyPasswordMetadata() { - return props.getProperty(IDP_KEY_PASSMETADATA).trim(); - } - - public String getIDPKeyAliasAssertionSign() { - return props.getProperty(IDP_KEYALIASASSERTION).trim(); - } - - public String getIDPKeyPasswordAssertionSign() { - return props.getProperty(IDP_KEY_PASSASSERTION).trim(); - } - - public String getIDPKeyAliasAssertionEncryption() { - return props.getProperty(IDP_KEYALIASASSERTION).trim(); - } - - public String getIDPKeyPasswordAssertionEncryption() { - return props.getProperty(IDP_KEY_PASSASSERTION).trim(); - } public String getIDPIssuerName() throws ConfigurationException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AssertionValidationExeption.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AssertionValidationExeption.java index fcd8472b1..1e029f567 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AssertionValidationExeption.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AssertionValidationExeption.java @@ -22,7 +22,7 @@ */ package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; /** * @author tlenz diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestBuildException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestBuildException.java new file mode 100644 index 000000000..eebaf6c9e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestBuildException.java @@ -0,0 +1,47 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions; + +/** + * @author tlenz + * + */ +public class AuthnRequestBuildException extends PVP2Exception { + + /** + * + */ + private static final long serialVersionUID = -1375451065455859354L; + + /** + * @param messageId + * @param parameters + */ + public AuthnRequestBuildException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + public AuthnRequestBuildException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestValidatorException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestValidatorException.java index 7ed438471..f65c4d265 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestValidatorException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnRequestValidatorException.java @@ -22,7 +22,7 @@ */ package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions; -import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.commons.api.IRequest; /** * @author tlenz diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnResponseValidationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnResponseValidationException.java new file mode 100644 index 000000000..957f9af1d --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/AuthnResponseValidationException.java @@ -0,0 +1,48 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions; + +/** + * @author tlenz + * + */ +public class AuthnResponseValidationException extends PVP2Exception { + + /** + * + */ + private static final long serialVersionUID = 8023812861029406575L; + + /** + * @param messageId + * @param parameters + */ + public AuthnResponseValidationException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + public AuthnResponseValidationException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/PVP2Exception.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/PVP2Exception.java index 709c1e34b..00fb97151 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/PVP2Exception.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/PVP2Exception.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions; import org.opensaml.saml2.core.StatusCode; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; public abstract class PVP2Exception extends MOAIDException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/IMOARefreshableMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/IMOARefreshableMetadataProvider.java new file mode 100644 index 000000000..3da4dc18a --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/IMOARefreshableMetadataProvider.java @@ -0,0 +1,38 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.metadata; + +/** + * @author tlenz + * + */ +public interface IMOARefreshableMetadataProvider { + + /** + * Refresh a entity or load a entity in a metadata provider + * + * @param entityID + * @return true, if refresh is success, otherwise false + */ + public boolean refreshMetadataProvider(String entityID); +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index f33cadc41..3002ca179 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -31,12 +31,9 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Map.Entry; -import java.util.Timer; -import javax.net.ssl.SSLHandshakeException; import javax.xml.namespace.QName; -import org.apache.commons.httpclient.MOAHttpClient; import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.RoleDescriptor; @@ -47,26 +44,22 @@ import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.saml2.metadata.provider.ObservableMetadataProvider; import org.opensaml.xml.XMLObject; -import org.opensaml.xml.parse.BasicParserPool; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; -import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; +import at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing; +import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.InterfederatedIDPPublicServiceFilter; -import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MetadataFilterChain; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.PVPMetadataFilterChain; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; -public class MOAMetadataProvider implements ObservableMetadataProvider{ +public class MOAMetadataProvider extends SimpleMOAMetadataProvider + implements ObservableMetadataProvider, IGarbageCollectorProcessing, IMOARefreshableMetadataProvider { private static MOAMetadataProvider instance = null; private static Object mutex = new Object(); @@ -77,18 +70,32 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ synchronized (mutex) { if (instance == null) { instance = new MOAMetadataProvider(); + + //add this to MOA garbage collector + MOAGarbageCollector.addModulForGarbageCollection(instance); + } } } return instance; } - public static void reInitialize() { + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing#runGarbageCollector() + */ + @Override + public void runGarbageCollector() { + reInitialize(); + + } + + private static void reInitialize() { synchronized (mutex) { /**add new Metadataprovider or remove Metadataprovider which are not in use any more.**/ if (instance != null) - try { + try { + Logger.trace("Check consistence of PVP2X metadata"); instance.addAndRemoveMetadataProvider(); } catch (ConfigurationException e) { @@ -111,9 +118,10 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ MetadataProvider internalProvider; + @Override public boolean refreshMetadataProvider(String entityID) { try { - OAAuthParameter oaParam = + IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); if (oaParam != null) { String metadataURL = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); @@ -135,10 +143,9 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ String oaFriendlyName = oaParam.getFriendlyName(); ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; - HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL, - cert, oaFriendlyName, - buildMetadataFilterChain(oaParam, metadataURL, - cert)); + HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL, + buildMetadataFilterChain(oaParam, metadataURL, cert), + oaFriendlyName); chainProvider.addMetadataProvider(newMetadataProvider); @@ -223,7 +230,7 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ while (oaInterator.hasNext()) { Entry<String, String> oaKeyPair = oaInterator.next(); - OAAuthParameter oaParam = + IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaKeyPair.getValue()); if (oaParam != null) { String metadataurl = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); @@ -248,11 +255,9 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ Logger.info("Loading metadata for: " + oaFriendlyName); httpProvider = createNewHTTPMetaDataProvider( - metadataurl, - cert, - oaFriendlyName, - buildMetadataFilterChain(oaParam, metadataurl, - cert)); + metadataurl, + buildMetadataFilterChain(oaParam, metadataurl, cert), + oaFriendlyName); if (httpProvider != null) providersinuse.put(metadataurl, httpProvider); @@ -356,7 +361,7 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ while (oaInterator.hasNext()) { Entry<String, String> oaKeyPair = oaInterator.next(); - OAAuthParameter oaParam = + IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaKeyPair.getValue()); if (oaParam != null) { String metadataurl = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); @@ -373,10 +378,8 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ if (!providersinuse.containsKey(metadataurl)) { httpProvider = createNewHTTPMetaDataProvider( metadataurl, - cert, - oaFriendlyName, - buildMetadataFilterChain(oaParam, metadataurl, - cert)); + buildMetadataFilterChain(oaParam, metadataurl, cert), + oaFriendlyName); if (httpProvider != null) providersinuse.put(metadataurl, httpProvider); @@ -422,8 +425,8 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ internalProvider = chainProvider; } - private MetadataFilterChain buildMetadataFilterChain(OAAuthParameter oaParam, String metadataURL, byte[] certificate) throws CertificateException { - MetadataFilterChain filterChain = new MetadataFilterChain(metadataURL, certificate); + private PVPMetadataFilterChain buildMetadataFilterChain(IOAAuthParameters oaParam, String metadataURL, byte[] certificate) throws CertificateException { + PVPMetadataFilterChain filterChain = new PVPMetadataFilterChain(metadataURL, certificate); filterChain.getFilters().add(new SchemaValidationFilter()); if (oaParam.isInderfederationIDP()) { @@ -434,86 +437,7 @@ public class MOAMetadataProvider implements ObservableMetadataProvider{ return filterChain; } - - private HTTPMetadataProvider createNewHTTPMetaDataProvider(String metadataURL, byte[] certificate, String oaName, MetadataFilterChain filter) { - HTTPMetadataProvider httpProvider = null; - Timer timer= null; - MOAHttpClient httpClient = null; - try { - httpClient = new MOAHttpClient(); - - if (metadataURL.startsWith("https:")) { - try { - MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( - PVPConstants.SSLSOCKETFACTORYNAME, - AuthConfigurationProviderFactory.getInstance().getCertstoreDirectory(), - AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), - null, - AuthConfiguration.DEFAULT_X509_CHAININGMODE, - AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking()); - - httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); - - } catch (MOAHttpProtocolSocketFactoryException e) { - Logger.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore."); - - } - } - - timer = new Timer(); - httpProvider = new HTTPMetadataProvider(timer, httpClient, - metadataURL); - httpProvider.setParserPool(new BasicParserPool()); - httpProvider.setRequireValidMetadata(true); - httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes - httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours - //httpProvider.setRefreshDelayFactor(0.1F); - - if (filter == null) { - filter = new MetadataFilterChain(metadataURL, certificate); - } - httpProvider.setMetadataFilter(filter); - httpProvider.initialize(); - - httpProvider.setRequireValidMetadata(true); - - return httpProvider; - - } catch (Throwable e) { - if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) { - Logger.warn("SSL-Server certificate for metadata " - + metadataURL + " not trusted.", e); - - } if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) { - Logger.warn("Signature verification for metadata" - + metadataURL + " FAILED.", e); - - } if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) { - Logger.warn("Schema validation for metadata " - + metadataURL + " FAILED.", e); - } - - Logger.error( - "Failed to add Metadata file for " - + oaName + "[ " - + e.getMessage() + " ]", e); - - if (httpProvider != null) { - Logger.debug("Destroy failed Metadata provider"); - httpProvider.destroy(); - } - - if (timer != null) { - Logger.debug("Destroy Timer."); - timer.cancel(); - } - - - } - return null; - } - public boolean requireValidMetadata() { return internalProvider.requireValidMetadata(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java new file mode 100644 index 000000000..442455d4b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/SimpleMOAMetadataProvider.java @@ -0,0 +1,135 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.metadata; + +import java.util.Timer; + +import javax.net.ssl.SSLHandshakeException; + +import org.apache.commons.httpclient.MOAHttpClient; +import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.saml2.metadata.provider.MetadataProvider; +import org.opensaml.xml.parse.BasicParserPool; + +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; +import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public abstract class SimpleMOAMetadataProvider implements MetadataProvider{ + + /** + * Create a single SAML2 HTTP metadata provider + * + * @param metadataURL URL, where the metadata should be loaded + * @param filter Filters, which should be used to validate the metadata + * @param IdForLogging Id, which is used for Logging + * + * @return SAML2 Metadata Provider + */ + protected HTTPMetadataProvider createNewHTTPMetaDataProvider(String metadataURL, MetadataFilter filter, String IdForLogging ) { + HTTPMetadataProvider httpProvider = null; + Timer timer= null; + MOAHttpClient httpClient = null; + try { + httpClient = new MOAHttpClient(); + + if (metadataURL.startsWith("https:")) { + try { + MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( + PVPConstants.SSLSOCKETFACTORYNAME, + AuthConfigurationProviderFactory.getInstance().getCertstoreDirectory(), + AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), + null, + AuthConfiguration.DEFAULT_X509_CHAININGMODE, + AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking()); + + httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); + + } catch (MOAHttpProtocolSocketFactoryException e) { + Logger.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore."); + + } + } + + timer = new Timer(); + httpProvider = new HTTPMetadataProvider(timer, httpClient, + metadataURL); + httpProvider.setParserPool(new BasicParserPool()); + httpProvider.setRequireValidMetadata(true); + httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes + httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours + //httpProvider.setRefreshDelayFactor(0.1F); + + httpProvider.setMetadataFilter(filter); + httpProvider.initialize(); + + httpProvider.setRequireValidMetadata(true); + + return httpProvider; + + } catch (Throwable e) { + if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) { + Logger.warn("SSL-Server certificate for metadata " + + metadataURL + " not trusted.", e); + + } if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) { + Logger.warn("Signature verification for metadata" + + metadataURL + " FAILED.", e); + + } if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) { + Logger.warn("Schema validation for metadata " + + metadataURL + " FAILED.", e); + } + + Logger.error( + "Failed to load Metadata file for " + + IdForLogging + "[ " + + e.getMessage() + " ]", e); + + if (httpProvider != null) { + Logger.debug("Destroy failed Metadata provider"); + httpProvider.destroy(); + } + + if (timer != null) { + Logger.debug("Destroy Timer."); + timer.cancel(); + } + + + } + + return null; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java deleted file mode 100644 index 7f6054f2d..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java +++ /dev/null @@ -1,82 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.joda.time.DateTime; -import org.opensaml.common.binding.artifact.SAMLArtifactMap.SAMLArtifactMapEntry; -import org.opensaml.saml2.core.ArtifactResolve; -import org.opensaml.saml2.core.ArtifactResponse; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPAssertionStorage; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.RequestDeniedException; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -import at.gv.egovernment.moa.logging.Logger; - -public class ArtifactResolution implements IRequestHandler { - - public boolean handleObject(InboundMessage obj) { - return (obj instanceof MOARequest && - ((MOARequest)obj).getSamlRequest() instanceof ArtifactResolve); - } - - public SLOInformationInterface process(PVPTargetConfiguration obj, HttpServletRequest req, - HttpServletResponse resp, IAuthData authData) throws MOAIDException { - if (!handleObject(obj.getRequest())) { - throw new MOAIDException("pvp2.13", null); - } - - ArtifactResolve artifactResolve = (ArtifactResolve) ((MOARequest)obj.getRequest()).getSamlRequest(); - String artifactID = artifactResolve.getArtifact().getArtifact(); - - PVPAssertionStorage pvpAssertion = PVPAssertionStorage.getInstance(); - - if (!pvpAssertion.contains(artifactID)) { - throw new RequestDeniedException(); - } else { - try { - SAMLArtifactMapEntry assertion = pvpAssertion.get(artifactID); - ArtifactResponse response = SAML2Utils - .createSAMLObject(ArtifactResponse.class); - response.setMessage(assertion.getSamlMessage()); - response.setIssueInstant(new DateTime()); - SoapBinding encoder = new SoapBinding(); - encoder.encodeRespone(req, resp, response, null, null); - } catch (Exception e) { - Logger.error("Failed to resolve artifact", e); - } - } - - return null; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java deleted file mode 100644 index 059e68865..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java +++ /dev/null @@ -1,127 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.joda.time.DateTime; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.AuthnRequest; -import org.opensaml.saml2.core.Response; -import org.opensaml.saml2.metadata.AssertionConsumerService; -import org.opensaml.saml2.metadata.EntityDescriptor; -import org.opensaml.ws.message.encoder.MessageEncodingException; -import org.opensaml.xml.security.SecurityException; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationImpl; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AuthResponseBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -import at.gv.egovernment.moa.logging.Logger; - -public class AuthnRequestHandler implements IRequestHandler, PVPConstants { - - public boolean handleObject(InboundMessage obj) { - - return (obj instanceof MOARequest && - ((MOARequest)obj).getSamlRequest() instanceof AuthnRequest); - } - - public SLOInformationInterface process(PVPTargetConfiguration obj, HttpServletRequest req, - HttpServletResponse resp, IAuthData authData) throws MOAIDException { - if (!handleObject(obj.getRequest())) { - throw new MOAIDException("pvp2.13", null); - } - - //get basic information - MOARequest moaRequest = (MOARequest) obj.getRequest(); - AuthnRequest authnRequest = (AuthnRequest) moaRequest.getSamlRequest(); - EntityDescriptor peerEntity = moaRequest.getEntityMetadata(); - - AssertionConsumerService consumerService = - SAML2Utils.createSAMLObject(AssertionConsumerService.class); - consumerService.setBinding(obj.getBinding()); - consumerService.setLocation(obj.getConsumerURL()); - - DateTime date = new DateTime(); - - SLOInformationImpl sloInformation = new SLOInformationImpl(); - - //build Assertion - Assertion assertion = PVP2AssertionBuilder.buildAssertion(obj.getAuthURL(), authnRequest, authData, - peerEntity, date, consumerService, sloInformation); - - Response authResponse = AuthResponseBuilder.buildResponse(obj.getAuthURL(), authnRequest, date, assertion); - - IEncoder binding = null; - - if (consumerService.getBinding().equals( - SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { - binding = new RedirectBinding(); - - } else if (consumerService.getBinding().equals( - SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) { - // TODO: not supported YET!! - binding = new ArtifactBinding(); - - } else if (consumerService.getBinding().equals( - SAMLConstants.SAML2_POST_BINDING_URI)) { - binding = new PostBinding(); - - } - - if (binding == null) { - throw new BindingNotSupportedException(consumerService.getBinding()); - } - - try { - binding.encodeRespone(req, resp, authResponse, - consumerService.getLocation(), moaRequest.getRelayState()); - - return sloInformation; - - } catch (MessageEncodingException e) { - Logger.error("Message Encoding exception", e); - throw new MOAIDException("pvp2.01", null, e); - - } catch (SecurityException e) { - Logger.error("Security exception", e); - throw new MOAIDException("pvp2.01", null, e); - - } - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java deleted file mode 100644 index 293dccf6c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java +++ /dev/null @@ -1,40 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; - -public interface IRequestHandler { - public boolean handleObject(InboundMessage obj); - - public SLOInformationInterface process(PVPTargetConfiguration pvpRequest, HttpServletRequest req, - HttpServletResponse resp, IAuthData authData) throws MOAIDException; -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java deleted file mode 100644 index b58b09f12..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java +++ /dev/null @@ -1,73 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler; - -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSupported; - -public class RequestManager { - - private static RequestManager instance = null; - - private List<IRequestHandler> handler; - - public static synchronized RequestManager getInstance() { - if(instance == null) { - instance = new RequestManager(); - } - return instance; - } - - private RequestManager() { - handler = new ArrayList<IRequestHandler>(); - handler.add(new AuthnRequestHandler()); - handler.add(new ArtifactResolution()); - } - - public SLOInformationInterface handle(PVPTargetConfiguration pvpRequest, HttpServletRequest req, HttpServletResponse resp, IAuthData authData) - throws SAMLRequestNotSupported, MOAIDException { - Iterator<IRequestHandler> it = handler.iterator(); - while(it.hasNext()) { - IRequestHandler handler = it.next(); - if(handler.handleObject(pvpRequest.getRequest())) { - return handler.process(pvpRequest, req, resp, authData); - } - } - - // not handled - throw new SAMLRequestNotSupported(); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java new file mode 100644 index 000000000..bf4cfd480 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java @@ -0,0 +1,215 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.protocols.pvp2x.signer; + +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.interfaces.RSAPrivateKey; + +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.credential.UsageType; +import org.opensaml.xml.security.x509.X509Credential; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; + +import at.gv.egovernment.moa.id.opemsaml.MOAKeyStoreX509CredentialAdapter; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.KeyStoreUtils; +import at.gv.egovernment.moa.util.MiscUtil; + +public abstract class AbstractCredentialProvider { + + private static KeyStore keyStore = null; + + /** + * Get a friendlyName for this keyStore implementation + * This friendlyName is used for logging + * + * @return keyStore friendlyName + */ + public abstract String getFriendlyName(); + + /** + * Get KeyStore + * + * @return URL to the keyStore + */ + public abstract String getKeyStoreFilePath(); + + /** + * Get keyStore password + * + * @return Password of the keyStore + */ + public abstract String getKeyStorePassword(); + + /** + * Get alias of key for metadata signing + * + * @return key alias + */ + public abstract String getMetadataKeyAlias(); + + /** + * Get password of key for metadata signing + * + * @return key password + */ + public abstract String getMetadataKeyPassword(); + + /** + * Get alias of key for request/response signing + * + * @return key alias + */ + public abstract String getSignatureKeyAlias(); + + /** + * Get password of key for request/response signing + * + * @return key password + */ + public abstract String getSignatureKeyPassword(); + + /** + * Get alias of key for IDP response encryption + * + * @return key alias + */ + public abstract String getEncryptionKeyAlias(); + + /** + * Get password of key for IDP response encryption + * + * @return key password + */ + public abstract String getEncryptionKeyPassword(); + + + public X509Credential getIDPMetaDataSigningCredential() + throws CredentialsNotAvailableException { + try { + + if (keyStore == null) + keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), + getKeyStorePassword()); + + MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter( + keyStore, getMetadataKeyAlias(), getMetadataKeyPassword().toCharArray()); + + credentials.setUsageType(UsageType.SIGNING); + if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { + Logger.error(getFriendlyName() + " Metadata Signing credentials is not found or contains no PrivateKey."); + throw new CredentialsNotAvailableException("config.27", new Object[]{getFriendlyName() + " Assertion Signing credentials (Alias: " + + getMetadataKeyAlias() + ") is not found or contains no PrivateKey."}); + + } + return credentials; + } catch (Exception e) { + Logger.error("Failed to generate " + getFriendlyName() + " Metadata Signing credentials"); + e.printStackTrace(); + throw new CredentialsNotAvailableException("config.27", new Object[]{e.getMessage()}, e); + } + } + + public X509Credential getIDPAssertionSigningCredential() + throws CredentialsNotAvailableException { + try { + if (keyStore == null) + keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), + getKeyStorePassword()); + + MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter( + keyStore, getSignatureKeyAlias(), getSignatureKeyPassword().toCharArray()); + + credentials.setUsageType(UsageType.SIGNING); + if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { + Logger.error(getFriendlyName() + " Assertion Signing credentials is not found or contains no PrivateKey."); + throw new CredentialsNotAvailableException("config.27", new Object[]{getFriendlyName() + " Assertion Signing credentials (Alias: " + + getSignatureKeyAlias() + ") is not found or contains no PrivateKey."}); + + } + + return (X509Credential) credentials; + } catch (Exception e) { + Logger.error("Failed to generate " + getFriendlyName() + " Assertion Signing credentials"); + e.printStackTrace(); + throw new CredentialsNotAvailableException("config.27", new Object[]{e.getMessage()}, e); + } + } + + public X509Credential getIDPAssertionEncryptionCredential() + throws CredentialsNotAvailableException { + try { + if (keyStore == null) + keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), + getKeyStorePassword()); + + //if no encryption key is configured return null + if (MiscUtil.isEmpty(getEncryptionKeyAlias())) + return null; + + MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter( + keyStore, getEncryptionKeyAlias(), getEncryptionKeyPassword().toCharArray()); + + credentials.setUsageType(UsageType.ENCRYPTION); + + if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { + Logger.error(getFriendlyName() + " Assertion Encryption credentials is not found or contains no PrivateKey."); + throw new CredentialsNotAvailableException("config.27", new Object[]{getFriendlyName() + " Assertion Encryption credentials (Alias: " + + getEncryptionKeyAlias() + ") is not found or contains no PrivateKey."}); + + } + + return (X509Credential) credentials; + + } catch (Exception e) { + Logger.error("Failed to generate " + getFriendlyName() + " Assertion Encryption credentials"); + e.printStackTrace(); + throw new CredentialsNotAvailableException("config.27", new Object[]{e.getMessage()}, e); + } + } + + public static Signature getIDPSignature(Credential credentials) { + PrivateKey privatekey = credentials.getPrivateKey(); + Signature signer = SAML2Utils.createSAMLObject(Signature.class); + + if (privatekey instanceof RSAPrivateKey) { + signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); + + } else if (privatekey instanceof iaik.security.ecc.ecdsa.ECPrivateKey) { + signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1); + + } else { + Logger.warn("Could NOT evaluate the Private-Key type from " + credentials.getEntityId() + " credential."); + + + } + + signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + signer.setSigningCredential(credentials); + return signer; + + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java deleted file mode 100644 index d76e6c2f1..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java +++ /dev/null @@ -1,198 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.pvp2x.signer; - -import java.security.KeyStore; -import java.security.PrivateKey; -import java.security.interfaces.RSAPrivateKey; - -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.credential.UsageType; -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter; -import org.opensaml.xml.security.x509.X509Credential; -import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.SignatureConstants; - -import at.gv.egovernment.moa.id.opemsaml.MOAKeyStoreX509CredentialAdapter; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.KeyStoreUtils; -import at.gv.egovernment.moa.util.MiscUtil; - -public class CredentialProvider { - - private static KeyStore keyStore = null; - - public static X509Credential getIDPMetaDataSigningCredential() - throws CredentialsNotAvailableException { - PVPConfiguration config = PVPConfiguration.getInstance(); - try { - - if (keyStore == null) - keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(), - config.getIDPKeyStorePassword()); - - MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter( - keyStore, config.getIDPKeyAliasMetadata(), config - .getIDPKeyPasswordMetadata().toCharArray()); - - credentials.setUsageType(UsageType.SIGNING); - if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { - Logger.error("IDP Metadata Signing credentials is not found or contains no PrivateKey."); - throw new CredentialsNotAvailableException("IDP Assertion Signing credentials (Alias: " - + config.getIDPKeyAliasMetadata() + ") is not found or contains no PrivateKey.", null); - - } - return credentials; - } catch (Exception e) { - Logger.error("Failed to generate IDP Metadata Signing credentials"); - e.printStackTrace(); - throw new CredentialsNotAvailableException(e.getMessage(), null); - } - } - - public static X509Credential getIDPAssertionSigningCredential() - throws CredentialsNotAvailableException { - PVPConfiguration config = PVPConfiguration.getInstance(); - try { - if (keyStore == null) - keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(), - config.getIDPKeyStorePassword()); - - MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter( - keyStore, config.getIDPKeyAliasAssertionSign(), config - .getIDPKeyPasswordAssertionSign().toCharArray()); - - credentials.setUsageType(UsageType.SIGNING); - if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { - Logger.error("IDP Assertion Signing credentials is not found or contains no PrivateKey."); - throw new CredentialsNotAvailableException("IDP Assertion Signing credentials (Alias: " - + config.getIDPKeyAliasAssertionSign() + ") is not found or contains no PrivateKey.", null); - - } - - return (X509Credential) credentials; - } catch (Exception e) { - Logger.error("Failed to generate IDP Assertion Signing credentials"); - e.printStackTrace(); - throw new CredentialsNotAvailableException(e.getMessage(), null); - } - } - - public static X509Credential getIDPAssertionEncryptionCredential() - throws CredentialsNotAvailableException { - PVPConfiguration config = PVPConfiguration.getInstance(); - try { - if (keyStore == null) - keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(), - config.getIDPKeyStorePassword()); - - //if no encryption key is configured return null - if (MiscUtil.isEmpty(config.getIDPKeyAliasAssertionEncryption())) - return null; - - MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter( - keyStore, config.getIDPKeyAliasAssertionEncryption(), config - .getIDPKeyPasswordAssertionEncryption().toCharArray()); - - credentials.setUsageType(UsageType.ENCRYPTION); - - if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) { - Logger.error("IDP Assertion Encryption credentials is not found or contains no PrivateKey."); - throw new CredentialsNotAvailableException("IDP Assertion Encryption credentials (Alias: " - + config.getIDPKeyAliasAssertionEncryption() + ") is not found or contains no PrivateKey.", null); - - } - - return (X509Credential) credentials; - } catch (Exception e) { - Logger.error("Failed to generate IDP Assertion Encryption credentials"); - e.printStackTrace(); - throw new CredentialsNotAvailableException(e.getMessage(), null); - } - } - - public static Signature getIDPSignature(Credential credentials) { - - PrivateKey privatekey = credentials.getPrivateKey(); - - Signature signer = SAML2Utils.createSAMLObject(Signature.class); - - if (privatekey instanceof RSAPrivateKey) { - signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - - } else if (privatekey instanceof iaik.security.ecc.ecdsa.ECPrivateKey) { - signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1); - - } else { - Logger.warn("Could NOT evaluate the Private-Key type from PVP credential."); - - } - - signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - signer.setSigningCredential(credentials); - return signer; - - } - - public static Credential getSPTrustedCredential(String entityID) - throws CredentialsNotAvailableException { - - iaik.x509.X509Certificate cert = PVPConfiguration.getInstance() - .getTrustEntityCertificate(entityID); - - if (cert == null) { - throw new CredentialsNotAvailableException("ServiceProvider Certificate can not be loaded from Database", null); - } - - BasicX509Credential credential = new BasicX509Credential(); - credential.setEntityId(entityID); - credential.setUsageType(UsageType.SIGNING); - credential.setPublicKey(cert.getPublicKey()); - - return credential; - } - /* - * public static Credential getTrustedCredential() throws - * CredentialsNotAvailableException { String filename = - * PVPConfiguration.getInstance().getTrustEntityCertificate("sp.crt"); - * - * iaik.x509.X509Certificate cert; try { cert = new X509Certificate(new - * FileInputStream(new File(filename))); } catch (CertificateException e) { - * e.printStackTrace(); throw new - * CredentialsNotAvailableException(e.getMessage(), null); } catch - * (FileNotFoundException e) { e.printStackTrace(); throw new - * CredentialsNotAvailableException(e.getMessage(), null); } catch - * (IOException e) { e.printStackTrace(); throw new - * CredentialsNotAvailableException(e.getMessage(), null); } - * - * BasicX509Credential credential = new BasicX509Credential(); - * credential.setEntityId("sp.crt"); - * credential.setUsageType(UsageType.SIGNING); - * credential.setPublicKey(cert.getPublicKey()); - * - * return credential; } - */ -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialsNotAvailableException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialsNotAvailableException.java index a47c34c0b..85de666c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialsNotAvailableException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialsNotAvailableException.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.signer; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; public class CredentialsNotAvailableException extends MOAIDException { @@ -31,6 +31,11 @@ public class CredentialsNotAvailableException extends MOAIDException { super(messageId, parameters); } + public CredentialsNotAvailableException(String messageId, + Object[] parameters, Throwable e) { + super(messageId, parameters, e); + } + /** * */ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/IDPCredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/IDPCredentialProvider.java new file mode 100644 index 000000000..381289824 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/IDPCredentialProvider.java @@ -0,0 +1,179 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.signer; + +import java.util.Properties; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.MiscUtil; + +@Service("IDPCredentialProvider") +public class IDPCredentialProvider extends AbstractCredentialProvider { + public static final String IDP_JAVAKEYSTORE = "idp.ks.file"; + public static final String IDP_KS_PASS = "idp.ks.kspassword"; + + public static final String IDP_KEYALIASMETADATA = "idp.ks.metadata.alias"; + public static final String IDP_KEY_PASSMETADATA = "idp.ks.metadata.keypassword"; + + public static final String IDP_KEYALIASASSERTION = "idp.ks.assertion.sign.alias"; + public static final String IDP_KEY_PASSASSERTION = "idp.ks.assertion.sign.keypassword"; + + public static final String IDP_KEYALIASENCRYTPION = "sp.ks.assertion.encryption.alias"; + public static final String IDP_KEY_PASSENCRYTPION = "sp.ks.assertion.encryption.keypassword"; + + + private @Autowired AuthConfiguration authConfig; + private Properties props = null; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getKeyStoreFilePath() + */ + @Override + public String getKeyStoreFilePath() { + if (props == null) + props = authConfig.getGeneralPVP2ProperiesConfig(); + + return FileUtils.makeAbsoluteURL( + props.getProperty(IDP_JAVAKEYSTORE), + authConfig.getRootConfigFileDir()); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getKeyStorePassword() + */ + @Override + public String getKeyStorePassword() { + if (props == null) + props = authConfig.getGeneralPVP2ProperiesConfig(); + + String value = props.getProperty(IDP_KS_PASS); + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + else + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getMetadataKeyAlias() + */ + @Override + public String getMetadataKeyAlias() { + if (props == null) + props = authConfig.getGeneralPVP2ProperiesConfig(); + + String value = props.getProperty(IDP_KEYALIASMETADATA); + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + else + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getMetadataKeyPassword() + */ + @Override + public String getMetadataKeyPassword() { + if (props == null) + props = authConfig.getGeneralPVP2ProperiesConfig(); + + String value = props.getProperty(IDP_KEY_PASSMETADATA); + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + else + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getSignatureKeyAlias() + */ + @Override + public String getSignatureKeyAlias() { + if (props == null) + props = authConfig.getGeneralPVP2ProperiesConfig(); + + String value = props.getProperty(IDP_KEYALIASASSERTION); + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + else + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getSignatureKeyPassword() + */ + @Override + public String getSignatureKeyPassword() { + if (props == null) + props = authConfig.getGeneralPVP2ProperiesConfig(); + + String value = props.getProperty(IDP_KEY_PASSASSERTION); + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + else + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getEncryptionKeyAlias() + */ + @Override + public String getEncryptionKeyAlias() { + if (props == null) + props = authConfig.getGeneralPVP2ProperiesConfig(); + + String value = props.getProperty(IDP_KEYALIASENCRYTPION); + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + else + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getEncryptionKeyPassword() + */ + @Override + public String getEncryptionKeyPassword() { + if (props == null) + props = authConfig.getGeneralPVP2ProperiesConfig(); + + String value = props.getProperty(IDP_KEY_PASSENCRYTPION); + if (MiscUtil.isNotEmpty(value)) + return value.trim(); + else + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getCredentialName() + */ + @Override + public String getFriendlyName() { + return "IDP"; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java index 26b3bfbd1..106be8a09 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java @@ -24,9 +24,12 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.utils; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; +import java.util.Date; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Set; import org.opensaml.saml2.core.Assertion; import org.opensaml.saml2.core.Attribute; @@ -38,9 +41,6 @@ import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.core.Subject; import org.opensaml.xml.XMLObject; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; - import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; import at.gv.egovernment.moa.logging.Logger; @@ -50,13 +50,22 @@ public class AssertionAttributeExtractor { private Assertion assertion = null; private Map<String, List<String>> attributs = new HashMap<String, List<String>>(); - private PersonalAttributeList storkAttributes = new PersonalAttributeList(); + //private PersonalAttributeList storkAttributes = new PersonalAttributeList(); private final List<String> minimalAttributeNameList = Arrays.asList( PVPConstants.PRINCIPAL_NAME_NAME, - PVPConstants.GIVEN_NAME_NAME); - - + PVPConstants.GIVEN_NAME_NAME, + PVPConstants.ENC_BPK_LIST_NAME, + PVPConstants.BPK_NAME); + + /** + * Parse the SAML2 Response element and extracts included information + * <br><br> + * <b>INFO:</b> Actually, only the first SAML2 Assertion of the SAML2 Response is used! + * + * @param samlResponse SAML2 Response + * @throws AssertionAttributeExtractorExeption + */ public AssertionAttributeExtractor(StatusResponseType samlResponse) throws AssertionAttributeExtractorExeption { if (samlResponse != null && samlResponse instanceof Response) { List<Assertion> assertions = ((Response) samlResponse).getAssertions(); @@ -77,9 +86,9 @@ public class AssertionAttributeExtractor { for (XMLObject el : attr.getAttributeValues()) storkAttrValues.add(el.getDOM().getTextContent()); - PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(), - false, storkAttrValues , "Available"); - storkAttributes.put(attr.getName(), storkAttr ); +// PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(), +// false, storkAttrValues , "Available"); +// storkAttributes.put(attr.getName(), storkAttr ); } else { List<String> attrList = new ArrayList<String>(); @@ -98,6 +107,27 @@ public class AssertionAttributeExtractor { } /** + * Get all SAML2 attributes from first SAML2 AttributeStatement element + * + * @return List of SAML2 Attributes + */ + public List<Attribute> getAllResponseAttributesFromFirstAttributeStatement() { + return assertion.getAttributeStatements().get(0).getAttributes(); + + } + + /** + * Get all SAML2 attributes of specific SAML2 AttributeStatement element + * + * @param attrStatementID List ID of the AttributeStatement element + * @return List of SAML2 Attributes + */ + public List<Attribute> getAllResponseAttributes(int attrStatementID) { + return assertion.getAttributeStatements().get(attrStatementID).getAttributes(); + + } + + /** * check attributes from assertion with minimal required attribute list * @return */ @@ -108,33 +138,33 @@ public class AssertionAttributeExtractor { /** * check attributes from assertion with attributeNameList - * bPK or enc_bPK is always needed + * bPK or enc_bPK are always needed * * @param List of attributes which are required * * @return */ - public boolean containsAllRequiredAttributes(List<String> attributeNameList) { + public boolean containsAllRequiredAttributes(Collection<String> attributeNameList) { //first check if a bPK or an encrypted bPK is available - if (attributs.containsKey(PVPConstants.ENC_BPK_LIST_NAME) || - (attributs.containsKey(PVPConstants.BPK_NAME))) { - boolean flag = true; - for (String attr : attributeNameList) { - if (!attributs.containsKey(attr)) { - flag = false; - Logger.debug("Assertion contains no Attribute " + attr); - - } - + boolean flag = true; + for (String attr : attributeNameList) { + if (!attributs.containsKey(attr)) { + flag = false; + Logger.debug("Assertion contains no Attribute " + attr); + } - - return flag; - + } - Logger.debug("Assertion contains no bPK or encryptedbPK."); - return false; + if (flag) + return flag; + + else { + Logger.debug("Assertion contains no bPK or encryptedbPK."); + return false; + + } } public boolean containsAttribute(String attributeName) { @@ -155,10 +185,20 @@ public class AssertionAttributeExtractor { } - public PersonalAttributeList getSTORKAttributes() { - return storkAttributes; + /** + * Return all include PVP attribute names + * + * @return + */ + public Set<String> getAllIncludeAttributeNames() { + return attributs.keySet(); + } +// public PersonalAttributeList getSTORKAttributes() { +// return storkAttributes; +// } + public String getNameID() throws AssertionAttributeExtractorExeption { if (assertion.getSubject() != null) { @@ -209,6 +249,29 @@ public class AssertionAttributeExtractor { return assertion; } + + /** + * Get the Assertion validTo period + * + * Primarily, the 'SessionNotOnOrAfter' attribute in the SAML2 'AuthnStatment' element is used. + * If this is empty, this method returns value of SAML 'Conditions' element. + * + * @return Date, until this SAML2 assertion is valid + */ + public Date getAssertionNotOnOrAfter() { + if (getFullAssertion().getAuthnStatements() != null + && getFullAssertion().getAuthnStatements().size() > 0) { + for (AuthnStatement el : getFullAssertion().getAuthnStatements()) { + if (el.getSessionNotOnOrAfter() != null) + return (el.getSessionNotOnOrAfter().toDate()); + } + + } + + return getFullAssertion().getConditions().getNotOnOrAfter().toDate(); + + } + private AuthnStatement getAuthnStatement() throws AssertionAttributeExtractorExeption { List<AuthnStatement> authnList = assertion.getAuthnStatements(); if (authnList.size() == 0) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java index 75ef7e5a1..0426c2a6a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java @@ -35,9 +35,9 @@ import org.opensaml.xml.XMLObject; import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.SecurityException; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AbstractRequestSignedSecurityPolicyRule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AbstractRequestSignedSecurityPolicyRule.java index f62410656..86ca591ee 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AbstractRequestSignedSecurityPolicyRule.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AbstractRequestSignedSecurityPolicyRule.java @@ -139,7 +139,7 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit throw new SecurityPolicyException("Signature validation FAILED."); } - Logger.debug("PVP AuthnRequest signature valid."); + Logger.debug("PVP message signature valid."); } catch (org.opensaml.xml.security.SecurityException e) { Logger.info("PVP2x message signature validation FAILED. Message:" + e.getMessage()); @@ -148,7 +148,7 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit } } else { - throw new SecurityPolicyException("Request is not signed."); + throw new SecurityPolicyException("PVP Message is not signed."); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ChainSAMLValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ChainSAMLValidator.java index 0b2bbafeb..a9f9b206e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ChainSAMLValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ChainSAMLValidator.java @@ -28,7 +28,7 @@ import java.util.List; import org.opensaml.saml2.core.RequestAbstractType; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; public class ChainSAMLValidator implements ISAMLValidator { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ISAMLValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ISAMLValidator.java index f9dab1cb5..4f697d986 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ISAMLValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/ISAMLValidator.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.validation; import org.opensaml.saml2.core.RequestAbstractType; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; public interface ISAMLValidator { public void validateRequest(RequestAbstractType request) throws MOAIDException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/MOAPVPSignedRequestPolicyRule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/MOAPVPSignedRequestPolicyRule.java index 932f3b818..7b3f890e9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/MOAPVPSignedRequestPolicyRule.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/MOAPVPSignedRequestPolicyRule.java @@ -25,10 +25,12 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.validation; import javax.xml.namespace.QName; import org.opensaml.common.SignableSAMLObject; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.xml.XMLObject; import org.opensaml.xml.signature.SignatureTrustEngine; -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IMOARefreshableMetadataProvider; +import at.gv.egovernment.moa.logging.Logger; /** * @author tlenz @@ -37,13 +39,19 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; public class MOAPVPSignedRequestPolicyRule extends AbstractRequestSignedSecurityPolicyRule { + private IMOARefreshableMetadataProvider metadataProvider = null; + /** + * @param metadataProvider * @param trustEngine * @param peerEntityRole */ - public MOAPVPSignedRequestPolicyRule(SignatureTrustEngine trustEngine, + public MOAPVPSignedRequestPolicyRule(MetadataProvider metadataProvider, SignatureTrustEngine trustEngine, QName peerEntityRole) { super(trustEngine, peerEntityRole); + if (metadataProvider instanceof IMOARefreshableMetadataProvider) + this.metadataProvider = (IMOARefreshableMetadataProvider) metadataProvider; + } /* (non-Javadoc) @@ -51,7 +59,10 @@ public class MOAPVPSignedRequestPolicyRule extends */ @Override protected boolean refreshMetadataProvider(String entityID) { - return MOAMetadataProvider.getInstance().refreshMetadataProvider(entityID); + if (metadataProvider != null) + return metadataProvider.refreshMetadataProvider(entityID); + + return false; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java index d65b847dc..952a6024a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/SAMLSignatureValidator.java @@ -27,7 +27,7 @@ import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.security.SAMLSignatureProfileValidator; import org.opensaml.xml.validation.ValidationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException; public class SAMLSignatureValidator implements ISAMLValidator { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/ChainSAMLVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/ChainSAMLVerifier.java index 749f613f8..d0596d50b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/ChainSAMLVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/ChainSAMLVerifier.java @@ -28,7 +28,7 @@ import java.util.List; import org.opensaml.saml2.core.RequestAbstractType; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; public class ChainSAMLVerifier implements ISAMLVerifier { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java index 69c760f19..2ded32bac 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java @@ -29,17 +29,20 @@ import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.security.SAMLSignatureProfileValidator; import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.credential.UsageType; +import org.opensaml.xml.security.x509.BasicX509Credential; import org.opensaml.xml.signature.SignatureValidator; import org.opensaml.xml.validation.ValidationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; @@ -50,7 +53,7 @@ public class EntityVerifier { // List<OnlineApplication> oaList = ConfigurationDBRead // .getAllActiveOnlineApplications(); try { - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); + IOAAuthParameters oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); String certBase64 = oa.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); if (MiscUtil.isNotEmpty(certBase64)) { @@ -83,8 +86,7 @@ public class EntityVerifier { throw new SAMLRequestNotSignedException(e); } - Credential credential = CredentialProvider - .getSPTrustedCredential(entityDescriptor.getEntityID()); + Credential credential = getSPTrustedCredential(entityDescriptor.getEntityID()); if (credential == null) { throw new NoCredentialsException(entityDescriptor.getEntityID()); } @@ -171,8 +173,7 @@ public class EntityVerifier { + " entryID is used to select the certificate to perform Metadata verification."); } - Credential credential = CredentialProvider - .getSPTrustedCredential(entities.get(0).getEntityID()); + Credential credential = getSPTrustedCredential(entities.get(0).getEntityID()); if (credential == null) { throw new NoCredentialsException("moaID IDP"); @@ -188,5 +189,23 @@ public class EntityVerifier { } } } + + public static Credential getSPTrustedCredential(String entityID) + throws CredentialsNotAvailableException { + + iaik.x509.X509Certificate cert = PVPConfiguration.getInstance() + .getTrustEntityCertificate(entityID); + + if (cert == null) { + throw new CredentialsNotAvailableException("ServiceProvider Certificate can not be loaded from Database", null); + } + + BasicX509Credential credential = new BasicX509Credential(); + credential.setEntityId(entityID); + credential.setUsageType(UsageType.SIGNING); + credential.setPublicKey(cert.getPublicKey()); + + return credential; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/ISAMLVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/ISAMLVerifier.java index 8bbf8ee1a..e032edc9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/ISAMLVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/ISAMLVerifier.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.verification; import org.opensaml.saml2.core.RequestAbstractType; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; public interface ISAMLVerifier { public void verifyRequest(RequestAbstractType request) throws MOAIDException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java index 812e27a36..f384dd511 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java @@ -22,58 +22,39 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.verification; -import java.util.ArrayList; -import java.util.List; - import javax.xml.namespace.QName; import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; -import org.joda.time.DateTime; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.common.xml.SAMLSchemaBuilder; -import org.opensaml.saml2.core.Conditions; -import org.opensaml.saml2.core.EncryptedAssertion; import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.Response; -import org.opensaml.saml2.core.StatusCode; import org.opensaml.saml2.core.StatusResponseType; -import org.opensaml.saml2.encryption.Decrypter; -import org.opensaml.saml2.encryption.EncryptedElementTypeEncryptedKeyResolver; import org.opensaml.saml2.metadata.IDPSSODescriptor; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.security.MetadataCriteria; import org.opensaml.security.SAMLSignatureProfileValidator; -import org.opensaml.xml.encryption.ChainingEncryptedKeyResolver; -import org.opensaml.xml.encryption.DecryptionException; -import org.opensaml.xml.encryption.InlineEncryptedKeyResolver; -import org.opensaml.xml.encryption.SimpleRetrievalMethodEncryptedKeyResolver; import org.opensaml.xml.security.CriteriaSet; import org.opensaml.xml.security.credential.UsageType; import org.opensaml.xml.security.criteria.EntityIDCriteria; import org.opensaml.xml.security.criteria.UsageCriteria; -import org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver; -import org.opensaml.xml.security.x509.X509Credential; import org.opensaml.xml.signature.SignatureTrustEngine; import org.opensaml.xml.validation.ValidationException; +import org.springframework.stereotype.Service; import org.w3c.dom.Element; import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SchemaValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; +@Service("SAMLVerificationEngine") public class SAMLVerificationEngine { public void verify(InboundMessage msg, SignatureTrustEngine sigTrustEngine ) throws org.opensaml.xml.security.SecurityException, Exception { @@ -178,117 +159,8 @@ public class SAMLVerificationEngine { throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); } } - - public static void validateAssertion(Response samlResp, boolean validateDestination) throws AssertionValidationExeption { - try { - if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { - List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>(); - - List<String> allowedPublicURLPrefix = - AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); - boolean isValidDestination = false; - for (String allowedPreFix : allowedPublicURLPrefix) { - if (validateDestination && samlResp.getDestination().startsWith( - allowedPreFix)) { - isValidDestination = true; - break; - - } - } - if (!isValidDestination) { - Logger.warn("PVP 2.1 assertion destination does not match to IDP URL"); - throw new AssertionValidationExeption("PVP 2.1 assertion destination does not match to IDP URL", null); - - } - - //check encrypted Assertion - List<EncryptedAssertion> encryAssertionList = samlResp.getEncryptedAssertions(); - if (encryAssertionList != null && encryAssertionList.size() > 0) { - //decrypt assertions - - Logger.debug("Found encryped assertion. Start decryption ..."); - - X509Credential authDecCredential = CredentialProvider.getIDPAssertionEncryptionCredential(); - - StaticKeyInfoCredentialResolver skicr = - new StaticKeyInfoCredentialResolver(authDecCredential); - - ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(); - encryptedKeyResolver.getResolverChain().add( new InlineEncryptedKeyResolver() ); - encryptedKeyResolver.getResolverChain().add( new EncryptedElementTypeEncryptedKeyResolver() ); - encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() ); - - Decrypter samlDecrypter = - new Decrypter(null, skicr, encryptedKeyResolver); - - for (EncryptedAssertion encAssertion : encryAssertionList) { - saml2assertions.add(samlDecrypter.decrypt(encAssertion)); - - } - - Logger.debug("Assertion decryption finished. "); - - } else { - saml2assertions.addAll(samlResp.getAssertions()); - - } - - List<org.opensaml.saml2.core.Assertion> validatedassertions = new ArrayList<org.opensaml.saml2.core.Assertion>(); - for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { - - try { - performSchemaValidation(saml2assertion.getDOM()); - - Conditions conditions = saml2assertion.getConditions(); - DateTime notbefore = conditions.getNotBefore().minusMinutes(5); - DateTime notafter = conditions.getNotOnOrAfter(); - if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) { - Logger.warn("PVP2 Assertion is out of Date. " - + "{ Current : " + new DateTime() - + " NotBefore: " + notbefore - + " NotAfter : " + notafter - + " }");; - - } else { - validatedassertions.add(saml2assertion); - - } - - } catch (SchemaValidationException e) { - - } - } - - if (validatedassertions.isEmpty()) { - Logger.info("No valid PVP 2.1 assertion received."); - throw new AssertionValidationExeption("No valid PVP 2.1 assertion received.", null); - } - - samlResp.getAssertions().clear(); - samlResp.getEncryptedAssertions().clear(); - samlResp.getAssertions().addAll(validatedassertions); - - } else { - Logger.info("PVP 2.1 assertion includes an error. Receive errorcode " - + samlResp.getStatus().getStatusCode().getValue()); - throw new AssertionValidationExeption("PVP 2.1 assertion includes an error. Receive errorcode " - + samlResp.getStatus().getStatusCode().getValue(), null); - } - - } catch (CredentialsNotAvailableException e) { - Logger.warn("Assertion decrypt FAILED - No Credentials", e); - throw new AssertionValidationExeption("Assertion decrypt FAILED - No Credentials", null, e); - - } catch (DecryptionException e) { - Logger.warn("Assertion decrypt FAILED.", e); - throw new AssertionValidationExeption("Assertion decrypt FAILED.", null, e); - - } catch (ConfigurationException e) { - throw new AssertionValidationExeption("pvp.12", null, e); - } - } - - private static void performSchemaValidation(Element source) throws SchemaValidationException { + + protected void performSchemaValidation(Element source) throws SchemaValidationException { String err = null; try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngineSP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngineSP.java new file mode 100644 index 000000000..385fe90fb --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngineSP.java @@ -0,0 +1,261 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.verification; + +import java.util.ArrayList; +import java.util.List; + +import org.joda.time.DateTime; +import org.opensaml.common.binding.decoding.BasicURLComparator; +import org.opensaml.saml2.core.Audience; +import org.opensaml.saml2.core.AudienceRestriction; +import org.opensaml.saml2.core.Conditions; +import org.opensaml.saml2.core.EncryptedAssertion; +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.saml2.core.validator.AudienceRestrictionSchemaValidator; +import org.opensaml.saml2.core.validator.AudienceSchemaValidator; +import org.opensaml.saml2.encryption.Decrypter; +import org.opensaml.saml2.encryption.EncryptedElementTypeEncryptedKeyResolver; +import org.opensaml.xml.encryption.ChainingEncryptedKeyResolver; +import org.opensaml.xml.encryption.DecryptionException; +import org.opensaml.xml.encryption.InlineEncryptedKeyResolver; +import org.opensaml.xml.encryption.SimpleRetrievalMethodEncryptedKeyResolver; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver; +import org.opensaml.xml.validation.ValidationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SchemaValidationException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Service("SAMLVerificationEngineSP") +public class SAMLVerificationEngineSP extends SAMLVerificationEngine { + + @Autowired AuthConfiguration authConfig; + + /** + * Validate a PVP response and all included assertions + * + * @param samlResp + * @param validateDestination + * @param assertionDecryption + * @param spEntityID + * @param loggerSPName + * @throws AssertionValidationExeption + */ + public void validateAssertion(Response samlResp, boolean validateDestination, Credential assertionDecryption, String spEntityID, String loggerSPName) throws AssertionValidationExeption { + validateAssertion(samlResp, validateDestination, assertionDecryption, spEntityID, loggerSPName, true); + + } + + + public void validateAssertion(Response samlResp, boolean validateDestination, Credential assertionDecryption, String spEntityID, String loggerSPName, + boolean validateDateTime) throws AssertionValidationExeption { + try { + if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { + List<org.opensaml.saml2.core.Assertion> saml2assertions = new ArrayList<org.opensaml.saml2.core.Assertion>(); + + //validate destination URL + List<String> allowedPublicURLPrefix = authConfig.getPublicURLPrefix(); + boolean isValidDestination = false; + for (String allowedPreFix : allowedPublicURLPrefix) { + if (validateDestination && samlResp.getDestination().startsWith( + allowedPreFix)) { + isValidDestination = true; + break; + + } + } + if (!isValidDestination && validateDestination) { + Logger.warn("PVP 2.1 assertion destination does not match to IDP URL"); + throw new AssertionValidationExeption("sp.pvp2.07", new Object[]{loggerSPName, "'Destination' attribute is not valid"}); + + } + + //validate response issueInstant + DateTime issueInstant = samlResp.getIssueInstant(); + if (issueInstant == null) { + Logger.warn("PVP response does not include a 'IssueInstant' attribute"); + throw new AssertionValidationExeption("sp.pvp2.07", new Object[]{loggerSPName, "'IssueInstant' attribute is not included"}); + + } + if (validateDateTime && issueInstant.minusMinutes(MOAIDAuthConstants.TIME_JITTER).isAfterNow()) { + Logger.warn("PVP response: IssueInstant DateTime is not valid anymore."); + throw new AssertionValidationExeption("sp.pvp2.07", new Object[]{loggerSPName, "'IssueInstant' Time is not valid any more"}); + + } + + + //check encrypted Assertions + List<EncryptedAssertion> encryAssertionList = samlResp.getEncryptedAssertions(); + if (encryAssertionList != null && encryAssertionList.size() > 0) { + //decrypt assertions + Logger.debug("Found encryped assertion. Start decryption ..."); + + StaticKeyInfoCredentialResolver skicr = + new StaticKeyInfoCredentialResolver(assertionDecryption); + + ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(); + encryptedKeyResolver.getResolverChain().add( new InlineEncryptedKeyResolver() ); + encryptedKeyResolver.getResolverChain().add( new EncryptedElementTypeEncryptedKeyResolver() ); + encryptedKeyResolver.getResolverChain().add( new SimpleRetrievalMethodEncryptedKeyResolver() ); + + Decrypter samlDecrypter = new Decrypter(null, skicr, encryptedKeyResolver); + + for (EncryptedAssertion encAssertion : encryAssertionList) + saml2assertions.add(samlDecrypter.decrypt(encAssertion)); + + Logger.debug("Assertion decryption finished. "); + + } else { + saml2assertions.addAll(samlResp.getAssertions()); + + } + + //validate all assertions + List<org.opensaml.saml2.core.Assertion> validatedassertions = new ArrayList<org.opensaml.saml2.core.Assertion>(); + for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) { + + boolean isAssertionValid = true; + try { + //schema validation + performSchemaValidation(saml2assertion.getDOM()); + + + //validate DateTime conditions + Conditions conditions = saml2assertion.getConditions(); + if (conditions != null) { + DateTime notbefore = conditions.getNotBefore().minusMinutes(5); + DateTime notafter = conditions.getNotOnOrAfter(); + if (validateDateTime && + (notbefore.isAfterNow() || notafter.isBeforeNow()) ) { + isAssertionValid = false; + Logger.info("Assertion:" + saml2assertion.getID() + + " is out of Date. " + + "{ Current : " + new DateTime() + + " NotBefore: " + notbefore + + " NotAfter : " + notafter + + " }");; + + } + + //validate audienceRestrictions are valid for this SP + List<AudienceRestriction> audienceRest = conditions.getAudienceRestrictions(); + if (audienceRest == null || audienceRest.size() == 0) { + Logger.info("Assertion:" + saml2assertion.getID() + + " has not 'AudienceRestriction' element"); + isAssertionValid = false; + + } else { + for (AudienceRestriction el : audienceRest) { + el.registerValidator(new AudienceRestrictionSchemaValidator()); + el.validate(false); + + for (Audience audience : el.getAudiences()) { + audience.registerValidator(new AudienceSchemaValidator()); + audience.validate(false); + + if (!urlCompare(spEntityID, audience.getAudienceURI())) { + Logger.info("Assertion:" + saml2assertion.getID() + + " 'AudienceRestriction' is not valid."); + isAssertionValid = false; + + } + } + } + } + + } else { + Logger.info("Assertion:" + saml2assertion.getID() + + " contains not 'Conditions' element"); + isAssertionValid = false; + + } + + //add assertion if it is valid + if (isAssertionValid) { + Logger.debug("Add valid Assertion:" + saml2assertion.getID()); + validatedassertions.add(saml2assertion); + + } else + Logger.warn("Remove non-valid Assertion:" + saml2assertion.getID()); + + } catch (SchemaValidationException e) { + isAssertionValid = false; + Logger.info("Assertion:" + saml2assertion.getID() + + " Schema validation FAILED. Msg:" + e.getMessage()); + + } catch (ValidationException e) { + isAssertionValid = false; + Logger.info("Assertion:" + saml2assertion.getID() + + " AudienceRestriction schema-validation FAILED. Msg:" + e.getMessage()); + + } + } + + if (validatedassertions.isEmpty()) { + Logger.info("No valid PVP 2.1 assertion received."); + throw new AssertionValidationExeption("sp.pvp2.10", new Object[]{loggerSPName}); + + } + + samlResp.getAssertions().clear(); + samlResp.getEncryptedAssertions().clear(); + samlResp.getAssertions().addAll(validatedassertions); + + } else { + Logger.info("PVP 2.1 assertion includes an error. Receive errorcode " + + samlResp.getStatus().getStatusCode().getValue()); + throw new AssertionValidationExeption("sp.pvp2.05", + new Object[]{loggerSPName, + samlResp.getIssuer().getValue(), + samlResp.getStatus().getStatusCode().getValue(), + samlResp.getStatus().getStatusMessage().getMessage()}); + + } + + } catch (DecryptionException e) { + Logger.warn("Assertion decrypt FAILED.", e); + throw new AssertionValidationExeption("sp.pvp2.11", null, e); + + } catch (ConfigurationException e) { + throw new AssertionValidationExeption("pvp.12", null, e); + } + } + + protected static boolean urlCompare(String url1, String url2) { + BasicURLComparator comparator = new BasicURLComparator(); + comparator.setCaseInsensitive(false); + return comparator.compare(url1, url2); + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/TrustEngineFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/TrustEngineFactory.java index 67a91f6e1..3ea124db6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/TrustEngineFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/TrustEngineFactory.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.verification; import java.util.ArrayList; import java.util.List; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.security.MetadataCredentialResolver; import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver; import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver; @@ -35,8 +36,6 @@ import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider; import org.opensaml.xml.signature.SignatureTrustEngine; import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine; //import org.opensaml.xml.signature.impl.PKIXSignatureTrustEngine; - -import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; //import edu.internet2.middleware.shibboleth.common.security.MetadataPKIXValidationInformationResolver; public class TrustEngineFactory { @@ -65,11 +64,10 @@ public class TrustEngineFactory { // } // } - public static SignatureTrustEngine getSignatureKnownKeysTrustEngine() { + public static SignatureTrustEngine getSignatureKnownKeysTrustEngine(MetadataProvider provider) { MetadataCredentialResolver resolver; - resolver = new MetadataCredentialResolver( - MOAMetadataProvider.getInstance()); + resolver = new MetadataCredentialResolver(provider); List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>(); keyInfoProvider.add(new DSAKeyValueProvider()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MOASPMetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MOASPMetadataSignatureFilter.java new file mode 100644 index 000000000..3d69b0380 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MOASPMetadataSignatureFilter.java @@ -0,0 +1,128 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata; + +import java.io.IOException; + +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactoryConfigurationError; + +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.provider.FilterException; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.xml.XMLObject; + +import at.gv.egovernment.moa.id.auth.builder.SignatureVerificationUtils; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * @author tlenz + * + */ +public class MOASPMetadataSignatureFilter implements MetadataFilter { + + private String trustProfileID = null; + + /** + * + */ + public MOASPMetadataSignatureFilter(String trustProfileID) { + this.trustProfileID = trustProfileID; + + } + + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) + */ + @Override + public void doFilter(XMLObject metadata) throws FilterException { + if (metadata instanceof EntityDescriptor) { + if (((EntityDescriptor) metadata).isSigned()) { + EntityDescriptor entityDes = (EntityDescriptor) metadata; + //check signature; + try { + byte[] serialized = DOMUtils.serializeNode(metadata.getDOM(), "UTF-8"); + +// Transformer transformer = TransformerFactory.newInstance() +// .newTransformer(); +// StringWriter sw = new StringWriter(); +// StreamResult sr = new StreamResult(sw); +// DOMSource source = new DOMSource(metadata.getDOM()); +// transformer.transform(source, sr); +// sw.close(); +// String metadataXML = sw.toString(); + + SignatureVerificationUtils sigVerify = + new SignatureVerificationUtils(); + VerifyXMLSignatureResponse result = sigVerify.verify( + serialized, trustProfileID); + + //check signature-verification result + if (result.getSignatureCheckCode() != 0) { + Logger.warn("Metadata signature-verification FAILED!" + + " Metadata: " + entityDes.getEntityID() + + " StatusCode:" + result.getSignatureCheckCode()); + throw new FilterException("Metadata signature-verification FAILED!" + + " Metadata: " + entityDes.getEntityID() + + " StatusCode:" + result.getSignatureCheckCode()); + + } + + if (result.getCertificateCheckCode() != 0) { + Logger.warn("Metadata certificate-verification FAILED!" + + " Metadata: " + entityDes.getEntityID() + + " StatusCode:" + result.getCertificateCheckCode()); + throw new FilterException("Metadata certificate-verification FAILED!" + + " Metadata: " + entityDes.getEntityID() + + " StatusCode:" + result.getCertificateCheckCode()); + + } + + + } catch (MOAIDException | TransformerFactoryConfigurationError | TransformerException | IOException e) { + Logger.error("Metadata verification has an interal error.", e); + throw new FilterException("Metadata verification has an interal error." + + " Message:" + e.getMessage()); + + } + + + } else { + Logger.warn("Metadata root-element MUST be signed."); + throw new FilterException("Metadata root-element MUST be signed.'"); + + } + + } else { + Logger.warn("Metadata root-element is not of type 'EntityDescriptor'"); + throw new FilterException("Metadata root-element is not of type 'EntityDescriptor'"); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataFilterChain.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataFilterChain.java deleted file mode 100644 index 4e1d939ff..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataFilterChain.java +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata; - -import java.security.cert.CertificateException; -import java.util.ArrayList; -import java.util.List; - -import org.opensaml.saml2.metadata.provider.FilterException; -import org.opensaml.saml2.metadata.provider.MetadataFilter; -import org.opensaml.xml.XMLObject; - -import at.gv.egovernment.moa.logging.Logger; - -/** - * @author tlenz - * - */ -public class MetadataFilterChain implements MetadataFilter { - - private List<MetadataFilter> filters = new ArrayList<MetadataFilter>(); - - /** - * @throws CertificateException - * - */ - public MetadataFilterChain(String url, byte[] certificate) throws CertificateException { - addDefaultFilters(url, certificate); - } - - public void addDefaultFilters(String url, byte[] certificate) throws CertificateException { - filters.add(new MetadataSignatureFilter(url, certificate)); - - } - - /** - * @return the filter - */ - public List<MetadataFilter> getFilters() { - return filters; - } - - - /* (non-Javadoc) - * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) - */ - @Override - public void doFilter(XMLObject arg0) throws FilterException { - for (MetadataFilter filter : filters) { - Logger.trace("Use MOAMetadatafilter " + filter.getClass().getName()); - filter.doFilter(arg0); - } - - } - - - - - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java index 149874ce0..679bdd10f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/MetadataSignatureFilter.java @@ -36,8 +36,7 @@ import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.xml.XMLObject; import org.opensaml.xml.security.x509.BasicX509Credential; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; - +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPMetadataFilterChain.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPMetadataFilterChain.java new file mode 100644 index 000000000..4c1da747b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/PVPMetadataFilterChain.java @@ -0,0 +1,54 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata; + +import java.security.cert.CertificateException; + +import at.gv.egovernment.moa.id.saml2.MetadataFilterChain; + +/** + * @author tlenz + * + */ +public class PVPMetadataFilterChain extends MetadataFilterChain { + + + /** + * @throws CertificateException + * + */ + public PVPMetadataFilterChain(String url, byte[] certificate) throws CertificateException { + addDefaultFilters(url, certificate); + } + + public void addDefaultFilters(String url, byte[] certificate) throws CertificateException { + addFilter(new MetadataSignatureFilter(url, certificate)); + + } + + + + + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java index 1aca587c9..83a2b61d2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java @@ -22,19 +22,16 @@ */ package at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata; -import org.opensaml.saml2.metadata.provider.FilterException; -import org.opensaml.saml2.metadata.provider.MetadataFilter; -import org.opensaml.xml.XMLObject; - import javax.xml.transform.dom.DOMSource; import javax.xml.validation.Schema; import javax.xml.validation.Validator; import org.opensaml.common.xml.SAMLSchemaBuilder; - +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.xml.XMLObject; import org.xml.sax.SAXException; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/saml2/MetadataFilterChain.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/saml2/MetadataFilterChain.java new file mode 100644 index 000000000..e7412a0fc --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/saml2/MetadataFilterChain.java @@ -0,0 +1,73 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.saml2; + +import java.util.ArrayList; +import java.util.List; + +import org.opensaml.saml2.metadata.provider.FilterException; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.xml.XMLObject; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class MetadataFilterChain implements MetadataFilter { + + private List<MetadataFilter> filters = new ArrayList<MetadataFilter>(); + + /** + * Return all actually used Metadata filters + * + * @return List of Metadata filters + */ + public List<MetadataFilter> getFilters() { + return filters; + } + + /** + * Add a new Metadata filter to filterchain + * + * @param filter + */ + public void addFilter(MetadataFilter filter) { + filters.add(filter); + } + + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) + */ + @Override + public void doFilter(XMLObject arg0) throws FilterException { + for (MetadataFilter filter : filters) { + Logger.trace("Use MOAMetadataFilter " + filter.getClass().getName()); + filter.doFilter(arg0); + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java deleted file mode 100644 index 3b97f3b08..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java +++ /dev/null @@ -1,227 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.storage; - -import java.io.Serializable; -import java.util.Date; -import java.util.List; - -import org.apache.commons.lang.SerializationUtils; -import org.hibernate.HibernateException; -import org.hibernate.Query; -import org.hibernate.Session; - -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class AssertionStorage { - - private static AssertionStorage instance = null; - - public static AssertionStorage getInstance() { - if(instance == null) { - instance = new AssertionStorage(); - } - return instance; - } - - public boolean containsKey(String artifact) { - try { - searchInDatabase(artifact); - return true; - - } catch (MOADatabaseException e) { - return false; - } - - } - - public void put(String artifact, Object assertion) throws MOADatabaseException { - //setup AssertionStore element - AssertionStore element = new AssertionStore(); - element.setArtifact(artifact); - element.setType(assertion.getClass().getName()); - element.setDatatime(new Date()); - - //serialize the Assertion for Database storage - byte[] data = SerializationUtils.serialize((Serializable) assertion); - element.setAssertion(data); - - //store AssertionStore element to Database - try { - MOASessionDBUtils.saveOrUpdate(element); - Logger.info(assertion.getClass().getName() + " with ID: " + artifact + " is stored in Database"); - } catch (MOADatabaseException e) { - Logger.warn("Sessioninformation could not be stored."); - throw new MOADatabaseException(e); - } - - } - - - /** - * @param samlArtifact - * @param class1 - * @param authdatatimeout - * @return - * @throws MOADatabaseException - * @throws AuthenticationException - */ - public <T> T get(String samlArtifact, - final Class<T> clazz) throws MOADatabaseException { - - try { - return get(samlArtifact, clazz, -1); - - } catch (AuthenticationException e) { - //this execption only occurs if an additional timeOut is used - Logger.error("This exeption should not occur!!!!", e); - return null; - } - } - - public <T> T get(String artifact, final Class<T> clazz, long authdatatimeout) throws MOADatabaseException, AuthenticationException { - - AssertionStore element = searchInDatabase(artifact); - - if (authdatatimeout > -1) { - //check timeout - long now = new Date().getTime(); - - if (now - element.getDatatime().getTime() > authdatatimeout) - throw new AuthenticationException("1207", new Object[] { artifact }); - } - - - //Deserialize Assertion - Object data = SerializationUtils.deserialize(element.getAssertion()); - - //check if assertion has the correct class type - try { - @SuppressWarnings("unchecked") - T test = (T) Class.forName(element.getType()).cast(data); - return test; - - } catch (Exception e) { - Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + artifact); - throw new MOADatabaseException("Sessioninformation Cast-Exception"); - } - } - - public void clean(long now, long authDataTimeOut) { - Date expioredate = new Date(now - authDataTimeOut); - - List<AssertionStore> results; - Session session = MOASessionDBUtils.getCurrentSession(); - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAssertionWithTimeOut"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - - if (results.size() != 0) { - for(AssertionStore result : results) { - try { - cleanDelete(result); - Logger.info("Remove stored information with ID: " + result.getArtifact() - + " after timeout."); - - } catch (HibernateException e){ - Logger.warn("Sessioninformation with ID=" + result.getArtifact() - + " not removed after timeout! (Error during Database communication)", e); - } - - } - } - } - } - - public void remove(String artifact) { - - try { - AssertionStore element = searchInDatabase(artifact); - cleanDelete(element); - Logger.info("Remove stored information with ID: " + artifact); - - - } catch (MOADatabaseException e) { - Logger.info("Sessioninformation not removed! (Sessioninformation with ID=" + artifact - + "not found)"); - - } catch (HibernateException e) { - Logger.warn("Sessioninformation not removed! (Error during Database communication)", e); - } - } - - private void cleanDelete(AssertionStore element) { - try { - element.setAssertion("blank".getBytes()); - MOASessionDBUtils.saveOrUpdate(element); - - } catch (MOADatabaseException e) { - Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e); - - } finally { - if (!MOASessionDBUtils.delete(element)) - Logger.error("ShortTime session with artifact=" + element.getArtifact() - + " not removed! (Error during Database communication)"); - - } - - } - - @SuppressWarnings("rawtypes") - private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException { - MiscUtil.assertNotNull(artifact, "artifact"); - Logger.trace("Getting sessioninformation with ID " + artifact + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - List result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getAssertionWithArtifact"); - query.setParameter("artifact", artifact); - result = query.list(); - - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No sessioninformation found with this ID"); - } - - return (AssertionStore) result.get(0); - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java deleted file mode 100644 index 9dee39fe8..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java +++ /dev/null @@ -1,1130 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.storage; - -import java.util.ArrayList; -import java.util.Date; -import java.util.List; - -import org.apache.commons.lang.SerializationUtils; -import org.apache.commons.lang.StringEscapeUtils; -import org.hibernate.HibernateException; -import org.hibernate.Query; -import org.hibernate.Session; -import org.hibernate.Transaction; - -import com.fasterxml.jackson.core.JsonProcessingException; - -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.commons.utils.JsonMapper; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.EncryptedData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAOImpl; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; -import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.id.util.SessionEncrytionUtil; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class AuthenticationSessionStoreage { - - //private static HashMap<String, AuthenticationSession> sessionStore = new HashMap<String, AuthenticationSession>(); - - private static JsonMapper mapper = new JsonMapper(); - - public static boolean isAuthenticated(String moaSessionID) { - - AuthenticatedSessionStore session; - - try { - session = searchInDatabase(moaSessionID, true); - return session.isAuthenticated(); - - } catch (MOADatabaseException e) { - return false; - } - } - - public static AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException { - String id = Random.nextRandom(); - try { - AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore(); - dbsession.setSessionid(id); - dbsession.setAuthenticated(false); - - //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 - Date now = new Date(); - dbsession.setCreated(now); - dbsession.setUpdated(now); - - dbsession.setPendingRequestID(target.getRequestID()); - - //set additional session informations - AuthenticationSessionExtensions sessionExt = new AuthenticationSessionExtensions(); - sessionExt.setUniqueSessionId(target.getSessionIdentifier()); - dbsession.setAdditionalInformation(mapper.serialize(sessionExt)); - - AuthenticationSession session = new AuthenticationSession(id, now); - encryptSession(session, dbsession); - - //store AssertionStore element to Database - MOASessionDBUtils.saveOrUpdate(dbsession); - Logger.info("Create MOASession with sessionID: " + id); - - return session; - - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be created."); - throw new MOADatabaseException(e); - - } catch (JsonProcessingException e) { - Logger.warn("Extended session information can not be stored.", e); - throw new MOADatabaseException(e); - - } - - } - - public static AuthenticationSession getSession(String sessionID) throws MOADatabaseException { - - try { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); - return decryptSession(dbsession); - - } catch (MOADatabaseException e) { - Logger.info("No MOA Session with id: " + sessionID); - throw new MOADatabaseException("No MOA Session with id: " + sessionID); - - } catch (Throwable e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + sessionID, e); - throw new MOADatabaseException("MOASession deserialization-exception"); - } - } - - public static AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); - - if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) { - try { - return (AuthenticationSessionExtensions)mapper.deserialize(dbsession.getAdditionalInformation(), - AuthenticationSessionExtensions.class); - - } catch (Exception e) { - Logger.warn("Extended session information extraction FAILED!", e); - } - } - return null; - - } - - public static void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException { - try { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); - - dbsession.setAdditionalInformation( - mapper.serialize(sessionExtensions)); - - MOASessionDBUtils.saveOrUpdate(dbsession); - Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database"); - - - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be stored."); - throw new MOADatabaseException(e); - - } catch (JsonProcessingException e) { - Logger.warn("Extended session information can not be stored.", e); - throw new MOADatabaseException("Extended session information can not be stored.", e); - - } - - } - - public static void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException { - storeSession(session, null); - } - - public static void storeSession(AuthenticationSession session, String pendingRequestID) throws MOADatabaseException, BuildException { - - try { - AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true); - - if (MiscUtil.isNotEmpty(pendingRequestID)) - dbsession.setPendingRequestID(pendingRequestID); - - encryptSession(session, dbsession); - - //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 - dbsession.setAuthenticated(session.isAuthenticated()); - dbsession.setUpdated(new Date()); - - MOASessionDBUtils.saveOrUpdate(dbsession); - Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database"); - - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be stored."); - throw new MOADatabaseException(e); - } - } - - public static void destroySession(String moaSessionID) throws MOADatabaseException { - - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); - result = query.list(); - - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No session found with this sessionID"); - } - - AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0); - tx.commit(); - cleanDelete(dbsession); - } - - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - - } - - } - - public static String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, AuthenticationException { - try { - AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true); - - - - Logger.debug("Change SessionID from " + session.getSessionID() - + "to " + newSessionID); - - session.setSessionID(newSessionID); - encryptSession(session, dbsession); - - dbsession.setSessionid(newSessionID); - dbsession.setAuthenticated(session.isAuthenticated()); - - //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 - dbsession.setUpdated(new Date()); - - MOASessionDBUtils.saveOrUpdate(dbsession); - - Logger.trace("Change SessionID complete."); - - return newSessionID; - - } catch (MOADatabaseException e) { - throw new AuthenticationException("TODO!", null); - } - - - - } - - public static String changeSessionID(AuthenticationSession session) - throws AuthenticationException, BuildException { - String id = Random.nextRandom(); - return changeSessionID(session, id); - - } - - public static void setAuthenticated(String moaSessionID, boolean value) { - - AuthenticatedSessionStore session; - - try { - session = searchInDatabase(moaSessionID, true); - session.setAuthenticated(value); - MOASessionDBUtils.saveOrUpdate(session); - - - } catch (MOADatabaseException e) { - Logger.warn("isAuthenticated can not be stored in MOASession " + moaSessionID, e); - } - } - - public static String getMOASessionSSOID(String SSOSessionID) { - MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID"); - Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOSessionID); - result = query.list(); - - //send transaction - tx.commit(); - - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; - - } else { - return result.get(0).getSessionid(); - - } - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - } - - public static boolean isSSOSession(String sessionID) throws MOADatabaseException { - try { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); - return dbsession.isSSOSession(); - - } catch (MOADatabaseException e) { - Logger.info("No MOA Session with id: " + sessionID); - throw new MOADatabaseException("No MOA Session with id: " + sessionID); - } - } - - public static AuthenticatedSessionStore isValidSessionWithSSOID(String SSOId, String moaSessionId) { - MiscUtil.assertNotNull(SSOId, "SSOSessionID"); - Logger.trace("Get authenticated session with SSOID " + SSOId + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOId); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; - - } else { - return result.get(0); - } - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - } - - public static void addSSOInformation(String moaSessionID, String SSOSessionID, - SLOInformationInterface SLOInfo, IRequest protocolRequest) throws AuthenticationException { - - AuthenticatedSessionStore dbsession; - Transaction tx = null; - - try { - - Session session = MOASessionDBUtils.getCurrentSession(); - List<AuthenticatedSessionStore> result; - - Logger.trace("Add SSO information to session " + moaSessionID); - - synchronized (session) { - - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); - result = query.list(); - - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - tx.rollback(); - throw new MOADatabaseException("No session found with this sessionID"); - } - - dbsession = (AuthenticatedSessionStore) result.get(0); - - OASessionStore activeOA = null; - //check if OA already has an active OA session - if (dbsession.getActiveOAsessions() != null) { - for (OASessionStore el : dbsession.getActiveOAsessions()) { - if (el.getOaurlprefix().equals(protocolRequest.getOAURL())) - activeOA = el; - } - } - - if (activeOA == null) - activeOA = new OASessionStore(); - - //set active OA applications - activeOA.setOaurlprefix(protocolRequest.getOAURL()); - activeOA.setMoasession(dbsession); - activeOA.setCreated(new Date()); - - //set additional information for SLO - if (SLOInfo != null) { - activeOA.setAssertionSessionID(SLOInfo.getSessionIndex()); - activeOA.setUserNameID(SLOInfo.getUserNameIdentifier()); - activeOA.setUserNameIDFormat(SLOInfo.getUserNameIDFormat()); - activeOA.setProtocolType(SLOInfo.getProtocolType()); - activeOA.setAttributeQueryUsed(false); - activeOA.setAuthURL(protocolRequest.getAuthURL()); - - - } - - List<OASessionStore> activeOAs = dbsession.getActiveOAsessions(); - activeOAs.add(activeOA); - dbsession.setActiveOAsessions(activeOAs); - - - //Store used SSOId - if (dbsession.getSSOsessionid() != null) { - OldSSOSessionIDStore oldSSOId = new OldSSOSessionIDStore(); - oldSSOId.setOldsessionid(dbsession.getSSOsessionid()); - oldSSOId.setMoasession(dbsession); - - List<OldSSOSessionIDStore> oldSSOIds = dbsession.getOldssosessionids(); - oldSSOIds.add(oldSSOId); - } - - dbsession.setSSOSession(true); - dbsession.setSSOsessionid(SSOSessionID); - dbsession.setAuthenticated(false); - dbsession.setPendingRequestID("empty"); - - //Store MOASession - session.saveOrUpdate(dbsession); - - //send transaction - tx.commit(); - - if (SLOInfo != null) - Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL() - + " and AssertionID: " + SLOInfo.getSessionIndex()); - else - Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL()); - - } - - } catch (MOADatabaseException e) { - throw new AuthenticationException("No MOASession found with Id="+moaSessionID, null); - - } catch(HibernateException e) { - Logger.warn("Error during database saveOrUpdate. Rollback.", e); - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw new AuthenticationException("SSO Session information can not be stored! --> SSO is deactivated", null); - } - } - - public static List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession) { - MiscUtil.assertNotNull(moaSession, "MOASession"); - Session session = null; - - try { - List<OASessionStore> oas = new ArrayList<OASessionStore>(); - - AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false); - oas.addAll(dbsession.getActiveOAsessions()); - - session = MOASessionDBUtils.getCurrentSession(); - session.getTransaction().commit(); - - return oas; - - } catch (MOADatabaseException e) { - Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e); - - } catch (Exception e) { - if (session != null && session.getTransaction() != null - && !session.getTransaction().wasCommitted()) { - session.getTransaction().rollback(); - throw e; - - } - - } - - return null; - } - - public static List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession) { - MiscUtil.assertNotNull(moaSession, "MOASession"); - Session session = null; - try { - List<InterfederationSessionStore> idps = new ArrayList<InterfederationSessionStore>(); - AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false); - idps.addAll(dbsession.getInderfederation()); - - session = MOASessionDBUtils.getCurrentSession(); - session.getTransaction().commit(); - - return idps; - - } catch (MOADatabaseException e) { - Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e); - - } catch (Exception e) { - if (session != null && session.getTransaction() != null - && !session.getTransaction().wasCommitted()) { - session.getTransaction().rollback(); - throw e; - - } - - } - - return null; - } - - public static AuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID) { - MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); - MiscUtil.assertNotNull(userNameID, "userNameID"); - Logger.trace("Get moaSession for userNameID " + userNameID + " and OA " - + oaID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - Transaction tx = null; - - List<AuthenticatedSessionStore> result = null;; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOASessionWithNameIDandOAID"); - query.setParameter("oaID", oaID); - query.setParameter("nameID", userNameID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No unique entry found."); - return null; - - } - - return decryptSession(result.get(0)); - - } catch (BuildException e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + result.get(0).getSessionid(), e); - return null; - - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - - } - - public static OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType) { - MiscUtil.assertNotNull(moaSession, "MOASession"); - MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); - MiscUtil.assertNotNull(protocolType, "usedProtocol"); - Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSessionID() + " with OAID " - + oaID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); - query.setParameter("sessionID", moaSession.getSessionID()); - query.setParameter("oaID", oaID); - query.setParameter("protocol", protocolType); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } - - return result.get(0).getActiveOAsessions().get(0); - - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - } - - public static String getPendingRequestID(String sessionID) { - try { - AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); - return dbsession.getPendingRequestID(); - - } catch (MOADatabaseException e) { - Logger.warn("MOASession with ID " + sessionID + " not found"); - return ""; - } - } - - public static AuthenticationSession getSessionWithPendingRequestID(String pedingRequestID) { - Transaction tx = null; - try { - MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID"); - Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithPendingRequestID"); - query.setParameter("sessionid", pedingRequestID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return null; - } - - return decryptSession(result.get(0)); - - } catch (Throwable e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + pedingRequestID); - - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - - return null; - - } - } - - public static boolean deleteSessionWithPendingRequestID(String id) { - MiscUtil.assertNotNull(id, "PendingRequestID"); - Logger.trace("Delete MOAsession with PendingRequestID " + id + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithPendingRequestID"); - query.setParameter("sessionid", id); - result = query.list(); - - //send transaction - tx.commit(); - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return false; - - } else { - cleanDelete(result.get(0)); - return true; - } - } - - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - } - - public static AuthenticationSession getSessionWithUserNameID(String nameID) { - - Transaction tx = null; - try { - MiscUtil.assertNotNull(nameID, "nameID"); - Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOAISessionWithUserNameID"); - query.setParameter("usernameid", StringEscapeUtils.escapeHtml(nameID)); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - - return decryptSession(result.get(0)); - - } catch (Throwable e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + nameID); - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - return null; - } - - } - - public static InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID) { - MiscUtil.assertNotNull(sessionID, "MOASession"); - Logger.trace("Get interfederated IDP for SSO with sessionID " + sessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionID"); - query.setParameter("sessionID", sessionID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } - - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - } - - public static InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASessionIDPID(String sessionID, String idpID) { - MiscUtil.assertNotNull(sessionID, "MOASession"); - MiscUtil.assertNotNull(idpID, "Interfederated IDP ID"); - Logger.trace("Get interfederated IDP "+ idpID + " for SSO with sessionID " + sessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID"); - query.setParameter("sessionID", sessionID); - query.setParameter("idpID", idpID); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } - - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - } - - public static String createInterfederatedSession(IRequest req, boolean isAuthenticated, String ssoID) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException { - AuthenticatedSessionStore dbsession = null; - - //search for active SSO session - if (MiscUtil.isNotEmpty(ssoID)) { - String moaSession = getMOASessionSSOID(ssoID); - if (MiscUtil.isNotEmpty(moaSession)) { - try { - dbsession = searchInDatabase(moaSession, true); - - }catch (MOADatabaseException e) { - - } - } - } - - String id = null; - Date now = new Date(); - //create new MOASession if any exists - AuthenticationSession session = null; - if (dbsession == null) { - id = Random.nextRandom(); - dbsession = new AuthenticatedSessionStore(); - dbsession.setSessionid(id); - dbsession.setCreated(now); - dbsession.setPendingRequestID(req.getRequestID()); - session = new AuthenticationSession(id, now); - - } else { - id = dbsession.getSessionid(); - session = decryptSession(dbsession); - - } - - dbsession.setInterfederatedSSOSession(true); - dbsession.setAuthenticated(isAuthenticated); - dbsession.setUpdated(now); - session.setAuthenticated(true); - session.setAuthenticatedUsed(false); - encryptSession(session, dbsession); - - //add interfederation information - List<InterfederationSessionStore> idpList = dbsession.getInderfederation(); - InterfederationSessionStore idp = null; - if (idpList == null) { - idpList = new ArrayList<InterfederationSessionStore>(); - dbsession.setInderfederation(idpList); - - } else { - for (InterfederationSessionStore el : idpList) { - //resue old entry if interfederation IDP is reused for authentication - if (el.getIdpurlprefix().equals(req.getInterfederationResponse().getEntityID())) - idp = el; - - } - } - - //create new interfederation IDP entry - if (idp == null) { - idp = new InterfederationSessionStore(); - idp.setCreated(now); - idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID()); - idp.setAuthURL(req.getAuthURL()); - - try { - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance(). - getOnlineApplicationParameter(idp.getIdpurlprefix()); - idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed()); - - } catch (ConfigurationException e) { - Logger.warn("MOASession could not be created."); - throw new MOADatabaseException(e); - - } - idp.setMoasession(dbsession); - idpList.add(idp); - - } - AssertionAttributeExtractor extract = new AssertionAttributeExtractor(req.getInterfederationResponse().getResponse()); - idp.setSessionIndex(extract.getSessionIndex()); - idp.setUserNameID(extract.getNameID()); - idp.setAttributesRequested(false); - idp.setQAALevel(extract.getQAALevel()); - - //store AssertionStore element to Database - try { - MOASessionDBUtils.saveOrUpdate(dbsession); - Logger.debug("MOASession with sessionID=" + id + " is stored in Database"); - - } catch (MOADatabaseException e) { - Logger.warn("MOASession could not be created."); - throw new MOADatabaseException(e); - } - - return id; - } - - public static InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(AuthenticationSession moaSession) { - MiscUtil.assertNotNull(moaSession, "MOASession"); - Logger.trace("Get interfederated IDP for AttributeQuery with sessionID " + moaSession.getSessionID() + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID"); - query.setParameter("sessionID", moaSession.getSessionID()); - result = query.list(); - - //send transaction - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - - } - - return result.get(0).getInderfederation().get(0); - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - } - - /** - * @param entityID - * @param requestID - */ - public static boolean removeInterfederetedSession(String entityID, - String pedingRequestID) { - - try { - Logger.debug("Remove interfederated IDP from local SSO session ..."); - - MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID"); - Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List<AuthenticatedSessionStore> result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithPendingRequestID"); - query.setParameter("sessionid", pedingRequestID); - result = query.list(); - - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - return false; - } - - AuthenticatedSessionStore authsession = result.get(0); - - List<InterfederationSessionStore> idpSessions = authsession.getInderfederation(); - if (idpSessions != null) { - for (InterfederationSessionStore idp : idpSessions) { - if (idp.getIdpurlprefix().equals(entityID)) - idpSessions.remove(idp); - - } - } - - MOASessionDBUtils.saveOrUpdate(authsession); - return true; - - } catch (Throwable e) { - Logger.warn("MOASession deserialization-exception by using MOASessionID=" + pedingRequestID); - return false; - } - } - - public static void clean(long now, long authDataTimeOutCreated, long authDataTimeOutUpdated) { - Date expioredatecreate = new Date(now - authDataTimeOutCreated); - Date expioredateupdate = new Date(now - authDataTimeOutUpdated); - - List<AuthenticatedSessionStore> results; - Session session = MOASessionDBUtils.getCurrentSession(); - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getMOAISessionsWithTimeOut"); - query.setTimestamp("timeoutcreate", expioredatecreate); - query.setTimestamp("timeoutupdate", expioredateupdate); - results = query.list(); - tx.commit(); - - if (results.size() != 0) { - for(AuthenticatedSessionStore result : results) { - try { - cleanDelete(result); - Logger.info("Authenticated session with sessionID=" + result.getSessionid() - + " after session timeout."); - - } catch (HibernateException e){ - Logger.warn("Authenticated session with sessionID=" + result.getSessionid() - + " not removed after timeout! (Error during Database communication)", e); - } - } - } - } - - } catch (Exception e) { - if (tx != null && !tx.wasCommitted()) - tx.rollback(); - throw e; - } - } - - private static void encryptSession(AuthenticationSession session, AuthenticatedSessionStore dbsession) throws BuildException { - byte[] serialized = SerializationUtils.serialize(session); - - EncryptedData encdata = SessionEncrytionUtil.getInstance().encrypt(serialized); - dbsession.setSession(encdata.getEncData()); - dbsession.setIv(encdata.getIv()); - } - - private static AuthenticationSession decryptSession(AuthenticatedSessionStore dbsession) throws BuildException { - EncryptedData encdata = new EncryptedData(dbsession.getSession(), - dbsession.getIv()); - byte[] decrypted = SessionEncrytionUtil.getInstance().decrypt(encdata); - - return (AuthenticationSession) SerializationUtils.deserialize(decrypted); - - } - - private static void cleanDelete(AuthenticatedSessionStore result) { - - try { - AuthenticationSession session = getSession(result.getSessionid()); - if (session.getProcessInstanceId() != null) { - ProcessInstanceStoreDAOImpl.getInstance().remove(session.getProcessInstanceId()); - } - - } catch (MOADatabaseException e) { - Logger.warn("Removing process associated with moa session " + result.getSessionid() + " FAILED.", e); - } - - try { - result.setSession("blank".getBytes()); - MOASessionDBUtils.saveOrUpdate(result); - - } catch (MOADatabaseException e) { - Logger.warn("Blank authenticated session with sessionID=" + result.getSessionid() + " FAILED.", e); - - } finally { - if (!MOASessionDBUtils.delete(result)) - Logger.error("Authenticated session with sessionID=" + result.getSessionid() + " not removed! (Error during Database communication)"); - } - } - - @SuppressWarnings("rawtypes") - private static AuthenticatedSessionStore searchInDatabase(String sessionID, boolean commit) throws MOADatabaseException { - MiscUtil.assertNotNull(sessionID, "moasessionID"); - Logger.trace("Get authenticated session with sessionID " + sessionID + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - - List result; - Transaction tx = null; - try { - synchronized (session) { - tx = session.beginTransaction(); - Query query = session.getNamedQuery("getSessionWithID"); - query.setParameter("sessionid", sessionID); - result = query.list(); - - //send transaction - if (commit) - tx.commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No session found with this sessionID"); - } - - return (AuthenticatedSessionStore) result.get(0); - } catch (Exception e) { - if (tx != null && !tx.wasCommitted() && commit) - tx.rollback(); - throw e; - } - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java new file mode 100644 index 000000000..094e25040 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java @@ -0,0 +1,1028 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.storage; + +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import org.apache.commons.lang.SerializationUtils; +import org.apache.commons.lang.StringEscapeUtils; +import org.hibernate.HibernateException; +import org.hibernate.Query; +import org.hibernate.Session; +import org.hibernate.Transaction; +import org.hibernate.resource.transaction.spi.TransactionStatus; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import com.fasterxml.jackson.core.JsonProcessingException; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.utils.JsonMapper; +import at.gv.egovernment.moa.id.data.EncryptedData; +import at.gv.egovernment.moa.id.data.SLOInformationInterface; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.id.util.SessionEncrytionUtil; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +@Service("AuthenticationSessionStoreage") +public class DBAuthenticationSessionStoreage implements IAuthenticationSessionStoreage{ + + @Autowired AuthConfiguration authConfig; + + private static JsonMapper mapper = new JsonMapper(); + + @Override + public boolean isAuthenticated(String moaSessionID) { + + AuthenticatedSessionStore session; + + try { + session = searchInDatabase(moaSessionID, true); + return session.isAuthenticated(); + + } catch (MOADatabaseException e) { + return false; + } + } + + @Override + public AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException { + String id = Random.nextRandom(); + try { + AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore(); + dbsession.setSessionid(id); + dbsession.setAuthenticated(false); + + //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 + Date now = new Date(); + dbsession.setCreated(now); + dbsession.setUpdated(now); + + //set additional session informations + AuthenticationSessionExtensions sessionExt = new AuthenticationSessionExtensions(); + sessionExt.setUniqueSessionId(target.getUniqueSessionIdentifier()); + dbsession.setAdditionalInformation(mapper.serialize(sessionExt)); + + AuthenticationSession session = new AuthenticationSession(id, now); + encryptSession(session, dbsession); + + //store AssertionStore element to Database + MOASessionDBUtils.saveOrUpdate(dbsession); + Logger.info("Create MOASession with sessionID: " + id); + + return session; + + } catch (MOADatabaseException e) { + Logger.warn("MOASession could not be created."); + throw new MOADatabaseException(e); + + } catch (JsonProcessingException e) { + Logger.warn("Extended session information can not be stored.", e); + throw new MOADatabaseException(e); + + } + + } + + @Override + public AuthenticationSession getSession(String sessionID) throws MOADatabaseException { + + if (MiscUtil.isEmpty(sessionID)) + return null; + + try { + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + return decryptSession(dbsession); + + } catch (MOADatabaseException e) { + Logger.info("No MOA Session with id: " + sessionID); + return null; + + } catch (Throwable e) { + Logger.warn("MOASession deserialization-exception by using MOASessionID=" + sessionID, e); + throw new MOADatabaseException("MOASession deserialization-exception"); + } + } + + @Override + public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException { + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + + if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) { + try { + return (AuthenticationSessionExtensions)mapper.deserialize(dbsession.getAdditionalInformation(), + AuthenticationSessionExtensions.class); + + } catch (Exception e) { + Logger.warn("Extended session information extraction FAILED!", e); + } + } + return null; + + } + + @Override + public void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException { + try { + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + + dbsession.setAdditionalInformation( + mapper.serialize(sessionExtensions)); + + MOASessionDBUtils.saveOrUpdate(dbsession); + Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database"); + + + } catch (MOADatabaseException e) { + Logger.warn("MOASession could not be stored."); + throw new MOADatabaseException(e); + + } catch (JsonProcessingException e) { + Logger.warn("Extended session information can not be stored.", e); + throw new MOADatabaseException("Extended session information can not be stored.", e); + + } + + } + + @Override + public void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException { + try { + AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true); + + encryptSession(session, dbsession); + + //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 + dbsession.setAuthenticated(session.isAuthenticated()); + dbsession.setUpdated(new Date()); + + MOASessionDBUtils.saveOrUpdate(dbsession); + Logger.debug("MOASession with sessionID=" + session.getSessionID() + " is stored in Database"); + + } catch (MOADatabaseException e) { + Logger.warn("MOASession could not be stored."); + throw new MOADatabaseException(e); + } + } + + @Override + public void destroySession(String moaSessionID) throws MOADatabaseException { + + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + Transaction tx = null; + try { + synchronized (session) { + + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithID"); + query.setParameter("sessionid", moaSessionID); + result = query.list(); + + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + throw new MOADatabaseException("No session found with this sessionID"); + } + + AuthenticatedSessionStore dbsession = (AuthenticatedSessionStore) result.get(0); + tx.commit(); + cleanDelete(dbsession); + } + + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + + } + + } + + @Override + public String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, MOADatabaseException { + + AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID(), true); + + Logger.debug("Change SessionID from " + session.getSessionID() + + "to " + newSessionID); + + session.setSessionID(newSessionID); + encryptSession(session, dbsession); + + dbsession.setSessionid(newSessionID); + dbsession.setAuthenticated(session.isAuthenticated()); + + //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 + dbsession.setUpdated(new Date()); + + MOASessionDBUtils.saveOrUpdate(dbsession); + + Logger.trace("Change SessionID complete."); + + return newSessionID; + + } + + @Override + public String changeSessionID(AuthenticationSession session) + throws BuildException, MOADatabaseException { + String id = Random.nextRandom(); + return changeSessionID(session, id); + + } + + @Override + public void setAuthenticated(String moaSessionID, boolean isAuthenticated) { + + AuthenticatedSessionStore session; + + try { + session = searchInDatabase(moaSessionID, true); + session.setAuthenticated(isAuthenticated); + MOASessionDBUtils.saveOrUpdate(session); + + + } catch (MOADatabaseException e) { + Logger.warn("isAuthenticated can not be stored in MOASession " + moaSessionID, e); + } + } + + @Override + public String getMOASessionSSOID(String SSOSessionID) { + MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID"); + Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + Transaction tx = null; + try { + synchronized (session) { + + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithSSOID"); + query.setParameter("sessionid", SSOSessionID); + result = query.list(); + + //send transaction + tx.commit(); + + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + return null; + + } else { + return result.get(0).getSessionid(); + + } + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + } + } + + @Override + public boolean isSSOSession(String sessionID) throws MOADatabaseException { + try { + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + return dbsession.isSSOSession(); + + } catch (MOADatabaseException e) { + Logger.info("No MOA Session with id: " + sessionID); + throw new MOADatabaseException("No MOA Session with id: " + sessionID); + } + } + + @Override + public AuthenticatedSessionStore isValidSessionWithSSOID(String SSOId) { + + //TODO: is this method really needed?? + MiscUtil.assertNotNull(SSOId, "SSOSessionID"); + Logger.trace("Get authenticated session with SSOID " + SSOId + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithSSOID"); + query.setParameter("sessionid", SSOId); + result = query.list(); + + //send transaction + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + return null; + + } else { + return result.get(0); + } + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + } + } + + @Override + public void addSSOInformation(String moaSessionID, String SSOSessionID, + SLOInformationInterface SLOInfo, IRequest protocolRequest) throws AuthenticationException { + + AuthenticatedSessionStore dbsession; + Transaction tx = null; + + try { + + Session session = MOASessionDBUtils.getCurrentSession(); + List<AuthenticatedSessionStore> result; + + Logger.trace("Add SSO information to session " + moaSessionID); + + synchronized (session) { + + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithID"); + query.setParameter("sessionid", moaSessionID); + result = query.list(); + + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + tx.rollback(); + throw new MOADatabaseException("No session found with this sessionID"); + } + + dbsession = (AuthenticatedSessionStore) result.get(0); + + OASessionStore activeOA = null; + //check if OA already has an active OA session + if (dbsession.getActiveOAsessions() != null) { + for (OASessionStore el : dbsession.getActiveOAsessions()) { + if (el.getOaurlprefix().equals(protocolRequest.getOAURL())) + activeOA = el; + } + } + + if (activeOA == null) + activeOA = new OASessionStore(); + + //set active OA applications + activeOA.setOaurlprefix(protocolRequest.getOAURL()); + activeOA.setMoasession(dbsession); + activeOA.setCreated(new Date()); + + //set additional information for SLO + if (SLOInfo != null) { + activeOA.setAssertionSessionID(SLOInfo.getSessionIndex()); + activeOA.setUserNameID(SLOInfo.getUserNameIdentifier()); + activeOA.setUserNameIDFormat(SLOInfo.getUserNameIDFormat()); + activeOA.setProtocolType(SLOInfo.getProtocolType()); + activeOA.setAttributeQueryUsed(false); + activeOA.setAuthURL(protocolRequest.getAuthURL()); + + + } + + List<OASessionStore> activeOAs = dbsession.getActiveOAsessions(); + activeOAs.add(activeOA); + dbsession.setActiveOAsessions(activeOAs); + + + //Store used SSOId + if (dbsession.getSSOsessionid() != null) { + OldSSOSessionIDStore oldSSOId = new OldSSOSessionIDStore(); + oldSSOId.setOldsessionid(dbsession.getSSOsessionid()); + oldSSOId.setMoasession(dbsession); + + List<OldSSOSessionIDStore> oldSSOIds = dbsession.getOldssosessionids(); + oldSSOIds.add(oldSSOId); + } + + dbsession.setSSOSession(true); + dbsession.setSSOsessionid(SSOSessionID); + dbsession.setAuthenticated(false); + + //Store MOASession + session.saveOrUpdate(dbsession); + + //send transaction + tx.commit(); + + if (SLOInfo != null) + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL() + + " and AssertionID: " + SLOInfo.getSessionIndex()); + else + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL()); + + } + + } catch (MOADatabaseException e) { + throw new AuthenticationException("No MOASession found with Id="+moaSessionID, null); + + } catch(HibernateException e) { + Logger.warn("Error during database saveOrUpdate. Rollback.", e); + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw new AuthenticationException("SSO Session information can not be stored! --> SSO is deactivated", null); + } + } + + @Override + public List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession) { + MiscUtil.assertNotNull(moaSession, "MOASession"); + Session session = null; + + try { + List<OASessionStore> oas = new ArrayList<OASessionStore>(); + + AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false); + oas.addAll(dbsession.getActiveOAsessions()); + + session = MOASessionDBUtils.getCurrentSession(); + session.getTransaction().commit(); + + return oas; + + } catch (MOADatabaseException e) { + Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e); + + } catch (Exception e) { + if (session != null && session.getTransaction() != null + && !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) { + session.getTransaction().rollback(); + throw e; + + } + + } + + return null; + } + + @Override + public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession) { + MiscUtil.assertNotNull(moaSession, "MOASession"); + Session session = null; + try { + List<InterfederationSessionStore> idps = new ArrayList<InterfederationSessionStore>(); + AuthenticatedSessionStore dbsession = searchInDatabase(moaSession.getSessionID(), false); + idps.addAll(dbsession.getInderfederation()); + + session = MOASessionDBUtils.getCurrentSession(); + session.getTransaction().commit(); + + return idps; + + } catch (MOADatabaseException e) { + Logger.warn("NO session information found for sessionID " + moaSession.getSessionID(), e); + + } catch (Exception e) { + if (session != null && session.getTransaction() != null + && !session.getTransaction().getStatus().equals(TransactionStatus.COMMITTED)) { + session.getTransaction().rollback(); + throw e; + + } + + } + + return null; + } + + @Override + public AuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID) { + MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); + MiscUtil.assertNotNull(userNameID, "userNameID"); + Logger.trace("Get moaSession for userNameID " + userNameID + " and OA " + + oaID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + Transaction tx = null; + + List<AuthenticatedSessionStore> result = null;; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getMOASessionWithNameIDandOAID"); + query.setParameter("oaID", oaID); + query.setParameter("nameID", userNameID); + result = query.list(); + + //send transaction + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No unique entry found."); + return null; + + } + + return decryptSession(result.get(0)); + + } catch (BuildException e) { + Logger.warn("MOASession deserialization-exception by using MOASessionID=" + result.get(0).getSessionid(), e); + return null; + + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + } + + } + + @Override + public OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType) { + MiscUtil.assertNotNull(moaSession, "MOASession"); + MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); + MiscUtil.assertNotNull(protocolType, "usedProtocol"); + Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSessionID() + " with OAID " + + oaID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); + query.setParameter("sessionID", moaSession.getSessionID()); + query.setParameter("oaID", oaID); + query.setParameter("protocol", protocolType); + result = query.list(); + + //send transaction + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + + } + + return result.get(0).getActiveOAsessions().get(0); + + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + } + } + + @Override + public AuthenticationSession getSessionWithUserNameID(String nameID) { + + Transaction tx = null; + try { + MiscUtil.assertNotNull(nameID, "nameID"); + Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getMOAISessionWithUserNameID"); + query.setParameter("usernameid", StringEscapeUtils.escapeHtml(nameID)); + result = query.list(); + + //send transaction + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + } + + return decryptSession(result.get(0)); + + } catch (Throwable e) { + Logger.warn("MOASession deserialization-exception by using MOASessionID=" + nameID); + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + return null; + } + + } + + @Override + public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID) { + MiscUtil.assertNotNull(sessionID, "MOASession"); + Logger.trace("Get interfederated IDP for SSO with sessionID " + sessionID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionID"); + query.setParameter("sessionID", sessionID); + result = query.list(); + + //send transaction + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + + } + + return result.get(0).getInderfederation().get(0); + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + } + } + + @Override + public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASessionIDPID(String sessionID, String idpID) { + MiscUtil.assertNotNull(sessionID, "MOASession"); + MiscUtil.assertNotNull(idpID, "Interfederated IDP ID"); + Logger.trace("Get interfederated IDP "+ idpID + " for SSO with sessionID " + sessionID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID"); + query.setParameter("sessionID", sessionID); + query.setParameter("idpID", idpID); + result = query.list(); + + //send transaction + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + + } + + return result.get(0).getInderfederation().get(0); + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + } + } + + @Override + public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException { + AuthenticatedSessionStore dbsession = null; + Date now = new Date(); + + //search for active session + String moaSession = getMOASessionSSOID(req.getMOASessionIdentifier()); + if (MiscUtil.isNotEmpty(moaSession)) { + try { + dbsession = searchInDatabase(moaSession, true); + + }catch (MOADatabaseException e) { + Logger.error("NO MOASession found but MOASession MUST already exist!"); + throw e; + } + } + + dbsession.setUpdated(now); + + //decrypt MOASession + AuthenticationSession session = decryptSession(dbsession); + + //federated Session are never authenticated locally, + // because they get always authentication information from federated IDP + session.setAuthenticated(false); + dbsession.setAuthenticated(false); + + //encrypt MOASession + encryptSession(session, dbsession); + + //mark as federated SSO session + dbsession.setInterfederatedSSOSession(true); + + //add interfederation information + List<InterfederationSessionStore> idpList = dbsession.getInderfederation(); + + //check if federated IDP is already stored + InterfederationSessionStore idp = null; + if (idpList == null) { + idpList = new ArrayList<InterfederationSessionStore>(); + dbsession.setInderfederation(idpList); + + } else { + for (InterfederationSessionStore el : idpList) { + //resue old entry if interfederation IDP is reused for authentication + if (el.getIdpurlprefix().equals(idpEntityID)) + idp = el; + + } + } + + //create new interfederation IDP entry + if (idp == null) { + idp = new InterfederationSessionStore(); + idp.setCreated(now); + idp.setIdpurlprefix(idpEntityID); + idp.setAuthURL(req.getAuthURL()); + + IOAAuthParameters oa = authConfig.getOnlineApplicationParameter(idp.getIdpurlprefix()); + idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed()); + idp.setMoasession(dbsession); + idpList.add(idp); + + } + idp.setSessionIndex(extractor.getSessionIndex()); + idp.setUserNameID(extractor.getNameID()); + idp.setAttributesRequested(false); + idp.setQAALevel(extractor.getQAALevel()); + + //store AssertionStore element to Database + try { + MOASessionDBUtils.saveOrUpdate(dbsession); + + } catch (MOADatabaseException e) { + Logger.warn("MOASession could not be created."); + throw new MOADatabaseException(e); + } + + } + + @Override + public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String moaSessionID) { + MiscUtil.assertNotNull(moaSessionID, "MOASessionID"); + Logger.trace("Get interfederated IDP for AttributeQuery with sessionID " + moaSessionID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID"); + query.setParameter("sessionID", moaSessionID); + result = query.list(); + + //send transaction + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + + } + + return result.get(0).getInderfederation().get(0); + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + } + } + + @Override + public boolean removeInterfederetedSession(String entityID, + String pedingRequestID) { + + try { + Logger.debug("Remove interfederated IDP from local SSO session ..."); + + MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID"); + Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List<AuthenticatedSessionStore> result; + + //TODO: !!!!!!!!!!! PendingRequestID does not work + + synchronized (session) { + session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithPendingRequestID"); + query.setParameter("sessionid", pedingRequestID); + result = query.list(); + + //send transaction + session.getTransaction().commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + return false; + } + + AuthenticatedSessionStore authsession = result.get(0); + + List<InterfederationSessionStore> idpSessions = authsession.getInderfederation(); + if (idpSessions != null) { + for (InterfederationSessionStore idp : idpSessions) { + if (idp.getIdpurlprefix().equals(entityID)) + idpSessions.remove(idp); + + } + } + + MOASessionDBUtils.saveOrUpdate(authsession); + return true; + + } catch (Throwable e) { + Logger.warn("MOASession deserialization-exception by using MOASessionID=" + pedingRequestID); + return false; + } + } + + @Override + public void clean(Date now, long authDataTimeOutCreated, long authDataTimeOutUpdated) { + Date expioredatecreate = new Date(now.getTime() - authDataTimeOutCreated); + Date expioredateupdate = new Date(now.getTime() - authDataTimeOutUpdated); + + List<AuthenticatedSessionStore> results; + Session session = MOASessionDBUtils.getCurrentSession(); + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getMOAISessionsWithTimeOut"); + query.setTimestamp("timeoutcreate", expioredatecreate); + query.setTimestamp("timeoutupdate", expioredateupdate); + results = query.list(); + tx.commit(); + + if (results.size() != 0) { + for(AuthenticatedSessionStore result : results) { + try { + cleanDelete(result); + Logger.info("Authenticated session with sessionID=" + result.getSessionid() + + " after session timeout."); + + } catch (HibernateException e){ + Logger.warn("Authenticated session with sessionID=" + result.getSessionid() + + " not removed after timeout! (Error during Database communication)", e); + } + } + } + } + + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) + tx.rollback(); + throw e; + } + } + + private static void encryptSession(AuthenticationSession session, AuthenticatedSessionStore dbsession) throws BuildException { + byte[] serialized = SerializationUtils.serialize(session); + + EncryptedData encdata = SessionEncrytionUtil.getInstance().encrypt(serialized); + dbsession.setSession(encdata.getEncData()); + dbsession.setIv(encdata.getIv()); + } + + private static AuthenticationSession decryptSession(AuthenticatedSessionStore dbsession) throws BuildException { + EncryptedData encdata = new EncryptedData(dbsession.getSession(), + dbsession.getIv()); + byte[] decrypted = SessionEncrytionUtil.getInstance().decrypt(encdata); + + return (AuthenticationSession) SerializationUtils.deserialize(decrypted); + + } + + private static void cleanDelete(AuthenticatedSessionStore result) { + + try { + result.setSession("blank".getBytes()); + MOASessionDBUtils.saveOrUpdate(result); + + } catch (MOADatabaseException e) { + Logger.warn("Blank authenticated session with sessionID=" + result.getSessionid() + " FAILED.", e); + + } finally { + if (!MOASessionDBUtils.delete(result)) + Logger.error("Authenticated session with sessionID=" + result.getSessionid() + " not removed! (Error during Database communication)"); + } + } + + @SuppressWarnings("rawtypes") + private static AuthenticatedSessionStore searchInDatabase(String sessionID, boolean commit) throws MOADatabaseException { + MiscUtil.assertNotNull(sessionID, "moasessionID"); + Logger.trace("Get authenticated session with sessionID " + sessionID + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + + List result; + Transaction tx = null; + try { + synchronized (session) { + tx = session.beginTransaction(); + Query query = session.getNamedQuery("getSessionWithID"); + query.setParameter("sessionid", sessionID); + result = query.list(); + + //send transaction + if (commit) + tx.commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.trace("No entries found."); + throw new MOADatabaseException("No session found with this sessionID"); + + } + + return (AuthenticatedSessionStore) result.get(0); + + } catch (Exception e) { + if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED) && commit) + tx.rollback(); + throw e; + } + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java deleted file mode 100644 index 4cddd141b..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java +++ /dev/null @@ -1,175 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.storage; - -import java.util.Date; -import java.util.List; - -import org.apache.commons.lang.SerializationUtils; -import org.hibernate.HibernateException; -import org.hibernate.Query; -import org.hibernate.Session; - -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -public class DBExceptionStoreImpl implements IExceptionStore { - - private static DBExceptionStoreImpl store; - - public static DBExceptionStoreImpl getStore() { - if(store == null) { - store = new DBExceptionStoreImpl(); - } - return store; - } - - public String storeException(Throwable e) { - String id = Random.nextRandom(); - - Logger.debug("Store Exception with ID " + id); - - ExceptionStore dbexception = new ExceptionStore(); - dbexception.setExid(id); - - byte[] data = SerializationUtils.serialize(e); - dbexception.setException(data); - - dbexception.setTimestamp(new Date()); - - try { - MOASessionDBUtils.saveOrUpdate(dbexception); - - } catch (MOADatabaseException e1) { - Logger.warn("Exception can not be stored in Database.", e); - return null; - } - - return id; - } - - public Throwable fetchException(String id) { - - try { - Logger.debug("Fetch Exception with ID " + id); - - ExceptionStore ex = searchInDatabase(id); - - Object data = SerializationUtils.deserialize(ex.getException()); - if (data instanceof Throwable) - return (Throwable) data; - - else { - Logger.warn("Exeption is not of classtype Throwable"); - return null; - } - - - } catch (MOADatabaseException e) { - Logger.info("No Exception found with ID=" + id); - return null; - - } catch (Exception e) { - Logger.warn("Exception can not deserialized from Database.",e); - return null; - } - - } - - public void removeException(String id) { - try { - ExceptionStore ex = searchInDatabase(id); - MOASessionDBUtils.delete(ex); - - Logger.debug("Delete Execption with ID " + id); - - } catch (MOADatabaseException e) { - Logger.info("No Exception found with ID=" + id); - } - - - } - - public void clean(long now, long exceptionTimeOut) { - Date expioredate = new Date(now - exceptionTimeOut); - - List<ExceptionStore> results; - Session session = MOASessionDBUtils.getCurrentSession(); - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getExceptionWithTimeOut"); - query.setTimestamp("timeout", expioredate); - results = query.list(); - session.getTransaction().commit(); - - if (results.size() != 0) { - for(ExceptionStore result : results) { - try { - MOASessionDBUtils.delete(result); - Logger.info("Remove Exception with ID=" + result.getExid() - + " after timeout."); - - } catch (HibernateException e){ - Logger.warn("Exception with ID=" + result.getExid() - + " not removed after timeout! (Error during Database communication)", e); - } - - } - } - } - } - - @SuppressWarnings("rawtypes") - private ExceptionStore searchInDatabase(String id) throws MOADatabaseException { - MiscUtil.assertNotNull(id, "exceptionID"); - Logger.trace("Getting Exception with ID " + id + " from database."); - Session session = MOASessionDBUtils.getCurrentSession(); - List result; - - synchronized (session) { - session.beginTransaction(); - Query query = session.getNamedQuery("getExceptionWithID"); - query.setParameter("id", id); - result = query.list(); - - //send transaction - session.getTransaction().commit(); - } - - Logger.trace("Found entries: " + result.size()); - - //Assertion requires an unique artifact - if (result.size() != 1) { - Logger.trace("No entries found."); - throw new MOADatabaseException("No Exception found with ID " + id); - } - - return (ExceptionStore) result.get(0); - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java new file mode 100644 index 000000000..c2b3b0fc5 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBTransactionStorage.java @@ -0,0 +1,268 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.storage; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import org.apache.commons.lang.SerializationUtils; +import org.hibernate.HibernateException; +import org.hibernate.Query; +import org.hibernate.Session; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +@Service("TransactionStorage") +public class DBTransactionStorage implements ITransactionStorage { + + public boolean containsKey(String key) { + try { + searchInDatabase(key); + return true; + + } catch (MOADatabaseException e) { + return false; + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.storage.ITransactionStorage#changeKey(java.lang.String, java.lang.String, java.lang.Object) + */ + @Override + public void changeKey(String oldKey, String newKey, Object value) throws MOADatabaseException { + //search if key already exists + AssertionStore element = searchInDatabase(oldKey); + if (element == null) { + Logger.info("No transaction-data with oldKey:" + oldKey + + " found. Process gets stopped."); + throw new MOADatabaseException("No transaction-data with oldKey:" + oldKey + + " found. Process gets stopped."); + + } + + put(element, newKey, value); + + } + + public void put(String key, Object value) throws MOADatabaseException { + //search if key already exists + AssertionStore element = searchInDatabase(key); + + //create a new entry if key does not exists already + if (element == null) { + element = new AssertionStore(); + + } + + put(element, key, value); + } + + public <T> T get(String key, + final Class<T> clazz) throws MOADatabaseException { + + try { + return get(key, clazz, -1); + + } catch (AuthenticationException e) { + //this execption only occurs if an additional timeOut is used + Logger.error("This exeption should not occur!!!!", e); + return null; + + } + } + + public Object get(String key) throws MOADatabaseException { + AssertionStore element = searchInDatabase(key); + + if (element == null) + return null; + + return SerializationUtils.deserialize(element.getAssertion()); + + + } + + public <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws MOADatabaseException, AuthenticationException { + + AssertionStore element = searchInDatabase(key); + + if (element == null) + return null; + + if (dataTimeOut > -1) { + //check timeout + long now = new Date().getTime(); + + if (now - element.getDatatime().getTime() > dataTimeOut) { + Logger.info("Transaction-Data with key: " + key + " is out of time."); + throw new AuthenticationException("1207", new Object[] { key }); + + } + } + + + //Deserialize Assertion + Object data = SerializationUtils.deserialize(element.getAssertion()); + + //check if assertion has the correct class type + try { + @SuppressWarnings("unchecked") + T test = (T) Class.forName(element.getType()).cast(data); + return test; + + } catch (Exception e) { + Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + key); + throw new MOADatabaseException("Sessioninformation Cast-Exception"); + + } + } + + public List<String> clean(Date now, long dataTimeOut) { + Date expioredate = new Date(now.getTime() - dataTimeOut); + + List<AssertionStore> results; + List<String> returnValues = new ArrayList<String>();; + Session session = MOASessionDBUtils.getCurrentSession(); + + synchronized (session) { + session.beginTransaction(); + Query query = session.getNamedQuery("getAssertionWithTimeOut"); + query.setTimestamp("timeout", expioredate); + results = query.list(); + session.getTransaction().commit(); + } + + if (results != null) { + for (AssertionStore el : results) + returnValues.add(el.getArtifact()); + + } + return returnValues; + } + + public void remove(String key) { + + try { + AssertionStore element = searchInDatabase(key); + if (element == null) { + Logger.debug("Sessioninformation not removed! (Sessioninformation with ID=" + key + + "not found)"); + return; + } + + cleanDelete(element); + Logger.debug("Remove stored information with ID: " + key); + + + } catch (MOADatabaseException e) { + Logger.info("Sessioninformation not removed! (Message:"+ e.getMessage() + ")"); + + } catch (HibernateException e) { + Logger.warn("Sessioninformation not removed! (Error during Database communication)", e); + } + } + + private void cleanDelete(AssertionStore element) { + try { + element.setAssertion("blank".getBytes()); + MOASessionDBUtils.saveOrUpdate(element); + + } catch (MOADatabaseException e) { + Logger.warn("Blank shortTime session with artifact=" + element.getArtifact() + " FAILED.", e); + + } finally { + if (!MOASessionDBUtils.delete(element)) + Logger.error("ShortTime session with artifact=" + element.getArtifact() + + " not removed! (Error during Database communication)"); + + } + + } + + @SuppressWarnings("rawtypes") + private AssertionStore searchInDatabase(String artifact) throws MOADatabaseException { + MiscUtil.assertNotNull(artifact, "artifact"); + Logger.trace("Getting sessioninformation with ID " + artifact + " from database."); + Session session = MOASessionDBUtils.getCurrentSession(); + List result; + + synchronized (session) { + session.beginTransaction(); + Query query = session.getNamedQuery("getAssertionWithArtifact"); + query.setParameter("artifact", artifact); + result = query.list(); + + //send transaction + session.getTransaction().commit(); + } + + Logger.trace("Found entries: " + result.size()); + + //Assertion requires an unique artifact + if (result.size() != 1) { + Logger.debug("No transaction information with ID:" + artifact + " found."); + return null; + + } + + return (AssertionStore) result.get(0); + } + + private void put(AssertionStore element, String key, Object value) throws MOADatabaseException { + element.setArtifact(key); + element.setType(value.getClass().getName()); + element.setDatatime(new Date()); + + if (!Serializable.class.isInstance(value)) { + Logger.warn("Transaction-Storage can only store objects which implements the 'Seralizable' interface"); + throw new MOADatabaseException("Transaction-Storage can only store objects which implements the 'Seralizable' interface", null); + + } + + //serialize the Assertion for Database storage + byte[] data = SerializationUtils.serialize((Serializable) value); + element.setAssertion(data); + + //store AssertionStore element to Database + try { + MOASessionDBUtils.saveOrUpdate(element); + Logger.debug(value.getClass().getName() + " with ID: " + key + " is stored in Database"); + + } catch (MOADatabaseException e) { + Logger.warn("Sessioninformation could not be stored."); + throw new MOADatabaseException(e); + + } + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ExceptionStoreImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ExceptionStoreImpl.java deleted file mode 100644 index ce974c531..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ExceptionStoreImpl.java +++ /dev/null @@ -1,58 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.storage; - -import java.util.HashMap; -import java.util.Map; - -import at.gv.egovernment.moa.id.util.Random; - -public class ExceptionStoreImpl implements IExceptionStore { - - // Just a quick implementation - private static IExceptionStore store; - - public static IExceptionStore getStore() { - if(store == null) { - store = new ExceptionStoreImpl(); - } - return store; - } - - private Map<String, Throwable> exceptionStore = new HashMap<String, Throwable>(); - - public String storeException(Throwable e) { - String id = Random.nextRandom(); - exceptionStore.put(id, e); - return id; - } - - public Throwable fetchException(String id) { - return exceptionStore.get(id); - } - - public void removeException(String id) { - exceptionStore.remove(id); - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java new file mode 100644 index 000000000..b5d816eaf --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java @@ -0,0 +1,280 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.storage; + +import java.util.Date; +import java.util.List; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.data.SLOInformationInterface; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; + +/** + * @author tlenz + * + */ +public interface IAuthenticationSessionStoreage { + + /** + * Check if the stored MOASession is already authenticated + * + * @param moaSessionID MOASession identifier + * @return true if the MOASession is authenticated, otherwise false + */ + public boolean isAuthenticated(String moaSessionID); + + /** + * Create a new MOASession + * + * @param target Pending Request which is associated with this MOASession + * @return MOASession object + * @throws MOADatabaseException MOASession storage operation FAILED + * @throws BuildException MOASession encryption FAILED + */ + public AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException; + + /** + * Get a MOASession with sessionID + * + * @param sessionID SessionID which corresponds to a MOASession + * @return MOASession, or null if no session exists with this ID + * @throws MOADatabaseException MOASession load operation FAILED + */ + public AuthenticationSession getSession(String sessionID) throws MOADatabaseException; + + /** + * Get the session-data extension-object for a MOASession + * + * @param sessionID SessionID which corresponds to a MOASession + * @return AuthenticationSessionExtensions, or null if no session exists with this ID or extensionobject is null + * @throws MOADatabaseException MOASession load operation FAILED + */ + public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException; + + /** + * Store a session-data extension-object to MOASession + * + * @param sessionID SessionID which corresponds to a MOASession + * @param sessionExtensions AuthenticationSessionExtensions object + * @throws MOADatabaseException MOASession storage operation FAILED + */ + public void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException; + + + /** + * Store a MOASession + * + * @param session MOASession which should be stored + * @throws MOADatabaseException MOASession storage operation FAILED + * @throws BuildException MOASession encryption FAILED + */ + public void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException; + + /** + * Delete a MOASession + * + * @param moaSessionID SessionID which corresponds to a MOASession + * @throws MOADatabaseException MOASession delete operation FAILED + */ + public void destroySession(String moaSessionID) throws MOADatabaseException; + + + /** + * Change the sessionID of a MOASession + * + * @param session MOASession for which the sessionID should be changed + * @param newSessionID new MOASessionID which should be used + * @return new MOASessionID + * @throws MOADatabaseException MOASession storage operation FAILED + * @throws BuildException MOASession encryption/decryption FAILED + */ + public String changeSessionID(AuthenticationSession session, String newSessionID) throws BuildException, MOADatabaseException; + + /** + * Change the sessionID of a MOASession + * + * @param session MOASession for which the sessionID should be changed + * @return new MOASessionID + * @throws MOADatabaseException MOASession storage operation FAILED + * @throws BuildException MOASession encryption/decryption FAILED + */ + public String changeSessionID(AuthenticationSession session) throws BuildException, MOADatabaseException; + + /** + * Set the isAuthenticated flag to MOASession + * + * @param moaSessionID SessionID which corresponds to a MOASession + * @param isAuthenticated Is authenticated flag (true/false) + */ + public void setAuthenticated(String moaSessionID, boolean isAuthenticated); + + /** + * Find the MOASessionId of an active Single Sign-On session + * + * @param SSOSessionID Single Sign-On sessionID + * @return MOASessionID of the associated MOASession + */ + public String getMOASessionSSOID(String SSOSessionID); + + /** + * Check if a MOASession is an active Single Sign-On session + * + * @param sessionID SessionID which corresponds to a MOASession + * @return true, if the MOASession is a SSO session, otherwise false + * @throws MOADatabaseException MOASession load operation FAILED + */ + public boolean isSSOSession(String sessionID) throws MOADatabaseException; + + + /** + * @param SSOId + * @return + */ + public AuthenticatedSessionStore isValidSessionWithSSOID(String SSOId); + + /** + * Add Single Sign-On processing information to a MOASession. + * This processing information is required to execute a Single Log-Out process + * + * @param moaSessionID SessionID which corresponds to a MOASession + * @param SSOSessionID Single Sign-On sessionID + * @param SLOInfo Data object with Single LogOut information + * @param protocolRequest Protocol-request object of the authentication request + * @throws AuthenticationException Single Sign-On information store operation FAILED + */ + public void addSSOInformation(String moaSessionID, String SSOSessionID, + SLOInformationInterface SLOInfo, IRequest protocolRequest) throws AuthenticationException; + + + /** + * Get all Single Sign-On authenticated Service-Provider of a MOASession + * + * @param moaSession MOASession data object + * @return List of Service-Provider information + */ + public List<OASessionStore> getAllActiveOAFromMOASession(AuthenticationSession moaSession); + + + /** + * Get all active interfederation connections for a MOASession + * + * @param moaSession MOASession data object + * @return List of Interfederation-IDP information + */ + public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(AuthenticationSession moaSession); + + /** + * Search a MOASession by using already transfered authentication information + * + * @param oaID Service-Provider identifier, which has received the authentication information + * @param userNameID UserId (bPK), which was send to this Service-Provider + * @return MOASession, or null if no corresponding MOASession is found + */ + public AuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID); + + /** + * Search a active Single Sign-On session for a specific Service-Provider + * + * @param moaSession MOASession data object + * @param oaID Service-Provider identifier, which has received the authentication information + * @param protocolType Authentication protocol, which was used for SSO from this Service-Provider + * @return Internal Single Sign-On information for this Service-Provider + */ + public OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType); + + + /** + * Search a active MOASession with a userID + * + * @param nameID UserID (bPK) + * @return MOASession, or null if no corresponding MOASession is found + */ + public AuthenticationSession getSessionWithUserNameID(String nameID); + + /** + * Search an active federation IDP which could be used for federated Single Sign-On + * + * @param sessionID SessionID which corresponds to a MOASession + * @return Information of the federated IDP, or null if no active federated IDP is found + */ + public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID); + + /** + * Get information to an active federated IDP of MOASession + * + * @param sessionID SessionID which corresponds to a MOASession + * @param idpID Unique identifier of the federated IDP + * @return Information of the federated IDP, or null if no active federated IDP is found + */ + public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASessionIDPID(String sessionID, String idpID); + + + /** + * Add information of the federated IDP to MOASession + * + * @param req Pending request of the service-provider request, never null + * @param idpEntityID The SAML2 EntityID of the federated IDP, never null + * @param extractor <code>AssertionAttributeExtractor</code> which holds the SAML2 response of the federated IDP, never null + * @throws MOADatabaseException + * @throws AssertionAttributeExtractorExeption + * @throws BuildException + */ + public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException; + + /** + * Search an active federation IDP which could be used for federated Single Sign-On by using an AttributeQuery + * + * @param moaSessionID ID of a active MOASession + * @return Information of the federated IDP, or null if no active federated IDP is found + */ + public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String moaSessionID); + + /** + * Remove an active federation IDP from MOASession + * + * @param entityID Unique identifier of the federated IDP + * @param pedingRequestID + * @return true if the federated IDP could be remove, otherwise false + */ + @Deprecated + public boolean removeInterfederetedSession(String entityID, String pedingRequestID); + + /** + * Clean all MOASessions which has a timeOut + * + * @param now Current Time + * @param authDataTimeOutCreated timeOut after MOASession is created [ms] + * @param authDataTimeOutUpdated timeOut after MOASession is updated last time [ms] + */ + public void clean(Date now, long authDataTimeOutCreated, long authDataTimeOutUpdated); +} + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IExceptionStore.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IExceptionStore.java deleted file mode 100644 index 4c76a49a4..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IExceptionStore.java +++ /dev/null @@ -1,29 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.storage; - -public interface IExceptionStore { - public String storeException(Throwable e); - public Throwable fetchException(String id); - public void removeException(String id); -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java new file mode 100644 index 000000000..493f24ee8 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/ITransactionStorage.java @@ -0,0 +1,113 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.storage; + +import java.util.Date; +import java.util.List; + +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; + +/** + * @author tlenz + * + */ +public interface ITransactionStorage { + + /** + * Check if transaction storage contains a data object with a specific key + * + * @param key Key, which identifies a data object + * @return true if key is found, otherwise false + */ + public boolean containsKey(String key); + + /** + * Store a data object with a key to transaction storage + * + * @param key Id which identifiers the data object + * @param value Data object which should be stored. + * This data must implement the <code>java.io.Serializable</code> interface + * @throws MOADatabaseException In case of store operation failed + */ + public void put(String key, Object value) throws MOADatabaseException; + + /** + * Get a data object from transaction storage + * + * @param key key Id which identifiers the data object + * @return The transaction-data object, or null + * @throws MOADatabaseException In case of load operation failed + */ + public Object get(String key) throws MOADatabaseException; + + /** + * Get a data object from transaction storage + * + * @param key Id which identifiers the data object + * @param clazz The class type which is stored with this key + * @return The transaction-data object from type class, or null + * @throws MOADatabaseException In case of load operation failed + */ + public <T> T get(String key, final Class<T> clazz) throws MOADatabaseException; + + /** + * Get a data object from transaction storage + * + * @param key Id which identifiers the data object + * @param clazz The class type which is stored with this key + * @param Data-object timeout in [ms] + * @return The transaction-data object from type class, or null + * @throws MOADatabaseException In case of load operation failed + * @throws AuthenticationException In case of data-object timeout occurs + */ + public <T> T get(String key, final Class<T> clazz, long dataTimeOut) throws MOADatabaseException, AuthenticationException; + + + /** + * Change the key of a data object and store it under the new key + * + * @param oldKey Old key of the data object + * @param newKey New key, which should be used to store the data object + * @param value Data object which should be stored + * @throws MOADatabaseException In case of store operation failed + */ + public void changeKey(String oldKey, String newKey, Object value) throws MOADatabaseException; + + /** + * Remove a data object from transaction storage + * + * @param key Id which identifiers the data object + */ + public void remove(String key); + + /** + * Get all entries for Clean-up the transaction storage + * + * @param now Current time + * @param dataTimeOut Data-object timeout in [ms] + * @return List of entry-keys which as a timeout + */ + public List<String> clean(Date now, long dataTimeOut); + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java deleted file mode 100644 index fff5fac96..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AxisSecureSocketFactory.java +++ /dev/null @@ -1,258 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.util; - -import java.io.BufferedWriter; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.io.PrintWriter; -import java.net.Socket; -import java.security.GeneralSecurityException; -import java.util.Hashtable; - -import javax.net.ssl.SSLSocket; -import javax.net.ssl.SSLSocketFactory; - -import org.apache.axis.components.net.BooleanHolder; -import org.apache.axis.components.net.DefaultSocketFactory; -import org.apache.axis.components.net.SocketFactory; -import org.apache.axis.components.net.TransportClientProperties; -import org.apache.axis.components.net.TransportClientPropertiesFactory; -import org.apache.axis.utils.Messages; -import org.apache.axis.utils.XMLUtils; - -import at.gv.egovernment.moa.logging.Logger; - -/** - * Secure socket factory for Axis webs service clients of the MOA-ID component, - * which are the MOA-SP calls from MOA-ID Auth, - * and the MOA-ID Auth calls from MOA-ID Proxy. - * <br/>Use this initialization code:<br/> - * <code> // ConnectionParameter connParam = ... get from ConfigurationProvider - * AxisSecureSocketFactory.initialize(connParam);</code> - * <br/>See the Apache Axis documentation on how to configure this class - * as the default secure socket factory to be used by Axis. - * <br/> - * This code has been copied from <code>JSSESocketFactory</code>, the - * method <code>initialize()</code> has been added. - * - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class AxisSecureSocketFactory - extends DefaultSocketFactory implements SocketFactory { - - /** Field sslFactory */ - private static SSLSocketFactory sslFactory; - - /** - * Constructor for AxisSecureSocketFactory. - * @param attributes ??? - */ - public AxisSecureSocketFactory(Hashtable attributes) { - super(attributes); - } - /** - * Initializes the factory by setting the connection parameters to be used for - * setting the secure socket factory, and by setting the system property - * <code>axis.socketSecureFactory</code>. - * @param ssf <code>SSLSocketFactory</code> to initialize with - */ - public static void initialize(SSLSocketFactory ssf) - throws IOException, GeneralSecurityException { - - Logger.debug("Initialize AxisSecureSocketFactory"); - sslFactory = ssf; - } - - /** - * creates a secure socket - * - * @param host - * @param port - * @param otherHeaders - * @param useFullURL - * - * @return Socket - * @throws Exception - */ - public Socket create( - String host, - int port, - StringBuffer otherHeaders, - BooleanHolder useFullURL) - throws Exception { - if (port == -1) { - port = 443; - } - - TransportClientProperties tcp = - TransportClientPropertiesFactory.create("https"); - - boolean hostInNonProxyList = - isHostInNonProxyList(host, tcp.getNonProxyHosts()); - - Socket sslSocket = null; - if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) { - // direct SSL connection - sslSocket = sslFactory.createSocket(host, port); - } - else { - - // Default proxy port is 80, even for https - int tunnelPort = - (tcp.getProxyPort().length() != 0) - ? Integer.parseInt(tcp.getProxyPort()) - : 80; - if (tunnelPort < 0) - tunnelPort = 80; - - // Create the regular socket connection to the proxy - Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort); - - // The tunnel handshake method (condensed and made reflexive) - OutputStream tunnelOutputStream = tunnel.getOutputStream(); - PrintWriter out = - new PrintWriter( - new BufferedWriter(new OutputStreamWriter(tunnelOutputStream))); - - // More secure version... engage later? - // PasswordAuthentication pa = - // Authenticator.requestPasswordAuthentication( - // InetAddress.getByName(tunnelHost), - // tunnelPort, "SOCK", "Proxy","HTTP"); - // if(pa == null){ - // printDebug("No Authenticator set."); - // }else{ - // printDebug("Using Authenticator."); - // tunnelUser = pa.getUserName(); - // tunnelPassword = new String(pa.getPassword()); - // } - out.print( - "CONNECT " - + host - + ":" - + port - + " HTTP/1.0\r\n" - + "User-Agent: AxisClient"); - if (tcp.getProxyUser().length() != 0 - && tcp.getProxyPassword().length() != 0) { - - // add basic authentication header for the proxy - String encodedPassword = - XMLUtils.base64encode( - (tcp.getProxyUser() + ":" + tcp.getProxyPassword()).getBytes()); - - out.print("\nProxy-Authorization: Basic " + encodedPassword); - } - out.print("\nContent-Length: 0"); - out.print("\nPragma: no-cache"); - out.print("\r\n\r\n"); - out.flush(); - InputStream tunnelInputStream = tunnel.getInputStream(); - - if (log.isDebugEnabled()) { - log.debug( - Messages.getMessage( - "isNull00", - "tunnelInputStream", - "" + (tunnelInputStream == null))); - } - String replyStr = ""; - - // Make sure to read all the response from the proxy to prevent SSL negotiation failure - // Response message terminated by two sequential newlines - int newlinesSeen = 0; - boolean headerDone = false; /* Done on first newline */ - - while (newlinesSeen < 2) { - int i = tunnelInputStream.read(); - - if (i < 0) { - throw new IOException("Unexpected EOF from proxy"); - } - if (i == '\n') { - headerDone = true; - ++newlinesSeen; - } - else if (i != '\r') { - newlinesSeen = 0; - if (!headerDone) { - replyStr += String.valueOf((char) i); - } - } - } - if (!replyStr.startsWith("HTTP/1.0 200") - && !replyStr.startsWith("HTTP/1.1 200")) { - throw new IOException( - Messages.getMessage( - "cantTunnel00", - new String[] { tcp.getProxyHost(), "" + tunnelPort, replyStr })); - } - - // End of condensed reflective tunnel handshake method - sslSocket = sslFactory.createSocket(tunnel, host, port, true); - if (log.isDebugEnabled()) { - log.debug( - Messages.getMessage( - "setupTunnel00", - tcp.getProxyHost(), - "" + tunnelPort)); - } - } - - ((SSLSocket) sslSocket).startHandshake(); - if (log.isDebugEnabled()) { - log.debug(Messages.getMessage("createdSSL00")); - } - return sslSocket; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ErrorResponseUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ErrorResponseUtils.java index 99ac6ba4c..655675f00 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ErrorResponseUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ErrorResponseUtils.java @@ -26,7 +26,8 @@ import java.util.Locale; import at.gv.egovernment.moa.id.auth.exception.BKUException; import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.process.ProcessExecutionException; import at.gv.egovernment.moa.util.Messages; import at.gv.egovernment.moa.util.MiscUtil; @@ -78,7 +79,10 @@ public class ErrorResponseUtils { } else if (throwable instanceof MOAIDException) { MOAIDException error = (MOAIDException) throwable; errorCode = mapInternalErrorToExternalError(error.getMessageId()); - + + } else if (throwable instanceof ProcessExecutionException) { + errorCode = "1100"; + } else { errorCode = INTERNALERRORCODE; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java deleted file mode 100644 index d3ac574f8..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/FormBuildUtils.java +++ /dev/null @@ -1,128 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.util; - -import java.util.HashMap; -import java.util.Map; -import java.util.Set; - -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.util.MiscUtil; - -public class FormBuildUtils { - - private static Map<String, String> defaultmap = null; - - public static String MAIN_BACKGROUNDCOLOR = "#MAIN_BACKGOUNDCOLOR#"; - public static String MAIN_COLOR = "#MAIN_COLOR#"; - public static String HEADER_BACKGROUNDCOLOR = "#HEADER_BACKGROUNDCOLOR#"; - public static String HEADER_COLOR = "#HEADER_COLOR#"; - public static String BUTTON_BACKGROUNDCOLOR = "#BUTTON_BACKGROUNDCOLOR#"; - public static String BUTTON_BACKGROUNDCOLOR_FOCUS = "#BUTTON_BACKGROUNDCOLOR_FOCUS#"; - public static String BUTTON_COLOR = "#BUTTON_COLOR#"; - public static String FONTFAMILY = "#FONTTYPE#"; - public static String HEADER_TEXT = "#HEADER_TEXT#"; - public static String REDIRECTTARGET = "#REDIRECTTARGET#"; - public static String APPLET_HEIGHT = "#APPLETHEIGHT#"; - public static String APPLET_WIDTH = "#APPLETWIDTH#"; - - private static String MANDATEVISIBLE = "#MANDATEVISIBLE#"; - private static String MANDATECHECKED = "#MANDATECHECKED#"; - - private static String STORKVISIBLE = "#STORKVISIBLE#"; - - private static final String TEMPLATEVISIBLE = " display: none"; - private static final String TEMPLATEDISABLED = "disabled=\"true\""; - private static final String TEMPLATECHECKED = "checked=\"true\""; - private static final String TEMPLATE_ARIACHECKED = "aria-checked="; - - - static { - if (defaultmap == null) { - defaultmap = new HashMap<String, String>(); - defaultmap.put(MAIN_BACKGROUNDCOLOR, "#F7F8F7"); - defaultmap.put(MAIN_COLOR, "#000000"); - - defaultmap.put(HEADER_BACKGROUNDCOLOR, "#C3D2E2"); - defaultmap.put(HEADER_COLOR, "#000000"); - defaultmap.put(HEADER_TEXT, "Login"); - - defaultmap.put(BUTTON_BACKGROUNDCOLOR, "#EBEBEB"); - defaultmap.put(BUTTON_BACKGROUNDCOLOR_FOCUS, "#EBEBEB"); - defaultmap.put(BUTTON_COLOR, "#000000"); - - defaultmap.put(FONTFAMILY, "Verdana,Geneva,Arial,sans-serif"); - - defaultmap.put(REDIRECTTARGET, "_top"); - } - } - - - public static String customiceLayoutBKUSelection(String value, boolean isShowMandateCheckbox, - boolean isOnlyMandateAllowed, - Map<String, String> map, boolean showStorkLogin) { - - if (isShowMandateCheckbox) - value = value.replace(MANDATEVISIBLE, ""); - else - value = value.replace(MANDATEVISIBLE, TEMPLATEVISIBLE); - - if (isOnlyMandateAllowed) { - value = value.replace(MANDATECHECKED, TEMPLATECHECKED + " " + - TEMPLATEDISABLED + " " + - TEMPLATE_ARIACHECKED + "\"true\""); - - } else - value = value.replace(MANDATECHECKED, TEMPLATE_ARIACHECKED + "\"false\""); - - if (showStorkLogin) - value = value.replace(STORKVISIBLE, ""); - else - value = value.replace(STORKVISIBLE, TEMPLATEVISIBLE); - - String fonttype = map.get(FONTFAMILY); - if (MiscUtil.isNotEmpty(fonttype)) { - String[] fonttypeList = fonttype.split(","); - String fonttypeformated = "\"" + fonttypeList[0].trim().replace("\"", "") + "\""; - - for (int i=1; i<fonttypeList.length; i++) { - fonttypeformated += ",\"" + fonttypeList[i].trim().replace("\"", "") + "\""; - } - - map.put(FONTFAMILY, fonttypeformated); - } - - Set<String> elements = map.keySet(); - for (String element: elements) { - value = value.replace(element, map.get(element)); - } - - return value; - } - - public static Map<String, String> getDefaultMap() { - return defaultmap; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPUtils.java index 2aceb833c..4cb6af127 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPUtils.java @@ -172,5 +172,25 @@ public class HTTPUtils { return authURL; } + + /** + * Extract the IDP requested URL from authrequest + * + * @param req HttpServletRequest + * @return RequestURL <String> which ends always without / + */ + public static String extractAuthServletPathFromRequest(HttpServletRequest req) { + return extractAuthURLFromRequest(req).concat(req.getServletPath()); + + } + + public static String addURLParameter(String url, String paramname, + String paramvalue) { + String param = paramname + "=" + paramvalue; + if (url.indexOf("?") < 0) + return url + "?" + param; + else + return url + "&" + param; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java index 0b517e783..81041260c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java @@ -35,8 +35,8 @@ import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.spss.MOAException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java deleted file mode 100644 index b7a866370..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/MOAIDMessageProvider.java +++ /dev/null @@ -1,104 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.util; - -import java.util.Locale; - -import at.gv.egovernment.moa.util.Messages; - -/** - * A singleton wrapper around a <code>Message</code> object, providing the messages used in MOA-ID. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class MOAIDMessageProvider { - - /** DEFAULT_MESSAGE_RESOURCES are resources/properties/id_messages */ - private static final String[] DEFAULT_MESSAGE_RESOURCES = - { "resources/properties/id_messages" }; - /** DEFAULT_MESSAGE_LOCALES are "de", "AT" */ - private static final Locale[] DEFAULT_MESSAGE_LOCALES = - new Locale[] { new Locale("de", "AT") }; - /** The instance for our singleton */ - private static MOAIDMessageProvider instance; - /** The Messages */ - private Messages messages; - - /** - * Returns the single instance of <code>MOAIDMessageProvider</code>. - * - * @return the single instance of <code>MOAIDMessageProvider</code> - */ - public static MOAIDMessageProvider getInstance() { - if (instance == null) - instance = new MOAIDMessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); - return instance; - } - - /** - * Create a <code>MOAIDMessageProvider</code>. - * - * @param resourceNames The names of the resources containing the messages. - * @param locales The corresponding locales. - */ - protected MOAIDMessageProvider(String[] resourceNames, Locale[] locales) { - this.messages = new Messages(resourceNames, locales); - } - - /** - * Get the message corresponding to a given message ID. - * - * @param messageId The ID of the message. - * @param parameters The parameters to fill in into the message arguments. - * @return The formatted message. - */ - public String getMessage(String messageId, Object[] parameters) { - return messages.getMessage(messageId, parameters); - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java index 5ef9494f4..099a70470 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java @@ -37,10 +37,14 @@ public class PVPtoSTORKMapper { private static final String PVP_SECCLASS_PREFIX = "http://www.ref.gv.at/ns/names/agiz/pvp/"; private static final String STORK_QAA_PREFIX = "http://www.stork.gov.eu/1.0/"; + private static final String eIDAS_QAA_PREFIX = "http://eidas.europa.eu/"; private static final String MAPPING_RESOURCE = "resources/properties/pvp-stork_mapping.properties"; + private static final String MAPPING_SECCLASS_PREFIX = "secclass_"; + private static final String MAPPING_EIDAS_PREFIX = "eidas_"; + private Properties mapping = null; private static PVPtoSTORKMapper instance = null; @@ -68,6 +72,47 @@ public class PVPtoSTORKMapper { } + /** + * Map STORK QAA level to eIDAS QAA level + * + * @param storkQAA STORK QAA level + * @return + */ + public String mapSTORKQAAToeIDASQAA(String storkQAA) { + if (mapping != null) { + String input = storkQAA.substring(STORK_QAA_PREFIX.length()); + String mappedQAA = mapping.getProperty(MAPPING_EIDAS_PREFIX + input); + if (MiscUtil.isNotEmpty(mappedQAA)) { + Logger.info("Map STORK-QAA " + storkQAA + " to eIDAS-QAA " + mappedQAA); + return mappedQAA; + + } + } + Logger.warn("No eIDAS-QAA mapping for STORK-QAA " + storkQAA +" !"); + return null; + + } + + /** + * Map eIDAS QAA-level to STORK QAA-level + * + * @param qaaLevel eIDAS QAA-level + * @return STORK QAA-level + */ + public String mapeIDASQAAToSTORKQAA(String qaaLevel) { + if (mapping != null) { + String input = qaaLevel.substring(eIDAS_QAA_PREFIX.length()); + String mappedQAA = mapping.getProperty(input); + if (MiscUtil.isNotEmpty(mappedQAA)) { + Logger.info("Map eIDAS-QAA " + qaaLevel + " to STORK-QAA " + mappedQAA); + return mappedQAA; + + } + } + Logger.warn("No eIDAS-QAA mapping for eIDAS-QAA " + qaaLevel +" !"); + return null; + } + /**Map a STORK QAA level to PVP SecClass * * @param STORK-QAA level @@ -76,7 +121,7 @@ public class PVPtoSTORKMapper { public String mapToSecClass(String storkQAALevel) { if (mapping != null) { String input = storkQAALevel.substring(STORK_QAA_PREFIX.length()); - String mappedQAA = mapping.getProperty(input); + String mappedQAA = mapping.getProperty(MAPPING_SECCLASS_PREFIX + input); if (MiscUtil.isNotEmpty(mappedQAA)) { Logger.info("Map STORK-QAA " + storkQAALevel + " to PVP SecClass " + mappedQAA); return mappedQAA; @@ -125,4 +170,5 @@ public class PVPtoSTORKMapper { Logger.warn("NO mapping for PVPRole "+ el.getRoleName() + " !"); return null; } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index 47010a735..47ea91753 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -46,34 +46,44 @@ package at.gv.egovernment.moa.id.util;
+import java.io.ByteArrayInputStream;
import java.io.IOException;
-import java.io.StringReader;
import java.net.MalformedURLException;
import java.net.URL;
+import java.util.Collections;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
-import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
public class ParamValidatorUtils extends MOAIDAuthConstants{
+ private static final Map<String, Object> parserFeatures =
+ Collections.unmodifiableMap(new HashMap<String, Object>() {
+ private static final long serialVersionUID = 1L;
+ {
+ put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true);
+
+ }
+ });
+
/**
* Checks if the given target is valid
* @param target HTTP parameter from request
@@ -482,11 +492,13 @@ public class ParamValidatorUtils extends MOAIDAuthConstants{ return false;
Logger.debug("Ueberpruefe Parameter XMLDocument");
- try {
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
- DocumentBuilder builder = factory.newDocumentBuilder();
- InputSource is = new InputSource(new StringReader(document));
- builder.parse(is);
+ try {
+ DOMUtils.parseXmlValidating(new ByteArrayInputStream(document.getBytes()), parserFeatures);
+
+// DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+// DocumentBuilder builder = factory.newDocumentBuilder();
+// InputSource is = new InputSource(new StringReader(document));
+// builder.parse(is);
Logger.debug("Parameter XMLDocument erfolgreich ueberprueft");
return true;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java index 22a021d99..47f784c33 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java @@ -47,10 +47,17 @@ package at.gv.egovernment.moa.id.util; -import iaik.security.random.SeedGenerator; - import java.nio.ByteBuffer; import java.security.SecureRandom; +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.Date; + +import org.apache.commons.codec.binary.Hex; + +import com.google.common.primitives.Bytes; + +import iaik.security.random.SeedGenerator; /** @@ -60,37 +67,97 @@ import java.security.SecureRandom; */ public class Random { + + private final static char[] allowedPreFix = + {'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z', + 'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z'}; + private static final DateFormat dateFormater = new SimpleDateFormat("yyyyddMM"); + /** random number generator used */ //private static SecureRandom random = new SecureRandom(); private static SecureRandom random; - private static SeedGenerator seedgenerator; - + private static SeedGenerator seedgenerator; + static { random = iaik.security.random.SHA256FIPS186Random.getDefault(); seedgenerator = iaik.security.random.AutoSeedGenerator.getDefault(); - } + + /** + * Generate a unique process reference-value [160bit], which always starts with a letter + * <br> + * This unique ID consists of single letter, a 64bit date String[yyyyddMM], + * and a 88bit random value. + * + * @return 160bit ID, which is hex encoded + */ + public static String nextProcessReferenceValue() { + //pre-process all three parts of a unique reference value + String now = dateFormater.format(new Date()); //8 bytes = 64bit + byte[] randValue = nextByteRandom(11); + char preFix = allowedPreFix[Math.abs(random.nextInt() % allowedPreFix.length)]; + + //generate ID + return preFix + new String(Hex.encodeHex(Bytes.concat(now.getBytes(), randValue))); // 20 bytes = 160 bits + + } + + + + /** + * Creates a new random number [256bit], and encode it as hex value. + * + * @return random hex encoded value [256bit] + */ + public static String nextHexRandom() { + return new String(Hex.encodeHex(nextByteRandom(32))); // 32 bytes = 256 bits + + } + + /** + * Creates a new random number [64bit], to be used as an ID. + * + * @return random long as a String [64bit] + */ + public static String nextLongRandom() { + return "".concat(String.valueOf(Math.abs(generateLongRandom(32)))); // 32 bytes = 256 bits + + } + /** * Creates a new random number, to be used as an ID. * - * @return random long as a String + * @return random long as a String [64bit] */ - public static String nextRandom() { - - byte[] b = new byte[32]; // 32 bytes = 256 bits - random.nextBytes(b); - - ByteBuffer bb = ByteBuffer.wrap(b); - long l = bb.getLong(); + @Deprecated + public static String nextRandom() { + long l = ByteBuffer.wrap(nextByteRandom(32)).getLong(); // 32 bytes = 256 bits return "" + Math.abs(l); - } + public static void seedRandom() { if (seedgenerator.seedAvailable()) random.setSeed(seedgenerator.getSeed()); } + + private static long generateLongRandom(int size) { + return ByteBuffer.wrap(nextByteRandom(size)).getLong(); + } + + /** + * Generate a new random number + * + * @param size Size of random number in bits + * @return + */ + private static byte[] nextByteRandom(int size) { + byte[] b = new byte[size]; + random.nextBytes(b); + return b; + + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java index af3424881..f0cec1d61 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -65,11 +65,11 @@ import javax.net.ssl.SSLSocketFactory; import org.apache.regexp.RE; import org.apache.regexp.RESyntaxException; +import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; +import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.utils.ssl.SSLConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.ConnectionParameterInterface; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityLogAdapter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityLogAdapter.java deleted file mode 100644 index 269e21d4f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityLogAdapter.java +++ /dev/null @@ -1,99 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.util; - -import org.apache.velocity.app.Velocity; -import org.apache.velocity.runtime.RuntimeServices; -import org.apache.velocity.runtime.log.LogChute; - -import at.gv.egovernment.moa.logging.Logger; - -public class VelocityLogAdapter implements LogChute { - - public VelocityLogAdapter() { - try - { - /* - * register this class as a logger with the Velocity singleton - * (NOTE: this would not work for the non-singleton method.) - */ - Velocity.setProperty(Velocity.RUNTIME_LOG_LOGSYSTEM, this ); - Velocity.init(); - } - catch (Exception e) - { - Logger.error("Failed to register Velocity logger"); - } - } - - public void init(RuntimeServices arg0) throws Exception { - } - - public boolean isLevelEnabled(int arg0) { - switch(arg0) { - case LogChute.DEBUG_ID: - return Logger.isDebugEnabled(); - case LogChute.TRACE_ID: - return Logger.isTraceEnabled(); - default: - return true; - } - } - - public void log(int arg0, String arg1) { - switch(arg0) { - case LogChute.DEBUG_ID: - Logger.debug(arg1); - break; - case LogChute.TRACE_ID: - Logger.trace(arg1); - break; - case LogChute.INFO_ID: - Logger.info(arg1); - break; - case LogChute.WARN_ID: - Logger.warn(arg1); - break; - case LogChute.ERROR_ID: - default: - Logger.error(arg1); - break; - } - } - - public void log(int arg0, String arg1, Throwable arg2) { - switch(arg0) { - case LogChute.DEBUG_ID: - case LogChute.TRACE_ID: - case LogChute.INFO_ID: - case LogChute.WARN_ID: - Logger.warn(arg1, arg2); - break; - case LogChute.ERROR_ID: - default: - Logger.error(arg1, arg2); - break; - } - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityProvider.java deleted file mode 100644 index 231f36fa8..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/VelocityProvider.java +++ /dev/null @@ -1,112 +0,0 @@ -/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * The Austrian STORK Modules have been developed by the E-Government
- * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
- * Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-/**
- *
- */
-package at.gv.egovernment.moa.id.util;
-
-import org.apache.velocity.app.VelocityEngine;
-import org.apache.velocity.runtime.RuntimeConstants;
-
-/**
- * Gets a Velocity Engine
- *
- * @author bzwattendorfer
- *
- */
-public class VelocityProvider {
-
- /**
- * Gets velocityEngine from Classpath
- * @return VelocityEngine
- * @throws Exception
- */
- public static VelocityEngine getClassPathVelocityEngine() throws Exception {
- VelocityEngine velocityEngine = getBaseVelocityEngine();
- velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
- velocityEngine.setProperty("classpath.resource.loader.class",
- "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
-
- velocityEngine.init();
-
- return velocityEngine;
- }
-
- /**
- * Gets VelocityEngine from File
- * @param rootPath File Path to template file
- * @return VelocityEngine
- * @throws Exception
- */
- public static VelocityEngine getFileVelocityEngine(String rootPath) throws Exception {
- VelocityEngine velocityEngine = getBaseVelocityEngine();
- velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "file");
- velocityEngine.setProperty("file.resource.loader.class",
- "org.apache.velocity.runtime.resource.loader.FileResourceLoader");
- velocityEngine.setProperty("file.resource.loader.path", rootPath);
-
- velocityEngine.init();
-
- return velocityEngine;
- }
-
- /**
- * Gets a basic VelocityEngine
- * @return VelocityEngine
- */
- private static VelocityEngine getBaseVelocityEngine() {
- VelocityEngine velocityEngine = new VelocityEngine();
- velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
- velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
- velocityEngine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
- "org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
-
- return velocityEngine;
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java index dd4e67bcd..48e1460f9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java @@ -26,8 +26,8 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang.StringEscapeUtils; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; public class LegacyHelper extends MOAIDAuthConstants{ diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..caaad10ca --- /dev/null +++ b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.MOAIDAuthSpringResourceProvider
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule new file mode 100644 index 000000000..5116c2a08 --- /dev/null +++ b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule @@ -0,0 +1,2 @@ +at.gv.egovernment.moa.id.auth.modules.BKUSelectionModuleImpl +at.gv.egovernment.moa.id.auth.modules.SingleSignOnConsentsModuleImpl
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo deleted file mode 100644 index 54c12e239..000000000 --- a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo +++ /dev/null @@ -1 +0,0 @@ -at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder index bb98bcc6f..d40be32f5 100644 --- a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder +++ b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder @@ -26,5 +26,7 @@ at.gv.egovernment.moa.id.protocols.builder.attributes.MandateProfRepDescAttribut at.gv.egovernment.moa.id.protocols.builder.attributes.MandateProfRepOIDAttributeBuilder at.gv.egovernment.moa.id.protocols.builder.attributes.MandateReferenceValueAttributeBuilder at.gv.egovernment.moa.id.protocols.builder.attributes.MandateTypeAttributeBuilder +at.gv.egovernment.moa.id.protocols.builder.attributes.MandateTypeOIDAttributeBuilder at.gv.egovernment.moa.id.protocols.builder.attributes.PrincipalNameAttributeBuilder at.gv.egovernment.moa.id.protocols.builder.attributes.PVPVersionAttributeBuilder +at.gv.egovernment.moa.id.protocols.builder.attributes.HolderOfKey diff --git a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/BKUSelection.process.xml b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/BKUSelection.process.xml new file mode 100644 index 000000000..307ba836a --- /dev/null +++ b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/BKUSelection.process.xml @@ -0,0 +1,30 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="BKUSelectionProcess" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + +<!-- + - National authentication with Austrian Citizen Card and mobile signature with our without mandate. + - Legacy authentication for foreign citizens using MOCCA supported signature cards. +--> + <pd:Task id="initializeBKUSelection" class="GenerateBKUSelectionFrameTask"/> + <pd:Task id="parseBKUSelection" class="EvaluateBKUSelectionTask" async="true"/> + <pd:Task id="restartAuthProzessManagement" class="RestartAuthProzessManagement"/> + + <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. --> + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="initializeBKUSelection" /> + + <pd:Transition from="initializeBKUSelection" to="parseBKUSelection" /> + + + <!-- + BKU selection process MUST always end with 'restartAuthProzessManagement'! + Last synchron steps before 'restartAuthProzessManagement' MUST NOT write to httpServletResponse object! + --> + <pd:Transition from="parseBKUSelection" to="restartAuthProzessManagement" /> + + <pd:Transition from="restartAuthProzessManagement" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/SingleSignOnConsentEvaluator.process.xml b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/SingleSignOnConsentEvaluator.process.xml new file mode 100644 index 000000000..a58ad8ac4 --- /dev/null +++ b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/SingleSignOnConsentEvaluator.process.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="SSOConsentsEvluationProcess" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + +<!-- + - National authentication with Austrian Citizen Card and mobile signature with our without mandate. + - Legacy authentication for foreign citizens using MOCCA supported signature cards. +--> + <pd:Task id="initializeSSOConsentEvaluator" class="GenerateSSOConsentEvaluatorFrameTask"/> + <pd:Task id="evaluateSSOConsents" class="EvaluateSSOConsentsTaskImpl" async="true"/> + + <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. --> + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="initializeSSOConsentEvaluator" /> + <pd:Transition from="initializeSSOConsentEvaluator" to="evaluateSSOConsents" /> + <pd:Transition from="evaluateSSOConsents" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml new file mode 100644 index 000000000..11d92cea3 --- /dev/null +++ b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml @@ -0,0 +1,84 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="processEngine" class="at.gv.egovernment.moa.id.process.ProcessEngineImpl"> + <property name="transitionConditionExpressionEvaluator"> + <bean class="at.gv.egovernment.moa.id.process.springweb.SpringWebExpressionEvaluator" /> + </property> + </bean> + + <!-- import auth modules --> + <import resource="classpath*:**/*.authmodule.beans.xml" /> + + <bean id="moduleRegistration" class="at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration" factory-method="getInstance" /> + + <context:component-scan base-package="at.gv.egovernment.moa.id.auth.servlet" /> + <context:component-scan base-package="at.gv.egovernment.moa.id.protocols" /> + + <bean id="MOAID_AuthenticationManager" + class="at.gv.egovernment.moa.id.moduls.AuthenticationManager"/> + + <bean id="AuthenticationDataBuilder" + class="at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder"/> + + <bean id="StartAuthentificationParameterParser" + class="at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser"/> + + <bean id="MOAID_SSOManager" + class="at.gv.egovernment.moa.id.moduls.SSOManager"/> + + <bean id="TransactionStorage" + class="at.gv.egovernment.moa.id.storage.DBTransactionStorage"/> + + <bean id="AuthenticationSessionStoreage" + class="at.gv.egovernment.moa.id.storage.DBAuthenticationSessionStoreage"/> + + <bean id="RequestStorage" + class="at.gv.egovernment.moa.id.moduls.RequestStorage"/> + + <bean id="ProcessInstanceStoreage" + class="at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAOImpl"/> + + <bean id="StatisticLogger" + class="at.gv.egovernment.moa.id.advancedlogging.StatisticLogger"/> + + <bean id="MOAReversionLogger" + class="at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger"/> + + <bean id="AuthenticationSessionCleaner" + class="at.gv.egovernment.moa.id.auth.AuthenticationSessionCleaner"/> + +<!-- Authentication Process Tasks --> + <bean id="GenerateBKUSelectionFrameTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GenerateBKUSelectionFrameTask" + scope="prototype"/> + + <bean id="EvaluateBKUSelectionTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.EvaluateBKUSelectionTask" + scope="prototype"/> + + <bean id="RestartAuthProzessManagement" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.RestartAuthProzessManagement" + scope="prototype"/> + + <bean id="FinalizeAuthenticationTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.FinalizeAuthenticationTask" + scope="prototype"/> + + <bean id="GenerateSSOConsentEvaluatorFrameTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GenerateSSOConsentEvaluatorFrameTask" + scope="prototype"/> + + <bean id="EvaluateSSOConsentsTaskImpl" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.EvaluateSSOConsentsTaskImpl" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml index 7e319e235..9c27ba581 100644 --- a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml +++ b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml @@ -11,9 +11,11 @@ <context:property-placeholder location="${moa.id.configuration}"/> - <bean id="moaidauthconfig" class="at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider"/> + <bean id="moaidauthconfig" class="at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider"> + <constructor-arg value="#{systemProperties['moa.id.configuration']}"/> + </bean> - <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" lazy-init="true" destroy-method="close"> + <bean id="dataSource" class="org.apache.commons.dbcp2.BasicDataSource" lazy-init="true" destroy-method="close"> <aop:scoped-proxy/> <property name="driverClassName" value="${configuration.hibernate.connection.driver_class}" /> <property name="url" value="${configuration.hibernate.connection.url}"/> @@ -22,10 +24,10 @@ <property name="connectionProperties" value="${configuration.dbcp.connectionProperties}" /> <property name="initialSize" value="${configuration.dbcp.initialSize}" /> - <property name="maxActive" value="${configuration.dbcp.maxActive}" /> + <property name="maxTotal" value="${configuration.dbcp.maxActive}" /> <property name="maxIdle" value="${configuration.dbcp.maxIdle}" /> <property name="minIdle" value="${configuration.dbcp.minIdle}" /> - <property name="maxWait" value="${configuration.dbcp.maxWaitMillis}" /> + <!-- property name="maxWait" value="${configuration.dbcp.maxWaitMillis}" / --> <property name="testOnBorrow" value="${configuration.dbcp.testOnBorrow}" /> <property name="testOnReturn" value="${configuration.dbcp.testOnReturn}" /> <property name="testWhileIdle" value="${configuration.dbcp.testWhileIdle}" /> diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index cabf1557e..400b0bc25 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -37,22 +37,28 @@ auth.16=Fehler bei Abarbeitung der Vollmacht in "{0}" auth.17=Vollmachtenmodus f\u00FCr nicht-\u00F6ffentlichen Bereich wird nicht unterst\u00FCtzt.
auth.18=Keine MOASessionID vorhanden
auth.19=Die Authentifizierung kann nicht passiv durchgef\u00FChrt werden.
-auth.20=No valid MOA session found. Authentification process is abourted.
+auth.20=No valid MOA session found. Authentication process is aborted.
auth.21=Der Anmeldevorgang wurde durch den Benutzer abgebrochen.
auth.22=Das Protokoll {0} ist deaktiviert.
auth.23=Das BKU-Selektion Template entspricht nicht der Spezifikation von MOA-ID 2.x.
auth.24=Das Send-Assertion Template entspricht nicht der Spezifikation von MOA-ID 2.x.
auth.25=Fehler beim validieren der SZR-Gateway Response.
auth.26=SessionID unbekannt.
-auth.27=Federated authentication FAILED! Assertion from {0} IDP is not valid.
+auth.27=Federated authentication FAILED! Assertion from {0} IDP is not valid. (Msg:{1})
auth.28=Transaktion {0} kann nicht weitergef\u00FChrt werden. Wahrscheinlich wurde ein TimeOut erreicht.
auth.29=Federated authentication FAILED! Can not build authentication request for IDP {0}
+auth.30=No valid Single Sign-On session found. Authentication process is aborted.
+auth.31=Federated authentication FAILED. No information for AttributeQuery, maybe a timeout occures.
+auth.32=Federated authentication FAILED. No configuration for IDP {0}
+auth.33=Federated authentication FAILED. Configuration of IDP {0} does not allow inbound messages.
+auth.34=Federated authentication FAILED. Configuration of IDP {0} is marked as BusinessService-IDP, but Public-Service attributes are requested.
init.00=MOA ID Authentisierung wurde erfolgreich gestartet
init.01=Fehler beim Aktivieren des IAIK-JCE/JSSE/JDK1.3 Workaround\: SSL ist m\u00F6glicherweise nicht verf\u00FCgbar
init.02=Fehler beim Starten des Service MOA-ID-Auth
init.04=Fehler beim Datenbankzugriff mit der SessionID {0}
-
+
+internal.00=W\u00e4hrend des Anmeldevorgangs wurde ein nicht erlaubter Prozesszustand erreicht wodurch der Anmeldeprozess aus sicherheitsgr\u00FCnden abgebrochen wurde.
config.00=MOA ID Konfiguration erfolgreich geladen: {0}
config.01=Umgebungsvariable "moa.id.configuration" nicht gesetzt
@@ -80,6 +86,8 @@ config.22=F\u00FCr den Interfederation-Gateway mit der ID {0} ist kein Endpunkt config.23=Fehler beim initialisieren von OpenSAML
config.24=MOA-ID-Auth Configfile {1} does not start with {0} prefix.
config.25=Der verwendete IDP PublicURLPrefix {0} ist nicht erlaubt.
+config.26=Federated IDP {0} contains no AttributeQuery URL.
+config.27=Fehler beim Verarbeiten eines Konfigurationsparameters. Msg:{0}
parser.00=Leichter Fehler beim Parsen: {0}
parser.01=Fehler beim Parsen: {0}
@@ -98,6 +106,8 @@ builder.04=Die Personenbindung konnte nicht neu signiert werden und wird aus die builder.05=Beim resignieren der Personenbindung ist ein allgemeiner Fehler aufgetreten und wird aus diesem Grund nicht ausgeliefert.
builder.06=Fehler beim generieren der Anmeldedaten aus SSO IDP Interfederation Informationen.
builder.07=Fehlerhaftes SecurityLayer Template.
+builder.08=Authentication process could NOT completed. Reason: {0}
+builder.09=Can not build GUI component. Reason: {0}
service.00=Fehler beim Aufruf des Web Service: {0}
service.01=Fehler beim Aufruf des Web Service: kein Endpoint
@@ -109,6 +119,7 @@ service.06=Allgemeiner Fehler beim Anfragen des Online-Vollmachten Service service.07=Der SZR-Gateway ist unter {0} nicht erreichbar.
service.08=Die Eintragung der ausländischen Person am SZR-Gateway ist fehlgeschlagen.
service.09=Der SZR-Gateway Client konnte nicht initialisiert werden.
+service.10=Die Verwendung des Service {0} ist nicht m\u00f6glich. Ursache: {1}
cleaner.00=AuthenticationSessionCleaner wurde gestartet
cleaner.01=Fehler im AuthenticationSessionCleaner
@@ -117,7 +128,7 @@ cleaner.03=Abgelaufene Anmeldedaten zur SAML-Assertion ID {0} wurden aus dem Spe proxy.00=MOA ID Proxy wurde erfolgreich gestartet
proxy.01=Unbekannter URL {0}, erwarteter URL auf {1}
-proxy.02=Unbekannter URL {0}. <br>Es wurde keine Ãœbereinstimmung zum Attribut publicURLPrefix im Element 'OnlineApplication' der verwendeten MOA-ID Konfigurationsdatei gefunden.
+proxy.02=Unbekannter URL {0}. <br>Es wurde keine \u00dcbereinstimmung zum Attribut publicURLPrefix im Element 'OnlineApplication' der verwendeten MOA-ID Konfigurationsdatei gefunden.
proxy.04=URL {0} : {1}
proxy.05=Fehler beim Aufbauen der SSLSocketFactory f\u00FCr {0} \: {1}
proxy.06=Fehler beim Starten des Service MOA ID Proxy
@@ -211,10 +222,12 @@ validator.70=Das einmale Tokken im signierten AuthBlock ({0}) stimmt nicht mit d validator.71=Das Signaturzertifikat ist nicht qualifiziert.
validator.72=Das Signaturzertifikat ist nicht qualifiziert und es wurde keine OID f\u00FCr Test Identit\u00E4ten gefunden.
+validator.73=Das MIS-Vollmachtenservice und das ELGA-Vollmachtenservice k\u00f6nnen nicht in einem Anmeldevorgang verwendet werden.
+
ssl.01=Validierung des SSL-Server-Endzertifikates hat fehlgeschlagen
stork.00=STORK SAML AuthnRequest konnte nicht signiert werden
-stork.01=STORK SAML AuthnRequest nicht g\u00FCltig
+stork.01=STORK SAML AuthnRequest nicht g\u00FCltig. Reason:{0}
stork.02=STORK SAML AuthnRequest kann nicht an folgende URL geschickt werden: {0}
stork.04=STORK SAML Response konnte nicht decodiert werden
stork.05=STORK SAML Response Validierung fehlgeschlagen
@@ -243,7 +256,19 @@ stork.27=Fehler bei der Verarbeitung von STORKRequest. stork.28=Fehler bei der Umwandelung von QAA Daten.
stork.29=Fehler bei der Generierung von STORK-Attribut (eIdentifier/eLPIdentifier)
-pvp2.00={0} ist kein gueltiger consumer service index
+eIDAS.00=eIDAS Engine initialization FAILED. Reason:{0}
+eIDAS.01=Received eIDAS AuthnRequest is not valid. Reason:{0}
+eIDAS.02=Generate eIDAS AuthnRequest FAILED. Reason:{0}
+eIDAS.03=Can not connect to eIDAS Node. Reason:No CitizenCountry selected.
+eIDAS.04=Can not connect to eIDAS Node. Reason:{0} is not a valid CitizenCountry.
+eIDAS.05=Can not generate eIDAS metadata. Reason:{0}
+eIDAS.06=Received eIDAS AuthnRequest can not processed. Reason:{0}
+eIDAS.07=Missing eIDAS-Attribute:{0}
+eIDAS.08=No valid eIDAs-Node configuration for enityID:{0}
+eIDAS.09=Received eIDAS Response is not valid. Reason:{0}
+eIDAS.10=Internal server error. Reason:{0}
+eIDAS.11=Received eIDAS Error-Response. Reason:{0}
+
pvp2.01=Fehler beim kodieren der PVP2 Antwort
pvp2.02=Ungueltiges Datumsformat
pvp2.03=Vollmachtattribute nicht in Metadaten verfuegbar
@@ -267,6 +292,23 @@ pvp2.20=F\u00FCr die im Request angegebene EntityID konnten keine g\u00FCltigen pvp2.21=Die Signature des Requests konnte nicht g\u00FCltig validiert werden.
pvp2.22=Der Request konnte nicht g\u00FCltig validiert werden (Fehler\={0}).
pvp2.23={0} ist keine gueltige AssertionConsumerServiceURL oder entspricht nicht den Metadaten.
+pvp2.24=Der Request konnte nicht verarbeitet werden (Fehler\={0}).
+
+
+##add status codes!!!!
+sp.pvp2.00=Can not build PVP AuthnRequest for {0} {1}. No valid SingleSignOnService endpoint found.
+sp.pvp2.01=Can not build PVP AuthnRequest for {0} {0}. IDP is not allowed for federated authentication.
+sp.pvp2.02=Can not build PVP AuthnRequest for {0} {0}. IDP has no (valid) metadata.
+sp.pvp2.03=Receive PVP Response from {0} with unsupported Binding.
+sp.pvp2.04=Receive invalid PVP Response from {0}. No PVP metadata found.
+sp.pvp2.05=Receive invalid PVP Response from {0} {1}. StatusCode:{2} Msg:{3}.
+sp.pvp2.06=Receive invalid PVP Response from {0}. Assertion does not contain all required attributes.
+sp.pvp2.07=Receive invalid PVP Response from {0}. Attribute {1} is not valid.
+sp.pvp2.08=Receive invalid PVP Response from {0}. Response issuer {1} is not valid or allowed.
+sp.pvp2.09=Receive invalid PVP Response from {0} {1}. StatusCodes:{2} {3} Msg:{4}
+sp.pvp2.10=Receive invalid PVP Response from {0}. No valid assertion included.
+sp.pvp2.11=Receive invalid PVP Response from {0}. Assertion decryption FAILED.
+sp.pvp2.12=Receive invalid PVP Response from {0}. Msg:{1}
oauth20.01=Fehlerhafte redirect url
oauth20.02=Fehlender oder ung\u00FCltiger Parameter "{0}"
@@ -285,3 +327,4 @@ slo.02=Es wurde keine aktive SSO Session gefunden oder Sie sind bei keiner Onlin process.01=Fehler beim Ausf\u00FChren des Prozesses.
process.02=Fehler beim Erstellen eines geeigneten Prozesses f\u00FCr die SessionID {0}.
+process.03=Fehler beim Weiterf\u00FChren es Prozesses. Msg:{0}
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties index 342d54f7f..bfaf5ffb1 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties @@ -27,11 +27,18 @@ auth.26=1100 auth.27=4401 auth.28=1100 auth.29=4401 +auth.30=1110 +auth.31=4400 +auth.32=4401 +auth.33=4401 +auth.34=4401 init.00=9199 init.01=9199 init.02=9199 init.04=9101 + +internal.00=9199 config.00=9199 config.01=9199 @@ -59,6 +66,8 @@ config.22=9008 config.23=9199 config.24=9199 config.25=9199 +config.26=9099 +config.27=9008 parser.00=1101 parser.01=1101 @@ -77,6 +86,8 @@ builder.04=Die Personenbindung konnte nicht neu signiert werden und wird aus die builder.05=Beim resignieren der Personenbindung ist ein allgemeiner Fehler aufgetreten und wird aus diesem Grund nicht ausgeliefert. builder.06=4400 builder.07=9002 +builder.08=1008 +builder.09=9103 service.00=4300 service.03=4300 @@ -87,6 +98,26 @@ service.07=4200 service.08=4201 service.09=9007 +service.10=4500 + +process.01=9104 +process.02=9104 +process.03=9105 + +sp.pvp2.00=4501 +sp.pvp2.01=4501 +sp.pvp2.02=4501 +sp.pvp2.03=4502 +sp.pvp2.04=4502 +sp.pvp2.05=4503 +sp.pvp2.06=4502 +sp.pvp2.07=4502 +sp.pvp2.08=4502 +sp.pvp2.09=4503 +sp.pvp2.10=4502 +sp.pvp2.11=4502 +sp.pvp2.12=4502 + validator.00=1102 validator.01=1102 validator.02=1102 @@ -155,6 +186,9 @@ validator.69=1106 validator.70=1106 validator.71=1105 +validator.72=1105 +validator.73=4500 + ssl.01=1107 stork.00=1200 @@ -179,14 +213,34 @@ stork.19=1203 stork.20=1204 stork.21=1205 +eIDAS.00=1399 +eIDAS.01=1305 +eIDAS.02=1300 +eIDAS.03=1304 +eIDAS.04=1304 +eIDAS.05=1306 +eIDAS.06=1305 +eIDAS.07=1303 +eIDAS.08=1304 +eIDAS.09=1301 +eIDAS.10=9199 +eIDAS.11=1302 + pvp2.01=6100 pvp2.06=6100 +pvp2.10=6100 +pvp2.11=6100 +pvp2.12=6100 pvp2.13=9199 +pvp2.15=6105 pvp2.16=6101 pvp2.17=6102 pvp2.20=6103 pvp2.21=6104 pvp2.22=6105 +pvp2.23=6105 +pvp2.24=6105 + oauth20.01=6200 oauth20.06=1000 diff --git a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties index ca12fada4..63a679db5 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/pvp-stork_mapping.properties @@ -25,7 +25,19 @@ secclass/0-2=http://www.stork.gov.eu/1.0/citizenQAALevel/4 secclass/0-3=http://www.stork.gov.eu/1.0/citizenQAALevel/4 ##STORK-QAA to PVP SecClass mapping -citizenQAALevel/1=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0 -citizenQAALevel/2=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-1 -citizenQAALevel/3=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-2 -citizenQAALevel/4=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-2
\ No newline at end of file +secclass_citizenQAALevel/1=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0 +secclass_citizenQAALevel/2=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-1 +secclass_citizenQAALevel/3=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-2 +secclass_citizenQAALevel/4=http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-2 + + +##STORK-QAA to eIDAS-QAA mapping +eidas_citizenQAALevel/1=http://eidas.europa.eu/LoA/low +eidas_citizenQAALevel/2=http://eidas.europa.eu/LoA/low +eidas_citizenQAALevel/3=http://eidas.europa.eu/LoA/substantial +eidas_citizenQAALevel/4=http://eidas.europa.eu/LoA/high + +##eIDAS-QAA to STORK-QAA mapping +LoA/low=http://www.stork.gov.eu/1.0/citizenQAALevel/1 +LoA/substantial=http://www.stork.gov.eu/1.0/citizenQAALevel/2 +LoA/high=http://www.stork.gov.eu/1.0/citizenQAALevel/4
\ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html deleted file mode 100644 index 2b0115d4a..000000000 --- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html +++ /dev/null @@ -1,922 +0,0 @@ -<!DOCTYPE html> -<html> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> - - <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.85em; - /*border-radius: 5px;*/ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /*border-radius: 7px;*/ - margin-bottom: 25px; - min-width: 80px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - #stork h2 { - font-size: 1.0em; - margin-bottom: 2%; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.7em; - min-width: 55px; - /*min-height: 1.1em; - border-radius: 5px;*/ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2 { - font-size: 0.8em; - margin-top: -0.4em; - padding-top: 0.4em; - } - - #bkulogin { - min-height: 150px; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.75em; - min-width: 60px; - /* min-height: 0.95em; - border-radius: 6px; */ - margin-bottom: 5% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2 { - font-size: 0.9em; - margin-top: -0.45em; - padding-top: 0.45em; - } - - #bkulogin { - min-height: 180px; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /* min-height: 1.05em; - border-radius: 7px; */ - margin-bottom: 10%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.0em; - margin-top: -0.50em; - padding-top: 0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.9em; - /* min-height: 1.2em; - border-radius: 8px; */ - margin-bottom: 10%; - max-width: 80px; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.1em; - margin-top: -0.55em; - padding-top: 0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 1.0em; - /* min-height: 1.3em; - border-radius: 10px; */ - margin-bottom: 10%; - max-width: 85px; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2 { - font-size: 1.3em; - margin-top: -0.65em; - padding-top: 0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - position: relative; - top: 50%; - } - - #stork h2 { - font-size: 0.9em; - margin-bottom: 2%; - } - - #bkulogin { - min-width: 190px; - min-height: 170px; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - input[type=button] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - /*margin-bottom: 10px;*/ - /* margin-top: 5px; */ - } - - #mandateLogin { - padding-bottom: 4%; - padding-top: 4%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-bottom: 4%; - /*padding-top: 4%;*/ - position: relative; - clear: both; - text-align: center; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - -/* input[type=button], .sendButton { - background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } - -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: #BUTTON_COLOR#; */ - /*border: 0px;*/ - display: inline-block; - - } - - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - /*text-decoration: underline;*/ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - #ssoSessionTransferBlock { - font-size: 0.8em; - margin-left: 5px; - margin-bottom: 5px; - } - - </style> -<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> -<script type="text/javascript"> - function isIE() { - return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); - } - function isFullscreen() { - try { - return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); - } catch (e) { - return false; - } - } - function isActivexEnabled() { - var supported = null; - try { - supported = !!new ActiveXObject("htmlfile"); - } catch (e) { - supported = false; - } - return supported; - } - function isMetro() { - if (!isIE()) - return false; - return !isActivexEnabled() && isFullscreen(); - } - window.onload=function() { - document.getElementById("localBKU").style.display="block"; - return; - } - function bkuLocalClicked() { - setMandateSelection(); - } - - function bkuOnlineClicked() { - if (isMetro()) - document.getElementById("metroDetected").style.display="block"; - document.getElementById("localBKU").style.display="block"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function bkuHandyClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#HANDY#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function storkClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var ccc = "AT"; - var countrySelection = document.getElementById("cccSelection"); - if (countrySelection != null) { - ccc = document.getElementById("cccSelection").value; - } - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; - iFrameURL += "&CCC=" + ccc; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function generateIFrame(iFrameURL) { - var el = document.getElementById("bkulogin"); - var width = el.clientWidth; - var heigth = el.clientHeight - 20; - var parent = el.parentNode; - - iFrameURL += "&heigth=" + heigth; - iFrameURL += "&width=" + width; - - var iframe = document.createElement("iframe"); - iframe.setAttribute("src", iFrameURL); - iframe.setAttribute("width", el.clientWidth - 1); - iframe.setAttribute("height", el.clientHeight - 1); - iframe.setAttribute("frameborder", "0"); - iframe.setAttribute("scrolling", "no"); - iframe.setAttribute("title", "Login"); - parent.replaceChild(iframe, el); - } - function setMandateSelection() { - document.getElementById("moaidform").action = "#AUTH_URL#"; - document.getElementById("useMandate").value = "false"; - var checkbox = document.getElementById("mandateCheckBox"); - if (checkbox != null) { - if (document.getElementById("mandateCheckBox").checked) { - document.getElementById("useMandate").value = "true"; - } - } - } - function onChangeChecks() { - if (self.innerWidth < 650) { - document.getElementById("moaidform").setAttribute("target","_parent"); - } else { - document.getElementById("moaidform").removeAttribute("target"); - } - - } - - function checkIfBrowserSupportsJava(){ - console.log("Browser is Chrome: "+checkIfBrowserIsChrome()); - console.log("Browser is Safari: "+checkIfBrowserIsSafari()); - console.log("Browser is Edge: "+checkIfBrowserIsEdge()); - - var cnt = 0; - - if(checkIfBrowserIsChrome())cnt++; - if(checkIfBrowserIsEdge())cnt++; - if(checkIfBrowserIsSafari())cnt++; - - if(cnt==0 || cnt>1)//cnt>1 means perhaps wrong detection - return true; - - var image = document.getElementById("bkuimage"); - var srcatt = image.getAttribute("src"); - var last = srcatt.substring(srcatt.lastIndexOf('/')+1); - srcatt = srcatt.replace(last,'online-bku-deactivated.png'); - image.setAttribute("src",srcatt); - - - var button = document.getElementsByName("bkuButtonOnline")[0]; - button.setAttribute("class","browserInfoButton"); - button.setAttribute("title","Java wird nicht unterstützt, klicken für mehr Informationen."); - button.setAttribute("onClick","alert('Java wird von Ihrem Browser nicht unterstützt, ist jedoch für den Betrieb der Online Bürgerkartenumgebung notwendig.\\nWollen Sie dennoch die Online Bürgerkartenumgebung verwenden, wird zur Zeit Java noch von Firefox und MS Internet Explorer unterstützt. \\nAlternativ koennen Sie auch eine lokale Bürgerkartenumgebung verwenden, verfügbar unter www.buergerkarte.at.');"); - - return false; - - } - function checkIfBrowserIsChrome(){ - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = false; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && webstore_defined; - } - function checkIfBrowserIsEdge(){//edge also defines the chrome object, but not the webapp - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = true; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && !webstore_defined; - } - function checkIfBrowserIsSafari(){ - var cond1 = Object.prototype.toString.call(window.HTMLElement).indexOf('Constructor') > 0; - return cond1; - } -/* function setSSOSelection() { - document.getElementById("useSSO").value = "false"; - var checkbox = document.getElementById("SSOCheckBox"); - if (checkbox != null) { - if (document.getElementById("SSOCheckBox").checked) { - document.getElementById("useSSO").value = "true"; - } - } - } */ - -/* function checkMandateSSO() { - var sso = document.getElementById("SSOCheckBox"); - var mandate = document.getElementById("mandateCheckBox"); - - - if (sso.checked && mandate.checked) { - alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!") - mandate.checked = false; - sso.checked = false; - return true; - } else { - return false; - } - } */ - </script> -<title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title> -</head> -<body onload="onChangeChecks();checkIfBrowserSupportsJava();" onresize="onChangeChecks();"> - <div id="page"> - <div id="page1" class="case selected-case" role="main"> - <h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2> - <div id="main"> - <div id="leftcontent" class="hell" role="application"> - <div id="bku_header" class="dunkel"> - <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> - </div> - <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style="#MANDATEVISIBLE#"> - <div> - <input tabindex="1" type="checkbox" name="Mandate" - id="mandateCheckBox" class="verticalcenter" role="checkbox" - onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#> - <label for="mandateCheckBox" class="verticalcenter">in - Vertretung anmelden</label> - <!--a href="info_mandates.html" - target="_blank" - class="infobutton verticalcenter" - tabindex="5">i</a--> - </div> - </div> - <div id="bkuselectionarea"> - <div id="bkukarte"> - <img id="bkuimage" class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png" - alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" - onClick="bkuOnlineClicked();" tabindex="2" role="button" - value="Karte" /> - </div> - <div id="bkuhandy"> - <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png" - alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" - onClick="bkuHandyClicked();" tabindex="3" role="button" - value="HANDY" /> - </div> - </div> - <div id="localBKU"> - <form method="get" id="moaidform" action="#AUTH_URL#" - class="verticalcenter" target="_parent"> - <input type="hidden" name="bkuURI" value="#LOCAL#"> <input - type="hidden" name="useMandate" id="useMandate"> <input - type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="ccc" id="ccc"> <input type="hidden" - name="MODUL" value="#MODUL#"> <input type="hidden" - name="ACTION" value="#ACTION#"> <input type="hidden" - name="MOASessionID" value="#SESSIONID#"> - <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();"> - </form> - </div> - - <!-- Single Sign-On Session transfer functionality --> - <!--div id="ssoSessionTransferBlock"> - <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> - </div--> - - <div id="stork" align="center" style="#STORKVISIBLE#"> - <h2 id="tabheader" class="dunkel">Home Country Selection</h2> - <p> - <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" > - #PEPSLIST# - </select> - <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button> - <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a> - </p> - </div> - - <div id="metroDetected" style="display: none"> - <p>Anscheinend verwenden Sie Internet Explorer im - Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den - Optionen um die Karten-Anmeldung starten zu können.</p> - </div> - </div> - </div> - </div> - </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> <img - style="border: 0; width: 88px; height: 31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> - </a> <a href="http://jigsaw.w3.org/css-validator/"> <img - style="border: 0; width: 88px; height: 31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> - </div> -</body> -</html> diff --git a/id/server/idserverlib/src/main/resources/resources/templates/redirectForm.html b/id/server/idserverlib/src/main/resources/resources/templates/redirectForm.html deleted file mode 100644 index 9bddee931..000000000 --- a/id/server/idserverlib/src/main/resources/resources/templates/redirectForm.html +++ /dev/null @@ -1,13 +0,0 @@ -<html> -<head> -<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> -<script type="text/javascript"> - </script> -</head> - - -<body onload="document.getElementById('link').click();"> - <a href="#URL#" target="#TARGET#" id="link">CLICK to perform a - redirect back to Online Application</a> -</body> -</html> diff --git a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html deleted file mode 100644 index 07d018a94..000000000 --- a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html +++ /dev/null @@ -1,617 +0,0 @@ -<!DOCTYPE html> -<html> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> - <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.7em; - border-radius: 5px; - } - - #bkuselectionarea button { - font-size: 0.85em; - border-radius: 7px; - margin-bottom: 25px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 440px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - padding-bottom: 15px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #selectArea h3 { - margin-bottom: 25px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 100px; - height: 30px; - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px;*/ - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 90px; - margin-bottom: 10px; - } - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - min-height: 1.2em; - border-radius: 5px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.8em; - min-width: 65px; - min-height: 1.3em; - /* border-radius: 5px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.8em; - margin-top: -0.4em; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - - #localBKU input { - font-size: 0.85em; - min-width: 80px; - min-height: 0.95em; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.85em; - min-width: 70px; - min-height: 0.95em; - /* border-radius: 6px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.9em; - margin-top: -0.45em; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.0em; - min-height: 1.05em; - /* border-radius: 7px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.0em; - margin-top: -0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.1em; - min-height: 1.2em; - /* border-radius: 8px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.1em; - margin-top: -0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.3em; - margin-top: -0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - min-width: 190px; -/* min-height: 190px; */ - vertical-align: middle; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - padding-top: 1%; - position: relative; - top: 50%; - } - - #bkulogin { - min-width: 190px; - min-height: 150px; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 70%; - height: 11%; - min-width: 60px; - min-height: 25px; - } - - #selectArea h3 { - margin-top: 2%; - } - - button { - height: 11%; - width: 70%; - } - } - - * { - margin: 0; - padding: 0; -/* border: 0; */ - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - margin-bottom: 10px; - margin-top: 5px; - } - - #mandateLogin { - padding-bottom: 2%; - padding-top: 2%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin > div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-left: 5%; - padding-right: 2%; - padding-bottom: 2%; - position: relative; - clear: both; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - - button, .sendButton { -/* background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: 3px 3px 3px #222222; */ - } - - button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { -/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: -1px -1px 3px #222222; */ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - </style> - - - <title>Anmeldung an Online-Applikation</title> -</head> - - -<body> - <div id="page"> - - <div id="page1" class="case selected-case" role="main"> - -<!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> --> - - <div id="main"> - <div id="leftcontent" class="hell"> - <div id="bku_header" class="dunkel"> - <h2 id="tabheader" class="dunkel" role="heading"> - Anmeldeinformationen: - </h2> - </div> - - <div id="selectArea" class="hell" role="application"> - <h3>Anmeldung an: #OAName#</h3> - -<!-- <div class="hell"> --> - <div id="leftbutton"> - <form method="post" id="moaidform_yes" action="#URL#"> - <input type="hidden" name="value" value="true"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button"> - </form> - </div> - <div id="rightbutton"> - <form method="post" id="moaidform_no" action="#URL#"> - <input type="hidden" name="value" value="false"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button"> - </form> - </div> - - </div> - </div> - </div> - </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> - <img style="border:0;width:88px;height:31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" - alt="HTML5 ist valide!" /> - </a> - <a href="http://jigsaw.w3.org/css-validator/"> - <img style="border:0;width:88px;height:31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> - </div> -</body> -</html> diff --git a/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html b/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html deleted file mode 100644 index a9d73e0d3..000000000 --- a/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html +++ /dev/null @@ -1,464 +0,0 @@ -<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> -<head> - <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> - - <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - /*border: 1px solid rgb(0,0,0);*/ - } - - #leftcontent { - width: 300px; - margin-top: 30px; - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - - } - - input[type=button] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - -/* input[type=button], .sendButton { - background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } - -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: #BUTTON_COLOR#; */ - border: 0px; - display: inline-block; - - } - - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - text-decoration: underline; - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - #alert { - margin: 100px 250px; - font-family: Verdana, Arial, Helvetica, sans-serif; - font-size: 14px; - font-weight: normal; - color: red; - } - - .reqframe { - /*display: none;*/ - visibility: hidden; - - } - - </style> - - #if($timeoutURL) - <script type="text/javascript"> - function sloTimeOut() { - window.location.href="$timeoutURL"; - - } - function RestartAfterDelay() { - var eDate = null; - var MilliSekZeit = 0; - var SysDatumJetzt = new Date(); - var SysDatumJetztMilli = SysDatumJetzt.getTime(); - - do { - eDate = new Date(); - MilliSekZeit = eDate.getTime(); - - } while ((MilliSekZeit-SysDatumJetztMilli) < $timeout); - - sloTimeOut(); - } - - </script> - #end - - <title>Single LogOut Vorgang ... </title> -</head> - -#if($timeoutURL) - <body onload='setTimeout(sloTimeOut, $timeout);'> -#else - <body> -#end - <noscript> - <p> - <strong>Note:</strong> Since your browser does not support - JavaScript, you must press the Continue button once to proceed. - </p> - </noscript> - - <div id="page"> - <div id="page1" class="case selected-case" role="main"> - <h2 class="OA_header" role="heading">MOA-ID Single LogOut Information</h2> - <div id="main"> - <div id="leftcontent" class="hell" role="application"> - - #if($errorMsg) - <div class="alert"> - <p>$errorMsg</p> - </div> - #end - - #if($successMsg) - <div> - <p>$successMsg</p> - </div> - #end - - #if($redirectURLs) - <div> - <p> - Sie werden von allen Online-Applikationen abgemeldet. <br> - Dieser Vorgang kann einige Zeit in Anspruch nehmen. - </p> - </div> - #end - - </div> - </div> - </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> <img - style="border: 0; width: 88px; height: 31px" - src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> - </a> <a href="http://jigsaw.w3.org/css-validator/"> <img - style="border: 0; width: 88px; height: 31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> - </div> - - - #foreach( $el in $redirectURLs ) - <iframe src=$el class="reqframe"></iframe> - #end -</body> -</html>
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java new file mode 100644 index 000000000..66dffe311 --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java @@ -0,0 +1,264 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.module.test; + +import java.util.Collection; + +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; + +/** + * @author tlenz + * + */ +public class TestRequestImpl implements IRequest { + + private String processInstanceID = null; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedModule() + */ + @Override + public String requestedModule() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedAction() + */ + @Override + public String requestedAction() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getOAURL() + */ + @Override + public String getOAURL() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#isPassiv() + */ + @Override + public boolean isPassiv() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#forceAuth() + */ + @Override + public boolean forceAuth() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getGenericData(java.lang.String) + */ + @Override + public Object getGenericData(String key) { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getGenericData(java.lang.String, java.lang.Class) + */ + @Override + public <T> T getGenericData(String key, Class<T> clazz) { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setGenericDataToSession(java.lang.String, java.lang.Object) + */ + @Override + public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { + // TODO Auto-generated method stub + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestID() + */ + @Override + public String getRequestID() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getMOASessionIdentifier() + */ + @Override + public String getMOASessionIdentifier() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getUniqueTransactionIdentifier() + */ + @Override + public String getUniqueTransactionIdentifier() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getUniqueSessionIdentifier() + */ + @Override + public String getUniqueSessionIdentifier() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getProcessInstanceId() + */ + @Override + public String getProcessInstanceId() { + return processInstanceID; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getAuthURL() + */ + @Override + public String getAuthURL() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getAuthURLWithOutSlash() + */ + @Override + public String getAuthURLWithOutSlash() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#isNeedAuthentication() + */ + @Override + public boolean isNeedAuthentication() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#needSingleSignOnFunctionality() + */ + @Override + public boolean needSingleSignOnFunctionality() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setNeedSingleSignOnFunctionality(boolean) + */ + @Override + public void setNeedSingleSignOnFunctionality(boolean needSSO) { + // TODO Auto-generated method stub + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#isAuthenticated() + */ + @Override + public boolean isAuthenticated() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setAuthenticated(boolean) + */ + @Override + public void setAuthenticated(boolean isAuthenticated) { + // TODO Auto-generated method stub + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getOnlineApplicationConfiguration() + */ + @Override + public IOAAuthParameters getOnlineApplicationConfiguration() { + // TODO Auto-generated method stub + return null; + } + + /** + * @param processInstanceID the processInstanceID to set + */ + public void setProcessInstanceID(String processInstanceID) { + this.processInstanceID = processInstanceID; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#isAbortedByUser() + */ + @Override + public boolean isAbortedByUser() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setAbortedByUser(boolean) + */ + @Override + public void setAbortedByUser(boolean isAborted) { + // TODO Auto-generated method stub + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestedAttributes() + */ + @Override + public Collection<String> getRequestedAttributes() { + // TODO Auto-generated method stub + return null; + } + + + +} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java index 7288ae2b2..2cb2a3278 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java @@ -1,30 +1,32 @@ package at.gv.egovernment.moa.id.process.spring.test; -import static at.gv.egovernment.moa.id.process.ProcessInstanceState.*; -import static org.junit.Assert.*; +import static at.gv.egovernment.moa.id.process.ProcessInstanceState.NOT_STARTED; +import static at.gv.egovernment.moa.id.process.ProcessInstanceState.SUSPENDED; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; import java.io.IOException; import java.io.InputStream; import java.util.Properties; import org.hibernate.cfg.Configuration; -import org.junit.BeforeClass; +import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.module.test.TestRequestImpl; import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException; import at.gv.egovernment.moa.id.process.ProcessEngine; import at.gv.egovernment.moa.id.process.ProcessEngineImpl; import at.gv.egovernment.moa.id.process.ProcessExecutionException; import at.gv.egovernment.moa.id.process.ProcessInstance; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; import at.gv.egovernment.moa.id.process.spring.SpringExpressionEvaluator; /** @@ -34,25 +36,34 @@ import at.gv.egovernment.moa.id.process.spring.SpringExpressionEvaluator; * */ @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration +@ContextConfiguration("/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml") public class SpringExpressionAwareProcessEngineTest { + @Autowired private static ProcessEngine pe; + @Autowired private ApplicationContext applicationContext; - private static ProcessEngine pe; + private boolean isInitialized = false; - @BeforeClass - public static void init() throws IOException, ProcessDefinitionParserException { + @Before + public void init() throws IOException, ProcessDefinitionParserException { - pe = new ProcessEngineImpl(); - ((ProcessEngineImpl) pe).setTransitionConditionExpressionEvaluator(new SpringExpressionEvaluator()); - try (InputStream in = SpringExpressionAwareProcessEngineTest.class.getResourceAsStream("SampleProcessDefinitionWithExpression1.xml")) { - ((ProcessEngineImpl) pe).registerProcessDefinition(in); - } - try (InputStream in = SpringExpressionAwareProcessEngineTest.class.getResourceAsStream("SampleProcessDefinitionForSAML1Authentication.xml")) { - ((ProcessEngineImpl) pe).registerProcessDefinition(in); - } + if (!isInitialized) { + + if (pe == null) { + pe = applicationContext.getBean("processEngine", ProcessEngine.class); + + } + + ((ProcessEngineImpl) pe).setTransitionConditionExpressionEvaluator(new SpringExpressionEvaluator()); + try (InputStream in = SpringExpressionAwareProcessEngineTest.class.getResourceAsStream("SampleProcessDefinitionWithExpression1.xml")) { + ((ProcessEngineImpl) pe).registerProcessDefinition(in); + } + try (InputStream in = SpringExpressionAwareProcessEngineTest.class.getResourceAsStream("SampleProcessDefinitionForSAML1Authentication.xml")) { + ((ProcessEngineImpl) pe).registerProcessDefinition(in); + } initHibernateForTesting(); + } } private static void initHibernateForTesting() throws IOException{ @@ -65,8 +76,8 @@ public class SpringExpressionAwareProcessEngineTest { //ConfigurationDBUtils.initHibernate(props); Configuration config = new Configuration(); config.addProperties(props); - config.addAnnotatedClass(ProcessInstanceStore.class); - config.addAnnotatedClass(InterfederationSessionStore.class); + //config.addAnnotatedClass(ProcessInstanceStore.class); + config.addAnnotatedClass(AssertionStore.class); MOASessionDBUtils.initHibernate(config, props); } catch (Exception e) { e.printStackTrace(); @@ -77,30 +88,44 @@ public class SpringExpressionAwareProcessEngineTest { @Test public void testSampleProcessDefinitionWithExpression1() throws IOException, ProcessDefinitionParserException, ProcessExecutionException { + TestRequestImpl req = new TestRequestImpl(); + String piId = pe.createProcessInstance("SampleProcessWithExpression1"); ProcessInstance pi = pe.getProcessInstance(piId); assertEquals(NOT_STARTED, pi.getState()); // start process - pe.start(piId); - pi = pe.getProcessInstance(piId); - assertEquals(ENDED, pi.getState()); + req.setProcessInstanceID(piId); + pe.start(req); + + //processInstance should be removed when it ends + try { + pi = pe.getProcessInstance(piId); + throw new ProcessExecutionException("ProcessInstance should be removed already, but it was found."); + //assertEquals(ENDED, pi.getState()); + + } catch (IllegalArgumentException e) { + // do nothing because processInstance should be already removed + + } } @Test public void testSampleProcessDefinitionForSAML1Authentication() throws IOException, ProcessDefinitionParserException, ProcessExecutionException { + TestRequestImpl req = new TestRequestImpl(); + String piId = pe.createProcessInstance("SampleProcessDefinitionForSAML1Authentication"); ProcessInstance pi = pe.getProcessInstance(piId); assertEquals(NOT_STARTED, pi.getState()); // start process - pe.start(piId); - pi = pe.getProcessInstance(piId); - assertEquals(ENDED, pi.getState()); - + req.setProcessInstanceID(piId); + pe.start(req); pi = pe.getProcessInstance(piId); + assertEquals(SUSPENDED, pi.getState()); + ExecutionContext ec = pi.getExecutionContext(); assertNotNull(ec); System.out.println(ec.keySet()); @@ -111,6 +136,20 @@ public class SpringExpressionAwareProcessEngineTest { assertNotNull(ec.get("SignedAuthBlock")); assertNotNull(ec.get("isSignedAuthBlockValidated")); assertNotNull(ec.get("SAML1Assertion")); + + pe.signal(req); + try { + pi = pe.getProcessInstance(piId); + throw new ProcessExecutionException("ProcessInstance should be removed already, but it was found."); + //assertEquals(ENDED, pi.getState()); + + } catch (IllegalArgumentException e) { + // do nothing because processInstance should be already removed + + } + + + } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java index ebda3c5c3..54515ab8e 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java @@ -8,8 +8,10 @@ import java.util.Objects; import org.apache.commons.io.IOUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -34,12 +36,13 @@ import at.gv.egovernment.moa.id.process.api.Task; * @author tknall * */ +@Service("CreateSAML1AssertionTask") public class CreateSAML1AssertionTask implements Task { private Logger log = LoggerFactory.getLogger(getClass()); @Override - public void execute(ExecutionContext executionContext) throws TaskExecutionException { + public IRequest execute(IRequest penReq, ExecutionContext executionContext) throws TaskExecutionException { Objects.requireNonNull(executionContext.get("IdentityLink")); assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated")))); Objects.requireNonNull(executionContext.get("SignedAuthBlock")); @@ -51,9 +54,10 @@ public class CreateSAML1AssertionTask implements Task { executionContext.put("SAML1Assertion", IOUtils.toString(in, Charset.forName("UTF-8"))); } catch (IOException e) { - throw new TaskExecutionException("", e); + throw new TaskExecutionException(null, "", e); } + return null; } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java index bd08ec6a1..266878d7e 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java @@ -8,8 +8,10 @@ import java.util.Objects; import org.apache.commons.io.IOUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -33,12 +35,13 @@ import at.gv.egovernment.moa.id.process.api.Task; * @author tknall * */ +@Service("GetIdentityLinkTask") public class GetIdentityLinkTask implements Task { private Logger log = LoggerFactory.getLogger(getClass()); @Override - public void execute(ExecutionContext executionContext) throws TaskExecutionException { + public IRequest execute(IRequest penReq, ExecutionContext executionContext) throws TaskExecutionException { Objects.requireNonNull(executionContext.get("bkuURL")); log.debug("Using bkuURL in order to retrieve IdentityLink."); @@ -47,8 +50,10 @@ public class GetIdentityLinkTask implements Task { executionContext.put("IdentityLink", IOUtils.toString(in, Charset.forName("UTF-8"))); } catch (IOException e) { - throw new TaskExecutionException("", e); + throw new TaskExecutionException(null, "", e); } + + return null; } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java index 54195ec91..915cb3b1e 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java @@ -2,7 +2,9 @@ package at.gv.egovernment.moa.id.process.spring.test.task; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -20,14 +22,16 @@ import at.gv.egovernment.moa.id.process.api.Task; * @author tknall * */ +@Service("SelectBKUTask") public class SelectBKUTask implements Task { private Logger log = LoggerFactory.getLogger(getClass()); @Override - public void execute(ExecutionContext executionContext) { + public IRequest execute(IRequest penReq, ExecutionContext executionContext) { log.debug("Providing BKU selection."); executionContext.put("bkuURL", "https://127.0.0.1:3496/https-security-layer-request"); + return null; } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java index 8f9b72cea..41ccb4451 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java @@ -8,8 +8,10 @@ import java.util.Objects; import org.apache.commons.io.IOUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -35,12 +37,13 @@ import at.gv.egovernment.moa.id.process.api.Task; * @author tknall * */ +@Service("SignAuthBlockTask") public class SignAuthBlockTask implements Task { private Logger log = LoggerFactory.getLogger(getClass()); @Override - public void execute(ExecutionContext executionContext) throws TaskExecutionException { + public IRequest execute(IRequest penReq, ExecutionContext executionContext) throws TaskExecutionException { Objects.requireNonNull(executionContext.get("IdentityLink")); assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated")))); Objects.requireNonNull(executionContext.get("bkuURL")); @@ -49,9 +52,10 @@ public class SignAuthBlockTask implements Task { try (InputStream in = getClass().getResourceAsStream("SignedAuthBlock.xml")) { executionContext.put("SignedAuthBlock", IOUtils.toString(in, Charset.forName("UTF-8"))); } catch (IOException e) { - throw new TaskExecutionException("", e); - + throw new TaskExecutionException(null, "", e); + } + return null; } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java index a8e7df3d7..818e8b479 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java @@ -4,7 +4,9 @@ import java.util.Objects; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -26,17 +28,19 @@ import at.gv.egovernment.moa.id.process.api.Task; * @author tknall * */ +@Service("ValidateIdentityLinkTask") public class ValidateIdentityLinkTask implements Task { private Logger log = LoggerFactory.getLogger(getClass()); @Override - public void execute(ExecutionContext executionContext) { + public IRequest execute(IRequest penReq, ExecutionContext executionContext) { Objects.requireNonNull(executionContext.get("IdentityLink")); log.debug("Validating IdentityLink."); executionContext.put("isIdentityLinkValidated", true); + return null; } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java index cece373d4..2ee67ec27 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java @@ -4,8 +4,10 @@ import java.util.Objects; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -29,12 +31,13 @@ import at.gv.egovernment.moa.id.process.api.Task; * @author tknall * */ +@Service("ValidateSignedAuthBlockTask") public class ValidateSignedAuthBlockTask implements Task { private Logger log = LoggerFactory.getLogger(getClass()); @Override - public void execute(ExecutionContext executionContext) throws TaskExecutionException { + public IRequest execute(IRequest penReq, ExecutionContext executionContext) throws TaskExecutionException { Objects.requireNonNull(executionContext.get("IdentityLink")); assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated")))); Objects.requireNonNull(executionContext.get("SignedAuthBlock")); @@ -42,6 +45,7 @@ public class ValidateSignedAuthBlockTask implements Task { log.debug("Using validated IdentityLink and signed auth block in order to validate signed auth block."); executionContext.put("isSignedAuthBlockValidated", true); + return null; } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HalloWeltTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HalloWeltTask.java index d05200ee8..1f77eadbc 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HalloWeltTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HalloWeltTask.java @@ -1,5 +1,8 @@ package at.gv.egovernment.moa.id.process.test; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -9,11 +12,13 @@ import at.gv.egovernment.moa.id.process.api.Task; * @author tknall * */ +@Service("HalloWeltTask") public class HalloWeltTask implements Task { @Override - public void execute(ExecutionContext executionContext) { + public IRequest execute(IRequest pendingReq, ExecutionContext executionContext) { System.out.println("Hallo Welt"); + return null; } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HelloWorldTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HelloWorldTask.java index e79bb8198..bc640e97a 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HelloWorldTask.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HelloWorldTask.java @@ -1,5 +1,8 @@ package at.gv.egovernment.moa.id.process.test; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.process.api.Task; @@ -9,11 +12,13 @@ import at.gv.egovernment.moa.id.process.api.Task; * @author tknall * */ +@Service("HelloWorldTask") public class HelloWorldTask implements Task { @Override - public void execute(ExecutionContext executionContext) { + public IRequest execute(IRequest pendingReq, ExecutionContext executionContext) { System.out.println("Hello World"); + return null; } } diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java index fa9f2ad06..a7e351e25 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java @@ -1,51 +1,66 @@ package at.gv.egovernment.moa.id.process.test; -import static at.gv.egovernment.moa.id.process.ProcessInstanceState.*; -import static org.junit.Assert.*; +import static at.gv.egovernment.moa.id.process.ProcessInstanceState.NOT_STARTED; +import static at.gv.egovernment.moa.id.process.ProcessInstanceState.SUSPENDED; +import static org.junit.Assert.assertEquals; import java.io.IOException; import java.io.InputStream; import java.util.Properties; import org.hibernate.cfg.Configuration; -import org.junit.BeforeClass; +import org.junit.Before; import org.junit.Test; - +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.module.test.TestRequestImpl; import at.gv.egovernment.moa.id.process.ProcessDefinitionParser; import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException; import at.gv.egovernment.moa.id.process.ProcessEngine; import at.gv.egovernment.moa.id.process.ProcessEngineImpl; import at.gv.egovernment.moa.id.process.ProcessExecutionException; import at.gv.egovernment.moa.id.process.ProcessInstance; -import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml") public class ProcessEngineTest { - private static ProcessEngine pe; - - @BeforeClass - public static void init() throws IOException, ProcessDefinitionParserException { - - ProcessDefinitionParser pdp = new ProcessDefinitionParser(); + @Autowired private static ProcessEngine pe; - pe = new ProcessEngineImpl(); - - ((ProcessEngineImpl) pe).setTransitionConditionExpressionEvaluator(new BooleanStringExpressionEvaluator()); - try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition1.xml")) { - ((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in)); - } - try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition2.xml")) { - ((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in)); + @Autowired private ApplicationContext applicationContext; + + private boolean isInitialized = false; + + @Before + public void init() throws IOException, ProcessDefinitionParserException { + + if (!isInitialized) { + ProcessDefinitionParser pdp = new ProcessDefinitionParser(); + + if (pe == null) { + pe = applicationContext.getBean("processEngine", ProcessEngine.class); + + } + + ((ProcessEngineImpl) pe).setTransitionConditionExpressionEvaluator(new BooleanStringExpressionEvaluator()); + try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition1.xml")) { + ((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in)); + } + try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition2.xml")) { + ((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in)); + } + + initHibernateForTesting(); + isInitialized = true; } - - initHibernateForTesting(); } - - + private static void initHibernateForTesting() throws IOException{ InputStream in = ProcessEngineTest.class.getResourceAsStream("/at/gv/egovernment/moa/id/process/hibernate.configuration.test.properties"); @@ -56,8 +71,8 @@ public class ProcessEngineTest { //ConfigurationDBUtils.initHibernate(props); Configuration config = new Configuration(); config.addProperties(props); - config.addAnnotatedClass(ProcessInstanceStore.class); - config.addAnnotatedClass(InterfederationSessionStore.class); + //config.addAnnotatedClass(ProcessInstanceStore.class); + config.addAnnotatedClass(AssertionStore.class); MOASessionDBUtils.initHibernate(config, props); } catch (Exception e) { e.printStackTrace(); @@ -66,38 +81,62 @@ public class ProcessEngineTest { @Test public void testSampleProcess1() throws IOException, ProcessDefinitionParserException, ProcessExecutionException { - + + TestRequestImpl testReq = new TestRequestImpl(); + String piId = pe.createProcessInstance("SampleProcess1"); ProcessInstance pi = pe.getProcessInstance(piId); assertEquals(NOT_STARTED, pi.getState()); // start process - pe.start(piId); + testReq.setProcessInstanceID(piId); + pe.start(testReq); pi = pe.getProcessInstance(piId); assertEquals(SUSPENDED, pi.getState()); System.out.println("Do something asynchronously"); - pe.signal(piId); - pi = pe.getProcessInstance(piId); - assertEquals(ENDED, pi.getState()); + testReq.setProcessInstanceID(piId); + pe.signal(testReq); + try { + pi = pe.getProcessInstance(piId); + throw new ProcessExecutionException("ProcessInstance should be removed already, but it was found."); + //assertEquals(ENDED, pi.getState()); + + } catch (IllegalArgumentException e) { + // do nothing because processInstance should be already removed + + } } @Test public void testSampleProcess2() throws IOException, ProcessDefinitionParserException, ProcessExecutionException { + TestRequestImpl testReq = new TestRequestImpl(); + String piId = pe.createProcessInstance("SampleProcess2"); ProcessInstance pi = pe.getProcessInstance(piId); assertEquals(NOT_STARTED, pi.getState()); // start process - pe.start(piId); + testReq.setProcessInstanceID(piId); + pe.start(testReq); pi = pe.getProcessInstance(piId); assertEquals(SUSPENDED, pi.getState()); System.out.println("Do something asynchronously"); - pe.signal(piId); - pi = pe.getProcessInstance(piId); - assertEquals(ENDED, pi.getState()); + testReq.setProcessInstanceID(piId); + pe.signal(testReq); + try { + pi = pe.getProcessInstance(piId); + throw new ProcessExecutionException("ProcessInstance should be removed already, but it was found."); + //assertEquals(ENDED, pi.getState()); + + } catch (IllegalArgumentException e) { + // do nothing because processInstance should be already removed + + } + + } @Test(expected = IllegalArgumentException.class) diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/UnitTestCase.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/UnitTestCase.java index a645aa5a2..a05159c27 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/UnitTestCase.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/UnitTestCase.java @@ -46,10 +46,9 @@ package test.at.gv.egovernment.moa.id; +import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider; import test.MOAIDTestCase; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; - /** * Base class for MOA ID test cases. * diff --git a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java index fd1473b1f..2c80b7ffd 100644 --- a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java +++ b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java @@ -1,7 +1,11 @@ package test.tlenz; +import java.io.File; import java.io.FileInputStream; import java.io.InputStream; +import java.io.ObjectInputStream; +import java.net.URI; +import java.net.URISyntaxException; import org.w3c.dom.Element; @@ -58,6 +62,46 @@ import at.gv.egovernment.moa.util.DOMUtils; public class simpletest { // public static void main(String[] args) { + + + URI fileURI = null; + try { + fileURI = new URI("file:c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); + File propertiesFile = new File(fileURI); + + InputStream in = new FileInputStream(propertiesFile); + ObjectInputStream testOIS = new ObjectInputStream(in); + + Object test = testOIS.readObject(); + + + } catch (Exception e1) { + e1.printStackTrace(); + } + + try { + fileURI = new URI("file:/c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); + File propertiesFile = new File(fileURI); + } catch (Exception e1) { + e1.printStackTrace(); + } + + try { + fileURI = new URI("file://c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); + File propertiesFile = new File(fileURI); + } catch (Exception e1) { + e1.printStackTrace(); + } + + try { + fileURI = new URI("file:///c:/moa3/tomcat8/conf/moa-id/moa-id.properties"); + File propertiesFile = new File(fileURI); + } catch (Exception e1) { + e1.printStackTrace(); + } + + + try { InputStream s = new FileInputStream("D:/idl_test/identity_link.xml"); Element idlTemplate = DOMUtils.parseXmlValidating(s); diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml index 764ad6405..3ccc837fd 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml @@ -5,37 +5,39 @@ <!-- returns String 'bkuURL' --> - <pd:Task id="bkuSelectionTask" class="at.gv.egovernment.moa.id.process.spring.test.task.SelectBKUTask" /> + <pd:Task id="bkuSelectionTask" class="SelectBKUTask" /> <!-- requires 'bkuURL' returns String 'IdentityLink' --> - <pd:Task id="getIdentityLinkTask" class="at.gv.egovernment.moa.id.process.spring.test.task.GetIdentityLinkTask" /> + <pd:Task id="getIdentityLinkTask" class="GetIdentityLinkTask" /> <!-- requires 'IdentityLink' returns Boolean 'isIdentityLinkValidated' --> - <pd:Task id="validateIdentityLinkTask" class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateIdentityLinkTask" /> + <pd:Task id="validateIdentityLinkTask" class="ValidateIdentityLinkTask" /> <!-- requires 'IdentityLink', 'isIdentityLinkValidated', 'bkuURL' returns String 'SignedAuthBlock' --> - <pd:Task id="signAuthBlockTask" class="at.gv.egovernment.moa.id.process.spring.test.task.SignAuthBlockTask" /> + <pd:Task id="signAuthBlockTask" class="SignAuthBlockTask" /> <!-- requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock' returns Boolean 'isSignedAuthBlockValidated' --> - <pd:Task id="validateSignedAuthBlockTask" class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateSignedAuthBlockTask" /> + <pd:Task id="validateSignedAuthBlockTask" class="ValidateSignedAuthBlockTask" /> <!-- requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock', 'isSignedAuthBlockValidated'; returns 'SAML1Assertion' --> - <pd:Task id="createAssertionTask" class="at.gv.egovernment.moa.id.process.spring.test.task.CreateSAML1AssertionTask" /> + <pd:Task id="createAssertionTask" class="CreateSAML1AssertionTask" /> + + <pd:Task id="task2" class="HelloWorldTask" async="true" /> <pd:StartEvent id="start" /> <pd:EndEvent id="end" /> @@ -49,6 +51,8 @@ <pd:Transition from="signAuthBlockTask" to="validateSignedAuthBlockTask" /> <pd:Transition from="validateSignedAuthBlockTask" to="createAssertionTask" conditionExpression="ctx['isSignedAuthBlockValidated']" /> - <pd:Transition from="createAssertionTask" to="end" /> + <pd:Transition from="createAssertionTask" to="task2" /> + + <pd:Transition from="task2" to="end" /> </pd:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml index 9a381d83a..bf47c0445 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml @@ -10,4 +10,34 @@ <bean id="processEngine" class="at.gv.egovernment.moa.id.process.ProcessEngineImpl"> <property name="transitionConditionExpressionEvaluator" ref="springElAwareExpressionEvaluator" /> </bean> + + <bean id="TransactionStorage" + class="at.gv.egovernment.moa.id.storage.DBTransactionStorage"/> + + <bean id="ProcessInstanceStoreage" + class="at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAOImpl"/> + + <bean id="HelloWorldTask" + class="at.gv.egovernment.moa.id.process.test.HelloWorldTask"/> + + <bean id="HalloWeltTask" + class="at.gv.egovernment.moa.id.process.test.HalloWeltTask"/> + + <bean id="SelectBKUTask" + class="at.gv.egovernment.moa.id.process.spring.test.task.SelectBKUTask"/> + + <bean id="CreateSAML1AssertionTask" + class="at.gv.egovernment.moa.id.process.spring.test.task.CreateSAML1AssertionTask"/> + + <bean id="GetIdentityLinkTask" + class="at.gv.egovernment.moa.id.process.spring.test.task.GetIdentityLinkTask"/> + + <bean id="SignAuthBlockTask" + class="at.gv.egovernment.moa.id.process.spring.test.task.SignAuthBlockTask"/> + + <bean id="ValidateIdentityLinkTask" + class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateIdentityLinkTask"/> + + <bean id="ValidateSignedAuthBlockTask" + class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateSignedAuthBlockTask"/> </beans> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml index 95b88ca1a..51554bed4 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml @@ -11,4 +11,6 @@ <bean id="expressionEvaluator" class="at.gv.egovernment.moa.id.process.spring.SpringExpressionEvaluator" /> +<!-- <bean id="TransactionStorage" + class="at.gv.egovernment.moa.id.storage.DBTransactionStorage"/> --> </beans> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_MultipleStartEvents.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_MultipleStartEvents.xml index 17fa17cb4..2f492efa9 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_MultipleStartEvents.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_MultipleStartEvents.xml @@ -7,8 +7,8 @@ <tns:StartEvent id="start1" /> - <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" /> - <tns:Task id="task2" async="true" class="at.gv.egovernment.moa.id.process.test.HalloWeltTask" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" class="HalloWeltTask" /> <tns:Task id="task3" /> <tns:StartEvent id="start2" /> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_NoStartEvents.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_NoStartEvents.xml index 008309e3a..3a5b95273 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_NoStartEvents.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_NoStartEvents.xml @@ -5,7 +5,7 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" /> + <tns:Task id="task1" class="HelloWorldTask" /> <tns:Task id="task2" async="true" /> <tns:EndEvent id="end" /> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionLoop.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionLoop.xml index 14b281192..541f7e2b8 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionLoop.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionLoop.xml @@ -5,7 +5,7 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" /> + <tns:Task id="task1" class="HelloWorldTask" /> <tns:Task id="task2" async="true" /> <tns:StartEvent id="start" /> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml index 1152f3503..4b7a55e47 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml @@ -5,7 +5,7 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" /> + <tns:Task id="task1" class="HelloWorldTask" /> <tns:Task id="task2" async="true" /> <tns:StartEvent id="start" /> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml index 94bd25c9a..795990a19 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml @@ -5,7 +5,7 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" /> + <tns:Task id="task1" class="HelloWorldTask" /> <tns:Task id="task2" async="true" /> <tns:StartEvent id="start" /> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition1.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition1.xml index c161900c5..a564485a3 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition1.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition1.xml @@ -5,7 +5,7 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd "> - <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" /> + <tns:Task id="task1" class="HelloWorldTask" /> <tns:Task id="task2" async="true" /> <tns:StartEvent id="start" /> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition2.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition2.xml index 9e419e124..bf80f7935 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition2.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition2.xml @@ -7,8 +7,8 @@ <tns:StartEvent id="start" /> - <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" /> - <tns:Task id="task2" async="true" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" /> + <tns:Task id="task1" class="HelloWorldTask" /> + <tns:Task id="task2" async="true" class="HelloWorldTask" /> <tns:Task id="task3" /> <tns:EndEvent id="end" /> diff --git a/id/server/legacy-backup/mw-messages-api/.gitignore b/id/server/legacy-backup/mw-messages-api/.gitignore deleted file mode 100644 index ea8c4bf7f..000000000 --- a/id/server/legacy-backup/mw-messages-api/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/target diff --git a/id/server/legacy-backup/mw-messages-api/nb-configuration.xml b/id/server/legacy-backup/mw-messages-api/nb-configuration.xml deleted file mode 100644 index c51afd41b..000000000 --- a/id/server/legacy-backup/mw-messages-api/nb-configuration.xml +++ /dev/null @@ -1,18 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<project-shared-configuration> - <!-- -This file contains additional configuration written by modules in the NetBeans IDE. -The configuration is intended to be shared among all the users of project and -therefore it is assumed to be part of version control checkout. -Without this configuration present, some functionality in the IDE may be limited or fail altogether. ---> - <properties xmlns="http://www.netbeans.org/ns/maven-properties-data/1"> - <!-- -Properties that influence various parts of the IDE, especially code formatting and the like. -You can copy and paste the single properties, into the pom.xml file and the IDE will pick them up. -That way multiple projects can share the same settings (useful for formatting rules for example). -Any value defined here will override the pom.xml file value but is only applicable to the current project. ---> - <netbeans.hint.jdkPlatform>JDK_1.5</netbeans.hint.jdkPlatform> - </properties> -</project-shared-configuration> diff --git a/id/server/legacy-backup/mw-messages-api/pom.xml b/id/server/legacy-backup/mw-messages-api/pom.xml deleted file mode 100644 index 0e930ff52..000000000 --- a/id/server/legacy-backup/mw-messages-api/pom.xml +++ /dev/null @@ -1,65 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>MOA.id</groupId> - <artifactId>mw-messages-api</artifactId> - <packaging>jar</packaging> - <version>2.0</version> - <name>mw-messages-api</name> - <url>http://maven.apache.org</url> - <ciManagement> - <system>hudson</system> - <url>https://vidp.openlimit.com:8120/hudson/job/mw-messages-api/</url> - </ciManagement> - <distributionManagement> - <repository> - <id>central</id> - <name>STORK-releases</name> - <url>https://vidp.openlimit.com:8120/artifactory/libs-release-local</url> - </repository> -</distributionManagement> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <source>1.5</source> - <target>1.5</target> - <encoding>${project.build.sourceEncoding}</encoding> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-resources-plugin</artifactId> - <version>2.4</version> - <configuration> - <encoding>${project.build.sourceEncoding}</encoding> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-checkstyle-plugin</artifactId> - <configuration> - <configLocation>config/sun_checks.xml</configLocation> - </configuration> - </plugin> - - </plugins> - </build> - <dependencies> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>3.8.1</version> - <scope>test</scope> - </dependency> - </dependencies> - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - </properties> -</project> - - - diff --git a/id/server/legacy-backup/mw-messages-api/src/main/java/eu/stork/vidp/api/messages/GetAuthDataRequest.java b/id/server/legacy-backup/mw-messages-api/src/main/java/eu/stork/vidp/api/messages/GetAuthDataRequest.java deleted file mode 100644 index fab637408..000000000 --- a/id/server/legacy-backup/mw-messages-api/src/main/java/eu/stork/vidp/api/messages/GetAuthDataRequest.java +++ /dev/null @@ -1,52 +0,0 @@ -/** - * - */ -package eu.stork.vidp.api.messages; - -/** - * Encapsulates the necessary data for a GetAuthDataRequest to a SPWare - * - * @author bzwattendorfer - * - */ -public class GetAuthDataRequest { - - public GetAuthDataRequest() { - } - String sessionID; - - /** - * Constructs a GetAuthDataRequest object - * @param sessionID SessionID - */ - public GetAuthDataRequest(String sessionID) { - super(); - this.sessionID = sessionID; - } - - /** - * Gets the sessionID - * @return sessionID - */ - public String getSessionID() { - return sessionID; - } - - /** - * Sets the session ID - * @param sessionID sessionID - */ - public void setSessionID(String sessionID) { - this.sessionID = sessionID; - } - - @Override - public String toString() { - StringBuilder builder = new StringBuilder(); - builder.append("GetAuthDataRequest ["); - builder.append("sessionID="); - builder.append(sessionID); - builder.append("]"); - return builder.toString(); - } -} diff --git a/id/server/legacy-backup/mw-messages-api/src/main/java/eu/stork/vidp/api/messages/StartAuthResponse.java b/id/server/legacy-backup/mw-messages-api/src/main/java/eu/stork/vidp/api/messages/StartAuthResponse.java deleted file mode 100644 index df63afa0e..000000000 --- a/id/server/legacy-backup/mw-messages-api/src/main/java/eu/stork/vidp/api/messages/StartAuthResponse.java +++ /dev/null @@ -1,129 +0,0 @@ -/** - * - */ -package eu.stork.vidp.api.messages; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; -import java.util.Arrays; - -/** - * Class encapsulating the HTML content to be returned to the user's browser - * - * @author bzwattendorfer - * - */ -public class StartAuthResponse implements Serializable { - - private int httpStatusCode; - private byte[] content; - private Map<String, String> httpHeaders; - - /** - * Creates a new StartAuthenticationResponse object - * @param httpStatusCode HTTP Status code to be returned to the user's browser - * @param content HTML content to be returned to the user's browser - * @param httpHeaders HTTP headers to be returned to the user's browser - */ - public StartAuthResponse() { - super(); - } - - public StartAuthResponse(int httpStatusCode, byte[] content, - Map<String, String> httpHeaders) { - super(); - this.httpStatusCode = httpStatusCode; - this.content = content; - this.httpHeaders = httpHeaders; - } - - /** - * Creates a new StartAuthenticationResponse object - * @param httpStatusCode HTTP Status code to be returned to the user's browser - * @param content HTML content to be returned to the user's browser - */ - public StartAuthResponse(int httpStatusCode, byte[] content) { - super(); - this.httpStatusCode = httpStatusCode; - this.content = content; - this.httpHeaders = new HashMap<String, String>(); - } - - /** - * Gets the HTTP status code - * @return HTTP status code - */ - public int getHttpStatusCode() { - return httpStatusCode; - } - - /** - * Sets the HTTP status code - * @param httpStatusCode HTTP status code - */ - public void setHttpStatusCode(int httpStatusCode) { - this.httpStatusCode = httpStatusCode; - } - - /** - * Gets the HTML content - * @return HTML content - */ - public byte[] getContent() { - return content; - } - - /** - * Sets the HTML content - * @param content HTML content - */ - public void setContent(byte[] content) { - this.content = content; - } - - /** - * Gets the Map containing the HTTP headers - * @return HTTP header map - */ - public Map<String, String> getHttpHeaders() { - return httpHeaders; - } - - /** - * Sets the Map with HTTP Headers - * @param httpHeaders HTTP Headers Map - */ - public void setHttpHeaders(Map<String, String> httpHeaders) { - this.httpHeaders = httpHeaders; - } - - /** - * Adds a HTTP Header to the Map - * @param key HTTP Header name - * @param value HTTP Header value - */ - public void addHeader(String key, String value) { - } - - /** - * Removes a HTTP Header - * @param key HTTP Header name - */ - public void removeHeader(String key) { - } - - @Override - public String toString() { - StringBuilder builder = new StringBuilder(); - builder.append("StartAuthResponse ["); - builder.append("content="); - builder.append(Arrays.toString(content)); - builder.append(", httpHeaders="); - builder.append(httpHeaders); - builder.append(", httpStatusCode="); - builder.append(httpStatusCode); - builder.append("]"); - return builder.toString(); - } -} diff --git a/id/server/legacy-backup/mw-messages-api/src/test/java/eu/stork/mw/core/mwmessagesapi/AppTest.java b/id/server/legacy-backup/mw-messages-api/src/test/java/eu/stork/mw/core/mwmessagesapi/AppTest.java deleted file mode 100644 index 8845aa855..000000000 --- a/id/server/legacy-backup/mw-messages-api/src/test/java/eu/stork/mw/core/mwmessagesapi/AppTest.java +++ /dev/null @@ -1,38 +0,0 @@ -package eu.stork.mw.core.mwmessagesapi; - -import junit.framework.Test; -import junit.framework.TestCase; -import junit.framework.TestSuite; - -/** - * Unit test for simple App. - */ -public class AppTest - extends TestCase -{ - /** - * Create the test case - * - * @param testName name of the test case - */ - public AppTest( String testName ) - { - super( testName ); - } - - /** - * @return the suite of tests being tested - */ - public static Test suite() - { - return new TestSuite( AppTest.class ); - } - - /** - * Rigourous Test :-) - */ - public void testApp() - { - assertTrue( true ); - } -} diff --git a/id/server/legacy-backup/stork-saml-engine/pom.xml b/id/server/legacy-backup/stork-saml-engine/pom.xml deleted file mode 100644 index 807991b24..000000000 --- a/id/server/legacy-backup/stork-saml-engine/pom.xml +++ /dev/null @@ -1,92 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <parent> - <artifactId>moa-id</artifactId> - <groupId>MOA.id</groupId> - <version>1.9.96-SNAPSHOT</version> - </parent> - <artifactId>stork-saml-engine</artifactId> - <version>1.5.2</version> - <name>STORK SAML Engine</name> - <description>SAML2 related stuff for STORK</description> - - <build> - -<plugins> -<plugin> -<groupId>org.apache.maven.plugins</groupId> -<artifactId>maven-compiler-plugin</artifactId> -<configuration> -<source>1.5</source> -<target>1.5</target> -</configuration> -</plugin> -</plugins> -</build> - - <dependencies> - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>opensaml</artifactId> - <version>2.5.3</version> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>xmltooling</artifactId> - <version>1.3.4</version> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>openws</artifactId> - <version>1.4.4</version> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - </exclusion> - </exclusions> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - <version>1.6.4</version> - <!-- scope>runtime</scope --> - </dependency> - </dependencies> -</project>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/mw/messages/saml/STORKAuthnRequest.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/mw/messages/saml/STORKAuthnRequest.class Binary files differdeleted file mode 100644 index 9da222759..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/mw/messages/saml/STORKAuthnRequest.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/mw/messages/saml/STORKResponse.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/mw/messages/saml/STORKResponse.class Binary files differdeleted file mode 100644 index 5acacce54..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/mw/messages/saml/STORKResponse.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/builder/STORKMessagesBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/builder/STORKMessagesBuilder.class Binary files differdeleted file mode 100644 index 5d1405909..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/builder/STORKMessagesBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/common/STORKBootstrap.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/common/STORKBootstrap.class Binary files differdeleted file mode 100644 index d70732c97..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/common/STORKBootstrap.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/common/STORKConstants.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/common/STORKConstants.class Binary files differdeleted file mode 100644 index 15b6642c7..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/common/STORKConstants.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/exception/SAMLException.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/exception/SAMLException.class Binary files differdeleted file mode 100644 index 8cc0744a7..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/exception/SAMLException.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/exception/SAMLValidationException.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/exception/SAMLValidationException.class Binary files differdeleted file mode 100644 index 9c17ffcab..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/exception/SAMLValidationException.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKAttribute.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKAttribute.class Binary files differdeleted file mode 100644 index 69c7b6a31..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKAttribute.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKAttributeValue.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKAttributeValue.class Binary files differdeleted file mode 100644 index fdba9d899..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKAttributeValue.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKExtensions.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKExtensions.class Binary files differdeleted file mode 100644 index da41434ba..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKExtensions.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKRequestedAttribute.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKRequestedAttribute.class Binary files differdeleted file mode 100644 index 77dd18b84..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/STORKRequestedAttribute.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeBuilder.class Binary files differdeleted file mode 100644 index 94416aff9..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeImpl.class Binary files differdeleted file mode 100644 index 19b719990..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeMarshaller.class Binary files differdeleted file mode 100644 index 854a1c586..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeUnmarshaller.class Binary files differdeleted file mode 100644 index f5c658280..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAttributeUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestBuilder.class Binary files differdeleted file mode 100644 index 398009931..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestImpl.class Binary files differdeleted file mode 100644 index 36839068f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestMarshaller.class Binary files differdeleted file mode 100644 index 7fe176d1a..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestUnmarshaller.class Binary files differdeleted file mode 100644 index 6f83ba3bf..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKAuthnRequestUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsBuilder.class Binary files differdeleted file mode 100644 index ff457bc70..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsImpl.class Binary files differdeleted file mode 100644 index 931bbe347..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsMarshaller.class Binary files differdeleted file mode 100644 index d556f6c42..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsUnmarshaller.class Binary files differdeleted file mode 100644 index d5f4ea438..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKExtensionsUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeBuilder.class Binary files differdeleted file mode 100644 index f44f58bf1..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeImpl.class Binary files differdeleted file mode 100644 index e406380e4..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeUnmarshaller.class Binary files differdeleted file mode 100644 index 267308c79..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKRequestedAttributeUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseBuilder.class Binary files differdeleted file mode 100644 index 69d8ae575..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseImpl.class Binary files differdeleted file mode 100644 index d068906fd..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseMarshaller.class Binary files differdeleted file mode 100644 index 9648874b2..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseUnmarshaller.class Binary files differdeleted file mode 100644 index 81dd294a3..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/saml/impl/STORKResponseUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/AuthenticationAttributes.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/AuthenticationAttributes.class Binary files differdeleted file mode 100644 index cde53002e..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/AuthenticationAttributes.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/CitizenCountryCode.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/CitizenCountryCode.class Binary files differdeleted file mode 100644 index c731fb19f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/CitizenCountryCode.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDCrossBorderShare.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDCrossBorderShare.class Binary files differdeleted file mode 100644 index d23b85439..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDCrossBorderShare.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDCrossSectorShare.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDCrossSectorShare.class Binary files differdeleted file mode 100644 index bca2137d3..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDCrossSectorShare.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDSectorShare.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDSectorShare.class Binary files differdeleted file mode 100644 index efee1c155..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/EIDSectorShare.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/QualityAuthenticationAssuranceLevel.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/QualityAuthenticationAssuranceLevel.class Binary files differdeleted file mode 100644 index fda894367..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/QualityAuthenticationAssuranceLevel.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/RequestedAttributes.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/RequestedAttributes.class Binary files differdeleted file mode 100644 index 8acef05d1..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/RequestedAttributes.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPAuthRequest.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPAuthRequest.class Binary files differdeleted file mode 100644 index d8b1bf7d4..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPAuthRequest.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertEnc.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertEnc.class Binary files differdeleted file mode 100644 index 1e9b4bd96..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertEnc.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertSig.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertSig.class Binary files differdeleted file mode 100644 index c562f4951..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertSig.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertType.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertType.class Binary files differdeleted file mode 100644 index 2e2e7ccb9..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPCertType.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPID.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPID.class Binary files differdeleted file mode 100644 index 6031f8e85..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPID.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPInformation.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPInformation.class Binary files differdeleted file mode 100644 index a542a6bd4..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SPInformation.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpApplication.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpApplication.class Binary files differdeleted file mode 100644 index 917722486..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpApplication.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpCountry.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpCountry.class Binary files differdeleted file mode 100644 index 120f2800e..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpCountry.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpInstitution.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpInstitution.class Binary files differdeleted file mode 100644 index 526beebe5..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpInstitution.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpSector.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpSector.class Binary files differdeleted file mode 100644 index 6985e6ca8..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/SpSector.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/VIDPAuthenticationAttributes.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/VIDPAuthenticationAttributes.class Binary files differdeleted file mode 100644 index 0649901ca..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/VIDPAuthenticationAttributes.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesBuilder.class Binary files differdeleted file mode 100644 index e66f8cf15..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesImpl.class Binary files differdeleted file mode 100644 index 20bdac735..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesMarshaller.class Binary files differdeleted file mode 100644 index 85615c53f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesUnmarshaller.class Binary files differdeleted file mode 100644 index 71002f3e2..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/AuthenticationAttributesUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeBuilder.class Binary files differdeleted file mode 100644 index 1a5466e90..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeImpl.class Binary files differdeleted file mode 100644 index e28970ac2..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeMarshaller.class Binary files differdeleted file mode 100644 index b67275405..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeUnmarshaller.class Binary files differdeleted file mode 100644 index ff3777b25..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/CitizenCountryCodeUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareBuilder.class Binary files differdeleted file mode 100644 index 8e8b8709a..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareImpl.class Binary files differdeleted file mode 100644 index 495fdbf8c..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareMarshaller.class Binary files differdeleted file mode 100644 index 734f92660..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareUnmarshaller.class Binary files differdeleted file mode 100644 index ac333c00f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossBorderShareUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareBuilder.class Binary files differdeleted file mode 100644 index 9d6ad885d..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareImpl.class Binary files differdeleted file mode 100644 index 05a63f48e..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareMarshaller.class Binary files differdeleted file mode 100644 index a89eafd3a..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareUnmarshaller.class Binary files differdeleted file mode 100644 index f82bca23b..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDCrossSectorShareUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareBuilder.class Binary files differdeleted file mode 100644 index e176bba7f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareImpl.class Binary files differdeleted file mode 100644 index 322a5ef4a..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareMarshaller.class Binary files differdeleted file mode 100644 index 97361bfee..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareUnmarshaller.class Binary files differdeleted file mode 100644 index 0319ebe3e..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/EIDSectorShareUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelBuilder.class Binary files differdeleted file mode 100644 index 4f3a7abe8..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelImpl.class Binary files differdeleted file mode 100644 index da9939089..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelMarshaller.class Binary files differdeleted file mode 100644 index f145f8a05..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelUnmarshaller.class Binary files differdeleted file mode 100644 index 618ee5267..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/QualityAuthenticationAssuranceLevelUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesBuilder.class Binary files differdeleted file mode 100644 index ff99e4aae..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesImpl.class Binary files differdeleted file mode 100644 index ccd513834..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesMarshaller.class Binary files differdeleted file mode 100644 index 6929c3527..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesUnmarshaller.class Binary files differdeleted file mode 100644 index 79e1b8f9f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/RequestedAttributesUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestBuilder.class Binary files differdeleted file mode 100644 index 65d837a2f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestImpl.class Binary files differdeleted file mode 100644 index 6102fb493..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestMarshaller.class Binary files differdeleted file mode 100644 index 55b0e62f8..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestUnmarshaller.class Binary files differdeleted file mode 100644 index 9653bb589..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPAuthRequestUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncBuilder.class Binary files differdeleted file mode 100644 index b92ff8a8a..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncImpl.class Binary files differdeleted file mode 100644 index 12913860b..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncMarshaller.class Binary files differdeleted file mode 100644 index ec4962d6f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncUnmarshaller.class Binary files differdeleted file mode 100644 index 07ebbed30..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertEncUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigBuilder.class Binary files differdeleted file mode 100644 index 24f09f271..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigImpl.class Binary files differdeleted file mode 100644 index 20e0b4fe7..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigMarshaller.class Binary files differdeleted file mode 100644 index 1d03a83da..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigUnmarshaller.class Binary files differdeleted file mode 100644 index 5d057f9fd..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertSigUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeImpl.class Binary files differdeleted file mode 100644 index de7b2c5b8..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeMarshaller.class Binary files differdeleted file mode 100644 index 0d25eb9a4..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeUnmarshaller.class Binary files differdeleted file mode 100644 index 953634dd8..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPCertTypeUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDBuilder.class Binary files differdeleted file mode 100644 index 170a4eced..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDImpl.class Binary files differdeleted file mode 100644 index 23d9e007f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDMarshaller.class Binary files differdeleted file mode 100644 index b04bbd283..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDUnmarshaller.class Binary files differdeleted file mode 100644 index 58e122b17..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPIDUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationBuilder.class Binary files differdeleted file mode 100644 index 7146d2b78..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationImpl.class Binary files differdeleted file mode 100644 index 572237008..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationMarshaller.class Binary files differdeleted file mode 100644 index e80dda7f9..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationUnmarshaller.class Binary files differdeleted file mode 100644 index 31622983b..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SPInformationUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationBuilder.class Binary files differdeleted file mode 100644 index f390d99c7..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationImpl.class Binary files differdeleted file mode 100644 index 38da57999..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationMarshaller.class Binary files differdeleted file mode 100644 index a895869c4..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationUnmarshaller.class Binary files differdeleted file mode 100644 index 07de04cac..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpApplicationUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryBuilder.class Binary files differdeleted file mode 100644 index 13a895da0..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryImpl.class Binary files differdeleted file mode 100644 index e2154b721..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryMarshaller.class Binary files differdeleted file mode 100644 index d42d6f918..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryUnmarshaller.class Binary files differdeleted file mode 100644 index 356b05130..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpCountryUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionBuilder.class Binary files differdeleted file mode 100644 index 6abb47780..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionImpl.class Binary files differdeleted file mode 100644 index d198111ea..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionMarshaller.class Binary files differdeleted file mode 100644 index 37f993108..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionUnmarshaller.class Binary files differdeleted file mode 100644 index e43c66d33..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpInstitutionUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorBuilder.class Binary files differdeleted file mode 100644 index 3be4832f0..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorImpl.class Binary files differdeleted file mode 100644 index cff58c471..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorMarshaller.class Binary files differdeleted file mode 100644 index 94ba5e9d0..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorUnmarshaller.class Binary files differdeleted file mode 100644 index d78ebf3a6..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/SpSectorUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesBuilder.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesBuilder.class Binary files differdeleted file mode 100644 index fdc00be92..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesImpl.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesImpl.class Binary files differdeleted file mode 100644 index 37d8f77d3..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesMarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesMarshaller.class Binary files differdeleted file mode 100644 index f1a970278..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesUnmarshaller.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesUnmarshaller.class Binary files differdeleted file mode 100644 index adeecee93..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/stork/impl/VIDPAuthenticationAttributesUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/util/SAMLUtil.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/util/SAMLUtil.class Binary files differdeleted file mode 100644 index 8b0826288..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/util/SAMLUtil.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/util/XMLUtil.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/util/XMLUtil.class Binary files differdeleted file mode 100644 index 5651fc2e6..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/util/XMLUtil.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAssertionValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAssertionValidator.class Binary files differdeleted file mode 100644 index 75d85acfd..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAssertionValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAttributeValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAttributeValidator.class Binary files differdeleted file mode 100644 index 5b15bf743..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAttributeValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAudienceRestrictionValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAudienceRestrictionValidator.class Binary files differdeleted file mode 100644 index 423473ef6..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAudienceRestrictionValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthenticationAttributesValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthenticationAttributesValidator.class Binary files differdeleted file mode 100644 index 02d407565..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthenticationAttributesValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.class Binary files differdeleted file mode 100644 index 1f389c85e..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthnRequestValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthnStatementValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthnStatementValidator.class Binary files differdeleted file mode 100644 index c37c46c76..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkAuthnStatementValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkCitizenCountryCodeValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkCitizenCountryCodeValidator.class Binary files differdeleted file mode 100644 index 0cb22190a..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkCitizenCountryCodeValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkConditionsValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkConditionsValidator.class Binary files differdeleted file mode 100644 index a874e5d52..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkConditionsValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEIDSectorShareValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEIDSectorShareValidator.class Binary files differdeleted file mode 100644 index 498e7a186..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEIDSectorShareValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEncryptedAttributeValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEncryptedAttributeValidator.class Binary files differdeleted file mode 100644 index ee67bbc5f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEncryptedAttributeValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEncryptedIdValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEncryptedIdValidator.class Binary files differdeleted file mode 100644 index cfc82bdb8..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkEncryptedIdValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkExtensionsValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkExtensionsValidator.class Binary files differdeleted file mode 100644 index 4206cc8f6..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkExtensionsValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkIssuerValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkIssuerValidator.class Binary files differdeleted file mode 100644 index cf00c682a..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkIssuerValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkNameIDValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkNameIDValidator.class Binary files differdeleted file mode 100644 index 993d83f7c..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkNameIDValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkNameIdPolicyValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkNameIdPolicyValidator.class Binary files differdeleted file mode 100644 index cf4557654..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkNameIdPolicyValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkQualityAuthenticationAssuranceLevelValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkQualityAuthenticationAssuranceLevelValidator.class Binary files differdeleted file mode 100644 index 3a723b910..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkQualityAuthenticationAssuranceLevelValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkRequestedAttributeValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkRequestedAttributeValidator.class Binary files differdeleted file mode 100644 index aa05d4b0e..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkRequestedAttributeValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkRequestedAttributesValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkRequestedAttributesValidator.class Binary files differdeleted file mode 100644 index a616bd87d..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkRequestedAttributesValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkResponseValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkResponseValidator.class Binary files differdeleted file mode 100644 index 1dd25036d..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkResponseValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSPIDValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSPIDValidator.class Binary files differdeleted file mode 100644 index be9793f6f..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSPIDValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSPInformationValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSPInformationValidator.class Binary files differdeleted file mode 100644 index fa929ea24..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSPInformationValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpApplicationValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpApplicationValidator.class Binary files differdeleted file mode 100644 index 102b544a8..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpApplicationValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpCountryValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpCountryValidator.class Binary files differdeleted file mode 100644 index d69211c06..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpCountryValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpInstitutionValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpInstitutionValidator.class Binary files differdeleted file mode 100644 index 3b4550dc6..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpInstitutionValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpSectorValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpSectorValidator.class Binary files differdeleted file mode 100644 index 2940295a7..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSpSectorValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkStatusCodeValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkStatusCodeValidator.class Binary files differdeleted file mode 100644 index 75356ecad..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkStatusCodeValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkStatusValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkStatusValidator.class Binary files differdeleted file mode 100644 index eaeeaf1e7..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkStatusValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectConfirmationValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectConfirmationValidator.class Binary files differdeleted file mode 100644 index 5f6a6349c..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectConfirmationValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectLocalityValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectLocalityValidator.class Binary files differdeleted file mode 100644 index e3c1afaad..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectLocalityValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectValidator.class Binary files differdeleted file mode 100644 index 5f594af82..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkSubjectValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkVIDPAuthenticationAttributesValidator.class b/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkVIDPAuthenticationAttributesValidator.class Binary files differdeleted file mode 100644 index 0eb6d2a57..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/eu/stork/vidp/messages/validation/StorkVIDPAuthenticationAttributesValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/saml2-post-binding-moa.vm b/id/server/legacy-backup/stork-saml-engine/target/classes/saml2-post-binding-moa.vm deleted file mode 100644 index cac0bda76..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/saml2-post-binding-moa.vm +++ /dev/null @@ -1,38 +0,0 @@ -## -## Velocity Template for SAML 2 HTTP-POST binding -## -## Velocity context may contain the following properties -## action - String - the action URL for the form -## RelayState - String - the relay state for the message -## SAMLRequest - String - the Base64 encoded SAML Request -## SAMLResponse - String - the Base64 encoded SAML Response -## Contains target attribute to delegate PEPS authentication out of iFrame - -<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> - - <body onload="document.forms[0].submit()"> - <noscript> - <p> - <strong>Note:</strong> Since your browser does not support JavaScript, - you must press the Continue button once to proceed. - </p> - </noscript> - - <form action="${action}" method="post" target="_parent"> - <div> - #if($RelayState)<input type="hidden" name="RelayState" value="${RelayState}"/>#end - - #if($SAMLRequest)<input type="hidden" name="SAMLRequest" value="${SAMLRequest}"/>#end - - #if($SAMLResponse)<input type="hidden" name="SAMLResponse" value="${SAMLResponse}"/>#end - - </div> - <noscript> - <div> - <input type="submit" value="Continue"/> - </div> - </noscript> - </form> - - </body> -</html>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork-saml-engine/target/classes/saml2-stork-config.xml b/id/server/legacy-backup/stork-saml-engine/target/classes/saml2-stork-config.xml deleted file mode 100644 index f83c7337e..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/classes/saml2-stork-config.xml +++ /dev/null @@ -1,242 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<XMLTooling xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.opensaml.org/xmltooling-config ../../src/schema/xmltooling-config.xsd" - xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" - xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" - xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" - xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" - xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" - xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" - xmlns="http://www.opensaml.org/xmltooling-config"> - - <!-- SAML 2.0 Protocol Object providers --> - <ObjectProviders> - - - <!-- AuthnRequest provider --> - <ObjectProvider qualifiedName="saml2p:AuthnRequest"> - <BuilderClass className="eu.stork.vidp.messages.saml.impl.STORKAuthnRequestBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKAuthnRequestMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKAuthnRequestUnmarshaller" /> - </ObjectProvider> - - <!-- Response provider --> - <ObjectProvider qualifiedName="saml2p:Response"> - <BuilderClass className="eu.stork.vidp.messages.saml.impl.STORKResponseBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKResponseMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKResponseUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="saml2p:Extensions"> - <BuilderClass className="eu.stork.vidp.messages.saml.impl.STORKExtensionsBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKExtensionsMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKExtensionsUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:AuthenticationAttributes"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.AuthenticationAttributesBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.AuthenticationAttributesMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.AuthenticationAttributesUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:CitizenCountryCode"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.CitizenCountryCodeBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.CitizenCountryCodeMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.CitizenCountryCodeUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:SPAuthRequest"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPAuthRequestBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPAuthRequestMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPAuthRequestUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:SPCertEnc"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPCertEncBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPCertEncMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPCertEncUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:SPCertSig"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPCertSigBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPCertSigMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPCertSigUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:SPID"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPIDBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPIDMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPIDUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:SPInformation"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SPInformationBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SPInformationMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SPInformationUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:VIDPAuthenticationAttributes"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.VIDPAuthenticationAttributesBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.VIDPAuthenticationAttributesMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.VIDPAuthenticationAttributesUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="stork:QualityAuthenticationAssuranceLevel"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.QualityAuthenticationAssuranceLevelBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.QualityAuthenticationAssuranceLevelMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.QualityAuthenticationAssuranceLevelUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:RequestedAttributes"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.RequestedAttributesBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.RequestedAttributesMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.RequestedAttributesUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="stork:RequestedAttribute"> - <BuilderClass className="eu.stork.vidp.messages.saml.impl.STORKRequestedAttributeBuilder" /> - <MarshallingClass className="org.opensaml.saml2.metadata.impl.RequestedAttributeMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.saml.impl.STORKRequestedAttributeUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:eIDSectorShare"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.EIDSectorShareBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDSectorShareMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDSectorShareUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:eIDCrossSectorShare"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.EIDCrossSectorShareBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDCrossSectorShareMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDCrossSectorShareUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="storkp:eIDCrossBorderShare"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.EIDCrossBorderShareBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDCrossBorderShareMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.EIDCrossBorderShareUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="stork:spSector"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SpSectorBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SpSectorMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SpSectorUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="stork:spApplication"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SpApplicationBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SpApplicationMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SpApplicationUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="stork:spCountry"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SpCountryBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SpCountryMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SpCountryUnmarshaller" /> - </ObjectProvider> - - <ObjectProvider qualifiedName="stork:spInstitution"> - <BuilderClass className="eu.stork.vidp.messages.stork.impl.SpInstitutionBuilder" /> - <MarshallingClass className="eu.stork.vidp.messages.stork.impl.SpInstitutionMarshaller" /> - <UnmarshallingClass className="eu.stork.vidp.messages.stork.impl.SpInstitutionUnmarshaller" /> - </ObjectProvider> - - </ObjectProviders> - - <!-- Validation rules for SAML 2.0 SAMLObjects --> - <ValidatorSuites> - - <!-- SAML 2.0 Schema Validation Rules --> - <ValidatorSuite id="saml2-core-schema-and-stork-validator"> - <Validator qualifiedName="saml2:Action" className="org.opensaml.saml2.core.validator.ActionSchemaValidator" /> - <Validator qualifiedName="saml2p:Artifact" className="org.opensaml.saml2.core.validator.ArtifactSchemaValidator" /> - <Validator qualifiedName="saml2p:ArtifactResolve" className="org.opensaml.saml2.core.validator.ArtifactResolveSchemaValidator" /> - <Validator qualifiedName="saml2p:ArtifactResponse" className="org.opensaml.saml2.core.validator.ArtifactResponseSchemaValidator" /> - <!-- Validator qualifiedName="saml2:Assertion" className="org.opensaml.saml2.core.validator.AssertionSchemaValidator" /--> - <Validator qualifiedName="saml2:AssertionIDRef" className="org.opensaml.saml2.core.validator.AssertionIDRefSchemaValidator" /> - <Validator qualifiedName="saml2:AssertionIDRequest" className="org.opensaml.saml2.core.validator.AssertionIDRequestSchemaValidator" /> - <Validator qualifiedName="saml2:AssertionURIRef" className="org.opensaml.saml2.core.validator.AssertionURIRefSchemaValidator" /> - <!-- Validator qualifiedName="saml2:Attribute" className="org.opensaml.saml2.core.validator.AttributeSchemaValidator" /--> - <Validator qualifiedName="saml2p:AttributeQuery" className="org.opensaml.saml2.core.validator.AttributeQuerySchemaValidator" /> - <Validator qualifiedName="saml2:AttributeStatement" className="org.opensaml.saml2.core.validator.AttributeStatementSchemaValidator" /> - <Validator qualifiedName="saml2:Audience" className="org.opensaml.saml2.core.validator.AudienceSchemaValidator" /> - <!-- Validator qualifiedName="saml2:AudienceRestriction" className="org.opensaml.saml2.core.validator.AudienceRestrictionSchemaValidator" /--> - <Validator qualifiedName="saml2:AuthenticatingAuthority" className="org.opensaml.saml2.core.validator.AuthenticatingAuthoritySchemaValidator" /> - <Validator qualifiedName="saml2:AuthnContextClassRef" className="org.opensaml.saml2.core.validator.AuthnContextClassRefSchemaValidator" /> - <Validator qualifiedName="saml2:AuthnContextDeclRef" className="org.opensaml.saml2.core.validator.AuthnContextDeclRefSchemaValidator" /> - <Validator qualifiedName="saml2:AuthnContextDecl" className="org.opensaml.saml2.core.validator.AuthnContextDeclSchemaValidator" /> - <Validator qualifiedName="saml2p:AuthnQuery" className="org.opensaml.saml2.core.validator.AuthnQuerySchemaValidator" /> - <!-- Validator qualifiedName="saml2p:AuthnRequest" className="org.opensaml.saml2.core.validator.AuthnRequestSchemaValidator" /--> - <!-- Validator qualifiedName="saml2:AuthnStatement" className="org.opensaml.saml2.core.validator.AuthnStatementSchemaValidator" /--> - <Validator qualifiedName="saml2p:AuthzDecisionQuery" className="org.opensaml.saml2.core.validator.AuthzDecisionQuerySchemaValidator" /> - <Validator qualifiedName="saml2:AuthzDecisionStatement" className="org.opensaml.saml2.core.validator.AuthzDecisionStatementSchemaValidator" /> - <Validator qualifiedName="saml2:AuthnContextClassRef" className="org.opensaml.saml2.core.validator.AuthnContextClassRefSchemaValidator" /> - <Validator qualifiedName="saml2:Evidence" className="org.opensaml.saml2.core.validator.EvidenceSchemaValidator" /> - <Validator qualifiedName="saml2p:GetComplete" className="org.opensaml.saml2.core.validator.GetCompleteSchemaValidator" /> - <Validator qualifiedName="saml2p:IDPEntry" className="org.opensaml.saml2.core.validator.IDPEntrySchemaValidator" /> - <Validator qualifiedName="saml2p:IDPList" className="org.opensaml.saml2.core.validator.IDPListSchemaValidator" /> - <!-- Validator qualifiedName="saml2:Issuer" className="org.opensaml.saml2.core.validator.IssuerSchemaValidator" /--> - <Validator qualifiedName="saml2p:LogoutRequest" className="org.opensaml.saml2.core.validator.LogoutRequestSchemaValidator" /> - <Validator qualifiedName="saml2p:LogoutResponse" className="org.opensaml.saml2.core.validator.LogoutResponseSchemaValidator" /> - <Validator qualifiedName="saml2p:ManageNameIDRequest" className="org.opensaml.saml2.core.validator.ManageNameIDRequestSchemaValidator" /> - <Validator qualifiedName="saml2p:ManageNameIDResponse" className="org.opensaml.saml2.core.validator.ManageNameIDResponseSchemaValidator" /> - <!-- Validator qualifiedName="saml2:NameID" className="org.opensaml.saml2.core.validator.NameIDSchemaValidator" /--> - <Validator qualifiedName="saml2p:NameIDMappingRequest" className="org.opensaml.saml2.core.validator.NameIDMappingRequestSchemaValidator" /> - <Validator qualifiedName="saml2p:NameIDMappingResponse" className="org.opensaml.saml2.core.validator.NameIDMappingResponseSchemaValidator" /> - <Validator qualifiedName="saml2p:NewID" className="org.opensaml.saml2.core.validator.NewIDSchemaValidator" /> - <Validator qualifiedName="saml2p:RequestedAuthnContext" className="org.opensaml.saml2.core.validator.RequestedAuthnContextSchemaValidator" /> - <Validator qualifiedName="saml2p:RequesterID" className="org.opensaml.saml2.core.validator.RequesterIDSchemaValidator" /> - <!-- Validator qualifiedName="saml2p:Response" className="org.opensaml.saml2.core.validator.ResponseSchemaValidator" /--> - <Validator qualifiedName="saml2:SessionIndex" className="org.opensaml.saml2.core.validator.SessionIndexSchemaValidator" /> - <!-- Validator qualifiedName="saml2p:Status" className="org.opensaml.saml2.core.validator.StatusSchemaValidator" /--> - <!-- Validator qualifiedName="saml2p:StatusCode" className="org.opensaml.saml2.core.validator.StatusCodeSchemaValidator" /--> - <Validator qualifiedName="saml2p:StatusMessage" className="org.opensaml.saml2.core.validator.StatusMessageSchemaValidator" /> - <!-- Validator qualifiedName="saml2:Subject" className="org.opensaml.saml2.core.validator.SubjectSchemaValidator" /--> - <!-- Validator qualifiedName="saml2:SubjectConfirmation" className="org.opensaml.saml2.core.validator.SubjectConfirmationSchemaValidator" /--> - <Validator qualifiedName="saml2p:Response" className="eu.stork.vidp.messages.validation.StorkResponseValidator" /> - <Validator qualifiedName="saml2:Issuer" className="eu.stork.vidp.messages.validation.StorkIssuerValidator" /> - <Validator qualifiedName="saml2p:Status" className="eu.stork.vidp.messages.validation.StorkStatusValidator" /> - <Validator qualifiedName="saml2p:StatusCode" className="eu.stork.vidp.messages.validation.StorkStatusCodeValidator" /> - <Validator qualifiedName="saml2:Assertion" className="eu.stork.vidp.messages.validation.StorkAssertionValidator" /> - <Validator qualifiedName="saml2:Subject" className="eu.stork.vidp.messages.validation.StorkSubjectValidator" /> - <Validator qualifiedName="saml2:NameID" className="eu.stork.vidp.messages.validation.StorkNameIDValidator" /> - <Validator qualifiedName="saml2:EncryptedID" className="eu.stork.vidp.messages.validation.StorkEncryptedIdValidator" /> - <Validator qualifiedName="saml2:SubjectConfirmation" className="eu.stork.vidp.messages.validation.StorkSubjectConfirmationValidator" /> - <Validator qualifiedName="saml2:AudienceRestriction" className="eu.stork.vidp.messages.validation.StorkAudienceRestrictionValidator" /> - <Validator qualifiedName="saml2:Conditions" className="eu.stork.vidp.messages.validation.StorkConditionsValidator" /> - <Validator qualifiedName="saml2:AuthnStatement" className="eu.stork.vidp.messages.validation.StorkAuthnStatementValidator" /> - <Validator qualifiedName="saml2:SubjectLocality" className="eu.stork.vidp.messages.validation.StorkSubjectLocalityValidator" /> - <Validator qualifiedName="saml2:Attribute" className="eu.stork.vidp.messages.validation.StorkAttributeValidator" /> - <Validator qualifiedName="saml2:EncryptedAttribute" className="eu.stork.vidp.messages.validation.StorkEncryptedAttributeValidator" /> - <Validator qualifiedName="saml2p:AuthnRequest" className="eu.stork.vidp.messages.validation.StorkAuthnRequestValidator" /> - <Validator qualifiedName="storkp:AuthenticationAttributes" className="eu.stork.vidp.messages.validation.StorkAuthenticationAttributesValidator" /> - <Validator qualifiedName="storkp:SPID" className="eu.stork.vidp.messages.validation.StorkSPIDValidator" /> - <Validator qualifiedName="storkp:SPInformation" className="eu.stork.vidp.messages.validation.StorkSPInformationValidator" /> - <!-- Validator qualifiedName="stork:FinalRedirectURL" className="eu.stork.vidp.messages.validation.StorkFinalRedirectURLValidator" /--> - <Validator qualifiedName="storkp:CitizenCountryCode" className="eu.stork.vidp.messages.validation.StorkCitizenCountryCodeValidator" /> - <Validator qualifiedName="storkp:VIDPAuthenticationAttributes" className="eu.stork.vidp.messages.validation.StorkVIDPAuthenticationAttributesValidator" /> - <Validator qualifiedName="stork:RequestedAttribute" className="eu.stork.vidp.messages.validation.StorkRequestedAttributeValidator" /> - <Validator qualifiedName="storkp:RequestedAttributes" className="eu.stork.vidp.messages.validation.StorkRequestedAttributesValidator" /> - <Validator qualifiedName="stork:QualityAuthenticationAssuranceLevel" className="eu.stork.vidp.messages.validation.StorkQualityAuthenticationAssuranceLevelValidator" /> - <Validator qualifiedName="saml2p:Extensions" className="eu.stork.vidp.messages.validation.StorkExtensionsValidator" /> - <Validator qualifiedName="saml2:NameIdPolicy" className="eu.stork.vidp.messages.validation.StorkNameIdPolicyValidator" /> - <Validator qualifiedName="ds:Signature" className="org.opensaml.xml.signature.validator.SignatureSchemaValidator" /> - <Validator qualifiedName="stork:spSector" className="eu.stork.vidp.messages.validation.StorkSpSectorValidator" /> - <Validator qualifiedName="stork:spApplication" className="eu.stork.vidp.messages.validation.StorkSpApplicationValidator" /> - <Validator qualifiedName="stork:spCountry" className="eu.stork.vidp.messages.validation.StorkSpCountryValidator" /> - <Validator qualifiedName="stork:Institution" className="eu.stork.vidp.messages.validation.StorkSpInstitutionValidator" /> - - - </ValidatorSuite> - - <!-- SAML 2.0 Specification Validation Rules --> - <ValidatorSuite id="saml2-core-spec-validator"> - <Validator qualifiedName="saml2:Assertion" className="org.opensaml.saml2.core.validator.AssertionSpecValidator" /> - <Validator qualifiedName="saml2:Conditions" className="org.opensaml.saml2.core.validator.ConditionsSpecValidator" /> - </ValidatorSuite> - - </ValidatorSuites> - - - </XMLTooling>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork-saml-engine/target/maven-archiver/pom.properties b/id/server/legacy-backup/stork-saml-engine/target/maven-archiver/pom.properties deleted file mode 100644 index 5a1b017ed..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/maven-archiver/pom.properties +++ /dev/null @@ -1,5 +0,0 @@ -#Generated by Maven -#Wed Jan 22 11:26:40 CET 2014 -version=1.5.2 -groupId=MOA.id -artifactId=stork-saml-engine diff --git a/id/server/legacy-backup/stork-saml-engine/target/stork-saml-engine-1.5.2.jar b/id/server/legacy-backup/stork-saml-engine/target/stork-saml-engine-1.5.2.jar Binary files differdeleted file mode 100644 index 310f5fb0a..000000000 --- a/id/server/legacy-backup/stork-saml-engine/target/stork-saml-engine-1.5.2.jar +++ /dev/null diff --git a/id/server/legacy-backup/stork2-commons/Releases b/id/server/legacy-backup/stork2-commons/Releases deleted file mode 100644 index 54aeb9313..000000000 --- a/id/server/legacy-backup/stork2-commons/Releases +++ /dev/null @@ -1,62 +0,0 @@ -Created 06-04-2011 - -Branch : STORKCommons_0_5_UPDATE_06042011 -Date : 06-04-2011 -Changes: No changes. - -Branch : STORKCommons_0_5_UPDATE_07072011 -Date : 07-07-2011 -Changes: Inserted constants to HttpOnly HTTP Header. - -Branch : STORKCommons_0_6 -Date : 07-11-2011 -Changes: Improved error exception handling (few changes on the exception classes). - Improved Constansts (unused removed, others added). - Unit Tests include (almost all the code is cover). - Fix some minor bugs found on unit tests. - New Copyright License added. - PEPUtils refactored. - Improved error code message (three kind of messages: to citizen, admin and saml token). - -Branch : STORKCommons_0_6_1 -Date : 28-11-2011 -Changes: Removed unnecessary javadoc package file. - Updated pepsUtils.properties file (check attribute value had old error message) - -Branch : STORKCommons_0_9 -Date : 02-12-2011 -Changes: Updated Version to 0.9 - -Branch : STORKCommons_1_0 -Date : 02-12-2011 -Changes: Updated Version to 1.0 - -Branch : STORKCommons_1_1_0 -Date : 01-11-2013 -Changes: Updated Version to 1.1.0 - Dependencies updated - Business Logic Part I changes - SAML Engine Changes merged (from SamlEngine/1.1.0/Commons branch to be easier to merge this branch with trunk) - Fixed some errors on Test Case - -Branch : STORKCommons_1_1_1 -Date : 02-12-2013 -Changes: Updated Version to 1.1.1 - Added mandate error code - PMD quality code changes (some final identifier missing) - Added new methods to personal attribute list to get Mandatory/Optional and/or Simple/Complex attributes - Added new unit tests - -Branch : Commons (Trunk) -Date : 15-01-2014 -Version: 1.2.0 -Release: 2 -Changes: Updated Version to 1.2.0 - dded request flow of PV (incomplete) - Added AP mandatory attribute to get data for business attributes - *) based on configuration file it adds the missing attributes (eIdentifier, givenName, surname and dateOfBirth) or change isRequired to true. - changes original isRequired state in response - Added new Interface (IAttributeListProcessor) to make some operations on attribute lists - Power Validation is complete now - Business Logic I and II integration (Request Complete!) - Added new method to Personal attribute List to check if there is at least one attribute with no value. diff --git a/id/server/legacy-backup/stork2-commons/pom.xml b/id/server/legacy-backup/stork2-commons/pom.xml deleted file mode 100644 index a71ee1628..000000000 --- a/id/server/legacy-backup/stork2-commons/pom.xml +++ /dev/null @@ -1,213 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>eu.stork</groupId> - <artifactId>Commons</artifactId> - <packaging>jar</packaging> - <name>Stork Commons</name> - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <stork.version>1.2.0</stork.version> - <opensaml.version>2.6.0</opensaml.version> - </properties> - <version>${stork.version}</version> - <description> - The STORKCommons library provides beans, Java Interfaces and utility classes to integrate PEPS and SAML Engine. - </description> - - <dependencies> - - <!-- Joda --> - <dependency> - <groupId>joda-time</groupId> - <artifactId>joda-time</artifactId> - <version>2.3</version> - </dependency> - - <!-- Log4J --> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.17</version> - <exclusions> - <exclusion> - <groupId>javax.jms</groupId> - <artifactId>jms</artifactId> - </exclusion> - <exclusion> - <groupId>com.sun.jdmk</groupId> - <artifactId>jmxtools</artifactId> - </exclusion> - <exclusion> - <groupId>com.sun.jmx</groupId> - <artifactId>jmxri</artifactId> - </exclusion> - <exclusion> - <artifactId>mail</artifactId> - <groupId>javax.mail</groupId> - </exclusion> - </exclusions> - </dependency> - - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>opensaml</artifactId> - <version>${opensaml.version}</version> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - </exclusion> - </exclusions> - </dependency> - - <!-- Bouncy Castle --> - <dependency> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk16</artifactId> - <version>1.46</version> - </dependency> - - <!-- Servlet API --> - <!-- provided by Application Server --> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.5</version> - <scope>provided</scope> - </dependency> - - <dependency> - <groupId>commons-lang</groupId> - <artifactId>commons-lang</artifactId> - <version>2.6</version> - <type>jar</type> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.11</version> - <scope>test</scope> - </dependency> - </dependencies> - - <build> - <finalName>commons</finalName> - <pluginManagement> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>3.1</version> - <configuration> - <source>1.6</source> - <target>1.6</target> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <runOrder>reversealphabetical</runOrder> - <skip>false</skip> - <includes> - <runOrder>reversealphabetical</runOrder> - <include>**/PEPSUtilTest.java</include> - <include>**/PersonalAttributeTestCase.java</include> - <include>**/PersonalAttributeListTestCase.java</include> - <include>**/DateUtilTestCase.java</include> - <include>**/AttributeUtilTest.java</include> - </includes> - </configuration> - </plugin> - </plugins> - </pluginManagement> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <version>2.9.1</version> - <configuration> - <links> - <link>http://commons.apache.org/lang/api/</link> - <link>http://java.sun.com/j2se/1.6.0/docs/api/</link> - <link>http://www.bouncycastle.org/docs/docs1.6/</link> - <link>http://docs.oracle.com/javase/6/docs/api/</link> - </links> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-source-plugin</artifactId> - <version>2.2.1</version> - <executions> - <execution> - <id>attach-sources</id> - <phase>verify</phase> - <goals> - <goal>jar-no-fork</goal> - </goals> - </execution> - </executions> - </plugin> - </plugins> - <testResources> - <testResource> - <directory>src/test/resources</directory> - <includes> - <include>log4j.xml</include> - </includes> - </testResource> - </testResources> - </build> - <profiles> - <profile> - <id>embedded</id> - <build> - <resources> - <resource> - <directory> ${project.basedir}/src/main/resources</directory> - </resource> - <resource> - <directory> ${project.basedir}/src/main/config/embedded</directory> - </resource> - </resources> - </build> - </profile> - <profile> - <id>metrics</id> - <build> - <plugins> - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>cobertura-maven-plugin</artifactId> - <version>2.5.1</version> - <configuration> - <formats> - <format>html</format> - <format>xml</format> - </formats> - </configuration> - </plugin> - </plugins> - </build> - </profile> - </profiles> -</project> diff --git a/id/server/legacy-backup/stork2-commons/src/main/config/embedded/pepsUtil.properties b/id/server/legacy-backup/stork2-commons/src/main/config/embedded/pepsUtil.properties deleted file mode 100644 index 1e92f390d..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/config/embedded/pepsUtil.properties +++ /dev/null @@ -1,267 +0,0 @@ -#Max allowed params size -validation.active=true -max.spUrl.size=150 -max.attrList.size=20000 -max.invalidAttributeList.size=20000 -max.attrName.size=100 -max.callback.size=300 -max.idp.url.size=300 -max.atp.url.size=300 -max.cpepsURL.size=300 -max.attrValue.size=20000 -max.attrType.size=25 -max.spId.size=40 -max.providerName.size=128 -max.spName.size=25 -max.country.size=150 -max.qaaLevel.size=1 -max.spQaaLevel.size=1 -max.errorCode.size=5 -max.errorMessage.size=300 -max.username.size=30 -max.spepsRedirectUrl.size=300 -max.speps.redirectUrl.size=300 -max.cpeps.redirectUrl.size=300 -max.cpepsRedirectUrl.size=300 -max.spepsAssertionUrl.size=300 -max.SAMLRequest.size=131072 -max.SAMLResponse.size=131072 -max.RelayState.size=80 -max.remoteAddr.size=300 -max.remoteHost.size=300 -max.localAddr.size=300 -max.localName.size=300 -max.apepsUrl.size=300 -max.apeps.callbackUrl.size=300 - -#ERROR codes/messages (accordingly to specification) - -#CountrySelector Interface errors -spCountrySelector.invalidSPQAA.code=0000001 -spCountrySelector.invalidSPQAA.message=invalid.spQAA.parameter - -spCountrySelector.invalidQaaSPid.code=0000001 -spCountrySelector.invalidQaaSPid.message=invalid.spQAAId.parameter - -spCountrySelector.invalidSpId.code=000002 -spCountrySelector.invalidSpId.message=invalid.spId.parameter - -spCountrySelector.invalidSpURL.code=000003 -spCountrySelector.invalidSpURL.message=invalid.spUrl.parameter - -domain.CountrySelectorAction.code=000003 -domain.CountrySelectorAction.message=invalid.cs.domain - -requests.CountrySelectorAction.code=000004 -requests.CountrySelectorAction.message=reached.max.requests.cs - -spCountrySelector.spNotAllowed.code=000006 -spCountrySelector.spNotAllowed.message=attr.access.deny - -spCountrySelector.invalidAttr.code=000007 -spCountrySelector.invalidAttr.message=invalid.spAttr.parameter - -spCountrySelector.invalidProviderName.code=000008 -spCountrySelector.invalidProviderName.message=invalid.spProvidername.parameter - -spCountrySelector.errorCreatingSAML.code=203001 -spCountrySelector.errorCreatingSAML.message=error.create.sp.saml - -spepsSAMLRequest.code=203001 -spepsSAMLRequest.message=error.create.saml.speps - -#ServiceProvider Interface errors -sProviderAction.invalidSPQAA.code=200001 -sProviderAction.invalidSPQAA.message=invalid.sp.qaa - -sProviderAction.invalidSPQAAId.code=200001 -sProviderAction.invalidSPQAAId.message=invalid.sp.qaaid - -sProviderAction.invalidSPId.code=200002 -sProviderAction.invalidSPId.message=invalid.sp.id - -domain.ServiceProviderAction.code=200003 -domain.ServiceProviderAction.message=invalid.sp.domain - -sProviderAction.invalidSPDomain.code=200003 -sProviderAction.invalidSPDomain.message=invalid.sp.domain - -sProviderAction.invalidCountry.code=200004 -sProviderAction.invalidCountry.message=invalid.sp.country - -sProviderAction.spNotAllowed.code=200005 -sProviderAction.spNotAllowed.message=sp.not.allowed - -sProviderAction.invalidSaml.code=200006 -sProviderAction.invalidSaml.message=invalid.sp.samlrequest - -sProviderAction.invalidSPProviderName.code=200007 -sProviderAction.invalidSPProviderName.message=sp.not.identified - -sProviderAction.invalidSPRedirect.code=200008 -sProviderAction.invalidSPRedirect.message=invalid.sp.redirectUrl - -sProviderAction.invalidRelayState.code=200009 -sProviderAction.invalidRelayState.message=invalid.sp.relaystate - -sProviderAction.invalidAttr.code=200011 -sProviderAction.invalidAttr.message=invalid.sp.attr - -requests.ServiceProviderAction.code=200012 -requests.ServiceProviderAction.message=reached.max.requests.sp - -sPPowerValidationAction.invalidSPPVAttrList.code=200013 -sPPowerValidationAction.invalidSPPVAttrList.message=invalid.sp.pv.attrlist - -invalid.sp.pv.attrlist.code=200013 -invalid.sp.pv.attrlist.message=invalid.sp.pv.attrlist - -sProviderAction.invalidSPAlias.code=203003 -sProviderAction.invalidSPAlias.message=invalid.sp.alias - -sProviderAction.errorCreatingSAML.code=203001 -sProviderAction.errorCreatingSAML.message=error.create.saml.speps - -#Internal Error -internalError.code=203001 -internalError.message=internalError - -attrList.code=202005 -attrList.message=invalid.attrList.parameter - -missing.sessionId.code=203010 -missing.sessionId.message=missing.session.id - -sessionError.code=203011 -sessionError.message=invalid.session.id - -invalid.sessionId.code=203011 -invalid.sessionId.message=invalid.session.id - -missing.mandate.code=203013 -missing.mandate.message=missing.mandate - -invalid.session.code=203012 -invalid.session.message=invalid.session - -callback.code=203006 -callback.message=invalid.callback.url - -idp.url.code=203006 -idp.url.message=invalid.idp.url - -IdPSAMLResponse.code=002001 -IdPSAMLResponse.message=invalid.idp.response - -authenticationFailed.code=003002 -authenticationFailed.message=authentication.failed - -username.code=003002 -username.message=authentication.failed - -invalidAttributeList.code=203001 -invalidAttributeList.message=invalid.attrlist - -invalidAttributeValue.code=203001 -invalidAttributeValue.message=invalid.attr.value - -attVerification.mandatory.code=202010 -attVerification.mandatory.message=missing.mandatory.attr - -attrValue.verification.code=203008 -attrValue.verification.message=invalid.stork.attrValue - -cpepsSAMLResponse.code=202012 -cpepsSAMLResponse.message=error.gen.cpeps.saml - -AtPSAMLResponse.code=202009 -AtPSAMLResponse.message=error.gen.atp.saml - -atp.url.code=203006 -atp.url.message=invalid.atp.url - -hash.error.code=203001 -hash.error.message=error.hash - -qaaLevel.code=203006 -qaaLevel.message=invalid.cpeps.qaalevel - -SAMLRequest.code=203001 -SAMLRequest.message=invalid.SAMLRequest - -atp.response.error.code=202011 -atp.response.error.message=atp.response.error - -#Colleague Request Interface errors - -colleagueRequest.invalidSAML.code=201002 -colleagueRequest.invalidSAML.message=invalid.speps.samlrequest - -colleagueRequest.invalidCountryCode.code=002001 -colleagueRequest.invalidCountryCode.message=country.cpeps.nomatch - -colleagueRequest.errorCreatingSAML.code=203001 -colleagueRequest.errorCreatingSAML.message=error.create.saml.cpeps - -colleagueRequest.invalidQaa.code=202004 -colleagueRequest.invalidQaa.message=invalid.requested.cpeps.qaalevel - -colleagueRequest.attrNull.code=202005 -colleagueRequest.attrNull.message=invalid.requested.attrlist.cpeps - -colleaguePVRequest.invalidPVAttrList.code=202013 -colleaguePVRequest.invalidPVAttrList.message=invalid.speps.pv.attrlist - -colleagueRequest.invalidRedirect.code=202001 -colleagueRequest.invalidRedirect.message=invalid.redirecturl.cpeps - -colleagueRequest.invalidDestUrl.code=203006 -colleagueRequest.invalidDestUrl.message=invalid.cpeps.destUrl - -cpepsRedirectUrl.code=203006 -cpepsRedirectUrl.message=invalid.cpeps.redirectUrl - -#Citizen Consent Interfaces errors - -citizenResponse.mandatory.code=202007 -citizenResponse.mandatory.message=no.consent.mand.attr - -cPeps.attrNull.code=202005 -cPeps.attrNull.message=invalid.attrList.cpeps - -citizenNoConsent.mandatory.code=202012 -citizenNoConsent.mandatory.message=no.consent.val.mand.attr - -#Colleague Response Interface errors - -colleagueResponse.invalidSAML.code=202002 -colleagueResponse.invalidSAML.message=invalid.cpeps.samlresp - -auRequestIdError.code=201005 -auRequestIdError.message=invalid.speps.saml.id - -audienceRestrictionError.code=201004 -audienceRestrictionError.message=speps.saml.condition.notmet - -spepsSAMLResponse.code=200010 -spepsSAMLResponse.message=error.gen.speps.saml - - -invalid.apepsRedirectUrl.code=001001 -invalid.apepsRedirectUrl.message=invalid.apeps.redirectUrl - -apepsSAMLRequest.code=001002 -apepsSAMLRequest.message=invalid.apeps.saml.request - -apepsSAMLResponse.code=001003 -apepsSAMLResponse.message=invalid.apeps.saml.response - -invalid.apepsCallbackUrl.code=001004 -invalid.apepsCallbackUrl.message=invalid.apeps.callback.url - -colleagueAttributeRequest.invalidSAML.code=001005 -colleagueAttributeRequest.invalidSAML.message=invalid.attr.request.saml - - -#Hash Digests -hashDigest.className=org.bouncycastle.crypto.digests.SHA512Digest diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java deleted file mode 100644 index 09769641c..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains all the STORK PEPS, Commons and Specific errors - * constant identifiers. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.2 $, $Date: 2010-11-17 05:15:28 $ - */ -public enum AttributeConstants { - - /** - * Represents the attribute's name index. - */ - ATTR_NAME_INDEX(0), - /** - * Represents the attribute's type index. - */ - ATTR_TYPE_INDEX(1), - /** - * Represents the attribute's value index. - */ - ATTR_VALUE_INDEX(2), - /** - * Represents the attribute's status index. - */ - ATTR_STATUS_INDEX(3), - /** - * Represents the number of allowed tuples. - */ - NUMBER_TUPLES(4); - - /** - * Represents the constant's value. - */ - private int attribute; - - /** - * Solo Constructor. - * - * @param attr The Attribute Constant value. - */ - AttributeConstants(final int attr) { - - this.attribute = attr; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public int intValue() { - - return attribute; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java deleted file mode 100644 index 32352f563..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java +++ /dev/null @@ -1,74 +0,0 @@ -package eu.stork.peps.auth.commons; - -/** - * This class is a bean used to store information relative to Attribute Names. - * - * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) - * - * @version $Revision: 1.00 $, $Date: 2013-11-26 $ - */ -public final class AttributeName { - - /** - * Attribute Id. - */ - private String attributeId; - - /** - * Attribute Name. - */ - private String attributeName; - - /** - * Attribute Name Constructor. - * - * @param aId Id of the Attribute Name. - * @param aName Name of the Attribute Name. - */ - public AttributeName(final String aId, final String aName) { - - this.attributeId = aId; - this.attributeName = aName; - } - - /** - * Getter for the attributeId value. - * - * @return The attributeId value. - */ - public String getAttributeId() { - - return attributeId; - } - - /** - * Setter for the attributeId value. - * - * @param aId Id of the Attribute Name. - */ - public void setAttributeId(final String aId) { - - this.attributeId = aId; - } - - /** - * Getter for the attributeName value. - * - * @return The attributeName value. - */ - public String getAttributeName() { - - return attributeName; - } - - /** - * Setter for the attributeName value. - * - * @param name Name of the Attribute Name. - */ - public void setAttributeName(final String name) { - - this.attributeName = name; - } - -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java deleted file mode 100644 index 5fb04e331..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java +++ /dev/null @@ -1,80 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -/** - * This class is a bean used to store the information relative to the Attribute Provider. - * - * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) - * - * @version $Revision: 1.01 $, $Date: 2013-11-28 $ - */ -public final class AttributeProvider implements Serializable { - /** - * Unique identifier. - */ - private static final long serialVersionUID = 7210186241917444559L; - - /** - * Provider Id. - */ - private String providerId; - - /** - * Provider Name. - */ - private String providerName; - - /** - * Attribute Provider Constructor. - * - * @param pId Id of the Attribute Provider. - * @param pName Name of the Attribute Provider. - */ - public AttributeProvider(final String pId, final String pName) { - - this.providerId = pId; - this.providerName = pName; - } - - /** - * Getter for the providerId value. - * - * @return The providerId value. - */ - public String getProviderId() { - - return providerId; - } - - /** - * Setter for the providerId value. - * - * @param pId Id of the Attribute Provider. - */ - public void setProviderId(final String pId) { - - this.providerId = pId; - } - - /** - * Getter for the providerName value. - * - * @return The providerName value. - */ - public String getProviderName() { - - return providerName; - } - - /** - * Setter for the providerName value. - * - * @param name Name of the Attribute Provider. - */ - public void setProviderName(final String name) { - - this.providerName = name; - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java deleted file mode 100644 index 3059caaa3..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java +++ /dev/null @@ -1,96 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.util.Iterator; -import java.util.LinkedHashMap; - -import org.apache.log4j.Logger; - -/** - * Implementation of the AttributeProviderMap using a LinkedHashMap. - * - * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) - * - * @version $Revision: 1.01 $, $Date: 2013-09-20 $ - * - * @see LinkedHashMap - */ -public class AttributeProvidersMap extends LinkedHashMap<AttributeSource, IPersonalAttributeList> - implements IAttributeProvidersMap { - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(AttributeProvidersMap.class.getName()); - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 8949081185106296122L; - - /** - * {@inheritDoc} - */ - @Override - public IPersonalAttributeList get(final AttributeSource key) { - return this.get((Object) key); - } - - /** - * {@inheritDoc} - */ - @Override - public IPersonalAttributeList remove(final AttributeSource key) { - return this.remove((Object) key); - } - - /** - * {@inheritDoc} - */ - @Override - public boolean containsKey(final AttributeSource key) { - return this.containsKey((Object) key); - } - - /** - * {@inheritDoc} - */ - @Override - public Iterator<AttributeSource> keyIterator() { - return this.keySet().iterator(); - } - - public void trace() { - Iterator<AttributeSource> iterator; - Iterator<PersonalAttribute> iterator2; - AttributeSource source; - IPersonalAttributeList pal; - PersonalAttribute pa; - - iterator = this.keyIterator(); - LOG.trace("Start dumping of AttributeProvidersMap\n======================="); - while (iterator.hasNext()) { - source = iterator.next(); - - LOG.trace("Source details: type [" + source.getSourceType() + "], URL [" + source.getProviderURL() + "]"); - - if(source.getSourceType() == AttributeSource.SOURCE_LOCAL_APROVIDER) { - LOG.trace("-> Attribute Provider: ID [" + source.getProvider().getProviderId() + "], name [" + source.getProvider().getProviderName() + "]"); - } - else { - LOG.trace("-> Country: ID [" + source.getCountry().getCountryId() + "], name [" + source.getCountry().getCountryName() + "]"); - } - - pal = this.get(source); - LOG.trace("++++++++=>"); - iterator2 = pal.iterator(); - while (iterator2.hasNext()) { - pa = iterator2.next(); - - LOG.trace("-> Citizen Attribute: name [" + pa.getName() + "], required [" + pa.isRequired() + "]"); - } - LOG.trace("<=++++++++"); - - LOG.trace("-----------------------"); - } - LOG.trace("END\n======================="); - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java deleted file mode 100644 index e1ae0049d..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java +++ /dev/null @@ -1,188 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -import org.apache.log4j.Logger; - -/** - * This class is a bean used to store the information relative to the Attribute Source (either AttributeProvider or Country). - * - * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) - * - * @version $Revision: 1.10 $, $Date: 2013-11-29 $ - */ -public final class AttributeSource implements Serializable { - /** - * Unique identifier. - */ - private static final long serialVersionUID = 432243595968469014L; - - public static final int SOURCE_LOCAL_APROVIDER = 1; - public static final int SOURCE_REMOTE_COUNTRY = 2; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(AttributeSource.class.getName()); - - /** - * Provider source. - */ - private int sourceType; - - /** - * Provider URL. - */ - private String providerURL; - - /** - * The local Attribute Provider. - */ - private AttributeProvider provider; - - /** - * The remote Country. - */ - private Country country; - - /** - * Attribute Source Constructor. - * - * @param provider The local Attribute Provider. - * @param pURL URL of the Attribute Provider. - */ - public AttributeSource(final AttributeProvider provider, final String pURL) { - this.setSourceType(SOURCE_LOCAL_APROVIDER); - - this.setProvider(provider); - this.setProviderURL(pURL); - } - - /** - * Attribute Source Constructor. - * - * @param country The remote Country. - * @param pURL URL of the Country. - */ - public AttributeSource(final Country country, final String pURL) { - this.setSourceType(SOURCE_REMOTE_COUNTRY); - - this.setCountry(country); - this.setProviderURL(pURL); - } - - /** - * @param sourceType the sourceType to set - */ - public void setSourceType(final int sourceType) { - this.sourceType = sourceType; - } - - /** - * @return the sourceType - */ - public int getSourceType() { - return sourceType; - } - - /** - * @param providerURL the providerURL to set - */ - public void setProviderURL(final String providerURL) { - this.providerURL = providerURL; - } - - /** - * @return the providerURL - */ - public String getProviderURL() { - return providerURL; - } - - /** - * @param provider the provider to set - */ - public void setProvider(final AttributeProvider provider) { - this.setSourceType(SOURCE_LOCAL_APROVIDER); - - this.provider = provider; - } - - /** - * @return the provider - */ - public AttributeProvider getProvider() { - return provider; - } - - /** - * @param country the country to set - */ - public void setCountry(final Country country) { - this.setSourceType(SOURCE_REMOTE_COUNTRY); - - this.country = country; - } - - /** - * @return the country - */ - public Country getCountry() { - return country; - } - - /** - * {@inheritDoc} - */ - public boolean equals(Object obj) { - boolean outcome = false; - - LOG.debug("Calling equals with Object."); - if ( obj instanceof AttributeSource ) { - LOG.debug("Calling equals with AttributeSource."); - outcome = this.equals((AttributeSource)obj); - } - - LOG.debug("Object equals outcome: " + outcome); - return outcome; - } - - /** - * Compare the given AttributeSource with the current object in order to determinine - * if they are equal. - * - * @param obj The AttributeSource to compare to - * - * @return true if the two objects are equal - */ - public boolean equals(AttributeSource obj) { - boolean outcome = false; - - if ( this.sourceType==obj.getSourceType() ) { - if ( this.sourceType==AttributeSource.SOURCE_LOCAL_APROVIDER ) { - if ( this.provider.getProviderId().equals(obj.getProvider().getProviderId()) ) - outcome = true; - } - else if ( this.sourceType==AttributeSource.SOURCE_REMOTE_COUNTRY ) { - if ( this.country.getCountryId().equals(obj.getCountry().getCountryId()) ) - outcome = true; - } - } - - LOG.debug("AttributeSource equals outcome: " + outcome); - return outcome; - } - - /** - * {@inheritDoc} - */ - public int hashCode() { - int hash = 1; - hash = hash * 17 + this.sourceType; - if ( this.sourceType==AttributeSource.SOURCE_LOCAL_APROVIDER ) - hash = hash * 31 + this.provider.getProviderName().hashCode(); - else - hash = hash * 31 + this.country.getCountryName().hashCode(); - return hash; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java deleted file mode 100644 index af7ab6cf3..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java +++ /dev/null @@ -1,231 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -import org.apache.commons.lang.StringUtils; - -/** - * This class holds static helper methods. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.5 $, $Date: 2010-12-15 23:19:59 $ - */ -public final class AttributeUtil { - - /** - * Private constructor. Prevents the class from being instantiated. - */ - private AttributeUtil() { - // empty constructor - } - - /** - * Safe escape any given string. - * - * @param value The HTTP Value to escaped. - * - * @return The value escaped value. - */ - public static String escape(final String value) { - - final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString(); - final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); - final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString(); - - final String escAttrSep = "%" + (int) attrSep.charAt(0); - final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0); - final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0); - - return value.replace(attrSep, escAttrSep) - .replace(attrTupleSep, escAttrTupleSep) - .replace(attrValueSep, escAttrValueSep); - } - - /** - * Unescape any given string. - * - * @param value The HTTP Value to be unescaped. - * - * @return The value unescaped value. - */ - public static String unescape(final String value) { - final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString(); - final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); - final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString(); - - final String escAttrSep = "%" + (int) attrSep.charAt(0); - final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0); - final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0); - - return value.replace(escAttrSep, attrSep) - .replace(escAttrTupleSep, attrTupleSep) - .replace(escAttrValueSep, attrValueSep); - } - - /** - * Appends the string representation of an object to a StringBuilder. - * - * @param strBuilder The StringBuilder to append to. - * @param val The string representation of an object. - */ - public static void appendIfNotNull(final StringBuilder strBuilder, - final Object val) { - - if (val != null) { - strBuilder.append(val); - } - } - - /** - * Given a separator and a list of strings, joins the list, as a string, - * separated by the separator string. - * - * @param list The list of strings to join. - * @param separator The separator string. - * @return the list, as a string, separated by the separator string. - */ - public static String listToString(final List<String> list, - final String separator) { - - final StringBuilder strBuilder = new StringBuilder(); - for (final String s : list) { - if (!StringUtils.isEmpty(s)) { - strBuilder.append(AttributeUtil.escape(s) + separator); - } - } - return strBuilder.toString(); - } - - /** - * Given a separator and a map of strings to strings, joins the map, as a - * string, separated by the separator string with the pair key/value - * concatenated with a '='. - * - * @param map The map of strings to join. - * @param separator The separator string. - * - * @return the map of strings, as a string, separated by the separator string - * with the pair key/value concatenated with a '='. - */ - public static String mapToString(final Map<String, String> map, - final String separator) { - - final StringBuilder strBuilder = new StringBuilder(); - final Iterator<Entry<String, String>> valuesIt = map.entrySet().iterator(); - while (valuesIt.hasNext()) { - final Entry<String, String> entry = valuesIt.next(); - strBuilder.append(entry.getKey()); - strBuilder.append('='); - strBuilder.append(AttributeUtil.escape(entry.getValue())); - strBuilder.append(separator); - } - return strBuilder.toString(); - } - - /** - * Validates the attribute value format. - * - * @param value The attribute value to validate. - * - * @return true if value has a valid format. - */ - public static boolean isValidValue(final String value) { - boolean retVal = false; - if (value != null && value.charAt(0) == '[' && value.endsWith("]")) { - final String tmpAttrValue = value.substring(1, value.length() - 1); - final String[] vals = - tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - if (tmpAttrValue.length() >= 0 - || (vals.length > 0 && vals[0].length() > 0)) { - retVal = true; - } - } - return retVal; - } - - /** - * Validates the attribute type value. It's case insensitive. E.g. return true - * value to: a) "true", "TRUE", "True", ... b) "false", "FALSE", "False", ... - * - * @param type The attribute type value. - * - * @return true if type has a true or false (case insensitive) value. - */ - public static boolean isValidType(final String type) { - return StringUtils.isNotEmpty(type) && (PEPSValues.TRUE.toString().equalsIgnoreCase(type) || PEPSValues.FALSE.toString().equalsIgnoreCase(type)) ; - } - - /** - * Validates the Personal attribute tuple. E.g. name:type:[value]:status - * - * @param tuples The Personal attribute's tuple. - * - * @return true if the tuples' format is valid. - * - * @see PEPSUtil#validateParameter(String, String, String) - * @see String#equalsIgnoreCase(String) - */ - public static boolean hasValidTuples(final String[] tuples) { - boolean retVal = false; - - final int numberTuples = AttributeConstants.NUMBER_TUPLES.intValue(); - if (tuples != null && tuples.length == numberTuples) { - // validate attrName - final int attrNameIndex = AttributeConstants.ATTR_NAME_INDEX.intValue(); - final int attrTypeIndex = AttributeConstants.ATTR_TYPE_INDEX.intValue(); - final int attrValueIndex = AttributeConstants.ATTR_VALUE_INDEX.intValue(); - - retVal = - StringUtils.isNotEmpty(tuples[attrNameIndex]) - && StringUtils.isNotEmpty(tuples[attrTypeIndex]) - && StringUtils.isNotEmpty(tuples[attrValueIndex]) - && AttributeUtil.isValidType(tuples[attrTypeIndex]) - && AttributeUtil.isValidValue(tuples[attrValueIndex]); - } - return retVal; - } - - /** - * Check if all mandatory attributes have values. - * - * @param personalAttrList The Personal Attributes List. - * - * @return true if all mandatory attributes have values, false if at least one - * attribute doesn't have value. - */ - public static boolean checkMandatoryAttributes( - final IPersonalAttributeList personalAttrList) { - - final Iterator<PersonalAttribute> itAttributes = - personalAttrList.values().iterator(); - boolean retVal = true; - while (itAttributes.hasNext() && retVal) { - final PersonalAttribute attr = itAttributes.next(); - if (attr.isRequired() - && !STORKStatusCode.STATUS_AVAILABLE.toString() - .equals(attr.getStatus())) { - retVal = false; - } - } - return retVal; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java deleted file mode 100644 index 9ebcfbd5a..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java +++ /dev/null @@ -1,123 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.ArrayList; -import java.util.List; - -/** - * This class is a bean used to store the information relative to the Citizen - * Consent. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class CitizenConsent { - - /** - * Mandatory attributes list. - */ - private List<String> mandatoryList; - - /** - * Optional attributes list. - */ - private List<String> optionalList; - - /** - * Citizen Consent default Constructor. - */ - public CitizenConsent() { - this.mandatoryList = new ArrayList<String>(); - this.optionalList = new ArrayList<String>(); - } - - /** - * Getter for the mandatoryList value. - * - * @return The mandatoryList value. - */ - public List<String> getMandatoryList() { - return this.mandatoryList; - } - - /** - * Setter for the mandatoryList value. - * - * @param mandatoryAttrList Mandatory parameters list. - */ - public void setMandatoryList(final List<String> mandatoryAttrList) { - this.mandatoryList = mandatoryAttrList; - } - - /** - * Setter for some mandatoryAttribute. Adds the input parameter to the - * mandatoryList. - * - * @param mandatoryAttr Attribute to add to the mandatoryList. - */ - public void setMandatoryAttribute(final String mandatoryAttr) { - this.mandatoryList.add(mandatoryAttr); - } - - /** - * Getter for the optionalList value. - * - * @return The optionalList value. - */ - public List<String> getOptionalList() { - return optionalList; - } - - /** - * Setter for the optionalList value. - * - * @param optAttrList Optional parameters list. - */ - public void setOptionalList(final List<String> optAttrList) { - this.optionalList = optAttrList; - } - - /** - * Setter for some optionalAttr. Adds the input parameter to the optionalList. - * - * @param optionalAttr Attribute to add to the optionalList. - */ - public void setOptionalAttribute(final String optionalAttr) { - this.optionalList.add(optionalAttr); - } - - /** - * Returns a string in the following format. "Mandatory attributes: - * mandatoryAttr1;mandatoryAttr2;mandatoryAttrN Optional attributes: - * optionalAttr1;optionalAttr2;optionalAttrN" - * - * @return {@inheritDoc} - */ - public String toString() { - final StringBuilder strbldr = new StringBuilder(46); - strbldr.append("Mandatory attributes: "); - for (final String str : mandatoryList) { - strbldr.append(str).append(';'); - } - strbldr.append(" Optional attributes: "); - for (final String str : optionalList) { - strbldr.append(str).append(';'); - } - return strbldr.toString(); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java deleted file mode 100644 index 001f9317a..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java +++ /dev/null @@ -1,95 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -/** - * This class is a bean used to store the information relative to the Country. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.10 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class Country implements Serializable { - - /** - * - */ - private static final long serialVersionUID = 1135994036496370993L; - -/** - * Country Id. - */ - private String countryId; - - /** - * Country Name. - */ - private String countryName; - - /** - * Country Constructor. - * - * @param cId Id of the Country. - * @param cName Name of the Country. - */ - public Country(final String cId, final String cName) { - - this.countryId = cId; - this.countryName = cName; - } - - /** - * Getter for the countryId value. - * - * @return The countryId value. - */ - public String getCountryId() { - - return countryId; - } - - /** - * Setter for the countryId value. - * - * @param cId Id of the Country. - */ - public void setCountryId(final String cId) { - - this.countryId = cId; - } - - /** - * Getter for the countryName value. - * - * @return The countryName value. - */ - public String getCountryName() { - - return countryName; - } - - /** - * Setter for the countryName value. - * - * @param name Name of the Country. - */ - public void setCountryName(final String name) { - - this.countryName = name; - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java deleted file mode 100644 index 54345f3ea..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.Arrays; -import java.util.List; - -/** - * This class contains all the ISO 3166-1 Alpha 3 Country Codes. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.2 $, $Date: 2011-04-14 00:24:56 $ - */ -public final class CountryCodes { - - /** - * Private Constructor. - */ - private CountryCodes() { - - } - - /** - * ISO 3166-1 Alpha 3 Country Codes. - */ - private static List<String> countrysAlpha3 = Arrays.asList("ABW", "AFG", - "AGO", "AIA", "ALA", "ALB", "AND", "ANT", "ARE", "ARG", "ARM", "ASM", - "ATA", "ATF", "ATG", "AUS", "AUT", "AZE", "BDI", "BEL", "BEN", "BES", - "BFA", "BGD", "BGR", "BHR", "BHS", "BIH", "BLM", "BLR", "BLZ", "BMU", - "BOL", "BRA", "BRB", "BRN", "BTN", "BUR", "BVT", "BWA", "BYS", "CAF", - "CAN", "CCK", "CHE", "CHL", "CHN", "CIV", "CMR", "COD", "COG", "COK", - "COL", "COM", "CPV", "CRI", "CSK", "CUB", "CUW", "CXR", "CYM", "CYP", - "CZE", "DEU", "DJI", "DMA", "DNK", "DOM", "DZA", "ECU", "EGY", "ERI", - "ESH", "ESP", "EST", "ETH", "FIN", "FJI", "FLK", "FRA", "FRO", "FSM", - "GAB", "GBR", "GEO", "GGY", "GHA", "GIB", "GIN", "GLP", "GMB", "GNB", - "GNQ", "GRC", "GRD", "GRL", "GTM", "GUF", "GUM", "GUY", "HKG", "HMD", - "HND", "HRV", "HTI", "HUN", "IDN", "IMN", "IND", "IOT", "IRL", "IRN", - "IRQ", "ISL", "ISR", "ITA", "JAM", "JEY", "JOR", "JPN", "KAZ", "KEN", - "KGZ", "KHM", "KIR", "KNA", "KOR", "KWT", "LAO", "LBN", "LBR", "LBY", - "LCA", "LIE", "LKA", "LSO", "LTU", "LUX", "LVA", "MAC", "MAF", "MAR", - "MCO", "MDA", "MDG", "MDV", "MEX", "MHL", "MKD", "MLI", "MLT", "MMR", - "MNE", "MNG", "MNP", "MOZ", "MRT", "MSR", "MTQ", "MUS", "MWI", "MYS", - "MYT", "NAM", "NCL", "NER", "NFK", "NGA", "NIC", "NIU", "NLD", "NOR", - "NPL", "NRU", "NZL", "OMN", "PAK", "PAN", "PCN", "PER", "PHL", "PLW", - "PNG", "POL", "PRI", "PRK", "PRT", "PRY", "PSE", "PYF", "QAT", "REU", - "ROM", "ROU", "RUS", "RWA", "SAU", "SCG", "SDN", "SEN", "SGP", "SGS", - "SHN", "SJM", "SLB", "SLE", "SLV", "SMR", "SOM", "SPM", "SRB", "STP", - "SUR", "SVK", "SVN", "SXW", "SWE", "SWZ", "SYC", "SYR", "TCA", "TCD", - "TGO", "THA", "TJK", "TKL", "TKM", "TLS", "TMP", "TON", "TTO", "TUN", - "TUR", "TUV", "TWN", "TZA", "UGA", "UKR", "UMI", "URY", "USA", "UZB", - "VAT", "VCT", "VEN", "VGB", "VIR", "VNM", "VUT", "WLF", "WSM", "YEM", - "YUG", "ZAF", "ZAR", "ZMB", "ZWE"); - - /** - * Searches the CountryCode (3166-1 alpha3 format) an return true if it - * exists. - * - * @param countryCode The Country code to search. - * - * @return true if the CountryCode exists, false otherwise. - */ - public static boolean hasCountryCodeAlpha3(final String countryCode) { - - return CountryCodes.countrysAlpha3.contains(countryCode); - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java deleted file mode 100644 index 9c0bd6775..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java +++ /dev/null @@ -1,169 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.sql.Timestamp; -import java.util.GregorianCalendar; - -import org.apache.log4j.Logger; -import org.joda.time.DateTime; -import org.joda.time.Years; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; - -import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException; - -/** - * This class holds static helper methods for Date Operations. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.4 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class DateUtil { - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(DateUtil.class.getName()); - - /** - * yyyy Date format size. - */ - private static final int YEAR_DATE_SIZE = 4; - - /** - * yyyyMM Date format size. - */ - private static final int MONTH_DATE_SIZE = 6; - - /** - * Private constructor. Prevents the class from being instantiated. - */ - private DateUtil() { - // empty constructor - } - - /** - * Fulfils dateValue with a valid date. The following roles are applied: a) If - * the dateValue only contains the year then fulfils with last year's day. - * e.g. this method returns 19951231 to the 1995 dateValue. b) If the - * dateValue contains the year and the month then fulfils with last month's - * day. e.g. this method returns 19950630 to the 199505 dateValue. - * - * @param dateValue The date to be fulfilled. - * - * @return The dateValue fulfilled. - */ - private static String fulfilDate(final String dateValue) { - - final StringBuffer strBuf = new StringBuffer(); - strBuf.append(dateValue); - // if the IdP just provides the year then we must fullfil the date. - if (dateValue.length() == YEAR_DATE_SIZE) { - strBuf.append(PEPSValues.LAST_MONTH.toString()); - } - // if the IdP provides the year and the month then we must fullfil the - // date. - if (dateValue.length() == MONTH_DATE_SIZE - || strBuf.length() == MONTH_DATE_SIZE) { - // IdP doesn't provide the day, so we will use DateTime to - // calculate it. - final String noDayCons = PEPSValues.NO_DAY_DATE_FORMAT.toString(); - final DateTimeFormatter fmt = DateTimeFormat.forPattern(noDayCons); - final DateTime dateTime = fmt.parseDateTime(strBuf.toString()); - // Append the last month's day. - strBuf.append(dateTime.dayOfMonth().withMaximumValue().getDayOfMonth()); - } - - return strBuf.toString(); - } - - /** - * Validates the dateValue format: a) if has a valid size; b) if has a numeric - * value; Note: dateValue must have the format yyyyMMdd. - * - * @param dateValueTmp The date to be validated. - * @param pattern The accepted date format. - * - * @return true if the date has a valid format. - */ - public static boolean isValidFormatDate(final String dateValueTmp, - final String pattern) { - - boolean retVal = true; - try { - final String dateValue = DateUtil.fulfilDate(dateValueTmp); - - final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern); - fmt.parseDateTime(dateValue); - } catch (final Exception e) { - // We catch Exception because we only have to return false - // value! - retVal = false; - } - return retVal; - } - - /** - * Calculates the age for a given date string. - * - * @param dateVal The date to be validated. - * @param now The current date. - * @param pattern The date pattern. - * - * @return The age value. - */ - public static int calculateAge(final String dateVal, final DateTime now, - final String pattern) { - - if (DateUtil.isValidFormatDate(dateVal, pattern)) { - try { - final String dateValueTemp = DateUtil.fulfilDate(dateVal); - final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern); - final DateTime dateTime = fmt.parseDateTime(dateValueTemp); - // Calculating age - final Years age = Years.yearsBetween(dateTime, now); - - return age.getYears(); - } catch (final IllegalArgumentException e) { - LOG.warn("Invalid date format (" + pattern - + ") or an invalid dateValue."); - throw new SecurityPEPSException( - PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()), - PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage()), - e); - } - } else { - LOG.warn("Couldn't calculate Age, invalid date!"); - throw new SecurityPEPSException( - PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()), - PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage())); - } - - } - - /** - * Generates the current timestamp. - * - * @return timestamp The current timestamp - */ - public static Timestamp currentTimeStamp() { - final GregorianCalendar cal = new GregorianCalendar(); - final long millis = cal.getTimeInMillis(); - return new Timestamp(millis); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java deleted file mode 100644 index b13c70f04..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java +++ /dev/null @@ -1,148 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.util.List; -import java.util.Map; - -/** - * Interface for {@link AttributeListProcessor}. - * - * @author ricardo.ferreira@multicert.com - * - * @version $Revision: $, $Date: $ - * - * @see IPersonalAttributeList - */ -public interface IAttributeListProcessor { - - /** - * Checks if attribute list only contains allowed attributes. - * - * @param attrList the requested attribute list - * @param attributes the allowed attributes - * - * @return true is all the attributes are allowed. - * - * @see IPersonalAttributeList - */ - boolean hasAllowedAttributes(final IPersonalAttributeList attrList, final List<String> attributes); - - /** - * Lookup for business attribute. - * - * @param attrList the requested attribute list - * @param normalAttributes the normal attributes - * - * @return true is at least one business attribute was requested. - * - * @see IPersonalAttributeList - */ - boolean hasBusinessAttributes(final IPersonalAttributeList attrList, final List<String> normalAttributes); - - /** - * Lookup for business attribute in normal attribute list (loaded by - * implementation). - * - * @param attrList the requested attribute list - * - * @return true is at least one business attribute was requested. - * - * @see IPersonalAttributeList - */ - boolean hasBusinessAttributes(final IPersonalAttributeList attrList); - - /** - * Adds eIdentifier, name, surname, and DateOfBirth attributes to get business - * attributes from some AP. - * - * @param attrList the requested attribute list - * @param attributes the list of attributes to add (eIdentifier, name, - * surname, and DateOfBirth). - * - * @return the requested attribute list and the new attributes added - * (eIdentifier, name, surname, and DateOfBirth). - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList, final List<String> attributes); - - /** - * Adds eIdentifier, name, surname, and DateOfBirth attributes, loaded by - * implementation, to get business attributes from some AP. - * - * @param attrList the requested attribute list - * - * @return the requested attribute list and the new attributes added - * (eIdentifier, name, surname, and DateOfBirth). - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList); - - /** - * Removes from attribute list the given list of attributes. - * - * @param attrList the requested attribute list - * @param attributes the list of attributes to remove. - * - * @return the requested attribute list and the attributes removed. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList removeAPMandatoryAttributes(final IPersonalAttributeList attrList, final List<String> attributes); - - /** - * Removes from attribute list the given list of attributes and change - * attributes status if attribute was optional in the request. - * - * @param attrList the requested attribute list - * @param attributes the map of attributes (attribute name, mandatory/optional) to remove. - * - * @return the requested attribute list and the attributes removed - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList removeAPMandatoryAttributes(IPersonalAttributeList attrList, Map<String, Boolean> attributes); - - /** - * Checks if mandate attribute exist in the requested Attribute List. Power - * attribute name to lookup is loaded by implementation. - * - * @param attrList the requested attribute list. - * - * @return true if mandate attribute exists or false otherwise. - * - * @see IPersonalAttributeList - */ - boolean hasPowerAttribute(final IPersonalAttributeList attrList); - - /** - * Checks if attribute name was requested and has value. - * - * @param attrList the requested attribute list. - * @param attrName the attribute name to lookup for . - * - * @return true if attribute was requested and has value or false otherwise. - * - * @see IPersonalAttributeList - */ - boolean hasAttributeValue(final IPersonalAttributeList attrList, final String attrName); - - /** - * Checks if attribute has value. - * - * @param attr the attribute to check. - * - * @return true if has value; - * - * @see PersonalAttribute - */ - boolean hasAttributeValue(final PersonalAttribute attr); - - /** - * Gets a map (attribute name, attribute isRequired) of attributes added to attribute list. - * - * @return the Map of attributes added and if is required to attribute list. - */ - Map<String, Boolean> getNormalAttributesAdded(); - -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java deleted file mode 100644 index 5833f6822..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java +++ /dev/null @@ -1,82 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.util.Iterator; - -/** - * Interface for Attributes Providers map. - * - * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) - * - * @version $Revision: 1.00 $, $Date: 2013-09-20 $ - */ -public interface IAttributeProvidersMap { - - /** - * Returns the object associated the the given key. - * - * @param key with which the specified value is to be associated. - * - * @return The object associated the the given key. - */ - IPersonalAttributeList get(AttributeSource key); - - /** - * Associates a key to a value, and inserts them in the session object. - * - * @param key with which the specified value is to be associated. - * @param value to be associated with the specified key. - * - * @return previous value associated with specified key, or null if there was - * no mapping for key. A null return can also indicate that the map - * previously associated null with the specified key. - */ - Object put(AttributeSource key, IPersonalAttributeList value); - - /** - * Removes the mapping for this key. - * - * @param key with which the specified value is to be associated. - * - * @return previous value associated with specified key, or null if there was - * no mapping for key. A null return can also indicate that the map - * previously associated null with the specified key. - */ - IPersonalAttributeList remove(AttributeSource key); - - /** - * Returns the number of key-value mappings in this map. - * - * @return the number of key-value mappings in this map. - */ - int size(); - - /** - * Returns true if this map contains a mapping for the specified key. - * - * @param key with which the specified value is to be associated. - * - * @return true if this map contains a mapping for the specified key. - */ - boolean containsKey(AttributeSource key); - - /** - * Removes all mappings from this map. - */ - void clear(); - - /** - * Returns true if this map contains no key-value mappings. - * - * @return true if this map contains no key-value mappings. - */ - boolean isEmpty(); - - /** - * Returns an Iterator of the keys contained in this map. The implementation must - * take care in order for the Iterator to have predictable order of the returned - * keys. - * - * @return an iterator of the keys contained in this map - */ - Iterator<AttributeSource> keyIterator(); -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java deleted file mode 100644 index b24c915c0..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java +++ /dev/null @@ -1,194 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.Collection; -import java.util.Iterator; -import java.util.Set; - -/** - * Interface for {@link PersonalAttributeList}. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.16 $, $Date: 2010-11-17 05:15:28 $ - * - * @see PersonalAttribute - */ -@SuppressWarnings("PMD.CloneMethodMustImplementCloneable") -public interface IPersonalAttributeList extends Iterable<PersonalAttribute>, - Cloneable { - - /** - * Associates the specified value with the specified key in this Personal - * Attribute List. - * - * @param key with which the specified value is to be associated. - * @param value to be associated with the specified key. - * - * @return the previous value associated with key, or null if there was no - * mapping for key. - * - * @see PersonalAttribute - */ - PersonalAttribute put(String key, PersonalAttribute value); - - /** - * Returns the value to which the specified key is mapped, or null if this map - * contains no mapping for the key. - * - * @param key whose associated value is to be returned. - * - * @return The value to which the specified key is mapped, or null if this map - * contains no mapping for the key. - * - * @see PersonalAttribute - */ - PersonalAttribute get(Object key); - - /** - * Adds to the PersonalAttributeList the given PersonalAttribute. It sets the - * attribute name as the key to the attribute value. - * - * @param value PersonalAttribute to add to the PersonalAttributeList - */ - void add(PersonalAttribute value); - - /** - * Get the size of the Personal Attribute List. - * - * @return size of the Personal Attribute List. - */ - int size(); - - /** - * Checks if the Personal Attribute List contains the given key. - * - * @param key with which the specified value is to be associated. - * - * @return true if the Personal Attribute List contains the given key, false - * otherwise. - */ - boolean containsKey(Object key); - - /** - * Getter for the iterator of the Personal Attribute List values. - * - * @return The iterator for the Personal Attribute List values. - * - * @see PersonalAttribute - */ - Iterator<PersonalAttribute> iterator(); - - /** - * Creates a Personal Attribute List from a String representing an Attribute - * List. - * - * @param attrList String Object representing the attribute list. - */ - void populate(String attrList); - - /** - * Removes the mapping for this key from this map if present. - * - * @param key key whose mapping is to be removed from the map. - * @return previous value associated with specified key, or <tt>null</tt> if - * there was no mapping for key. A <tt>null</tt> return can also - * indicate that the map previously associated <tt>null</tt> with the - * specified key. - */ - PersonalAttribute remove(Object key); - - /** - * Returns a collection view of the values contained in this map. The - * collection is backed by the map, so changes to the map are reflected in the - * collection, and vice-versa. The collection supports element removal, which - * removes the corresponding mapping from this map, via the - * <tt>Iterator.remove</tt>, <tt>Collection.remove</tt>, <tt>removeAll</tt>, - * <tt>retainAll</tt>, and <tt>clear</tt> operations. It does not support the - * <tt>add</tt> or <tt>addAll</tt> operations. - * - * @return a collection view of the values contained in this map. - */ - Collection<PersonalAttribute> values(); - - /** - * Returns a {@link Set} view of the keys contained in this map. - * The set is backed by the map, so changes to the map are - * reflected in the set, and vice-versa. If the map is modified - * while an iteration over the set is in progress (except through - * the iterator's own <tt>remove</tt> operation), the results of - * the iteration are undefined. The set supports element removal, - * which removes the corresponding mapping from the map, via the - * <tt>Iterator.remove</tt>, <tt>Set.remove</tt>, - * <tt>removeAll</tt>, <tt>retainAll</tt>, and <tt>clear</tt> - * operations. It does not support the <tt>add</tt> or <tt>addAll</tt> - * operations. - * - * @return a set view of the keys contained in this map - */ - Set<String> keySet(); - - - /** - * Returns a IPersonalAttributeList of the complex attributes. - * - * @return an IPersonalAttributeList of the complex attributes. - */ - IPersonalAttributeList getComplexAttributes(); - - /** - * Returns a IPersonalAttributeList of the simple value attributes. - * - * @return an IPersonalAttributeList of the simple value attributes. - */ - IPersonalAttributeList getSimpleValueAttributes(); - - /** - * Returns a IPersonalAttributeList of the mandatory attributes in this map. - * - * @return an IPersonalAttributeList of the mandatory attributes contained in this map. - */ - IPersonalAttributeList getMandatoryAttributes(); - - /** - * Returns a IPersonalAttributeList of the optional attributes in this map. - * - * @return an IPersonalAttributeList of the optional attributes contained in this map. - */ - IPersonalAttributeList getOptionalAttributes(); - - /** - * Returns <tt>true</tt> if this map contains no key-value mappings. - * - * @return <tt>true</tt> if this map contains no key-value mappings. - */ - boolean isEmpty(); - - /** - * Returns <tt>true</tt> if this map contains at least one element that doesn't have value. - * - * @return <tt>true</tt> if this map contains at least one element that doesn't have value. - */ - boolean hasMissingValues(); - - /** - * Returns a copy of this <tt>IPersonalAttributeList</tt> instance. - * - * @return The copy of this IPersonalAttributeList. - */ - Object clone() throws CloneNotSupportedException; - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java deleted file mode 100644 index 33eb618f0..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java +++ /dev/null @@ -1,239 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * Interface for stork logging. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $ - */ -public interface IStorkLogger { - - /** - * Getter for SpApplication. - * - * @return The SpApplication value. - */ - String getSpApplication(); - - /** - * Setter for SpApplication. - * - * @param spApplication The SP Application. - */ - void setSpApplication(String spApplication); - - /** - * Getter for ProviderName. - * - * @return The ProviderName value. - */ - String getProviderName(); - - /** - * Setter for ProviderName. - * - * @param providerName The provider name. - */ - void setProviderName(String providerName); - - /** - * - * Getter for Origin. - * - * @return The Origin value. - * - */ - String getOrigin(); - - /** - * Setter for Origin. - * - * @param origin The origin. - */ - void setOrigin(String origin); - - /** - * - * Getter for QAA Level. - * - * @return The QAA Level value. - * - */ - int getQaaLevel(); - - /** - * Setter for QAA Level. - * - * @param qaaLevel The qaa level. - */ - void setQaaLevel(int qaaLevel); - - /** - * - * Getter for timestamp. - * - * @return The timestamp value. - * - */ - String getTimestamp(); - - /** - * Setter for timestamp. - * - * @param timestamp The request's timestamp. - */ - void setTimestamp(String timestamp); - - /** - * Getter for InResponseTo. - * - * @return The InResponseTo value. - */ - String getInResponseTo(); - - /** - * Setter for InResponseTo. - * - * @param inResponseTo The Saml's response id. - */ - void setInResponseTo(String inResponseTo); - - /** - * Getter for InResponseToSPReq. - * - * @return The InResponseToSPReq value. - */ - String getInResponseToSPReq(); - - /** - * Setter for InResponseToSPRequ. - * - * @param inResponseToSPReq The Saml's response id. - */ - void setInResponseToSPReq(String inResponseToSPReq); - - /** - * Getter for opType. - * - * @return The opType value. - */ - String getOpType(); - - /** - * Setter for opType. - * - * @param opType The operation type. - */ - void setOpType(String opType); - - /** - * Getter for destination. - * - * @return The destination value. - */ - String getDestination(); - - /** - * Setter for destinationIp. - * - * @param destination The remote IP. - */ - void setDestination(String destination); - - /** - * Getter for message or assertion consumer. - * - * @return The message or assertion consumer. - */ - String getMessage(); - - /** - * Setter for message or assertion consumer. - * - * @param message or assertion consumer. - */ - void setMessage(String message); - - /** - * Getter for country. - * - * @return The country value. - */ - String getCountry(); - - /** - * Setter for country. - * - * @param country The country. - */ - void setCountry(String country); - - /** - * Getter for samlHash. - * - * @return The samlHash value. - */ - byte[] getSamlHash(); - - /** - * Setter for samlHash. - * - * @param samlHash the encrypted SAML token - */ - void setSamlHash(byte[] samlHash); - - /** - * Getter for msgId. - * - * @return the msgId - */ - String getMsgId(); - - /** - * Setter for msgId. - * - * @param msgId the ID of the originator of this message - */ - void setMsgId(String msgId); - - /** - * Getter for sPMsgId. - * - * @return the sPMsgId - */ - String getSPMsgId(); - - /** - * Setter for sPMsgId. - * - * @param sPMsgId the ID of the originator of this message - */ - void setSPMsgId(String sPMsgId); - - /** - * The format of the returned String must be the following: - * "requestCounter#ddMMMyyyykk:mm:ss#opType#originIp#originName - * #destinationIp#destinationName#samlHash#[originatorName#msgId#]" - * - * The values enclosed in '[]' only apply when logging responses. - * - * @return {@inheritDoc} - */ - @Override - String toString(); -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java deleted file mode 100644 index f38b41838..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java +++ /dev/null @@ -1,85 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * Interface for stork session. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $ - */ -public interface IStorkSession { - - /** - * Returns the object associated the the given key. - * - * @param key with which the specified value is to be associated. - * - * @return The object associated the the given key. - */ - Object get(Object key); - - /** - * Associates a key to a value, and inserts them in the session object. - * - * @param key with which the specified value is to be associated. - * @param value to be associated with the specified key. - * - * @return previous value associated with specified key, or null if there was - * no mapping for key. A null return can also indicate that the map - * previously associated null with the specified key. - */ - Object put(String key, Object value); - - /** - * Removes the mapping for this key. - * - * @param key with which the specified value is to be associated. - * - * @return previous value associated with specified key, or null if there was - * no mapping for key. A null return can also indicate that the map - * previously associated null with the specified key. - */ - Object remove(Object key); - - /** - * Returns the number of key-value mappings in this map. - * - * @return the number of key-value mappings in this map. - */ - int size(); - - /** - * Returns true if this map contains a mapping for the specified key. - * - * @param key with which the specified value is to be associated. - * - * @return true if this map contains a mapping for the specified key. - */ - boolean containsKey(Object key); - - /** - * Removes all mappings from this map. - */ - void clear(); - - /** - * Returns true if this map contains no key-value mappings. - * - * @return true if this map contains no key-value mappings. - */ - boolean isEmpty(); -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java deleted file mode 100644 index bf236258d..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java +++ /dev/null @@ -1,316 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.LinkedHashMap; -import java.util.List; - -import org.apache.log4j.Logger; - -/** - * This class is a bean used to store the information of Attribute Providers, the Attribute - * List to be requested, the Assertions returned by the Attribute Providers and the values - * that each Attribute has. This information along with the current status of the Linker (the - * attribute providers that were queried and the remaining providers) is used by the PEPS - * actions in order to complete the Attribute gathering. - * - * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) - * - * @version $Revision: 1.50 $, $Date: 2013-11-28 $ - */ -public final class Linker implements Serializable { - /** - * Unique identifier. - */ - private static final long serialVersionUID = -3268006381745987237L; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(Linker.class.getName()); - - /** - * Attributes Providers map. - */ - private IAttributeProvidersMap attributeProvidersMap; - - /** - * Assertion map. - */ - private LinkedHashMap<AttributeSource, STORKAttrQueryResponse> assertions; - - /** - * The current index of local (domestic) Attribute Providers. - */ - private int localIndex; - - /** - * The current index of remote (foreign) Attribute Providers - countries. - */ - private int remoteIndex; - - /** - * Constructs an empty Linker object. - */ - public Linker() { - localIndex = 0; - remoteIndex = 0; - - assertions = new LinkedHashMap<AttributeSource, STORKAttrQueryResponse>(); - } - - /** - * Based on the internal state of the Linker it returns the next local Attribute Source - * - * @return The next Attribute Source or null if not found - * - * @see AttributeSource - */ - public AttributeSource getNextLocalProvider() { - Iterator<AttributeSource> iterator; - AttributeSource source, found; - int curIndex = 0; - - found = null; - - if ( attributeProvidersMap!=null && !attributeProvidersMap.isEmpty() ) { - iterator = attributeProvidersMap.keyIterator(); - while (iterator.hasNext()) { - source = iterator.next(); - - if ( source.getSourceType()==AttributeSource.SOURCE_LOCAL_APROVIDER ) { - if ( curIndex>=localIndex ) { - found = source; - - break; - } - - curIndex++; - } - } - } - - return found; - } - - /** - * Based on the internal state of the Linker it returns the next remote Attribute Source - * - * @return The next Attribute Source or null if not found - * - * @see AttributeSource - */ - public AttributeSource getNextRemoteProvider() { - Iterator<AttributeSource> iterator; - AttributeSource source, found; - int curIndex = 0; - - found = null; - - if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { - iterator = attributeProvidersMap.keyIterator(); - while (iterator.hasNext()) { - source = iterator.next(); - - if ( source.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) { - if ( curIndex>=remoteIndex ) { - found = source; - - break; - } - - curIndex++; - } - } - } - - return found; - } - - /** - * It updates the Linker with the values returned by the Attribute Source. It also advances - * to the next index in order to mark this attribute source as completed. - * - * @param source The Attribute Source that was queried for attribute values. - * @param attrResponse The attrResponse returned by the Attribute Source that contains the attribute values. - * - * @see AttributeSource, STORKAttrQueryResponse - */ - public void setProviderReponse(AttributeSource source, STORKAttrQueryResponse attrResponse) { - if ( source.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) - remoteIndex++; - else - localIndex++; - - //Assertion storage - this.assertions.put(source, attrResponse); - - this.attributeProvidersMap.put(source, attrResponse.getPersonalAttributeList()); - //this.attributeProvidersMap.put(source, attrResponse.getTotalPersonalAttributeList()); - } - - /** - * Reset the internal state of the local Attribute Source in order to start over. - */ - public void resetLocalIndex() { - localIndex = 0; - } - - /** - * Reset the internal state of the remote Attribute Source in order to start over. - */ - public void resetRemoteIndex() { - remoteIndex = 0; - } - - /** - * Setter for attributeProvidersMap. - * - * @param attributeProvidersMap The attributeProvidersMap to set. - */ - public void setAttributeProvidersMap(IAttributeProvidersMap attributeProvidersMap) { - this.attributeProvidersMap = attributeProvidersMap; - } - - /** - * Getter for attributeProvidersMap. - * - * @return attributeProvidersMap - */ - public IAttributeProvidersMap getAttributeProvidersMap() { - return attributeProvidersMap; - } - - /** - * Returns the Personal Attribute list of the provided Attribute Source. - * - * @param source The attributeSource in reference - * - * @return The IPersonalAttributeList assosiated with this source or null if empty - * - * @see IPersonalAttributeList - */ - public IPersonalAttributeList getProviderAttributes(AttributeSource source) { - if ( attributeProvidersMap.containsKey(source) ) - return attributeProvidersMap.get(source); - else - return null; - } - - /** - * Returns the merged Personal Attribute list from all the Attribute Sources. - * - * @return The IPersonalAttributeList merged Personal Attribute list or null if empty - * - * @see IPersonalAttributeList - */ - public IPersonalAttributeList getAllAttributes() { - Iterator<AttributeSource> iterator; - AttributeSource source; - IPersonalAttributeList list, merged; - - merged = null; - - if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { - iterator = attributeProvidersMap.keyIterator(); - - merged = new PersonalAttributeList(); - while (iterator.hasNext()) { - source = iterator.next(); - list = this.getProviderAttributes(source); - - for (final PersonalAttribute pa : list) { - merged.add(pa); - } - } - } - - return merged; - } - - /** - * Returns a List with all the assertions gathered by the AAS-PEPS module - * returned both by local APs or remote A-PEPS. - * - * @return The assertions returned from the APs and A-PEPS - */ - public List<STORKAttrQueryResponse> getAttrQueryResponseList() { - List<STORKAttrQueryResponse> originalAssertions; - - originalAssertions = new ArrayList<STORKAttrQueryResponse>(); - - //Gather all assertions - for (STORKAttrQueryResponse element : this.assertions.values()) { - originalAssertions.add(element); - } - - return originalAssertions; - } - - /** - * Checks the internal state of the Linker and if all Attribute Sources where visited - * returns true, otherwise it returns false. So if you go directly from AtPLinkerAction - * to MoreAttributesAction the call will have, since the method setProviderReponse - * was not executed from every Attribute Source. - * - * @return true if everything is OK, false otherwise - */ - public boolean isComplete() { - boolean outcome = false; - - LOG.debug("Check if linkder is complete: R[" + remoteIndex + "], L[" + localIndex + "], S[" + attributeProvidersMap.size() + "]"); - if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { - if ( (remoteIndex + localIndex)==attributeProvidersMap.size() ) - outcome = true; - } - else { - outcome = true; - } - - return outcome; - } - - /** - * Merge the two Linker objects. - * - * @param previous The other Linker object to merge with this one. - */ - public void mergeWith(Linker previous) { - //BEFORE - if ( LOG.isDebugEnabled() ) { - LOG.debug("The attributeProvidersMap from the current object."); - ((AttributeProvidersMap)this.attributeProvidersMap).trace(); - LOG.debug("The attributeProvidersMap from the provided object."); - ((AttributeProvidersMap)previous.getAttributeProvidersMap()).trace(); - } - - IAttributeProvidersMap map = previous.getAttributeProvidersMap(); - Iterator<AttributeSource> items = map.keyIterator(); - while( items.hasNext() ) { - AttributeSource item = items.next(); - IPersonalAttributeList pal = map.get(item); - - if ( this.attributeProvidersMap.containsKey(item) ) { - IPersonalAttributeList new_pal = this.attributeProvidersMap.get(item); - - for(PersonalAttribute pa : pal) - new_pal.add(pa); - } - else { - if ( item.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) - remoteIndex++; - else - localIndex++; - - this.attributeProvidersMap.put(item, pal); - } - } - - //AFTER - if ( LOG.isDebugEnabled() ) { - LOG.debug("The attributeProvidersMap after the merge."); - ((AttributeProvidersMap)this.attributeProvidersMap).trace(); - } - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java deleted file mode 100644 index 5da9ba494..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java +++ /dev/null @@ -1,392 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains all the STORK PEPS, Commons and Specific errors - * constant identifiers. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $ - */ -public enum PEPSErrors { - - /** - * Represents the 'authenticationFailed' constant error identifier. - */ - AUTHENTICATION_FAILED_ERROR("authenticationFailed"), - /** - * Represents the 'spCountrySelector.errorCreatingSAML' constant error - * identifier. - */ - SP_COUNTRY_SELECTOR_ERROR_CREATE_SAML("spCountrySelector.errorCreatingSAML"), - /** - * Represents the 'spCountrySelector.destNull' constant error identifier. - */ - SP_COUNTRY_SELECTOR_DESTNULL("spCountrySelector.destNull"), - /** - * Represents the 'spCountrySelector.invalidAttr' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_ATTR("spCountrySelector.invalidAttr"), - /** - * Represents the 'spCountrySelector.invalidProviderName' constant error - * identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_PROVIDER_NAME( - "spCountrySelector.invalidProviderName"), - /** - * Represents the 'spCountrySelector.invalidQaaSPid' constant error - * identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_QAASPID("spCountrySelector.invalidQaaSPid"), - /** - * Represents the 'spCountrySelector.invalidSpId' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_SPID("spCountrySelector.invalidSpId"), - /** - * Represents the 'spCountrySelector.invalidSPQAA' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_SPQAA("spCountrySelector.invalidSPQAA"), - /** - * Represents the 'spCountrySelector.invalidSpURL' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_SPURL("spCountrySelector.invalidSpURL"), - /** - * Represents the 'spCountrySelector.spNotAllowed' constant error identifier. - */ - SP_COUNTRY_SELECTOR_SPNOTALLOWED("spCountrySelector.spNotAllowed"), - - /** - * Represents the 'sProviderAction.errorCreatingSAML' constant error - * identifier. - */ - SPROVIDER_SELECTOR_ERROR_CREATE_SAML("sProviderAction.errorCreatingSAML"), - /** - * Represents the 'sProviderAction.attr' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_ATTR("sProviderAction.invalidAttr"), - /** - * Represents the 'sProviderAction.country' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_COUNTRY("sProviderAction.invalidCountry"), - /** - * Represents the 'sProviderAction.relayState' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_RELAY_STATE("sProviderAction.invalidRelayState"), - /** - * Represents the 'sProviderAction.saml' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SAML("sProviderAction.invalidSaml"), - /** - * Represents the 'sProviderAction.spAlias' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPALIAS("sProviderAction.invalidSPAlias"), - /** - * Represents the 'sProviderAction.spDomain' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPDOMAIN("sProviderAction.invalidSPDomain"), - /** - * Represents the 'sProviderAction.spId' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPID("sProviderAction.invalidSPId"), - /** - * Represents the 'sProviderAction.spQAA' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPQAA("sProviderAction.invalidSPQAA"), - /** - * Represents the 'sProviderAction.spQAAId' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPQAAID("sProviderAction.invalidSPQAAId"), - /** - * Represents the 'sProviderAction.spRedirect' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPREDIRECT("sProviderAction.invalidSPRedirect"), - /** - * Represents the 'sPPowerValidationAction.invalidSPPVAttrList' constant error identifier. - */ - SPPOWERVALIDATION_SELECTOR_INVALID_SP_PV_ATTR_LIST("sPPowerValidationAction.invalidSPPVAttrList"), - - /** - * Represents the 'sProviderAction.invalidSPProviderName' constant error - * identifier. - */ - SPROVIDER_SELECTOR_INVALID_SP_PROVIDERNAME( - "sProviderAction.invalidSPProviderName"), - /** - * Represents the 'sProviderAction.spNotAllowed' constant error identifier. - */ - SPROVIDER_SELECTOR_SPNOTALLOWED("sProviderAction.spNotAllowed"), - - - /** - * Represents the 'internalError' constant error identifier. - */ - INTERNAL_ERROR("internalError"), - - /** - * Represents the 'colleagueRequest.attrNull' constant error identifier. - */ - COLLEAGUE_REQ_ATTR_NULL("colleagueRequest.attrNull"), - /** - * Represents the 'colleagueRequest.errorCreatingSAML' constant error - * identifier. - */ - COLLEAGUE_REQ_ERROR_CREATE_SAML("colleagueRequest.errorCreatingSAML"), - /** - * Represents the 'colleagueRequest.invalidCountryCode' constant error - * identifier. - */ - COLLEAGUE_REQ_INVALID_COUNTRYCODE("colleagueRequest.invalidCountryCode"), - /** - * Represents the 'colleagueRequest.invalidDestUrl' constant error identifier. - */ - COLLEAGUE_REQ_INVALID_DEST_URL("colleagueRequest.invalidDestUrl"), - /** - * Represents the 'colleagueRequest.invalidQaa' constant error identifier. - */ - COLLEAGUE_REQ_INVALID_QAA("colleagueRequest.invalidQaa"), - /** - * Represents the 'colleagueRequest.invalidRedirect' constant error - * identifier. - */ - COLLEAGUE_REQ_INVALID_REDIRECT("colleagueRequest.invalidRedirect"), - /** - * Represents the 'colleagueRequest.invalidSAML' constant error identifier. - */ - COLLEAGUE_REQ_INVALID_SAML("colleagueRequest.invalidSAML"), - - /** - * Represents the 'colleaguePVRequest.invalidPVAttrList' constant error identifier. - */ - COLLEAGUE_PV_REQ_INVALID_PV_ATTR_LIST("colleaguePVRequest.invalidPVAttrList"), - - - /** - * Represents the 'cpepsRedirectUrl' constant error identifier. - */ - CPEPS_REDIRECT_URL("cpepsRedirectUrl"), - /** - * Represents the 'spepsRedirectUrl' constant error identifier. - */ - SPEPS_REDIRECT_URL("spepsRedirectUrl"), - /** - * Represents the 'sProviderAction.invCountry' constant error identifier. - */ - SP_ACTION_INV_COUNTRY("sProviderAction.invCountry"), - - /** - * Represents the 'providernameAlias.invalid' constant error identifier. - */ - PROVIDER_ALIAS_INVALID("providernameAlias.invalid"), - - - /** - * Represents the 'cPeps.attrNull' constant error identifier. - */ - CPEPS_ATTR_NULL("cPeps.attrNull"), - - /** - * Represents the 'colleagueResponse.invalidSAML' constant error identifier. - */ - COLLEAGUE_RESP_INVALID_SAML("colleagueResponse.invalidSAML"), - - /** - * Represents the 'citizenNoConsent.mandatory' constant error identifier. - */ - CITIZEN_NO_CONSENT_MANDATORY("citizenNoConsent.mandatory"), - /** - * Represents the 'citizenResponse.mandatory' constant error identifier. - */ - CITIZEN_RESPONSE_MANDATORY("citizenResponse.mandatory"), - /** - * Represents the 'attVerification.mandatory' constant error identifier. - */ - ATT_VERIFICATION_MANDATORY("attVerification.mandatory"), - /** - * Represents the 'attrValue.verification' constant error identifier. - */ - ATTR_VALUE_VERIFICATION("attrValue.verification"), - - /** - * Represents the 'audienceRestrictionError' constant error identifier. - */ - AUDIENCE_RESTRICTION("audienceRestrictionError"), - /** - * Represents the 'auRequestIdError' constant error identifier. - */ - AU_REQUEST_ID("auRequestIdError"), - /** - * Represents the 'domain' constant error identifier. - */ - DOMAIN("domain"), - /** - * Represents the 'hash.error' constant error identifier. - */ - HASH_ERROR("hash.error"), - /** - * Represents the 'invalidAttributeList' constant error identifier. - */ - INVALID_ATTRIBUTE_LIST("invalidAttributeList"), - /** - * Represents the 'invalidAttributeValue' constant error identifier. - */ - INVALID_ATTRIBUTE_VALUE("invalidAttributeValue"), - /** - * Represents the 'qaaLevel' constant error identifier. - */ - QAALEVEL("qaaLevel"), - /** - * Represents the 'requests' constant error identifier. - */ - REQUESTS("requests"), - /** - * Represents the 'SPSAMLRequest' constant error identifier. - */ - SP_SAML_REQUEST("SPSAMLRequest"), - /** - * Represents the 'spepsSAMLRequest' constant error identifier. - */ - SPEPS_SAML_REQUEST("spepsSAMLRequest"), - /** - * Represents the 'IdPSAMLResponse' constant error identifier. - */ - IDP_SAML_RESPONSE("IdPSAMLResponse"), - /** - * Represents the 'cpepsSAMLResponse' constant error identifier. - */ - CPEPS_SAML_RESPONSE("cpepsSAMLResponse"), - /** - * Represents the 'cpepsSAMLResponse' constant error identifier. - */ - SPEPS_SAML_RESPONSE("spepsSAMLResponse"), - /** - * Represents the 'session' constant error identifier. - */ - SESSION("session"), - /** - * Represents the 'invalid.session' constant error identifier. - */ - INVALID_SESSION("invalid.session"), - /** - * Represents the 'invalid.sessionId' constant error identifier. - */ - INVALID_SESSION_ID("invalid.sessionId"), - /** - * Represents the 'missing.sessionId' constant error identifier. - */ - MISSING_SESSION_ID("sessionError"), - /** - * Represents the 'missing.mandate' constant error identifier. - */ - MISSING_MANDATE("missing.mandate"), - /** - * Represents the 'AtPSAMLResponse' constant error identifier. - */ - ATP_SAML_RESPONSE("AtPSAMLResponse"), - - /** - * Represents the 'AtPSAMLResponse' constant error identifier. - */ - ATP_RESPONSE_ERROR("atp.response.error"), - - /** - * Represents the 'apepsSAMLRequest' constant error identifier. - */ - APEPS_SAML_REQUEST("apepsSAMLRequest"), - - /** - * Represents the 'apepsSAMLResponse' constant error identifier. - */ - APEPS_SAML_RESPONSE("apepsSAMLResponse"), - - /** - * Represents the 'invalid.apepsRedirectUrl' constant error identifier. - */ - INVALID_APEPS_REDIRECT_URL("invalid.apepsRedirectUrl"), - - /** - * Represents the 'invalid.apepsCallbackUrl' constant error identifier. - */ - INVALID_APEPS_CALLBACK_URL("invalid.apepsCallbackUrl"), - - /** - * Represents the 'colleagueAttributeRequest.invalidSAML' constant error identifier. - */ - COLLEAGUE_ATTR_REQ_INVALID_SAML("colleagueAttributeRequest.invalidSAML"); - - /** - * Represents the constant's value. - */ - private String error; - - /** - * Solo Constructor. - * - * @param nError The Constant error value. - */ - PEPSErrors(final String nError) { - this.error = nError; - } - - /** - * Construct the errorCode Constant value. - * - * @return The errorCode Constant. - */ - public String errorCode() { - return error + ".code"; - } - - /** - * Construct the errorCode Constant value with the given code text. - * - * @param text the code text to append to the constant. - * - * @return The errorCode Constant for the given code text. - */ - public String errorCode(final String text) { - return error + "." + text + ".code"; - } - - /** - * Construct the errorMessage constant value. - * - * @return The errorMessage constant. - */ - public String errorMessage() { - return error + ".message"; - } - - /** - * Construct the errorMessage Constant value with the given message text. - * - * @param text the message text to append to the constant. - * - * @return The errorMessage Constant for the given text. - */ - public String errorMessage(final String text) { - return error + "." + text + ".message"; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - return error; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java deleted file mode 100644 index 146e4c39d..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java +++ /dev/null @@ -1,619 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains all the STORK PEPS, Commons and Specific Parameters. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.13 $, $Date: 2011-07-07 20:48:45 $ - */ -public enum PEPSParameters { - - /** - * Represents the 'apId' parameter constant. - */ - AP_ID("apId"), - /** - * Represents the 'apUrl' parameter constant. - */ - AP_URL("apUrl"), - /** - * Represents the 'ap.number' parameter constant. - */ - AP_NUMBER("ap.number"), - - /** - * Represents the 'assertionConsumerServiceURL' parameter constant. - */ - ASSERTION_CONSUMER_S_URL("assertionConsumerServiceURL"), - - /** - * Represents the 'auth' parameter constant. - */ - AUTHENTICATION("auth"), - - /** - * Represents the 'auth-on-behalf-of' parameter constant. - */ - AUTHENTICATION_ON_BEHALF_OF("auth-on-behalf-of"), - - /** - * Represents the 'attr' parameter constant. - */ - ATTRIBUTE("attr"), - /** - * Represents the 'attrName' parameter constant. - */ - ATTRIBUTE_NAME("attrName"), - /** - * Represents the 'attrStatus' parameter constant. - */ - ATTRIBUTE_STATUS("attrStatus"), - /** - * Represents the 'attrType' parameter constant. - */ - ATTRIBUTE_TYPE("attrType"), - /** - * Represents the 'attrValue' parameter constant. - */ - ATTRIBUTE_VALUE("attrValue"), - /** - * Represents the 'attrList' parameter constant. - */ - ATTRIBUTE_LIST("attrList"), - /** - * Represents the 'apMandAttrList' parameter constant. - */ - AP_MANDATORY_ATTRIBUTE_LIST("apMandAttrList"), - /** - * Represents the 'attrTuple' parameter constant. - */ - ATTRIBUTE_TUPLE("attrTuple"), - /** - * Represents the 'attribute-missing' parameter constant. - */ - ATTRIBUTE_MISSING("attribute-missing"), - /** - * Represents the 'attributesNotAllowed' parameter constant. - */ - ATTRIBUTES_NOT_ALLOWED("attributesNotAllowed"), - /** - * Represents the 'authnRequest' parameter constant. - */ - AUTH_REQUEST("authnRequest"), - - /** - * Represents the 'attrValue.number' parameter constant. - */ - ATTR_VALUE_NUMBER("attrValue.number"), - - /** - * Represents the 'derivation.date.format' parameter constant. - */ - DERIVATION_DATE_FORMAT("derivation.date.format"), - /** - * Represents the 'deriveAttr.number' parameter constant. - */ - DERIVE_ATTRIBUTE_NUMBER("deriveAttr.number"), - - /** - * Represents the complex attributes parameter constant. - */ - COMPLEX_ADDRESS_VALUE("canonicalResidenceAddress"), - COMPLEX_NEWATTRIBUTE_VALUE("newAttribute2"), - COMPLEX_HASDEGREE_VALUE("hasDegree"), - COMPLEX_MANDATECONTENT_VALUE("mandateContent"), - /** - * Represents the 'consent-type' parameter constant. - */ - CONSENT_TYPE("consent-type"), - /** - * Represents the 'consent-value' parameter constant. - */ - CONSENT_VALUE("consent-value"), - /** - * Represents the 'country' parameter constant. - */ - COUNTRY("country"), - /** - * Represents the 'countryOrigin' parameter constant. - */ - COUNTRY_ORIGIN("countryOrigin"), - - /** - * Represents the 'cpepsURL' parameter constant. - */ - CPEPS_URL("cpepsURL"), - /** - * Represents the 'callback' parameter constant. - */ - CPEPS_CALLBACK("callback"), - /** - * Represents the 'peps.specificidpredirect.url' parameter constant. - */ - CPEPS_IDP_CALLBACK_VALUE("peps.specificidpredirect.url"), - /** - * Represents the 'peps.specificapredirect.url' parameter constant. - */ - CPEPS_AP_CALLBACK_VALUE("peps.specificapredirect.url"), - - /** - * Represents the 'errorCode' parameter constant. - */ - ERROR_CODE("errorCode"), - /** - * Represents the 'subCode' parameter constant. - */ - ERROR_SUBCODE("subCode"), - /** - * Represents the 'errorMessage' parameter constant. - */ - ERROR_MESSAGE("errorMessage"), - /** - * Represents the 'errorRedirectUrl' parameter constant. - */ - ERROR_REDIRECT_URL("errorRedirectUrl"), - - /** - * errorRedirectUrl Represents the 'external-authentication' parameter - * constant. - */ - EXTERNAL_AUTH("external-authentication"), - /** - * Represents the 'external-ap' parameter constant. - */ - EXTERNAL_AP("external-ap"), - /** - * Represents the 'external-pv' parameter constant. - */ - EXTERNAL_PV("external-pv"), - /** - * Represents the 'external-sig-module' parameter constant. - */ - EXT_SIG_CREATOR_MOD("external-sig-module"), - - /** - * Represents the 'http-x-forwarded-for' parameter constant. - */ - HTTP_X_FORWARDED_FOR("http-x-forwarded-for"), - - /** - * Represents the 'idp.url' parameter constant. - */ - IDP_URL("idp.url"), - /** - * Represents the 'idpAUB.url' parameter constant. - */ - IDPAUB_URL("idpAUB.url"), - /** - * Represents the 'internal-authentication' parameter constant. - */ - INTERNAL_AUTH("internal-authentication"), - /** - * Represents the 'internal-ap' parameter constant. - */ - INTERNAL_AP("internal-ap"), - /** - * Represents the 'internal-pv' parameter constant. - */ - INTERNAL_PV("internal-pv"), - - /** - * Represents the 'samlIssuer' parameter constant. - */ - ISSUER("samlIssuer"), - /** - * Represents the 'samlIssuer.idp' parameter constant. - */ - ISSUER_IDP("samlIssuer.idp"), - /** - * Represents the 'samlIssuer.atp' parameter constant. - */ - ISSUER_ATP("samlIssuer.atp"), - - /** - * Represents the 'mandatory' parameter constant. - */ - MANDATORY("mandatory"), - /** - * Represents the 'mandatoryAttributeMissing' parameter constant. - */ - MANDATORY_ATTR_MISSING("mandatoryAttributeMissing"), - /** - * Represents the 'mandatoryConsentAttrMissing' parameter constant. - */ - MANDATORY_CONSENT_MISSING("mandatoryConsentAttrMissing"), - /** - * Represents the 'missing-attrs' parameter constant. - */ - MISSING_ATTRS("missing-attrs"), - /** - * Represents the 'no-more-attrs' parameter constant. - */ - NO_MORE_ATTRS("no-more-attrs"), - - /** - * Represents the 'optional' parameter constant. - */ - OPTIONAL("optional"), - - /** - * Represents the 'no-consent-type' parameter constant. - */ - NO_CONSENT_TYPE("no-consent-type"), - /** - * Represents the 'no-consent-value' parameter constant. - */ - NO_CONSENT_VALUE("no-consent-value"), - - /** - * Represents the 'provider.name' parameter constant. - */ - PROVIDER_NAME_VALUE("providerName"), - /** - * Represents the 'cpeps.askconsent' parameter constant. - */ - PEPS_ASK_CONSENT("cpeps.askconsent"), - /** - * Represents the 'cpeps.askconsentvalue' parameter constant. - */ - PEPS_ASK_CONSENT_VALUE("cpeps.askconsentvalue"), - /** - * Represents the 'pepsAuth' parameter constant. - */ - PEPS_AUTH_CONSENT("pepsAuth"), - /** - * Represents the 'validation.bypass' parameter constant. - */ - PEPS_BYPASS("validation.bypass"), - /** - * Represents the 'cpeps.number' parameter constant. - */ - PEPS_NUMBER("cpeps.number"), - /** - * Represents the 'cpeps.specificapredirect.url' parameter constant. - */ - PEPS_SPECIFIC_URL("cpeps.specificapredirect.url"), - /** - * Represents the 'pv.url' parameter constant. - */ - PV_URL("pv.url"), - - /** - * Represents the 'qaaLevel' parameter constant. - */ - QAALEVEL("qaaLevel"), - - /** - * Represents the 'speps.redirectUrl' parameter constant. - */ - SPEPS_REDIRECT_URL("speps.redirectUrl"), - - /** - * Represents the 'sp.redirectUrl' parameter constant. - */ - SP_REDIRECT_URL("sp.redirectUrl"), - /** - * Represents the 'cpeps.redirectUrl' parameter constant. - */ - CPEPS_REDIRECT_URL("cpeps.redirectUrl"), - /** - * Represents the 'RelayState' parameter constant. - */ - RELAY_STATE("RelayState"), - /** - * Represents the 'remoteAddr' parameter constant. - */ - REMOTE_ADDR("remoteAddr"), - /** - * Represents the 'remoteUser' parameter constant. - */ - REMOTE_USER("remoteUser"), - - /** - * Represents the 'SAMLRequest' parameter constant. - */ - SAML_REQUEST("SAMLRequest"), - /** - * Represents the 'SAMLResponse' parameter constant. - */ - SAML_RESPONSE("SAMLResponse"), - /** - * Represents the 'SAMLFail' parameter constant. - */ - SAML_TOKEN_FAIL("SAMLFail"), - /** - * Represents the 'TokenId' parameter constant. - */ - SAML_TOKEN_ID("TokenId"), - /** - * Represents the 'inResponseTo' parameter constant. - */ - SAML_IN_RESPONSE_TO("inResponseTo"), - /** - * Represents the 'inResponseTo.idp' parameter constant. - */ - SAML_IN_RESPONSE_TO_IDP("inResponseTo.idp"), - /** - * Represents the 'inResponseTo.atp' parameter constant. - */ - SAML_IN_RESPONSE_TO_ATP("inResponseTo.atp"), - /** - * Represents the 'SignatureResponse' parameter constant. - */ - SIGNATURE_RESPONSE("SignatureResponse"), - - /** - * Represents the 'cPepsSession' parameter constant. - */ - SESSION_ID_URL("cPepsSession"), - /** - * Represents the 'spId' parameter constant. - */ - SP_ID("spId"), - /** - * Represents the 'spQaaLevel' parameter constant. - */ - SP_QAALEVEL("spQaaLevel"), - /** - * Represents the 'spUrl' parameter constant. - */ - SP_URL("spUrl"), - - /** - * Represents the 'allow.derivation.all' parameter constant. - */ - SPECIFIC_ALLOW_DERIVATION_ALL("allow.derivation.all"), - /** - * Represents the ''allow.unknowns parameter constant. - */ - SPECIFIC_ALLOW_UNKNOWNS("allow.unknowns"), - /** - * Represents the 'derivation.date.separator' parameter constant. - */ - SPECIFIC_DERIVATION_DATE_SEP("derivation.date.separator"), - /** - * Represents the 'derivation.month.position' parameter constant. - */ - SPECIFIC_DERIVATION_MONTH_POS("derivation.month.position"), - /** - * Represents the 'derivation.day.position' parameter constant. - */ - SPECIFIC_DERIVATION_DAY_POS("derivation.day.position"), - /** - * Represents the 'derivation.year.position' parameter constant. - */ - SPECIFIC_DERIVATION_YEAR_POS("derivation.year.position"), - - /** - * sp.authorized.parameters Represents the '' parameter constant. - */ - SPEPS_AUTHORIZED("sp.authorized.parameters"), - - /** - * Represents the 'spSector' constant value. - */ - SPSECTOR("spSector"), - /** - * Represents the 'spApplication' constant value. - */ - SPAPPLICATION("spApplication"), - /** - * Represents the 'spCountry' constant value. - */ - SPCOUNTRY("spCountry"), - /** - * Represents the 'spInstitution' constant value. - */ - SPINSTITUTION("spInstitution"), - /** - * Represents the 'storkAttribute.number' parameter constant. - */ - STORK_ATTRIBUTE_NUMBER("storkAttribute.number"), - /** - * Represents the 'storkAttributeValue.number' parameter constant. - */ - STORK_ATTRIBUTE_VALUE_NUMBER("storkAttributeValue.number"), - - /** - * Represents the 'username' parameter constant. - */ - USERNAME("username"), - - /** - * Represents the 'tooManyParameters' parameter constant. - */ - TOO_MANY_PARAMETERS("tooManyParameters"), - /** - * Represents the 'validation.active' parameter constant. - */ - VALIDATION_ACTIVE("validation.active"), - - /** - * Represents the 'x-forwarded-for' parameter constant. - */ - X_FORWARDED_FOR("x-forwarded-for"), - /** - * Represents the 'x-forwarded-host' parameter constant. - */ - X_FORWARDED_HOST("x-forwarded-host"), - /** - * Represents the 'XMLResponse' parameter constant. - */ - XML_RESPONSE("XMLResponse"), - - /** - * Represents the 'ap-cpeps.number' parameter constant. - */ - AP_PEPS_NUMBER("ap-cpeps.number"), - - /** - * Represents the 'atp.number' parameter constant. - */ - ATTRIBUTE_PROVIDER_NUMBER("atp.number"), - - /** - * Represents the 'atn.number' parameter constant. - */ - ATTRIBUTE_NAME_NUMBER("atn.number"), - - /** - * Represents the 'apLinker' parameter constant. - */ - AP_LINKER("apLinker"), - - /** - * Represents the 'prevApLinker' parameter constant. - */ - PREV_AP_LINKER("prevApLinker"), - - /** - * Represents the 'NOSEL' parameter constant (no attribute provider selected). - */ - AP_NO_SELECTION("NOSEL"), - - /** - * Represents the 'OCSEL' parameter constant (attribute provider in another country). - */ - AP_OTHER_COUNTRY("OCSEL"), - - /** - * Represents the '_provider' suffix parameter constant. - */ - AP_PROVIDER_SELECT_SUFFIX("_provider"), - - /** - * Represents the '_country' suffix parameter constant. - */ - AP_COUNTRY_SELECT_SUFFIX("_country"), - - /** - * Represents the '_name' suffix parameter constant. - */ - AP_NAME_SELECT_SUFFIX("_name"), - - /** - * Represents the 'next-ap' parameter constant. - */ - NEXT_AP("next-ap"), - - /** - * Represents the 'next-apeps' parameter constant. - */ - NEXT_APEPS("next-apeps"), - - /** - * Represents the 'back-to-apeps' parameter constant. - */ - BACK_TO_APEPS("back-to-apeps"), - - /** - * Represents the 'is-remote-apeps' parameter constant. - */ - IS_REMOTE_APEPS("is-remote-apeps"), - - /** - * Represents the 'more-attributes' parameter constant. - */ - MORE_ATTRIBUTES("more-attributes"), - - /** - * Represents the 'attr-filter.number' parameter constant. - */ - ATTRIBUTES_FILTER_NUMBER("attr-filter.number"), - - /** - * Represents the 'atp.url' parameter constant. - */ - ATP_URL("atp.url"), - /** - * Represents the 'apepsURL' parameter constant. - */ - APEPS_URL("apepsUrl"), - - /** - * Represents the 'apepsCountry' parameter constant. - */ - APEPS_COUNTRY("apepsCountry"), - - /** - * Represents the 'apepsAuthRequest' parameter constant. - */ - APEPS_ATTR_REQUEST("apepsAttrRequest"), - - /** - * Represents the 'isApepsRequest' parameter constant. - */ - APEPS_REQUEST_COMPLETE("apeps-request-complete"), - - /** - * Represents the 'apeps.callbackUrl' parameter constant. - */ - APEPS_CALLBACK_URL("apeps.callbackUrl"), - /** - * Represents the 'attrListMand' parameter constant. - */ - ATTR_LIST_MAND("attrListMand"), - - /** - * Represents the 'attrListOpt' parameter constant. - */ - ATTR_LIST_OPT("attrListOpt"), - - /** - * Represents the 'simpleAttrListMand' parameter constant. - */ - SIMPLE_ATTR_LIST_MAND("simpleAttrListMand"), - - /** - * Represents the 'simpleAttrListOpt' parameter constant. - */ - SIMPLE_ATTR_LIST_OPT("simpleAttrListOpt"), - - /** - * Represents the 'complexAttrListMand' parameter constant. - */ - COMPLEX_ATTR_LIST_MAND("complexAttrListMand"), - - /** - * Represents the 'complexAttrListOpt' parameter constant. - */ - COMPLEX_ATTR_LIST_OPT("complexAttrListOpt"); - - /** - * Represents the constant's value. - */ - private String value; - - /** - * Solo Constructor. - * - * @param nValue The Constant value. - */ - PEPSParameters(final String nValue) { - this.value = nValue; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - return value; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java deleted file mode 100644 index a16b03edb..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java +++ /dev/null @@ -1,353 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.UnsupportedEncodingException; -import java.util.Properties; - -import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; -import org.bouncycastle.crypto.Digest; -import org.bouncycastle.util.encoders.Base64; - -import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; -import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException; - -/** - * This class holds static helper methods. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.75 $, $Date: 2010-11-23 00:05:35 $ - */ -public final class PEPSUtil { - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(PEPSUtil.class.getName()); - - /** - * Configurations object. - */ - private static Properties configs; - - /** - * Max prefix. - */ - private static final String MAX_PARAM_PREFIX = "max."; - - /** - * Code prefix to get error code. - */ - private static final String CODE_PARAM_SUFFIX = ".code"; - - /** - * param's size prefix to get max param size. - */ - private static final String MAX_PARAM_SUFFIX = ".size"; - - /** - * Message prefix to get error message. - */ - private static final String MSG_PARAM_SUFFIX = ".message"; - - /** - * Private constructor. Prevents the class from being instantiated. - */ - private PEPSUtil() { - // empty constructor - } - - /** - * Creates a single instance of this class and sets the properties. - * - * @param nConfigs The set of available configurations. - * - * @return The created PEPSUtil's class. - */ - public static PEPSUtil createInstance(final Properties nConfigs) { - if (nConfigs != null) { - PEPSUtil.configs = nConfigs; - } - return new PEPSUtil(); - } - - /** - * Getter for the Properties. - * - * @return configs The properties value. - */ - public Properties getConfigs() { - return configs; - } - - /** - * Setter for the Properties. - * - * @param nConfigs The new properties value. - */ - public static void setConfigs(final Properties nConfigs) { - if (nConfigs != null) { - PEPSUtil.configs = nConfigs; - } - } - - /** - * Returns the identifier of some configuration given a set of configurations - * and the corresponding configuration key. - * - * @param configKey The key that IDs some configuration. - * - * @return The configuration String value. - */ - public static String getConfig(final String configKey) { - return configs.getProperty(configKey); - } - - /** - * Validates the input paramValue identified by the paramName. - * - * @param paramName The name of the parameter to validate. - * @param paramValue The value of the parameter to validate. - * - * @return true if the parameter is valid. - */ - public static boolean isValidParameter(final String paramName, - final String paramValue) { - - final String validationParam = - PEPSUtil.getConfig(PEPSParameters.VALIDATION_ACTIVE.toString()); - boolean retVal = true; - - final String paramConf = MAX_PARAM_PREFIX + paramName + MAX_PARAM_SUFFIX; - - if (PEPSValues.TRUE.toString().equals(validationParam)) { - final String paramSizeStr = PEPSUtil.getConfig(paramConf); - // Checking if the parameter size exists and if it's numeric - if (StringUtils.isNumeric(paramSizeStr)) { - final int maxParamSize = Integer.valueOf(paramSizeStr); - if (StringUtils.isEmpty(paramValue) - || paramValue.length() > maxParamSize) { - retVal = false; - LOG.warn("Invalid parameter [" + paramName + "] value " + paramValue); - } - } else { - retVal = false; - LOG.error("Missing " + paramConf - + " configuration in the pepsUtils.properties configuration file"); - } - } - return retVal; - } - - /** - * Validates the Parameter and throws an exception if an error occurs. Throws - * an InvalidParameterPEPSException runtime exception if the parameter is - * invalid. - * - * @param className The Class Name that invoked the method. - * @param paramName The name of the parameter to validate. - * @param paramValue The value of the parameter to validate. - */ - public static void validateParameter(final String className, - final String paramName, final Object paramValue) { - - if (paramValue == null) { - PEPSUtil.validateParameter(className, paramName, ""); - } else { - PEPSUtil.validateParameter(className, paramName, paramValue.toString()); - } - } - - /** - * Validates the Parameters and throws an exception if an error occurs. - * - * @param className The Class Name that invoked the method. - * @param paramName The name of the parameter to validate. - * @param paramValue The value of the parameter to validate. - */ - public static void validateParameter(final String className, - final String paramName, final String paramValue) { - - PEPSUtil.validateParameter(className, paramName, paramValue, - PEPSUtil.getErrorCode(paramName), PEPSUtil.getErrorMessage(paramName)); - } - - /** - * Validates the Parameters and throws an exception if an error occurs. - * - * @param className The Class Name that invoked the method. - * @param paramName The name of the parameter to validate. - * @param paramValue The value of the parameter to validate. - * @param error The PEPSError to get error code and messages from configs. - */ - public static void validateParameter(final String className, - final String paramName, final String paramValue, final PEPSErrors error) { - - PEPSUtil.validateParameter(className, paramName, paramValue, - PEPSUtil.getConfig(error.errorCode()), - PEPSUtil.getConfig(error.errorMessage())); - } - - /** - * Validates the HTTP Parameter and throws an exception if an error occurs. - * Throws an InvalidParameterPEPSException runtime exception if the parameter - * is invalid. - * - * @param className The Class Name that invoked the method. - * @param paramName The name of the parameter to validate. - * @param paramValue The value of the parameter to validate. - * @param errorCode The error code to include on the exception. - * @param errorMessage The error message to include on the exception. - */ - public static void validateParameter(final String className, - final String paramName, final String paramValue, final String errorCode, - final String errorMessage) { - - if (!isValidParameter(paramName, paramValue)) { - LOG.warn("Invalid parameter [" + paramName + "] value found at " - + className); - throw new InvalidParameterPEPSException(errorCode, errorMessage); - } - } - - /** - * Getter for the error code of some given error related to the input param. - * - * @param paramName The name of the parameter associated with the error. - * - * @return The code of the error. - */ - private static String getErrorCode(final String paramName) { - return getConfig(paramName + CODE_PARAM_SUFFIX); - } - - /** - * Getter for the error message of some given error related to the input - * parameter. - * - * @param paramName The name of the parameter associated with the message. - * - * @return The message for the error. - */ - private static String getErrorMessage(final String paramName) { - return getConfig(paramName + MSG_PARAM_SUFFIX); - } - - /** - * {@link Base64} encodes the input samlToken parameter. - * - * @param samlToken the SAML Token to be encoded. - * - * @return The Base64 String representing the samlToken. - * - * @see Base64#encode - */ - public static String encodeSAMLToken(final byte[] samlToken) { - try { - return new String(Base64.encode(samlToken), "UTF8"); - } catch (UnsupportedEncodingException e) { - LOG.error(PEPSErrors.INTERNAL_ERROR.errorMessage(), e); - return null; - } - } - - /** - * Decodes the {@link Base64} String input parameter representing a samlToken. - * - * @param samlToken the SAML Token to be decoded. - * - * @return The samlToken decoded bytes. - * - * @see Base64#decode - */ - public static byte[] decodeSAMLToken(final String samlToken) { - return Base64.decode(samlToken); - } - - /** - * Hashes a SAML token. Throws an InternalErrorPEPSException runtime exception - * if the Cryptographic Engine fails. - * - * @param samlToken the SAML Token to be hashed. - * - * @return byte[] with the hashed SAML Token. - */ - public static byte[] hashPersonalToken(final byte[] samlToken) { - try { - final String className = - PEPSUtil.getConfig(PEPSValues.HASH_DIGEST_CLASS.toString()); - - final Digest digest = - (Digest) Class.forName(className).getConstructor() - .newInstance((Object[]) null); - digest.update(samlToken, 0, samlToken.length); - - final int retLength = digest.getDigestSize(); - final byte[] ret = new byte[retLength]; - - digest.doFinal(ret, 0); - return ret; - - } catch (final Exception e) { - // For all those exceptions that could be thrown, we always log it and - // thrown an InternalErrorPEPSException. - LOG.error(PEPSErrors.HASH_ERROR.errorMessage(), e); - throw new InternalErrorPEPSException( - PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorCode()), - PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorMessage()), e); - } - } - - /** - * Gets the Stork error code in the error message if exists! - * - * @param errorMessage The message to get the error code if exists; - * - * @return the error code if exists. Returns null otherwise. - */ - public static String getStorkErrorCode(final String errorMessage) { - if (StringUtils.isNotBlank(errorMessage) - && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) { - final String[] msgSplitted = - errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString()); - if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) { - return msgSplitted[0]; - } - } - return null; - } - - /** - * Gets the Stork error message in the saml message if exists! - * - * @param errorMessage The message to get in the saml message if exists; - * - * @return the error message if exists. Returns the original message - * otherwise. - */ - public static String getStorkErrorMessage(final String errorMessage) { - if (StringUtils.isNotBlank(errorMessage) - && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) { - final String[] msgSplitted = - errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString()); - if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) { - return msgSplitted[1]; - } - } - return errorMessage; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java deleted file mode 100644 index e14c21cb5..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java +++ /dev/null @@ -1,329 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains all the value constants. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.17 $, $Date: 2011-07-07 20:48:45 $ - */ -public enum PEPSValues { - - /** - * Represents the 'all' constant value. - */ - ALL("all"), - /** - * Represents the 'none' constant value. - */ - NONE("none"), - /** - * Represents the 'true' constant value. - */ - TRUE("true"), - /** - * Represents the 'false' constant value. - */ - FALSE("false"), - /** - * Represents the empty string constant value. - */ - EMPTY_STRING(""), - - /** - * Represents the ',' separator constant value. - */ - ATTRIBUTE_VALUE_SEP(","), - /** - * Represents the ';' separator constant value. - */ - ATTRIBUTE_SEP(";"), - /** - * Represents the ':' separator constant value. - */ - ATTRIBUTE_TUPLE_SEP(":"), - /** - * Represents the '/' separator constant value. - */ - EID_SEPARATOR("/"), - /** - * Represents the ' - ' separator constant value. - */ - ERROR_MESSAGE_SEP(" - "), - /** - * Represents the '#' parameter constant value. - */ - LOGGER_SEP("#"), - /** - * Represents the 'NOT_AVAILABLE' parameter constant value. - */ - NOT_AVAILABLE("NotAvailable"), - /** - * Represents the ';' parameter constant value. - */ - SPEPS_AUTHORIZED_SEP(";"), - - /** - * Represents the 'ap' constant value. - */ - AP("ap"), - /** - * Represents the 'C-PEPS' constant value. - */ - CPEPS("C-PEPS"), - /** - * Represents the 'cpeps' constant value. - */ - CPEPS_PREFIX("cpeps"), - /** - * Represents the 'peps' constant value. - */ - PEPS("peps"), - /** - * Represents the '-PEPS' constant value. - */ - PEPS_SUFFIX("-PEPS"), - /** - * Represents the 'SP' constant value. - */ - SP("SP"), - /** - * Represents the 'S-PEPS' constant value. - */ - SPEPS("S-PEPS"), - /** - * Represents the 'speps' constant value. - */ - SPEPS_PREFIX("speps"), - /** - * Represents the 'sp.default.parameters' constant value. - */ - DEFAULT("sp.default.parameters"), - /** - * Represents the default saml id constant value. - */ - DEFAULT_SAML_ID("1"), - /** - * Represents the 'hashDigest.className' constant value. - */ - HASH_DIGEST_CLASS("hashDigest.className"), - - /** - * Represents the 'eu.stork.communication.requests' constant value. - */ - STORK_PACKAGE_REQUEST_LOGGER_VALUE("eu.stork.communication.requests"), - /** - * Represents the 'eu.stork.communication.responses' constant value. - */ - STORK_PACKAGE_RESPONSE_LOGGER_VALUE("eu.stork.communication.responses"), - - /** - * Represents the 'S-PEPS receives request from SP' constant value. - */ - SP_REQUEST("S-PEPS receives request from SP"), - /** - * Represents the 'Get Citizen Consent' constant value. - */ - CITIZEN_CONSENT_LOG("Get Citizen Consent"), - /** - * Represents the 'C-PEPS receives request from S-PEPS' constant value. - */ - CPEPS_REQUEST("C-PEPS receives request from S-PEPS"), - /** - * Represents the 'C-PEPS generates response to S-PEPS' constant value. - */ - CPEPS_RESPONSE("C-PEPS generates response to S-PEPS"), - /** - * Represents the 'S-PEPS generates request to C-PEPS' constant value. - */ - SPEPS_REQUEST("S-PEPS generates request to C-PEPS"), - /** - * Represents the 'S-PEPS receives response from C-PEPS' constant value. - */ - SPEPS_RESPONSE("S-PEPS receives response from C-PEPS"), - /** - * Represents the 'S-PEPS generates response to SP' constant value. - */ - SP_RESPONSE("S-PEPS generates response to SP"), - /** - * Represents the 'Success' constant value. - */ - SUCCESS("Success"), - /** - * Represents the December's month number constant value. - */ - LAST_MONTH("12"), - /** - * Represents the yyyyMM constant value. - */ - NO_DAY_DATE_FORMAT("yyyyMM"), - - /** - * Represents the 'attrValue' constant value. - */ - ATTRIBUTE("attrValue"), - /** - * Represents the 'derivedAttr' constant value. - */ - DERIVE_ATTRIBUTE("deriveAttr"), - /** - * Represents the 'storkAttribute' constant value. - */ - STORK_ATTRIBUTE("storkAttribute"), - - /** - * Represents the 'properties' constant value. - */ - PROPERTIES("properties"), - /** - * Represents the 'referer' constant value. - */ - REFERER("referer"), - /** - * Represents the 'host' constant value. - */ - HOST("host"), - /** - * Represents the 'spid' constant value. - */ - SPID("spid"), - /** - * Represents the 'domain' constant value. - */ - DOMAIN("domain"), - /** - * Represents the '.validation' constant value. - */ - VALIDATION_SUFFIX(".validation"), - /** - * Represents the 'jsessionid' constant value. - */ - EQUAL("="), - /** - * Represents the 'HttpOnly' constant value. - */ - HTTP_ONLY("HttpOnly"), - /** - * Represents the 'SET-COOKIE' constant value. - */ - JSSESSION("JSESSIONID"), - /** - * Represents the '=' constant value. - */ - SETCOOKIE("SET-COOKIE"), - /** - * Represents the ';' constant value. - */ - SEMICOLON(";"), - /** - * Represents the ' ' constant value. - */ - SPACE(" "), - /** - * Represents the 'atp' constant value. - */ - APROVIDER_PREFIX("atp"), - /** - * Represents the 'atn' constant value. - */ - ANAME_PREFIX("atn"), - /** - * Represents the 'ap-cpeps' constant value. - */ - AP_CPEPS_PREFIX("ap-cpeps"), - /** - * Represents the 'attr-filter' constant value. - */ - AP_ATTRFILTER_PREFIX("attr-filter"); - - /** - * Represents the constant's value. - */ - private String value; - - /** - * Solo Constructor. - * - * @param val The Constant value. - */ - PEPSValues(final String val) { - - this.value = val; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - - return value; - } - - /** - * Construct the return value with the following structure - * CONSTANT_VALUE+index+".id". - * - * @param index the number. - * - * @return The concatenated String value. - */ - public String index(final int index) { - - return value + index + ".id"; - } - - /** - * Construct the return value with the following structure - * CONSTANT_VALUE+index+".value". - * - * @param index the number. - * - * @return The concatenated string value. - */ - public String value(final int index) { - - return value + index + ".value"; - } - - /** - * Construct the return value with the following structure - * CONSTANT_VALUE+index+".name". - * - * @param index the number. - * - * @return The concatenated String value. - */ - public String name(final int index) { - - return value + index + ".name"; - } - - /** - * Construct the return value with the following structure - * CONSTANT_VALUE+index+".url". - * - * @param index the number. - * - * @return The concatenated String value. - */ - public String url(final int index) { - - return value + index + ".url"; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java deleted file mode 100644 index 5d8281445..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java +++ /dev/null @@ -1,348 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.concurrent.ConcurrentHashMap; - -import org.apache.log4j.Logger; - -import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; - -/** - * This class is a bean used to store the information relative to the - * PersonalAttribute. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.22 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class PersonalAttribute implements Serializable, Cloneable { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 2612951678412632174L; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(PersonalAttribute.class - .getName()); - - /** - * Name of the personal attribute. - */ - private String name; - - /** - * Values of the personal attribute. - */ - private List<String> value = new ArrayList<String>(); - - /** - * Type of the personal attribute. - */ - private String type; - - /** - * Complex values of the personal attribute. - */ - private Map<String, String> complexValue = new ConcurrentHashMap<String, String>(); - - /** - * Is the personal attribute mandatory? - */ - private transient boolean required; - - /** - * Returned status of the attribute from the IdP. - */ - private String status; - - /** - * Name of the personal attribute. - */ - private String friendlyName; - - /** - * Empty Constructor. - */ - public PersonalAttribute() { - super(); - } - - /** - * PersonalAttribute Constructor for complex values. - * - * @param attrName The attribute name. - * @param attrIsRequired The attribute type value. - * @param attrComplexValue The attribute's value. - * @param attrStatus The attribute's status value. - */ - public PersonalAttribute(final String attrName, final boolean attrIsRequired, - final List<String> attrComplexValue, final String attrStatus) { - this.setName(attrName); - this.setIsRequired(attrIsRequired); - this.setValue(attrComplexValue); - this.setStatus(attrStatus); - } - - /** - * PersonalAttribute Constructor for complex values. - * - * @param attrName The attribute name. - * @param attrIsRequired The attribute type value. - * @param attrComplexValue The attribute's complex value. - * @param attrStatus The attribute's status value. - */ - public PersonalAttribute(final String attrName, final boolean attrIsRequired, - final Map<String, String> attrComplexValue, final String attrStatus) { - this.setName(attrName); - this.setIsRequired(attrIsRequired); - this.setComplexValue(attrComplexValue); - this.setStatus(attrStatus); - } - - /** - * {@inheritDoc} - */ - @SuppressWarnings("unchecked") - public Object clone() { - - try { - final PersonalAttribute personalAttr = (PersonalAttribute) super.clone(); - personalAttr.setIsRequired(this.isRequired()); - personalAttr.setName(this.getName()); - personalAttr.setStatus(this.getStatus()); - if (!isEmptyValue()) { - final List<String> val = - (List<String>) ((ArrayList<String>) this.getValue()).clone(); - personalAttr.setValue(val); - } - if (!isEmptyComplexValue()) { - final Map<String, String> complexVal = - (Map<String, String>) ((HashMap<String, String>) this - .getComplexValue()).clone(); - personalAttr.setComplexValue(complexVal); - } - return personalAttr; - } catch (final CloneNotSupportedException e) { - // assert false; - LOG.trace("Nothing to do."); - throw new InternalErrorPEPSException( - PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorCode()), - PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorMessage()), e); - } - } - - /** - * Getter for the required value. - * - * @return The required value. - */ - public boolean isRequired() { - return required; - } - - /** - * Setter for the required value. - * - * @param attrIsRequired this attribute? - */ - public void setIsRequired(final boolean attrIsRequired) { - this.required = attrIsRequired; - } - - /** - * Getter for the name value. - * - * @return The name value. - */ - public String getName() { - return name; - } - - /** - * Setter for the name value. - * - * @param attrName The personal attribute name. - */ - public void setName(final String attrName) { - this.name = attrName; - } - - /** - * Getter for the value. - * - * @return The list of values. - */ - public List<String> getValue() { - return value; - } - - /** - * Setter for the list of values. - * - * @param attrValue The personal attribute value. - */ - public void setValue(final List<String> attrValue) { - if (attrValue != null) { - this.value = attrValue; - } - } - - - /** - * Getter for the type value. - * - * @return The name value. - */ - public String getType() { - return type; - } - - /** - * Setter for the type value. - * - * @param attrName The personal attribute type. - */ - public void setType(final String attrType) { - this.type = attrType; - } - - /** - * Getter for the status. - * - * @return The status value. - */ - public String getStatus() { - return status; - } - - /** - * Setter for the status value. - * - * @param attrStatus The personal attribute status. - */ - public void setStatus(final String attrStatus) { - this.status = attrStatus; - } - - /** - * Getter for the complex value. - * - * @return The complex value. - */ - public Map<String, String> getComplexValue() { - return complexValue; - } - - /** - * Setter for the complex value. - * - * @param complexVal The personal attribute Complex value. - */ - public void setComplexValue(final Map<String, String> complexVal) { - if (complexVal != null) { - this.complexValue = complexVal; - } - } - - /** - * Getter for the personal's friendly name. - * - * @return The personal's friendly name value. - */ - public String getFriendlyName() { - return friendlyName; - } - - /** - * Setter for the personal's friendly name. - * - * @param fName The personal's friendly name. - */ - public void setFriendlyName(final String fName) { - this.friendlyName = fName; - } - - /** - * Return true the value is empty. - * - * @return True if the value is empty "[]"; - */ - public boolean isEmptyValue() { - return value.isEmpty() || (value.size() == 1 && value.get(0).length() == 0); - } - - /** - * Returns true if the Complex Value is empty. - * - * @return True if the Complex Value is empty; - */ - public boolean isEmptyComplexValue() { - return complexValue.isEmpty(); - } - - /** - * Returns true if the Status is empty. - * - * @return True if the Status is empty; - */ - public boolean isEmptyStatus() { - return (status == null || status.length() == 0); - } - - /** - * Prints the PersonalAttribute in the following format. - * name:required:[v,a,l,u,e,s]|[v=a,l=u,e=s]:status; - * - * @return The PersonalAttribute as a string. - */ - public String toString() { - final StringBuilder strBuild = new StringBuilder(); - - AttributeUtil.appendIfNotNull(strBuild, getName()); - strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); - AttributeUtil.appendIfNotNull(strBuild, String.valueOf(isRequired())); - strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); - strBuild.append('['); - - if (isEmptyValue()) { - if (!isEmptyComplexValue()) { - AttributeUtil.appendIfNotNull(strBuild, AttributeUtil.mapToString( - getComplexValue(), PEPSValues.ATTRIBUTE_VALUE_SEP.toString())); - } - } else { - AttributeUtil.appendIfNotNull( - strBuild, - AttributeUtil.listToString(getValue(), - PEPSValues.ATTRIBUTE_VALUE_SEP.toString())); - } - - strBuild.append(']'); - strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); - AttributeUtil.appendIfNotNull(strBuild, getStatus()); - strBuild.append(PEPSValues.ATTRIBUTE_SEP.toString()); - - return strBuild.toString(); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java deleted file mode 100644 index 9a0f87488..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java +++ /dev/null @@ -1,397 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.concurrent.ConcurrentHashMap; -import java.util.StringTokenizer; - -import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; - -/** - * This class is a bean used to store the information relative to the - * PersonalAttributeList. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.27 $, $Date: 2010-11-18 22:54:56 $ - * - * @see PersonalAttribute - */ -@SuppressWarnings("PMD") -public final class PersonalAttributeList extends - ConcurrentHashMap<String, PersonalAttribute> implements IPersonalAttributeList, Serializable { - - /** - * Logger object. - */ - private static final Logger LOG = Logger - .getLogger(PersonalAttributeList.class.getName()); - - /** - * Serial id. - */ - private static final long serialVersionUID = 7375127363889975062L; - - /** - * Hash with the latest fetched attribute name alias. - */ - private final Map<String, Integer> latestAttrAlias = - new HashMap<String, Integer>(); - - /** - * Hash with mapping number of alias or the attribute name. - */ - private final Map<String, Integer> attrAliasNumber = - new HashMap<String, Integer>(); - - /** - * Default constructor. - */ - public PersonalAttributeList() { - // The best practices recommend to call the super constructor. - super(); - } - - /** - * Constructor with initial capacity for the PersonalAttributeList size. - * - * @param capacity The initial capacity for the PersonalAttributeList. - */ - public PersonalAttributeList(final int capacity) { - super(capacity); - } - - /** - * {@inheritDoc} - */ - public Iterator<PersonalAttribute> iterator() { - return this.values().iterator(); - } - - /** - * {@inheritDoc} - */ - public PersonalAttribute get(final Object key) { - String attrName = (String) key; - - if (this.latestAttrAlias.containsKey(key)) { - attrName = attrName + this.latestAttrAlias.get(key); - } else { - if (this.attrAliasNumber.containsKey(key)) { - this.latestAttrAlias.put(attrName, this.attrAliasNumber.get(key)); - } - } - return super.get(attrName); - } - - /** - * {@inheritDoc} - */ - public void add(final PersonalAttribute value) { - if (value != null) { - this.put(value.getName(), value); - } - } - - /** - * {@inheritDoc} - */ - public PersonalAttribute put(final String key, final PersonalAttribute val) { - if (StringUtils.isNotEmpty(key) && val != null) { - // Validate if attribute name already exists! - String attrAlias = key; - if (this.containsKey(attrAlias)) { - //TODO isAgeOver should not be hardcoded, a better way of handling multipe isAgeOver requests should be implemented. - if (!val.isEmptyValue() && StringUtils.isNumeric(val.getValue().get(0)) && "isAgeOver".equals( val.getName() ) ) { - final String attrValue = val.getValue().get(0); - attrAlias = key + attrValue; - this.attrAliasNumber.put(key, Integer.valueOf(attrValue)); - } else { - final PersonalAttribute attr = super.get(key); - if (!attr.isEmptyValue() - && StringUtils.isNumeric(attr.getValue().get(0))) { - attrAlias = key + attr.getValue().get(0); - super.put(key, (PersonalAttribute) attr); - this.attrAliasNumber.put(key, null); - } - } - } - return super.put(attrAlias, val); - } else { - return null; - } - } - - /** - * {@inheritDoc} - */ - public void populate(final String attrList) { - final StringTokenizer strToken = - new StringTokenizer(attrList, PEPSValues.ATTRIBUTE_SEP.toString()); - - while (strToken.hasMoreTokens()) { - final PersonalAttribute persAttr = new PersonalAttribute(); - String[] tuples = - strToken.nextToken().split(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(), - AttributeConstants.NUMBER_TUPLES.intValue()); - - // Convert to the new format if needed! - tuples = convertFormat(tuples); - - if (AttributeUtil.hasValidTuples(tuples)) { - final int attrValueIndex = - AttributeConstants.ATTR_VALUE_INDEX.intValue(); - final String tmpAttrValue = - tuples[attrValueIndex].substring(1, - tuples[attrValueIndex].length() - 1); - final String[] vals = - tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - persAttr.setName(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()]); - persAttr.setIsRequired(Boolean - .valueOf(tuples[AttributeConstants.ATTR_TYPE_INDEX.intValue()])); - - // check if it is a complex value - if (isComplexValue(vals)) { - persAttr.setComplexValue(createComplexValue(vals)); - } - else - { - persAttr.setValue(createValues(vals)); - } - - if (tuples.length == AttributeConstants.NUMBER_TUPLES.intValue()) { - persAttr.setStatus(tuples[AttributeConstants.ATTR_STATUS_INDEX - .intValue()]); - } - this.put(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()], - persAttr); - - } else { - LOG.warn("Invalid personal attribute list tuples"); - } - - } - } - - /** - * Returns a copy of this <tt>IPersonalAttributeList</tt> instance. - * - * @return The copy of this IPersonalAttributeList. - */ - public Object clone() { - try { - return (PersonalAttributeList) super.clone(); - } catch (CloneNotSupportedException e) { - return null; - } - } - - /** - * Creates a string in the following format. - * - * attrName:attrType:[attrValue1,attrValue2=attrComplexValue]:attrStatus; - * - * @return {@inheritDoc} - */ - @Override - public String toString() { - final Iterator<Entry<String, PersonalAttribute>> itAttrs = - this.entrySet().iterator(); - final StringBuilder strBuilder = new StringBuilder(); - - while (itAttrs.hasNext()) { - final Entry<String, PersonalAttribute> attrEntry = itAttrs.next(); - final PersonalAttribute attr = attrEntry.getValue(); - //strBuilder.append(attr.toString()); - strBuilder.insert(0, attr.toString()); - } - - return strBuilder.toString(); - } - - /** - * Validates and creates the attribute's complex values. - * - * @param values The complex values. - * - * @return The {@link Map} with the complex values. - * - * @see Map - */ - private Map<String, String> createComplexValue(final String[] values) { - final Map<String, String> complexValue = new HashMap<String, String>(); - for (final String val : values) { - final String[] tVal = val.split("="); - if (StringUtils.isNotEmpty(val) && tVal.length == 2) { - complexValue.put(tVal[0], AttributeUtil.unescape(tVal[1])); - } - } - return complexValue; - } - - /** - * Checks if value is complex or not - * @param values The values to check - * @return True if succesful - */ - private boolean isComplexValue(final String[] values) { - boolean isComplex = false; - if (values.length > 0) { - final String[] tVal = values[0].split("="); - if (StringUtils.isNotEmpty(values[0]) && tVal.length == 2) { - isComplex = true; - } - } - return isComplex; - } - - /** - * Validates and creates the attribute values. - * - * @param vals The attribute values. - * - * @return The {@link List} with the attribute values. - * - * @see List - */ - private List<String> createValues(final String[] vals) { - final List<String> values = new ArrayList<String>(); - for (final String val : vals) { - if (StringUtils.isNotEmpty(val)) { - values.add(AttributeUtil.unescape(val)); - } - } - return values; - } - - /** - * Converts the attribute tuple (attrName:attrType...) to the new format. - * - * @param tuples The attribute tuples to convert. - * - * @return The attribute tuples in the new format. - */ - private String[] convertFormat(final String[] tuples) { - final String[] newFormatTuples = - new String[AttributeConstants.NUMBER_TUPLES.intValue()]; - if (tuples != null) { - System.arraycopy(tuples, 0, newFormatTuples, 0, tuples.length); - - for (int i = tuples.length; i < newFormatTuples.length; i++) { - if (i == AttributeConstants.ATTR_VALUE_INDEX.intValue()) { - newFormatTuples[i] = "[]"; - } else { - newFormatTuples[i] = ""; - } - } - } - return newFormatTuples; - } - - /** - * Returns a IPersonalAttributeList of the complex attributes in this map. - * - * @return an IPersonalAttributeList of the complex attributes contained in this map. - */ - public IPersonalAttributeList getComplexAttributes() { - LOG.info("get complex attributes"); - IPersonalAttributeList attrList = new PersonalAttributeList(); - for(PersonalAttribute attr: this) { - if(!attr.getComplexValue().isEmpty()) { - attrList.put(attr.getName(), attr); - LOG.info("adding complex attribute:"+attr.getName()); - } - } - return attrList; - } - - /** - * Returns a IPersonalAttributeList of the mandatory attributes in this map. - * - * @return an IPersonalAttributeList of the mandatory attributes contained in this map. - */ - public IPersonalAttributeList getSimpleValueAttributes() { - LOG.info("get simple attributes"); - IPersonalAttributeList attrList = new PersonalAttributeList(); - for(PersonalAttribute attr: this) { - if(attr.getComplexValue().isEmpty()) { - attrList.put(attr.getName(), attr); - LOG.info("adding simple attribute:"+attr.getName()); - } - } - return attrList; - } - - - - /** - * Returns a IPersonalAttributeList of the mandatory attributes in this map. - * - * @return an IPersonalAttributeList of the mandatory attributes contained in this map. - */ - public IPersonalAttributeList getMandatoryAttributes() { - return getAttributesByParam(true); - } - - - /** - * Returns a IPersonalAttributeList of the attributes in this map by parameter value. - * - * @param compareValue The boolean to get mandatory (true) or optional (false) attributes. - * - * @return an IPersonalAttributeList of the mandatory attributes contained in this map if compareValue is true or optional otherwise. - */ - private IPersonalAttributeList getAttributesByParam(final boolean compareValue) { - LOG.info("get attributes by param :"+compareValue); - IPersonalAttributeList attrList = new PersonalAttributeList(); - for(PersonalAttribute attr: this) { - if(attr.isRequired() == compareValue) { - attrList.put(attr.getName(), attr); - LOG.info("adding attribute:"+attr.getName()); - } - } - return attrList; - } - - - /** - * Returns a IPersonalAttributeList of the optional attributes in this map. - * - * @return an IPersonalAttributeList of the optional attributes contained in this map. - */ - public IPersonalAttributeList getOptionalAttributes() { - return getAttributesByParam(false); - } - - /** - * {@inheritDoc} - */ - public boolean hasMissingValues() { - for(PersonalAttribute attr: this) { - if(attr.isEmptyValue() && attr.isEmptyComplexValue()) { - return true; - } - } - return false; - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java deleted file mode 100644 index 07f178ecc..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java +++ /dev/null @@ -1,447 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -import org.apache.log4j.Logger; - -public class STORKAttrQueryRequest implements Serializable, Cloneable { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 4778480781609392750L; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(STORKAttrQueryRequest.class - .getName()); - - /** The samlId. */ - private String samlId; - - /** The destination. */ - private String destination; - - /** The assertion consumer service url. */ - private String serviceURL; - - /** The distinguished name. */ - private String distinguishedName; - - /** The e id sector share. */ - private boolean eIDSectorShare; - - /** The e id cross sector share. */ - private boolean eIDCrossSectorShare; - - /** The e id cross border share. */ - private boolean eIDCrossBorderShare; - - /** The personal attribute list. */ - private IPersonalAttributeList attributeList = new PersonalAttributeList(); - - /** The qaa. */ - private int qaa; - - /** The token saml. */ - private byte[] tokenSaml = new byte[0]; - - /** The issuer. */ - private String issuer; - - /** The service provider sector. */ - private String spSector; - - /** The service provider institution. */ - private String spInstitution; - - /** The service provider application. */ - private String spApplication; - - /** The service provider country. */ - private String spCountry; - - /** The country. */ - private String country; - - /** The citizen country code. */ - private String citizenCountry; - - /** The Service Provider ID. */ - private String sPID; - - /** The Alias used at the keystore for saving this certificate. */ - private String alias; - - /** - * Gets the SP's Certificate Alias. - * - * @return alias The SP's Certificate Alias. - */ - public String getAlias() { - return alias; - } - - /** - * Sets the SP's Certificate Alias. - * - * @param nAlias The SP's Certificate Alias. - */ - public void setAlias(final String nAlias) { - this.alias = nAlias; - } - - /** - * Gets the SP ID. - * - * @return sPID The SP ID. - */ - public String getSPID() { - return sPID; - } - - /** - * Sets the SP ID. - * - * @param sPId The new sp samlId. - */ - public void setSPID(final String sPId) { - this.sPID = sPId; - } - - /** - * Gets the citizen country code. - * - * @return The citizen country code value. - */ - public String getCitizenCountryCode() { - return citizenCountry; - } - - /** - * Sets the citizen country code. - * - * @param countryCode the new citizen country code value. - */ - public void setCitizenCountryCode(final String countryCode) { - this.citizenCountry = countryCode; - } - - /** - * Gets the sp country. - * - * @return The sp country value. - */ - public String getSpCountry() { - return spCountry; - } - - /** - * Sets the sp country. - * - * @param sPCountry the new sp country value. - */ - public void setSpCountry(final String sPCountry) { - this.spCountry = sPCountry; - } - - /** - * Gets the issuer. - * - * @return The issuer value. - */ - public String getIssuer() { - return issuer; - } - - /** - * Sets the issuer. - * - * @param samlIssuer the new issuer value. - */ - public void setIssuer(final String samlIssuer) { - this.issuer = samlIssuer; - } - - /** - * Gets the SAML Token. - * - * @return The SAML Token value. - */ - public byte[] getTokenSaml() { - return tokenSaml.clone(); - } - - /** - * Sets the SAML Token. - * - * @param samlToken The new SAML Token value. - */ - public void setTokenSaml(final byte[] samlToken) { - if (samlToken != null) { - this.tokenSaml = samlToken.clone(); - } - } - - /** - * Gets the country. - * - * @return The country value. - */ - public String getCountry() { - return country; - } - - /** - * Sets the country. - * - * @param nCountry the new country value. - */ - public void setCountry(final String nCountry) { - this.country = nCountry; - } - - /** - * Getter for the qaa value. - * - * @return The qaa value value. - */ - public int getQaa() { - return qaa; - } - - /** - * Setter for the qaa value. - * - * @param qaaLevel The new qaa value. - */ - public void setQaa(final int qaaLevel) { - this.qaa = qaaLevel; - } - - /** - * Getter for the serviceURL value. - * - * @return The serviceURL value. - */ - public String getAssertionConsumerServiceURL() { - return serviceURL; - } - - /** - * Setter for the serviceURL value. - * - * @param newServiceURL the assertion consumer service URL. - */ - public void setAssertionConsumerServiceURL(final String newServiceURL) { - this.serviceURL = newServiceURL; - } - - /** - * Getter for the destination value. - * - * @return The destination value. - */ - public String getDestination() { - return destination; - } - - /** - * Setter for the destination value. - * - * @param detination the new destination value. - */ - public void setDestination(final String detination) { - this.destination = detination; - } - - /** - * Getter for the samlId value. - * - * @return The samlId value. - */ - public String getSamlId() { - return samlId; - } - - /** - * Setter for the samlId value. - * - * @param newSamlId the new samlId value. - */ - public void setSamlId(final String newSamlId) { - this.samlId = newSamlId; - } - - - /** - * Getter for the attributeList value. - * - * @return The attributeList value. - * - * @see IPersonalAttributeList - */ - public IPersonalAttributeList getPersonalAttributeList() { - IPersonalAttributeList personnalAttributeList = null; - try { - personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); - } catch (CloneNotSupportedException e1) { - LOG.trace("[PersonalAttribute] Nothing to do."); - } - return personnalAttributeList; - } - - /** - * Setter for the attributeList value. - * - * @param attrList the personal attribute list value. - * - * @see IPersonalAttributeList - */ - public void setPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.attributeList = attrList; - } - } - - /** - * Getter for the distinguishedName value. - * - * @return The distinguishedName value. - */ - public String getDistinguishedName() { - return distinguishedName; - } - - /** - * Setter for the distinguishedName value. - * - * @param certDN the distinguished name value. - */ - public void setDistinguishedName(final String certDN) { - this.distinguishedName = certDN; - } - - /** - * Gets the service provider sector. - * - * @return The service provider sector value. - */ - public String getSpSector() { - return spSector; - } - - /** - * Sets the service provider sector. - * - * @param samlSPSector the new service provider sector value. - */ - public void setSpSector(final String samlSPSector) { - this.spSector = samlSPSector; - } - - /** - * Gets the service provider institution. - * - * @return The service provider institution value. - */ - public String getSpInstitution() { - return spInstitution; - } - - /** - * Sets the service provider institution. - * - * @param samlSPInst the new service provider institution value. - */ - public void setSpInstitution(final String samlSPInst) { - this.spInstitution = samlSPInst; - } - - /** - * Gets the service provider application. - * - * @return The service provider application value. - */ - public String getSpApplication() { - return spApplication; - } - - /** - * Sets the service provider application. - * - * @param samlSPApp the new service provider application value. - */ - public void setSpApplication(final String samlSPApp) { - this.spApplication = samlSPApp; - } - - /** - * Checks if is eId sector share. - * - * @return true, if is eId sector share. - */ - public boolean isEIDSectorShare() { - return eIDSectorShare; - } - - /** - * Sets the eId sector share. - * - * @param eIdSectorShare the new eId sector share value. - */ - public void setEIDSectorShare(final boolean eIdSectorShare) { - this.eIDSectorShare = eIdSectorShare; - } - - /** - * Checks if is eId cross sector share. - * - * @return true, if is eId cross sector share. - */ - public boolean isEIDCrossSectorShare() { - return eIDCrossSectorShare; - } - - /** - * Sets the eId cross sector share. - * - * @param eIdCrossSectorShare the new eId cross sector share value. - */ - public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) { - this.eIDCrossSectorShare = eIdCrossSectorShare; - } - - /** - * Checks if is eId cross border share. - * - * @return true, if is eId cross border share. - */ - public boolean isEIDCrossBorderShare() { - return eIDCrossBorderShare; - } - - /** - * Sets the eId cross border share. - * - * @param eIdCrossBorderShare the new eId cross border share value. - */ - public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) { - this.eIDCrossBorderShare = eIdCrossBorderShare; - } - - /** - * Returns a copy of this <tt>STORKAttrQueryRequest</tt> instance. - * - * @return The copy of this STORKAttrQueryRequest. - * @throws CloneNotSupportedException on clone exception - */ - @Override - public Object clone() throws CloneNotSupportedException{ - STORKAttrQueryRequest storkAttrQueryReq = null; - storkAttrQueryReq = (STORKAttrQueryRequest) super.clone(); - storkAttrQueryReq.setPersonalAttributeList(getPersonalAttributeList()); - storkAttrQueryReq.setTokenSaml(getTokenSaml()); - return storkAttrQueryReq; - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java deleted file mode 100644 index 7bec86d17..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java +++ /dev/null @@ -1,392 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; -import java.util.List; - -import org.apache.log4j.Logger; -import org.joda.time.DateTime; -import org.opensaml.saml2.core.Assertion; - -public class STORKAttrQueryResponse implements Serializable { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 7653893041391541235L; - -/** Response Id. */ - private String samlId; - - /** Request failed? */ - private boolean fail; - - /** Status code. */ - private String statusCode; - - /** Secondary status code. */ - private String subStatusCode; - - /** Audience restriction. */ - private transient String audienceRest; - - /** Error message. */ - private String message; - - /** Id of the request that originated this response. */ - private String inResponseTo; - - /** Expiration date. */ - private DateTime notOnOrAfter; - - /** Creation date. */ - private DateTime notBefore; - - /** The SAML token. */ - private byte[] tokenSaml = new byte[0]; - - /** Country. */ - private String country; - - /** The complete assertion **/ - private Assertion assertion; - - /** List of all assertions in response **/ - private List<Assertion> assertions; - - /** The complete list from all assertions **/ - private transient IPersonalAttributeList totalAttributeList = new PersonalAttributeList(); - - /** All personal attribute lists **/ - private List<IPersonalAttributeList> attributeLists; - - /** Citizen's personal attribute list. */ - private transient IPersonalAttributeList attributeList = new PersonalAttributeList(); - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(STORKAttrQueryResponse.class.getName()); - - /** - * Getter for the subStatusCode. - * - * @return The subStatusCode value. - */ - public String getSubStatusCode() { - return subStatusCode; - } - - /** - * Setter for the subStatusCode. - * - * @param samlSubStatusCode the new subStatusCode value. - */ - public void setSubStatusCode(final String samlSubStatusCode) { - this.subStatusCode = samlSubStatusCode; - } - - /** - * Getter for audienceRest. - * - * @return The audienceRest value. - */ - public String getAudienceRestriction() { - return audienceRest; - } - - /** - * Setter for audienceRest. - * - * @param audRest the new audienceRest value. - */ - public void setAudienceRestriction(final String audRest) { - this.audienceRest = audRest; - } - - /** - * Getter for the samlToken. - * - * @return The samlToken value. - */ - public byte[] getTokenSaml() { - return tokenSaml.clone(); - } - - /** - * Setter for samlToken. - * - * @param samlToken the new tokenSaml value. - */ - public void setTokenSaml(final byte[] samlToken) { - if (samlToken != null) { - this.tokenSaml = samlToken.clone(); - } - } - - /** - * Getter for the country name. - * - * @return The country name value. - */ - public String getCountry() { - return country; - } - - /** - * Setter for the country name. - * - * @param cCountry the new country name value. - */ - public void setCountry(final String cCountry) { - this.country = cCountry; - } - - /** - * Getter for pal value. - * - * @return The pal value. - * - * @see PersonalAttributeList - */ - public IPersonalAttributeList getPersonalAttributeList() { - IPersonalAttributeList personnalAttributeList = null; - try { - personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); - } catch (CloneNotSupportedException e1) { - LOG.trace("[PersonalAttribute] Nothing to do."); - } - return personnalAttributeList; - } - - /** - * Setter for the Personal Attribute List value. - * - * @param attrList the new value. - * - * @see PersonalAttributeList - */ - public void setPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.attributeList = attrList; - } - } - - /** - * Getter for the inResponseTo value. - * - * @return The inResponseTo value. - */ - public String getInResponseTo() { - return inResponseTo; - } - - /** - * Setter for the inResponseTo value. - * - * @param samlInResponseTo the new inResponseTo value. - */ - public void setInResponseTo(final String samlInResponseTo) { - this.inResponseTo = samlInResponseTo; - } - - /** - * Getter for the fail value. - * - * @return The fail value. - */ - public boolean isFail() { - return fail; - } - - /** - * Setter for the fail value. - * - * @param failVal the new fail value. - */ - public void setFail(final boolean failVal) { - this.fail = failVal; - } - - /** - * Getter for the message value. - * - * @return The message value. - */ - public String getMessage() { - return message; - } - - /** - * Setter for the message value. - * - * @param msg the new message value. - */ - public void setMessage(final String msg) { - this.message = msg; - } - - /** - * Getter for the statusCode value. - * - * @return The statusCode value. - */ - public String getStatusCode() { - return statusCode; - } - - /** - * Setter for the statusCode value. - * - * @param status the new statusCode value. - */ - public void setStatusCode(final String status) { - this.statusCode = status; - } - - /** - * Getter for the samlId value. - * - * @return The samlId value. - */ - public String getSamlId() { - return samlId; - } - - /** - * Setter for the samlId value. - * - * @param nSamlId the new samlId value. - */ - public void setSamlId(final String nSamlId) { - this.samlId = nSamlId; - } - - /** - * Getter for the notOnOrAfter value. - * - * @return The notOnOrAfter value. - * - * @see DateTime - */ - public DateTime getNotOnOrAfter() { - return this.notOnOrAfter; - } - - /** - * Setter for the notOnOrAfter value. - * - * @param nOnOrAfter the new notOnOrAfter value. - * - * @see DateTime - */ - public void setNotOnOrAfter(final DateTime nOnOrAfter) { - this.notOnOrAfter = nOnOrAfter; - } - - /** - * Getter for the notBefore value. - * - * @return The notBefore value. - * - * @see DateTime - */ - public DateTime getNotBefore() { - return notBefore; - } - - /** - * Setter for the notBefore value. - * - * @param nBefore the new notBefore value. - * - * @see DateTime - */ - public void setNotBefore(final DateTime nBefore) { - this.notBefore = nBefore; - } - - /** Get the assertion from the response **/ - public Assertion getAssertion() { - return assertion; - } - - /** Set the assertion in the response **/ - public void setAssertion(final Assertion nAssertion) { - this.assertion = nAssertion; - } - - public void setAssertions(List<Assertion> newAssert) { - this.assertions = newAssert; - } - - public List<Assertion> getAssertions() { - return assertions; - } - - /** - * Getter for the toal pal value. - * - * @return The total pal value. - * - * @see PersonalAttributeList - */ - public IPersonalAttributeList getTotalPersonalAttributeList() { - IPersonalAttributeList personnalAttributeList = null; - try { - personnalAttributeList = (IPersonalAttributeList) totalAttributeList.clone(); - } catch (CloneNotSupportedException e1) { - LOG.trace("[PersonalAttribute] Nothing to do."); - } - return personnalAttributeList; - } - - /** - * Setter for the total Personal Attribute List value. - * - * @param attrList the new value. - * - * @see PersonalAttributeList - */ - public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.totalAttributeList = attrList; - } - } - - /** - * Getter for personal attribute lists - * - * @return The lists - * - * @see PersonalAttributeList - */ - public List<IPersonalAttributeList> getPersonalAttributeLists() { - return attributeLists; - } - - /** - * Setter for the Personal Attribute List value. - * - * @param attrList the new value. - * - * @see PersonalAttributeList - */ - public void setPersonalAttributeLists(final List<IPersonalAttributeList> attrLists) { - if (attrLists != null) { - this.attributeLists = attrLists; - } - } - -} - diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java deleted file mode 100644 index 2354d0eb1..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java +++ /dev/null @@ -1,495 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -import org.apache.log4j.Logger; - -/** - * This class is a bean used to store the information relative to the - * STORKAuthnRequest (SAML Token Request). - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.21 $, $Date: 2011-02-17 22:44:34 $ - */ -public final class STORKAuthnRequest implements Serializable, Cloneable { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 4778480781609392750L; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(STORKAuthnRequest.class - .getName()); - - /** The samlId. */ - private String samlId; - - /** The assertion consumer service url. */ - private String serviceURL; - - /** The destination. */ - private String destination; - - /** The provider name. */ - private String providerName; - - /** The distinguished name. */ - private String distinguishedName; - - /** The e id sector share. */ - private boolean eIDSectorShare; - - /** The e id cross sector share. */ - private boolean eIDCrossSectorShare; - - /** The e id cross border share. */ - private boolean eIDCrossBorderShare; - - /** The personal attribute list. */ - private IPersonalAttributeList attributeList = new PersonalAttributeList(); - - /** The qaa. */ - private int qaa; - - /** The token saml. */ - private byte[] tokenSaml = new byte[0]; - - /** The issuer. */ - private String issuer; - - /** The service provider sector. */ - private String spSector; - - /** The service provider institution. */ - private String spInstitution; - - /** The service provider application. */ - private String spApplication; - - /** The service provider country. */ - private String spCountry; - - /** The country. */ - private String country; - - /** The citizen country code. */ - private String citizenCountry; - - /** The Service Provider ID. */ - private String sPID; - - /** The Alias used at the keystore for saving this certificate. */ - private String alias; - - /** - * Gets the SP's Certificate Alias. - * - * @return alias The SP's Certificate Alias. - */ - public String getAlias() { - return alias; - } - - /** - * Sets the SP's Certificate Alias. - * - * @param nAlias The SP's Certificate Alias. - */ - public void setAlias(final String nAlias) { - this.alias = nAlias; - } - - /** - * Gets the SP ID. - * - * @return sPID The SP ID. - */ - public String getSPID() { - return sPID; - } - - /** - * Sets the SP ID. - * - * @param sPId The new sp samlId. - */ - public void setSPID(final String sPId) { - this.sPID = sPId; - } - - /** - * Gets the citizen country code. - * - * @return The citizen country code value. - */ - public String getCitizenCountryCode() { - return citizenCountry; - } - - /** - * Sets the citizen country code. - * - * @param countryCode the new citizen country code value. - */ - public void setCitizenCountryCode(final String countryCode) { - this.citizenCountry = countryCode; - } - - /** - * Gets the sp country. - * - * @return The sp country value. - */ - public String getSpCountry() { - return spCountry; - } - - /** - * Sets the sp country. - * - * @param sPCountry the new sp country value. - */ - public void setSpCountry(final String sPCountry) { - this.spCountry = sPCountry; - } - - /** - * Gets the issuer. - * - * @return The issuer value. - */ - public String getIssuer() { - return issuer; - } - - /** - * Sets the issuer. - * - * @param samlIssuer the new issuer value. - */ - public void setIssuer(final String samlIssuer) { - this.issuer = samlIssuer; - } - - /** - * Gets the SAML Token. - * - * @return The SAML Token value. - */ - public byte[] getTokenSaml() { - return tokenSaml.clone(); - } - - /** - * Sets the SAML Token. - * - * @param samlToken The new SAML Token value. - */ - public void setTokenSaml(final byte[] samlToken) { - if (samlToken != null) { - this.tokenSaml = samlToken.clone(); - } - } - - /** - * Gets the country. - * - * @return The country value. - */ - public String getCountry() { - return country; - } - - /** - * Sets the country. - * - * @param nCountry the new country value. - */ - public void setCountry(final String nCountry) { - this.country = nCountry; - } - - /** - * Getter for the qaa value. - * - * @return The qaa value value. - */ - public int getQaa() { - return qaa; - } - - /** - * Setter for the qaa value. - * - * @param qaaLevel The new qaa value. - */ - public void setQaa(final int qaaLevel) { - this.qaa = qaaLevel; - } - - /** - * Getter for the serviceURL value. - * - * @return The serviceURL value. - */ - public String getAssertionConsumerServiceURL() { - return serviceURL; - } - - /** - * Setter for the serviceURL value. - * - * @param newServiceURL the assertion consumer service URL. - */ - public void setAssertionConsumerServiceURL(final String newServiceURL) { - this.serviceURL = newServiceURL; - } - - /** - * Getter for the destination value. - * - * @return The destination value. - */ - public String getDestination() { - return destination; - } - - /** - * Setter for the destination value. - * - * @param detination the new destination value. - */ - public void setDestination(final String detination) { - this.destination = detination; - } - - /** - * Getter for the samlId value. - * - * @return The samlId value. - */ - public String getSamlId() { - return samlId; - } - - /** - * Setter for the samlId value. - * - * @param newSamlId the new samlId value. - */ - public void setSamlId(final String newSamlId) { - this.samlId = newSamlId; - } - - /** - * Getter for the providerName value. - * - * @return The provider name value. - */ - public String getProviderName() { - return providerName; - } - - /** - * Setter for the providerName value. - * - * @param samlProvider the provider name value. - */ - public void setProviderName(final String samlProvider) { - this.providerName = samlProvider; - } - - /** - * Getter for the attributeList value. - * - * @return The attributeList value. - * - * @see IPersonalAttributeList - */ - public IPersonalAttributeList getPersonalAttributeList() { - IPersonalAttributeList personnalAttributeList = null; - try { - personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); - } catch (CloneNotSupportedException e1) { - LOG.trace("[PersonalAttribute] Nothing to do."); - } - return personnalAttributeList; - } - - /** - * Setter for the attributeList value. - * - * @param attrList the personal attribute list value. - * - * @see IPersonalAttributeList - */ - public void setPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.attributeList = attrList; - } - } - - /** - * Getter for the distinguishedName value. - * - * @return The distinguishedName value. - */ - public String getDistinguishedName() { - return distinguishedName; - } - - /** - * Setter for the distinguishedName value. - * - * @param certDN the distinguished name value. - */ - public void setDistinguishedName(final String certDN) { - this.distinguishedName = certDN; - } - - /** - * Gets the service provider sector. - * - * @return The service provider sector value. - */ - public String getSpSector() { - return spSector; - } - - /** - * Sets the service provider sector. - * - * @param samlSPSector the new service provider sector value. - */ - public void setSpSector(final String samlSPSector) { - this.spSector = samlSPSector; - } - - /** - * Gets the service provider institution. - * - * @return The service provider institution value. - */ - public String getSpInstitution() { - return spInstitution; - } - - /** - * Sets the service provider institution. - * - * @param samlSPInst the new service provider institution value. - */ - public void setSpInstitution(final String samlSPInst) { - this.spInstitution = samlSPInst; - } - - /** - * Gets the service provider application. - * - * @return The service provider application value. - */ - public String getSpApplication() { - return spApplication; - } - - /** - * Sets the service provider application. - * - * @param samlSPApp the new service provider application value. - */ - public void setSpApplication(final String samlSPApp) { - this.spApplication = samlSPApp; - } - - /** - * Checks if is eId sector share. - * - * @return true, if is eId sector share. - */ - public boolean isEIDSectorShare() { - return eIDSectorShare; - } - - /** - * Sets the eId sector share. - * - * @param eIdSectorShare the new eId sector share value. - */ - public void setEIDSectorShare(final boolean eIdSectorShare) { - this.eIDSectorShare = eIdSectorShare; - } - - /** - * Checks if is eId cross sector share. - * - * @return true, if is eId cross sector share. - */ - public boolean isEIDCrossSectorShare() { - return eIDCrossSectorShare; - } - - /** - * Sets the eId cross sector share. - * - * @param eIdCrossSectorShare the new eId cross sector share value. - */ - public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) { - this.eIDCrossSectorShare = eIdCrossSectorShare; - } - - /** - * Checks if is eId cross border share. - * - * @return true, if is eId cross border share. - */ - public boolean isEIDCrossBorderShare() { - return eIDCrossBorderShare; - } - - /** - * Sets the eId cross border share. - * - * @param eIdCrossBorderShare the new eId cross border share value. - */ - public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) { - this.eIDCrossBorderShare = eIdCrossBorderShare; - } - - /** - * Returns a copy of this <tt>STORKAuthnRequest</tt> instance. - * - * @return The copy of this STORKAuthnRequest. - * @throws CloneNotSupportedException on clone exception - */ - @Override - public Object clone() throws CloneNotSupportedException{ - STORKAuthnRequest storkAuthnReq = null; - try { - storkAuthnReq = (STORKAuthnRequest) super.clone(); - storkAuthnReq.setPersonalAttributeList(getPersonalAttributeList()); - storkAuthnReq.setTokenSaml(getTokenSaml()); - } catch (final CloneNotSupportedException e) { - // assert false; - LOG.trace("[PersonalAttribute] Nothing to do."); - } - - return storkAuthnReq; - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java deleted file mode 100644 index cab723837..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java +++ /dev/null @@ -1,395 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; -import java.util.List; - -import org.apache.log4j.Logger; -import org.joda.time.DateTime; -import org.opensaml.saml2.core.Assertion; - -/** - * This class is a bean used to store the information relative to the - * STORKAuthnResponse. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class STORKAuthnResponse implements Serializable { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = -9100982727074068660L; - - /** Response Id. */ - private String samlId; - - /** Authentication failed?. */ - private boolean fail; - - /** Status code. */ - private String statusCode; - - /** Secondary status code. */ - private String subStatusCode; - - /** Audience restriction. */ - private transient String audienceRest; - - /** Error message. */ - private String message; - - /** Id of the request that originated this response. */ - private String inResponseTo; - - /** Expiration date. */ - private DateTime notOnOrAfter; - - /** Creation date. */ - private DateTime notBefore; - - /** The SAML token. */ - private byte[] tokenSaml = new byte[0]; - - /** Country. */ - private String country; - - /** Citizen's personal attribute list. */ - private IPersonalAttributeList attributeList = new PersonalAttributeList(); - - /** List of all assertions in response *. */ - private List<Assertion> assertions; - - /** The complete list from all assertions *. */ - private transient IPersonalAttributeList totalAttributeList = new PersonalAttributeList(); - - /** All personal attribute lists *. */ - private List<IPersonalAttributeList> attributeLists; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(STORKAuthnResponse.class.getName()); - - /** - * Getter for the subStatusCode. - * - * @return The subStatusCode value. - */ - public String getSubStatusCode() { - return subStatusCode; - } - - /** - * Setter for the subStatusCode. - * - * @param samlSubStatusCode the new subStatusCode value. - */ - public void setSubStatusCode(final String samlSubStatusCode) { - this.subStatusCode = samlSubStatusCode; - } - - /** - * Getter for audienceRest. - * - * @return The audienceRest value. - */ - public String getAudienceRestriction() { - return audienceRest; - } - - /** - * Setter for audienceRest. - * - * @param audRest the new audienceRest value. - */ - public void setAudienceRestriction(final String audRest) { - this.audienceRest = audRest; - } - - /** - * Getter for the samlToken. - * - * @return The samlToken value. - */ - public byte[] getTokenSaml() { - return tokenSaml.clone(); - } - - /** - * Setter for samlToken. - * - * @param samlToken the new tokenSaml value. - */ - public void setTokenSaml(final byte[] samlToken) { - if (samlToken != null) { - this.tokenSaml = samlToken.clone(); - } - } - - /** - * Getter for the country name. - * - * @return The country name value. - */ - public String getCountry() { - return country; - } - - /** - * Setter for the country name. - * - * @param cCountry the new country name value. - */ - public void setCountry(final String cCountry) { - this.country = cCountry; - } - - /** - * Getter for pal value. - * - * @return The pal value. - * - * @see PersonalAttributeList - */ - public IPersonalAttributeList getPersonalAttributeList() { - IPersonalAttributeList personnalAttributeList = null; - try { - personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); - } catch (CloneNotSupportedException e1) { - LOG.trace("[PersonalAttribute] Nothing to do."); - } - return personnalAttributeList; - } - - /** - * Setter for the Personal Attribute List value. - * - * @param attrList the new value. - * - * @see PersonalAttributeList - */ - public void setPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.attributeList = attrList; - } - } - - /** - * Getter for the inResponseTo value. - * - * @return The inResponseTo value. - */ - public String getInResponseTo() { - return inResponseTo; - } - - /** - * Setter for the inResponseTo value. - * - * @param samlInResponseTo the new inResponseTo value. - */ - public void setInResponseTo(final String samlInResponseTo) { - this.inResponseTo = samlInResponseTo; - } - - /** - * Getter for the fail value. - * - * @return The fail value. - */ - public boolean isFail() { - return fail; - } - - /** - * Setter for the fail value. - * - * @param failVal the new fail value. - */ - public void setFail(final boolean failVal) { - this.fail = failVal; - } - - /** - * Getter for the message value. - * - * @return The message value. - */ - public String getMessage() { - return message; - } - - /** - * Setter for the message value. - * - * @param msg the new message value. - */ - public void setMessage(final String msg) { - this.message = msg; - } - - /** - * Getter for the statusCode value. - * - * @return The statusCode value. - */ - public String getStatusCode() { - return statusCode; - } - - /** - * Setter for the statusCode value. - * - * @param status the new statusCode value. - */ - public void setStatusCode(final String status) { - this.statusCode = status; - } - - /** - * Getter for the samlId value. - * - * @return The samlId value. - */ - public String getSamlId() { - return samlId; - } - - /** - * Setter for the samlId value. - * - * @param nSamlId the new samlId value. - */ - public void setSamlId(final String nSamlId) { - this.samlId = nSamlId; - } - - /** - * Getter for the notOnOrAfter value. - * - * @return The notOnOrAfter value. - * - * @see DateTime - */ - public DateTime getNotOnOrAfter() { - return this.notOnOrAfter; - } - - /** - * Setter for the notOnOrAfter value. - * - * @param nOnOrAfter the new notOnOrAfter value. - * - * @see DateTime - */ - public void setNotOnOrAfter(final DateTime nOnOrAfter) { - this.notOnOrAfter = nOnOrAfter; - } - - /** - * Getter for the notBefore value. - * - * @return The notBefore value. - * - * @see DateTime - */ - public DateTime getNotBefore() { - return notBefore; - } - - /** - * Setter for the notBefore value. - * - * @param nBefore the new notBefore value. - * - * @see DateTime - */ - public void setNotBefore(final DateTime nBefore) { - this.notBefore = nBefore; - } - - /** - * Sets the assertions. - * - * @param newAssert the new assertions - */ - public void setAssertions(List<Assertion> newAssert) { - this.assertions = newAssert; - } - - /** - * Gets the assertions. - * - * @return the assertions - */ - public List<Assertion> getAssertions() { - return assertions; - } - - /** - * Getter for the toal pal value. - * - * @return The total pal value. - * - * @see PersonalAttributeList - */ - public IPersonalAttributeList getTotalPersonalAttributeList() { - IPersonalAttributeList personnalAttributeList = null; - try { - personnalAttributeList = (IPersonalAttributeList) totalAttributeList.clone(); - } catch (CloneNotSupportedException e1) { - LOG.trace("[PersonalAttribute] Nothing to do."); - } - return personnalAttributeList; - } - - /** - * Setter for the total Personal Attribute List value. - * - * @param attrList the new value. - * - * @see PersonalAttributeList - */ - public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.totalAttributeList = attrList; - } - } - - /** - * Getter for personal attribute lists. - * - * @return The lists - * @see PersonalAttributeList - */ - public List<IPersonalAttributeList> getPersonalAttributeLists() { - return attributeLists; - } - - /** - * Setter for the Personal Attribute List value. - * - * @param attrLists the new personal attribute lists - * @see PersonalAttributeList - */ - public void setPersonalAttributeLists(final List<IPersonalAttributeList> attrLists) { - if (attrLists != null) { - this.attributeLists = attrLists; - } - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java deleted file mode 100644 index a02002d93..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java +++ /dev/null @@ -1,197 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -public class STORKLogoutRequest implements Serializable, Cloneable { - private static final long serialVersionUID = 4778480781609392750L; - - /** The samlId. */ - private String samlId; - - /** The destination. */ - private String destination; - - /** The distinguished name. */ - private String distinguishedName; - - /** The qaa. */ - private int qaa; - - /** The token saml. */ - private byte[] tokenSaml = new byte[0]; - - /** The issuer. */ - private String issuer; - - /** The country. */ - private String country; - - /** The Alias used at the keystore for saving this certificate. */ - private String alias; - - /** The ID of principal as known to SP **/ - private String spProvidedId; - - /** - * Gets the SP's Certificate Alias. - * - * @return alias The SP's Certificate Alias. - */ - public String getAlias() { - return alias; - } - - /** - * Sets the SP's Certificate Alias. - * - * @param nAlias The SP's Certificate Alias. - */ - public void setAlias(final String nAlias) { - this.alias = nAlias; - } - - /** - * Gets the issuer. - * - * @return The issuer value. - */ - public String getIssuer() { - return issuer; - } - - /** - * Sets the issuer. - * - * @param samlIssuer the new issuer value. - */ - public void setIssuer(final String samlIssuer) { - this.issuer = samlIssuer; - } - - /** - * Gets the SAML Token. - * - * @return The SAML Token value. - */ - public byte[] getTokenSaml() { - return tokenSaml.clone(); - } - - /** - * Sets the SAML Token. - * - * @param samlToken The new SAML Token value. - */ - public void setTokenSaml(final byte[] samlToken) { - if (samlToken != null) { - this.tokenSaml = samlToken.clone(); - } - } - - /** - * Gets the country. - * - * @return The country value. - */ - public String getCountry() { - return country; - } - - /** - * Sets the country. - * - * @param nCountry the new country value. - */ - public void setCountry(final String nCountry) { - this.country = nCountry; - } - - /** - * Getter for the qaa value. - * - * @return The qaa value value. - */ - public int getQaa() { - return qaa; - } - - /** - * Setter for the qaa value. - * - * @param qaaLevel The new qaa value. - */ - public void setQaa(final int qaaLevel) { - this.qaa = qaaLevel; - } - - /** - * Getter for the destination value. - * - * @return The destination value. - */ - public String getDestination() { - return destination; - } - - /** - * Setter for the destination value. - * - * @param detination the new destination value. - */ - public void setDestination(final String detination) { - this.destination = detination; - } - - /** - * Getter for the samlId value. - * - * @return The samlId value. - */ - public String getSamlId() { - return samlId; - } - - /** - * Setter for the samlId value. - * - * @param newSamlId the new samlId value. - */ - public void setSamlId(final String newSamlId) { - this.samlId = newSamlId; - } - - /** - * Getter for the distinguishedName value. - * - * @return The distinguishedName value. - */ - public String getDistinguishedName() { - return distinguishedName; - } - - /** - * Setter for the distinguishedName value. - * - * @param certDN the distinguished name value. - */ - public void setDistinguishedName(final String certDN) { - this.distinguishedName = certDN; - } - - /** Getter for spProvidedId **/ - public String getSpProvidedId() { - return spProvidedId; - } - - public void setSpProvidedId(final String nSpProvidedId) { - this.spProvidedId = nSpProvidedId; - } - - @Override - public Object clone() throws CloneNotSupportedException{ - STORKLogoutRequest storkLogoutRequest = null; - storkLogoutRequest = (STORKLogoutRequest) super.clone(); - storkLogoutRequest.setTokenSaml(getTokenSaml()); - return storkLogoutRequest; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java deleted file mode 100644 index 2686727db..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java +++ /dev/null @@ -1,250 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -public class STORKLogoutResponse implements Serializable, Cloneable { - private static final long serialVersionUID = 4778480781609392750L; - - /** The samlId. */ - private String samlId; - - /** The destination. */ - private String destination; - - /** The distinguished name. */ - private String distinguishedName; - - /** The token saml. */ - private byte[] tokenSaml = new byte[0]; - - /** The issuer. */ - private String issuer; - - /** The country. */ - private String country; - - /** The Alias used at the keystore for saving this certificate. */ - private String alias; - - /** Status code. */ - private String statusCode; - - /** Secondary status code. */ - private String subStatusCode; - - /** Status message. */ - private String statusMessage; - - /** Logout failed? */ - private boolean fail; - - /** - * Gets the SP's Certificate Alias. - * - * @return alias The SP's Certificate Alias. - */ - public String getAlias() { - return alias; - } - - /** - * Sets the SP's Certificate Alias. - * - * @param nAlias The SP's Certificate Alias. - */ - public void setAlias(final String nAlias) { - this.alias = nAlias; - } - - /** - * Gets the issuer. - * - * @return The issuer value. - */ - public String getIssuer() { - return issuer; - } - - /** - * Sets the issuer. - * - * @param samlIssuer the new issuer value. - */ - public void setIssuer(final String samlIssuer) { - this.issuer = samlIssuer; - } - - /** - * Gets the SAML Token. - * - * @return The SAML Token value. - */ - public byte[] getTokenSaml() { - return tokenSaml.clone(); - } - - /** - * Sets the SAML Token. - * - * @param samlToken The new SAML Token value. - */ - public void setTokenSaml(final byte[] samlToken) { - if (samlToken != null) { - this.tokenSaml = samlToken.clone(); - } - } - - /** - * Gets the country. - * - * @return The country value. - */ - public String getCountry() { - return country; - } - - /** - * Sets the country. - * - * @param nCountry the new country value. - */ - public void setCountry(final String nCountry) { - this.country = nCountry; - } - - /** - * Getter for the destination value. - * - * @return The destination value. - */ - public String getDestination() { - return destination; - } - - /** - * Setter for the destination value. - * - * @param detination the new destination value. - */ - public void setDestination(final String detination) { - this.destination = detination; - } - - /** - * Getter for the samlId value. - * - * @return The samlId value. - */ - public String getSamlId() { - return samlId; - } - - /** - * Setter for the samlId value. - * - * @param newSamlId the new samlId value. - */ - public void setSamlId(final String newSamlId) { - this.samlId = newSamlId; - } - - /** - * Getter for the distinguishedName value. - * - * @return The distinguishedName value. - */ - public String getDistinguishedName() { - return distinguishedName; - } - - /** - * Setter for the distinguishedName value. - * - * @param certDN the distinguished name value. - */ - public void setDistinguishedName(final String certDN) { - this.distinguishedName = certDN; - } - - - /** - * Getter for the fail value. - * - * @return The fail value. - */ - public boolean isFail() { - return fail; - } - - /** - * Setter for the fail value. - * - * @param failVal the new fail value. - */ - public void setFail(final boolean failVal) { - this.fail = failVal; - } - - /** - * Getter for the statusCode value. - * - * @return The statusCode value. - */ - public String getStatusCode() { - return statusCode; - } - - /** - * Getter for the subStatusCode. - * - * @return The subStatusCode value. - */ - public String getSubStatusCode() { - return subStatusCode; - } - - /** - * Setter for the subStatusCode. - * - * @param samlSubStatusCode the new subStatusCode value. - */ - public void setSubStatusCode(final String samlSubStatusCode) { - this.subStatusCode = samlSubStatusCode; - } - - /** - * Setter for the statusMessage value. - * - * @param status the new statusMessage value. - */ - public void setStatusMessage(final String status) { - this.statusMessage = status; - } - - /** - * Getter for the statusMessage value. - * - * @return The statusMessage value. - */ - public String getStatusMessage() { - return statusMessage; - } - - /** - * Setter for the statusCode value. - * - * @param status the new statusCode value. - */ - public void setStatusCode(final String status) { - this.statusCode = status; - } - - @Override - public Object clone() throws CloneNotSupportedException{ - STORKLogoutResponse storkLogoutResponse = null; - storkLogoutResponse = (STORKLogoutResponse) super.clone(); - storkLogoutResponse.setTokenSaml(getTokenSaml()); - return storkLogoutResponse; - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java deleted file mode 100644 index a9c4a156b..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains the SAML Token Status Code. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ - */ -public enum STORKStatusCode { - - /** URI for Requester status code. */ - REQUESTER_URI("urn:oasis:names:tc:SAML:2.0:status:Requester"), - - /** URI for Responder status code. */ - RESPONDER_URI("urn:oasis:names:tc:SAML:2.0:status:Responder"), - - /** URI for Success status code. */ - SUCCESS_URI("urn:oasis:names:tc:SAML:2.0:status:Success"), - - /** Attribute is Available. */ - STATUS_AVAILABLE("Available"), - - /** Attribute is NotAvailable. */ - STATUS_NOT_AVAILABLE("NotAvailable"), - - /** Attribute is Withheld. */ - STATUS_WITHHELD("Withheld"); - - /** - * Represents the constant's value. - */ - private String value; - - /** - * Solo Constructor. - * - * @param val The Constant value. - */ - private STORKStatusCode(final String val) { - - this.value = val; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - - return value; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java deleted file mode 100644 index 0a711c9b7..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java +++ /dev/null @@ -1,71 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains the SAML Token Sub Status Code. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.7 $, $Date: 2010-11-17 05:15:28 $ - */ -public enum STORKSubStatusCode { - - /** URI for AuthnFailed status code. */ - AUTHN_FAILED_URI("urn:oasis:names:tc:SAML:2.0:status:AuthnFailed"), - - /** URI for InvalidAttrNameOrValue status code. */ - INVALID_ATTR_NAME_VALUE_URI( - "urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue"), - - /** URI for InvalidNameIDPolicy status code. */ - INVALID_NAMEID_POLICY_URI( - "urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy"), - - /** URI for VersionMismatch status code. */ - VERSION_MISMATCH_URI("urn:oasis:names:tc:SAML:2.0:status:VersionMismatch"), - - /** URI for RequestDenied status code. */ - REQUEST_DENIED_URI("urn:oasis:names:tc:SAML:2.0:status:RequestDenied"), - - /** URI for QaaNotSupported status code. */ - QAA_NOT_SUPPORTED( - "http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported"); - - /** - * Represents the constant's value. - */ - private String value; - - /** - * Solo Constructor. - * - * @param val The Constant value. - */ - private STORKSubStatusCode(final String val) { - - this.value = val; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - - return value; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java deleted file mode 100644 index e9a96d7c2..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java +++ /dev/null @@ -1,173 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -import java.io.Serializable; - -/** - * Abstract class to represent the various PEPS exceptions. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ - */ -public abstract class AbstractPEPSException extends RuntimeException implements - Serializable { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = -1884417567740138022L; - - /** - * Error code. - */ - private String errorCode; - - /** - * Error message. - */ - private String errorMessage; - - /** - * SAML token. - */ - private String samlTokenFail; - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters. - * - * @param code The error code value. - * @param message The error message value. - */ - public AbstractPEPSException(final String code, final String message) { - - super(message); - this.errorCode = code; - this.errorMessage = message; - } - - /** - * Exception Constructor with the errorMessage as parameters and the Throwable - * cause. - * - * @param message The error message value. - * @param cause The throwable object. - */ - public AbstractPEPSException(final String message, final Throwable cause) { - - super(message, cause); - this.errorMessage = message; - } - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters and the Throwable cause. - * - * @param code The error code value. - * @param message The error message value. - * @param cause The throwable object. - */ - public AbstractPEPSException(final String code, final String message, - final Throwable cause) { - - super(message, cause); - this.errorCode = code; - this.errorMessage = message; - } - - /** - * Exception Constructor with three Strings representing the errorCode, - * errorMessage and encoded samlToken as parameters. - * - * @param code The error code value. - * @param message The error message value. - * @param samlToken The error SAML Token. - */ - public AbstractPEPSException(final String code, final String message, - final String samlToken) { - - super(message); - this.errorCode = code; - this.errorMessage = message; - this.samlTokenFail = samlToken; - } - - /** - * Constructor with SAML Token as argument. Error message and error code are - * embedded in the SAML. - * - * @param samlToken The error SAML Token. - */ - public AbstractPEPSException(final String samlToken) { - super(); - this.samlTokenFail = samlToken; - } - - /** - * Getter for errorCode. - * - * @return The errorCode value. - */ - public final String getErrorCode() { - return errorCode; - } - - /** - * Setter for errorCode. - * - * @param code The error code value. - */ - public final void setErrorCode(final String code) { - this.errorCode = code; - } - - /** - * Getter for errorMessage. - * - * @return The error Message value. - */ - public final String getErrorMessage() { - return errorMessage; - } - - /** - * Setter for errorMessage. - * - * @param message The error message value. - */ - public final void setErrorMessage(final String message) { - this.errorMessage = message; - } - - /** - * Getter for SAMLTokenFail. - * - * @return The error SAML Token. - */ - public final String getSamlTokenFail() { - return samlTokenFail; - } - - /** - * Setter for SAMLTokenFail. - * - * @param samlToken The error SAML token. - */ - public final void setSamlTokenFail(final String samlToken) { - this.samlTokenFail = samlToken; - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java deleted file mode 100644 index 69cb20fdd..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java +++ /dev/null @@ -1,143 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * This exception is thrown by the C-PEPS service and holds the relative - * information to present to the citizen. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class CPEPSException extends RuntimeException { - - /** - * Serial id. - */ - private static final long serialVersionUID = -4012295047127999362L; - - /** - * Error code. - */ - private String errorCode; - - /** - * Error message. - */ - private String errorMessage; - - /** - * SAML token. - */ - private String samlTokenFail; - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters. - * - * @param samlToken The SAML Token. - * @param code The error code value. - * @param message The error message value. - */ - public CPEPSException(final String samlToken, final String code, - final String message) { - - super(message); - this.setErrorCode(code); - this.setErrorMessage(message); - this.setSamlTokenFail(samlToken); - } - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters. - * - * @param samlToken The SAML Token. - * @param code The error code value. - * @param message The error message value. - * @param cause The original exception; - */ - public CPEPSException(final String samlToken, final String code, - final String message, final Throwable cause) { - - super(message, cause); - this.setErrorCode(code); - this.setErrorMessage(message); - this.setSamlTokenFail(samlToken); - } - - /** - * {@inheritDoc} - */ - public String getMessage() { - return this.getErrorMessage() + " (" + this.getErrorCode() + ")"; - } - - /** - * Getter for the error code. - * - * @return The errorCode value. - */ - public String getErrorCode() { - return errorCode; - } - - /** - * Setter for the error code. - * - * @param code The error code. - */ - public void setErrorCode(final String code) { - this.errorCode = code; - } - - /** - * Getter for the error message. - * - * @return The errorMessage value. - */ - public String getErrorMessage() { - return errorMessage; - } - - /** - * Setter for the error message. - * - * @param message The error message. - */ - public void setErrorMessage(final String message) { - this.errorMessage = message; - } - - /** - * Getter for the samlTokenFail. - * - * @return The samlTokenFail value. - */ - public String getSamlTokenFail() { - return samlTokenFail; - } - - /** - * Setter for the samlTokenFail. - * - * @param samlToken The error Saml Token. - */ - public void setSamlTokenFail(final String samlToken) { - this.samlTokenFail = samlToken; - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java deleted file mode 100644 index 67514d4fe..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java +++ /dev/null @@ -1,74 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Internal Error Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ - * - * @see AbstractPEPSException - */ -public final class InternalErrorPEPSException extends AbstractPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 1193001455410319795L; - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters and the Throwable cause. - * - * @param errorCode The error code value. - * @param errorMessage The error message value. - * @param cause The throwable object. - */ - public InternalErrorPEPSException(final String errorCode, - final String errorMessage, final Throwable cause) { - - super(errorCode, errorMessage, cause); - } - - /** - * Exception Constructor with three strings representing the errorCode, - * errorMessage and encoded samlToken as parameters. - * - * @param errorCode The error code value. - * @param errorMessage The error message value. - * @param samlTokenFail The error SAML Token. - */ - public InternalErrorPEPSException(final String errorCode, - final String errorMessage, final String samlTokenFail) { - - super(errorCode, errorMessage, samlTokenFail); - } - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters. - * - * @param errorCode The error code value. - * @param errorMessage The error message value. - */ - public InternalErrorPEPSException(final String errorCode, - final String errorMessage) { - - super(errorCode, errorMessage); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java deleted file mode 100644 index 12c83b589..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Invalid Parameter Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.11 $, $Date: 2010-11-17 05:15:28 $ - * - * @see InvalidParameterPEPSException - */ -public class InvalidParameterPEPSException extends AbstractPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 2046282148740524875L; - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters. - * - * @param errorCode The error code value. - * @param errorMessage The error code message value. - */ - public InvalidParameterPEPSException(final String errorCode, - final String errorMessage) { - super(errorCode, errorMessage); - } - - /** - * Exception Constructor with one String representing the encoded samlToken. - * - * @param samlTokenFail The error SAML Token. - */ - public InvalidParameterPEPSException(final String samlTokenFail) { - super(samlTokenFail); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java deleted file mode 100644 index 800525eee..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Invalid session Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.14 $, $Date: 2010-11-17 05:15:28 $ - * - * @see InvalidParameterPEPSException - */ -public class InvalidSessionPEPSException extends InvalidParameterPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 7147090160978319016L; - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters. - * - * @param errorCode The error code value. - * @param errorMessage The error message value. - */ - public InvalidSessionPEPSException(final String errorCode, - final String errorMessage) { - - super(errorCode, errorMessage); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java deleted file mode 100644 index fc27371d2..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Security PEPS Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.18 $, $Date: 2010-11-17 05:15:28 $ - * - * @see AbstractPEPSException - */ -public final class SecurityPEPSException extends AbstractPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 5605743302478554967L; - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters. - * - * @param errorCode The error code value. - * @param errorMsg The error message value. - */ - public SecurityPEPSException(final String errorCode, final String errorMsg) { - super(errorCode, errorMsg); - } - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters and the Throwable cause. - * - * @param errorCode The error code value. - * @param errorMessage The error message value. - * @param cause The throwable object. - */ - public SecurityPEPSException(final String errorCode, - final String errorMessage, final Throwable cause) { - - super(errorCode, errorMessage, cause); - } - - /** - * Exception Constructor with one String representing the encoded samlToken. - * - * @param samlTokenFail The error SAML Token. - */ - public SecurityPEPSException(final String samlTokenFail) { - super(samlTokenFail); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java deleted file mode 100644 index a2da61a02..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Security PEPS Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ - * - * @see AbstractPEPSException - */ -public final class StorkPEPSException extends AbstractPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 8048033129798427574L; - - /** - * Exception Constructor with two Strings representing the errorCode and - * errorMessage as parameters. - * - * @param errorCode The error code value. - * @param errorMsg The error message value. - */ - public StorkPEPSException(final String errorCode, final String errorMsg) { - super(errorCode, errorMsg); - } - - /** - * {@inheritDoc} - */ - public String getMessage() { - - return "Security Error (" + this.getErrorCode() + ") processing request : " - + this.getErrorMessage(); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java deleted file mode 100644 index 1a3c57329..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java +++ /dev/null @@ -1,7 +0,0 @@ -/** - * Package for the PEPS’ Exceptions handling. - * - * @since 1.0 - */ -package eu.stork.peps.auth.commons.exceptions; - diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java deleted file mode 100644 index 58ee7bcac..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java +++ /dev/null @@ -1,9 +0,0 @@ -/** - * Common Authentication Service functionalities to be deployed in every PEPS - * is contained in this package. - * In particular, it contains the SAML Engine that implements the SAML messages - * management - * - * @since 1.0 - */ -package eu.stork.peps.auth.commons; diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java deleted file mode 100644 index 5c24cc5a8..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java +++ /dev/null @@ -1,215 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import java.util.Map; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.IStorkSession; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnResponse; - -/** - * Interface for Specific Authentication methods. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface IAUService { - - /** - * Prepares the citizen to be redirected to the IdP. - * - * @param personalList The Personal Attribute List. - * @param parameters The parameters. - * @param session The session object. - * @param requestAttributes The Requested attributes. - * - * @return byte[] containing a SAML Request. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - byte[] prepareCitizenAuthentication(IPersonalAttributeList personalList, - Map<String, Object> parameters, Map<String, Object> requestAttributes, - IStorkSession session); - - /** - * Prepares the citizen to be redirected to the PV. - * - * @param personalList The Personal Attribute List. - * @param parameters The parameters. - * @param session The session object. - * @param requestAttributes The Requested attributes. - * - * @return byte[] containing a SAML Request. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - byte[] preparePVRequest(IPersonalAttributeList personalList, - Map<String, Object> parameters, Map<String, Object> requestAttributes, - IStorkSession session); - - /** - * Authenticates a citizen. - * - * @param personalList The Personal Attribute List. - * @param parameters The parameters. - * @param requestAttributes The requested attributes. - * - * @return The updated Personal Attribute List. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList authenticateCitizen( - IPersonalAttributeList personalList, Map<String, Object> parameters, - Map<String, Object> requestAttributes); - - /** - * Validates a power. - * - * @param personalList The Personal Attribute List. - * @param parameters The parameters. - * @param requestAttributes The requested attributes. - * - * @return The updated Personal Attribute List (power validated). - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList powerValidation( - IPersonalAttributeList personalList, Map<String, Object> parameters, - Map<String, Object> requestAttributes); - - /** - * Prepares the Citizen browser to be redirected to the AP. - * - * @param personalList The Personal Attribute List. - * @param parameters The parameters. - * @param session The session object. - * @param requestAttributes The requested attributes. - * - * @return true in case of no error. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - boolean prepareAPRedirect(IPersonalAttributeList personalList, - Map<String, Object> parameters, Map<String, Object> requestAttributes, - IStorkSession session); - - /** - * Returns the attributes values from the AP. - * - * @param personalList The Personal Attribute List. - * @param parameters The parameters. - * @param requestAttributes The request attributes. - * - * @return The updated Personal Attribute List. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList getAttributesFromAttributeProviders( - IPersonalAttributeList personalList, Map<String, Object> parameters, - Map<String, Object> requestAttributes); - - /** - * Get the attributes from the AP with verification. - * - * @param personalList The Personal Attribute List. - * @param parameters The HTTP Parameters. - * @param requestAttributes The requested Attributes. - * @param session The session object. - * @param auProcessId The SAML identifier. - * - * @return true if the attributes were correctly verified. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - boolean getAttributesWithVerification(IPersonalAttributeList personalList, - Map<String, Object> parameters, Map<String, Object> requestAttributes, - IStorkSession session, String auProcessId); - - /** - * Validates a SAML Response. - * - * @param samlToken The SAML Token. - * @param session The session object. - * - * @return the STORKAuthnResponse associated with the validated response. - * - * @see IStorkSession - */ - STORKAuthnResponse processAuthenticationResponse(byte[] samlToken, - IStorkSession session); - - /** - * Generates a SAML Response in case of error. - * - * @param inResponseTo The SAML's identifier to response. - * @param issuer The issuer value. - * @param assertionURL The assertion URL. - * @param code The error code. - * @param subcode The sub error code. - * @param message The error message. - * @param ipUserAddress The user IP address. - * - * @return byte[] containing the SAML Response. - */ - byte[] generateErrorAuthenticationResponse(String inResponseTo, - String issuer, String assertionURL, String code, String subcode, - String message, String ipUserAddress); - - /** - * Compares two given personal attribute lists. - * - * @param original The original Personal Attribute List. - * @param modified The modified Personal Attribute List. - * @return true if the original list contains the modified one. False - * otherwise. - * - * @see IPersonalAttributeList - */ - boolean comparePersonalAttributeLists(IPersonalAttributeList original, - IPersonalAttributeList modified); - - /** - * Prepares the citizen to be redirected to the AtP. - * - * @param personalList The Personal Attribute List. - * @param parameters The parameters. - * @param session The session object. - * - * @return byte[] containing a SAML Request. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - byte[] prepareAttributeRequest(IPersonalAttributeList personalList, - Map<String, Object> parameters, IStorkSession session); - - /** - * Validates a SAML Response. - * - * @param samlToken The SAML Token. - * @param session The session object. - * - * @return the STORKAttrQueryResponse associated with the validated response. - * - * @see IStorkSession - */ - STORKAttrQueryResponse processAttributeResponse(byte[] samlToken, - IStorkSession session); -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java deleted file mode 100644 index 31a8d78ff..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import java.util.List; - -/** - * Interface that defines the methods to work with the validation of attributes. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface ICheckAttributeValue { - - /** - * Checks if the list of values contains the expected value. - * - * @param values The List of values. - * @param expectedValue The value to check if it exists on the list. - * - * @return boolean true, if the value is present in the list. False, - * otherwise. - */ - boolean checkValue(List<String> values, String expectedValue); - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java deleted file mode 100644 index 78eb53004..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import eu.stork.peps.auth.commons.IStorkSession; -import eu.stork.peps.auth.commons.PersonalAttribute; - -/** - * Interface that defines the methods to work with derivation of attributes. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface IDeriveAttribute { - - /** - * Derives the attribute value. Set the Personal Attribute value to null if - * the value in session or the value of age are invalid (non-numeric or null). - * - * @param personalAttrList The Personal Attribute List. - * @param session The session object. - * - * @see PersonalAttribute The personal Attribute - * @see IStorkSession The session object. - */ - void deriveAttributeToData(PersonalAttribute personalAttrList, - IStorkSession session); - -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java deleted file mode 100644 index ca2114e32..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java +++ /dev/null @@ -1,35 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import eu.stork.peps.auth.commons.PersonalAttribute; - -/** - * Interface for attribute's value normalisation. - * - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface INormaliseValue { - - /** - * Translates the attribute's value from local format to STORK format. - * - * @param personalAttribute The Personal Attribute to normalise the value. - * - * @see PersonalAttribute - */ - void normaliseAttributeValueToStork(PersonalAttribute personalAttribute); -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java deleted file mode 100644 index 8a33897d8..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java +++ /dev/null @@ -1,100 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.IStorkSession; -import eu.stork.peps.auth.commons.STORKAuthnRequest; - -/** - * Interface for attributes normalization. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface ITranslatorService { - - /** - * Translates the attributes from local format to STORK format. - * - * @param personalList The Personal Attribute List. - * - * @return The Personal Attribute List with normalised attributes. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList normaliseAttributeNamesToStork( - IPersonalAttributeList personalList); - - /** - * Translates the attributes values from local format to STORK format. - * - * @param personalList The Personal Attribute List. - * - * @return The PersonalAttributeList with normalised values. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList normaliseAttributeValuesToStork( - IPersonalAttributeList personalList); - - /** - * Translates the attributes from STORK format to local format. - * - * @param personalList The Personal Attribute List. - * - * @return The PersonalAttributeList with normalised attributes. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList normaliseAttributeNamesFromStork( - IPersonalAttributeList personalList); - - /** - * Derive Attribute Names To Stork format. - * - * @param personalList The Personal Attribute List, - * - * @return The PersonalAttributeList with derived attributes. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList deriveAttributeFromStork( - IPersonalAttributeList personalList); - - /** - * Derive Attribute Names from Stork format. - * - * @param session The session object. - * @param modifiedList The Personal Attribute List. - * - * @return The PersonalAttributeList with derived attributes. - * - * @see IStorkSession - * @see IPersonalAttributeList - */ - IPersonalAttributeList deriveAttributeToStork(IStorkSession session, - IPersonalAttributeList modifiedList); - - /** - * Validate the values of the attributes. - * - * @param pal The attribute list - * - * @return True, if all the attributes have values. False, otherwise. - * - * @see STORKAuthnRequest - */ - boolean checkAttributeValues(IPersonalAttributeList pa); -} diff --git a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java b/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java deleted file mode 100644 index 7b2fac5ef..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java +++ /dev/null @@ -1,8 +0,0 @@ -/** - * Specific PEPS Interfaces that implements functionality of the Authentication - * Service. - * - * @since 1.0 - */ -package eu.stork.peps.auth.specific; - diff --git a/id/server/legacy-backup/stork2-commons/src/main/resources/log4j.xml b/id/server/legacy-backup/stork2-commons/src/main/resources/log4j.xml deleted file mode 100644 index 8bce0bec0..000000000 --- a/id/server/legacy-backup/stork2-commons/src/main/resources/log4j.xml +++ /dev/null @@ -1,19 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd"> - -<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"> - <appender name="MainLogger" class="org.apache.log4j.DailyRollingFileAppender"> - <param name="File" value="/opt/storklogs/stork-commons.log" /> - <param name="DatePattern" value="'.'yyyy-MM-dd" /> - <param name="Append" value="true" /> - <layout class="org.apache.log4j.PatternLayout"> - <param name="ConversionPattern" value="%d{HH:mm:ss:SSS} - %p - %C{1} - %m%n" /> - </layout> - </appender> - - <root> - <priority value="info" /> - <appender-ref ref="MainLogger" /> - </root> - -</log4j:configuration> diff --git a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java b/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java deleted file mode 100644 index 782b3d02d..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java +++ /dev/null @@ -1,134 +0,0 @@ -package eu.stork.peps.tests; - -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import org.junit.Test; - -import eu.stork.peps.auth.commons.AttributeProvider; -import eu.stork.peps.auth.commons.AttributeProvidersMap; -import eu.stork.peps.auth.commons.AttributeSource; -import eu.stork.peps.auth.commons.Country; -import eu.stork.peps.auth.commons.IAttributeProvidersMap; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttributeList; - -/** - * The AttributeSource's Test Case. - * - * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) - * - * @version $Revision: $, $Date: $ - */ -public class AttributeProvidersMapTestCase { - - @Test - public void testObjectOK1() { - IAttributeProvidersMap map = new AttributeProvidersMap(); - AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); - IPersonalAttributeList pal = new PersonalAttributeList(); - boolean outcome = false; - - //Add a single item - map.put(source, pal); - - if ( map.containsKey(source) ) { - outcome = true; - } - - assertTrue(outcome); - } - - @Test - public void testObjectOK2() { - IAttributeProvidersMap map = new AttributeProvidersMap(); - AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); - IPersonalAttributeList pal = new PersonalAttributeList(); - boolean outcome = false; - - //Add a single item - map.put(source, pal); - - if ( map.containsKey(source) ) { - if ( map.get(source)!=null ) { - outcome = true; - } - } - - assertTrue(outcome); - } - - @Test - public void testObjectOK3() { - IAttributeProvidersMap map = new AttributeProvidersMap(); - AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); - AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); - IPersonalAttributeList pal = new PersonalAttributeList(); - boolean outcome = false; - - //Add a single item - map.put(source, pal); - - if ( map.containsKey(target) ) { - outcome = true; - } - - assertTrue(outcome); - } - - @Test - public void testObjectOK4() { - IAttributeProvidersMap map = new AttributeProvidersMap(); - AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); - AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); - IPersonalAttributeList pal = new PersonalAttributeList(); - boolean outcome = false; - - //Add a single item - map.put(source, pal); - - if ( map.containsKey(target) ) { - if ( map.get(target)!=null ) { - outcome = true; - } - } - - assertTrue(outcome); - } - - @Test - public void testObjectNOK1() { - IAttributeProvidersMap map = new AttributeProvidersMap(); - AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); - AttributeSource target = new AttributeSource(new Country("ID1", "Name 1"), "URL"); - IPersonalAttributeList pal = new PersonalAttributeList(); - boolean outcome = false; - - //Add a single item - map.put(source, pal); - - if ( map.containsKey(target) ) { - outcome = true; - } - - assertFalse(outcome); - } - - @Test - public void testObjectNOK2() { - IAttributeProvidersMap map = new AttributeProvidersMap(); - AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); - AttributeSource target = new AttributeSource(new AttributeProvider("ID2", "Name 1"), "URL"); - IPersonalAttributeList pal = new PersonalAttributeList(); - boolean outcome = false; - - //Add a single item - map.put(source, pal); - - if ( map.containsKey(target) ) { - outcome = true; - } - - assertFalse(outcome); - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java b/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java deleted file mode 100644 index 96b2c8317..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java +++ /dev/null @@ -1,88 +0,0 @@ -package eu.stork.peps.tests; - -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import org.junit.Test; - -import eu.stork.peps.auth.commons.AttributeProvider; -import eu.stork.peps.auth.commons.AttributeSource; -import eu.stork.peps.auth.commons.Country; - -/** - * The AttributeSource's Test Case. - * - * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) - * - * @version $Revision: $, $Date: $ - */ -public final class AttributeSourceTestCase { - private AttributeSource ap1 = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL1"); - private AttributeSource ap2 = new AttributeSource(new AttributeProvider("ID2", "Name 2"), "URL2"); - private AttributeSource ap3 = new AttributeSource(new AttributeProvider("ID1", "Name 2"), "URL2"); - private AttributeSource ap4 = new AttributeSource(new AttributeProvider("ID1", "Name 2"), "URL1"); - private AttributeSource ap5 = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL1"); - - private AttributeSource c1 = new AttributeSource(new Country("ID1", "Name 1"), "URL1"); - private AttributeSource c2 = new AttributeSource(new Country("ID2", "Name 2"), "URL2"); - private AttributeSource c3 = new AttributeSource(new Country("ID1", "Name 2"), "URL2"); - private AttributeSource c4 = new AttributeSource(new Country("ID1", "Name 2"), "URL1"); - private AttributeSource c5 = new AttributeSource(new Country("ID1", "Name 1"), "URL1"); - - @Test - public void testNotEquals1() { - assertFalse(ap1.equals(ap2)); - } - - @Test - public void testNotEquals2() { - assertFalse(ap1.equals(c1)); - } - - @Test - public void testNotEquals3() { - assertFalse(c1.equals(c2)); - } - - @Test - public void testEquals1() { - assertTrue(ap1.equals(ap3)); - } - - @Test - public void testEquals2() { - assertTrue(ap1.equals(ap4)); - } - - @Test - public void testEquals3() { - assertTrue(ap1.equals(ap5)); - } - - @Test - public void testEquals4() { - assertTrue(c1.equals(c3)); - } - - @Test - public void testEquals5() { - assertTrue(c1.equals(c4)); - } - - @Test - public void testEquals6() { - assertTrue(c1.equals(c5)); - } - - @Test - public void testEquals7() { - Object obj = ap5; - assertTrue(ap1.equals(obj)); - } - - @Test - public void testEquals8() { - Object obj = c5; - assertTrue(c1.equals(obj)); - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java b/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java deleted file mode 100644 index 77fc4b9c2..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java +++ /dev/null @@ -1,537 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.assertEquals; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.junit.Test; - -import eu.stork.peps.auth.commons.AttributeUtil; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSValues; -import eu.stork.peps.auth.commons.PersonalAttributeList; - -/** - * The AttributeUtil's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com - * - * @version $Revision: $, $Date: $ - */ -public final class AttributeUtilTestCase { - - /** - * Empty String to be used on the tests. - */ - private static final String EMPTY_STRING = ""; - - /** - * Tuple value sample to be used on the tests. - */ - private static final String[] TUPLE_STRING = new String[] { "age", "true", - "[18]", "Available" }; - - /** - * Complex value to be used on escape/unescape tests. - */ - private static final String COMPLEX_VAL = "postalCode=4100," - + "apartmentNumber=A,state=Porto,countryCodeAddress=PT,streetNumber=379," - + "streetName=Avenida Sidonio Pais,town=Porto,"; - - /** - * Escaped Complex value to be used on escape/unescape tests. - */ - private static final String ESC_COMPLEX_VAL = "postalCode=4100%44" - + "apartmentNumber=A%44state=Porto%44countryCodeAddress=PT%44" - + "streetNumber=379%44streetName=Avenida Sidonio Pais%44town=Porto%44"; - - /** - * Simple value to be used on escape/unescape tests. - */ - private static final String SIMPLE_VAL = "Avenida da Boavista, Porto"; - - /** - * Escaped simple value to be used on escape/unescape tests. - */ - private static final String ESC_SIMPLE_VAL = "Avenida da Boavista%44 Porto"; - - /** - * Simple text to be used on escape/unescape tests. Must match the escaped - * text. - */ - private static final String SIMPLE_TEXT = "John Doe"; - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given complex - * attribute value (canonical address' example attribute value). - */ - @Test - public void testEscapeSpecialCharsComplexVal() { - assertEquals(AttributeUtil.escape(COMPLEX_VAL), ESC_COMPLEX_VAL); - } - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given - * attribute value. - */ - @Test - public void testEscapeSpecialCharsVal() { - assertEquals(AttributeUtil.escape(SIMPLE_VAL), ESC_SIMPLE_VAL); - } - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given simple - * text: no special characters to escape. - */ - @Test - public void testEscapeNormalChars() { - assertEquals(AttributeUtil.escape(SIMPLE_TEXT), SIMPLE_TEXT); - } - - /** - * Tests the {@link AttributeUtil#unescape(String)} method for the given - * escape complex attribute value (canonical address' example attribute - * value). - */ - @Test - public void testUnescapeSpecialCharsComplexVal() { - assertEquals(AttributeUtil.unescape(ESC_COMPLEX_VAL), COMPLEX_VAL); - } - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given escape - * attribute value. - */ - @Test - public void testUnescapeSpecialCharsVal() { - assertEquals(AttributeUtil.unescape(ESC_SIMPLE_VAL), SIMPLE_VAL); - } - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given simple - * text: no special characters to unescape. - */ - @Test - public void testUnescapeNormalChars() { - assertEquals(AttributeUtil.unescape(SIMPLE_TEXT), SIMPLE_TEXT); - } - - /** - * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} - * method for the given empty string. - */ - @Test - public void testAppendIfNotNullEmptyStr() { - final StringBuilder strBuilder = new StringBuilder(SIMPLE_TEXT); - AttributeUtil.appendIfNotNull(strBuilder, EMPTY_STRING); - assertEquals(strBuilder.toString(), SIMPLE_TEXT); - } - - /** - * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} - * method for the given string. - */ - @Test - public void testAppendIfNotNullStr() { - final StringBuilder strBuilder = new StringBuilder(); - AttributeUtil.appendIfNotNull(strBuilder, SIMPLE_TEXT); - assertEquals(strBuilder.toString(), SIMPLE_TEXT); - } - - /** - * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} - * method for the given null value. - */ - @Test - public void testAppendIfNotNull() { - final StringBuilder strBuilder = new StringBuilder(); - AttributeUtil.appendIfNotNull(strBuilder, null); - assertEquals(strBuilder.toString(), EMPTY_STRING); - } - - /** - * Tests the {@link AttributeUtil#listToString(List, String)} method for the - * given List with two values. - */ - @Test - public void testListToStringTwoVals() { - final List<String> vals = new ArrayList<String>(); - vals.add(SIMPLE_VAL); - vals.add(SIMPLE_TEXT); - - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append(SIMPLE_TEXT); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - assertEquals( - AttributeUtil.listToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#listToString(List, String)} method for the - * given List with one values. - */ - @Test - public void testListToStringOneVal() { - final List<String> vals = new ArrayList<String>(); - vals.add(SIMPLE_VAL); - - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - assertEquals( - AttributeUtil.listToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#listToString(List, String)} method for the - * given List with one value. - */ - @Test - public void testListToStringEmptyVal() { - final List<String> vals = new ArrayList<String>(); - - final StringBuilder strBuilder = new StringBuilder(); - - assertEquals( - AttributeUtil.listToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method - * for the given Map with one value. - */ - @Test - public void testMapToStringOneVal() { - final Map<String, String> vals = new HashMap<String, String>(); - vals.put("CanonicalAddress", COMPLEX_VAL); - - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("CanonicalAddress="); - strBuilder.append(ESC_COMPLEX_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - assertEquals(AttributeUtil.mapToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method - * for the given empty Map. - */ - @Test - public void testMapToStringEmptyVal() { - final Map<String, String> vals = new HashMap<String, String>(); - - final StringBuilder strBuilder = new StringBuilder(); - - assertEquals(AttributeUtil.mapToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * invalid List. - */ - @Test - public void testIsValidValueInvalidList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append("]"); - assertFalse(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * null value. - */ - @Test - public void testIsValidValueNullList() { - assertFalse(AttributeUtil.isValidValue(null)); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * empty List. - */ - @Test - public void testIsValidValueEmptyList() { - assertTrue(AttributeUtil.isValidValue("[]")); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * empty List. - */ - @Test - public void testIsValidValueEmptyCommaList() { - assertTrue(AttributeUtil.isValidValue("[,]")); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * one simple value List. - */ - @Test - public void testIsValidValueOneValueList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * one simple value List. - */ - @Test - public void testIsValidValueOneValueCommaList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * one complex value List. - */ - @Test - public void testIsValidValueOneComplexValueList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_COMPLEX_VAL); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * one complex value List. - */ - @Test - public void testIsValidValueOneComplexValueCommaList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_COMPLEX_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * multi value List. - */ - @Test - public void testIsValidValueMultiValueList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append(SIMPLE_TEXT); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * invalid multi value List. - */ - @Test - public void testIsValidValueInvalidMultiValueList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append(SIMPLE_TEXT); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append("]"); - assertFalse(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * true type. - */ - @Test - public void testIsValidTypetrue() { - assertTrue(AttributeUtil.isValidType("true")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * True type. - */ - @Test - public void testIsValidTypeTrue() { - assertTrue(AttributeUtil.isValidType("True")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * TRUE type. - */ - @Test - public void testIsValidTypeTRUE() { - assertTrue(AttributeUtil.isValidType("TRUE")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * invalid type. - */ - @Test - public void testIsValidTypeInvalidType() { - assertFalse(AttributeUtil.isValidType("str")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * false type. - */ - @Test - public void testIsValidTypefalse() { - assertTrue(AttributeUtil.isValidType("false")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * False type. - */ - @Test - public void testIsValidTypeFalse() { - assertTrue(AttributeUtil.isValidType("False")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * FALSE type. - */ - @Test - public void testIsValidTypeFALSEVal() { - assertTrue(AttributeUtil.isValidType("False")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * null. - */ - @Test - public void testIsValidTypeNullVal() { - assertFalse(AttributeUtil.isValidType(null)); - } - - /** - * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the - * given valid tuple. - */ - @Test - public void testHasValidTuples() { - assertTrue(AttributeUtil.hasValidTuples(TUPLE_STRING)); - } - - /** - * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the - * given invalid tuple. - */ - @Test - public void testHasValidTuplesInvalid() { - final String[] tuple = new String[]{"name", "type"}; - assertFalse(AttributeUtil.hasValidTuples(tuple)); - } - - /** - * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the - * given invalid tuple with valid size. - */ - @Test - public void testHasValidTuplesSameSizeInvalidValues() { - final String[] tuple = new String[] { "age", "type", "[18]", "Available"}; - assertFalse(AttributeUtil.hasValidTuples(tuple)); - } - - /** - * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the - * given null value. - */ - @Test - public void testHasValidTuplesNull() { - assertFalse(AttributeUtil.hasValidTuples(null)); - } - - /** - * Tests the - * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} - * method for the given attribute list.. - */ - @Test - public void testCheckMandatoryAttributes() { - final IPersonalAttributeList attrList = new PersonalAttributeList(); - attrList.populate("isAgeOver:true:[18,]:Available;"); - assertTrue(AttributeUtil.checkMandatoryAttributes(attrList)); - - } - - /** - * Tests the - * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} - * method for the given null value. - */ - @Test(expected = NullPointerException.class) - public void testCheckMandatoryAttributesNullAttrList() { - assertTrue(AttributeUtil.checkMandatoryAttributes(null)); - } - - /** - * Tests the - * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} - * method for the given empty attribute list. - */ - @Test - public void testCheckMandatoryAttributesEmptyAttrList() { - final IPersonalAttributeList attrList = new PersonalAttributeList(); - assertTrue(AttributeUtil.checkMandatoryAttributes(attrList)); - } - - /** - * Tests the - * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} - * method for the given attribute list (missing mandatory attribute). - */ - @Test - public void testCheckMandatoryAttributesMissingAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(); - attrList.populate("isAgeOver:true:[]:NotAvailable;"); - assertFalse(AttributeUtil.checkMandatoryAttributes(attrList)); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java b/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java deleted file mode 100644 index 5d2296997..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java +++ /dev/null @@ -1,294 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import java.sql.Timestamp; -import java.util.Properties; - -import org.joda.time.DateTime; -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; - -import eu.stork.peps.auth.commons.DateUtil; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException; - -/** - * The PersonalAttribute's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.2 $, $Date: 2010-11-17 05:17:03 $ - */ -public final class DateUtilTestCase { - - /** - * Stork Format date. - */ - private static final String FORMAT = "yyyyMMdd"; - - /** - * Expected 10 value. - */ - private static final int TEN = 10; - - /** - * Expected 11 value. - */ - private static final int ELEVEN = 11; - - /** - * The testing Date ("current" date). - */ - private static final DateTime TESTDATE = new DateTime(2011, 10, 10, 15, 20, - 0, 0); - - /** - * Init DateUtilTestCase class. - */ - @BeforeClass - public static void runsBeforeTheTestSuite() { - final Properties configs = new Properties(); - configs.setProperty("invalidAgeDateValue.code", "35"); - configs.setProperty("invalidAttributeValue.code", "34"); - configs - .setProperty( - "invalidAttributeValue.message", - "Unexpected or invalid content was encountered within a " - + "<saml:Attribute> or <saml:AttributeValue> element."); - PEPSUtil.createInstance(configs); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given year against - * the testDate: 2011-10-10 15:20:00.0. Must return 10. - */ - @Test - public void calculateAgeFromYear() { - Assert.assertTrue(TEN == DateUtil.calculateAge("2000", TESTDATE, FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given year and month - * against the testDate: 2011-10-10 15:20:00.0. Must return 11. - */ - @Test - public void calculateAgeFromEarlyMonth() { - Assert.assertTrue(ELEVEN == DateUtil.calculateAge("200001", TESTDATE, - FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given year and month - * against the testDate: 2011-10-10 15:20:00.0. Must return 10. - */ - @Test - public void calculateAgeFromSameMonth() { - Assert.assertTrue(TEN == DateUtil.calculateAge("200010", TESTDATE, FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given year and month - * against the testDate: 2011-10-10 15:20:00.0. Must return 10. - */ - @Test - public void calculateAgeFromLaterMonth() { - Assert.assertTrue(TEN == DateUtil.calculateAge("200011", TESTDATE, FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return 11. - */ - @Test - public void calculateAgeFromEarlyFullDate() { - Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20000101", TESTDATE, - FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return 11. - */ - @Test - public void calculateAgeFromSameDay() { - Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20001010", TESTDATE, - FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return 10. - */ - @Test - public void calculateAgeFromLaterFullDate() { - Assert.assertTrue(TEN == DateUtil - .calculateAge("20001011", TESTDATE, FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromInvalidDate() { - DateUtil.calculateAge("200", TESTDATE, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromInvalidMonth() { - DateUtil.calculateAge("200013", TESTDATE, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromInvalidDay() { - DateUtil.calculateAge("20000230", TESTDATE, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromNullDate() { - DateUtil.calculateAge(null, TESTDATE, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromNullCurDate() { - DateUtil.calculateAge("2000", null, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromNullFormat() { - DateUtil.calculateAge("2000", TESTDATE, null); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return true - */ - @Test - public void isValidFormatDateFromYear() { - Assert.assertTrue(DateUtil.isValidFormatDate("2000", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year and - * month. Must return true. - */ - @Test - public void isValidFormatDateFromMonth() { - Assert.assertTrue(DateUtil.isValidFormatDate("200001", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDate() { - Assert.assertTrue(DateUtil.isValidFormatDate("20000101", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateInvalidYear() { - Assert.assertFalse(DateUtil.isValidFormatDate("200", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateInvalidMonth() { - Assert.assertFalse(DateUtil.isValidFormatDate("200013", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateInvalidDate() { - Assert.assertFalse(DateUtil.isValidFormatDate("20010229", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateNullDate() { - Assert.assertFalse(DateUtil.isValidFormatDate(null, FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateNullFormat() { - Assert.assertFalse(DateUtil.isValidFormatDate("2000", null)); - } - - /** - * Tests the {@link DateUtil#currentTimeStamp()} method for the current - * TimeStamp (TS). Must return true. - */ - @Test - public void testCurrentTimeStampBefore() { - Timestamp ts = DateUtil.currentTimeStamp(); - Assert.assertNotSame(ts, DateUtil.currentTimeStamp()); - } - - /** - * Tests the {@link DateUtil#currentTimeStamp()} method for the current - * TimeStamp (TS). Must return true. - */ - @Test - public void testCurrentTimeStampAfter() { - Timestamp ts = DateUtil.currentTimeStamp(); - Assert.assertEquals(DateUtil.currentTimeStamp(), ts); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java b/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java deleted file mode 100644 index d4841ed43..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java +++ /dev/null @@ -1,553 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import static org.junit.Assert.assertArrayEquals; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotSame; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.assertFalse; - -import java.util.Properties; - -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSErrors; -import eu.stork.peps.auth.commons.PEPSParameters; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; -import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException; - -/** - * The PEPSUtil's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com - * - * @version $Revision: $, $Date: $ - */ -public final class PEPSUtilTestCase { - - /** - * Message example. - */ - private static final String MESSAGE_SAMPLE = "003002 - Authentication Failed"; - - /** - * Error message example. - */ - private static final String ERROR_MESSAGE_SAMPLE = "Authentication Failed"; - - /** - * Error code example. - */ - private static final String ERROR_CODE_SAMPLE = "003002"; - - /** - * Properties values for testing proposes. - */ - private static final Properties CONFIGS1 = new Properties(); - - /** - * Properties values for testing proposes. - */ - private static final Properties CONFIGS2 = new Properties(); - - /** - * The empty string value: "". - */ - private static final String EMPTY_STRING = ""; - - /** - * The empty byte value: []. - */ - private static final byte[] EMPTY_BYTE = new byte[] {}; - - /** - * The empty byte hash value. - */ - private static final byte[] EMPTY_HASH_BYTE = new byte[] { -49, -125, -31, - 53, 126, -17, -72, -67, -15, 84, 40, 80, -42, 109, -128, 7, -42, 32, -28, - 5, 11, 87, 21, -36, -125, -12, -87, 33, -45, 108, -23, -50, 71, -48, -47, - 60, 93, -123, -14, -80, -1, -125, 24, -46, -121, 126, -20, 47, 99, -71, 49, - -67, 71, 65, 122, -127, -91, 56, 50, 122, -7, 39, -38, 62 }; - - /** - * The SAML example byte[] value. - */ - private static final byte[] SAML_BYTE_SAMPLE = new byte[] { 60, 115, 97, 109, - 108, 62, 46, 46, 46, 60, 47, 115, 97, 109, 108 }; - - /** - * The SAML's Base64 example value. - */ - private static final String SAML_BASE64_SAMPLE = "PHNhbWw+Li4uPC9zYW1s"; - - /** - * The SAML's Base64 byte[] example value. - */ - private static byte[] SAML_BASE64_BYTE_SAMPLE = new byte[] { 80, 72, 78, 104, - 98, 87, 119, 43, 76, 105, 52, 117, 80, 67, 57, 122, 89, 87, 49, 115 }; - - /** - * The SAML's Base64 Hash byte[] example value. - */ - private static byte[] HASH_BYTE_SAMPLE = new byte[] { 67, 38, 11, 115, 49, - -5, 54, -85, 38, 43, -99, 96, 71, -41, 50, -96, 71, -86, 90, -97, 66, -67, - 90, 101, 30, 82, -13, 60, -106, -72, -103, -75, 19, 2, -107, 107, -6, -56, - 34, -111, -44, -57, -26, -5, 33, 78, -1, 30, 21, 74, -26, 118, -46, -12, - -102, 12, -56, 30, -59, -104, -21, -42, -103, 82 }; - - /** - * Init PEPSUtilTestCase class. - */ - @BeforeClass - public static void runsBeforeTheTestSuite() { - - CONFIGS1.setProperty("max.attrList.size", "20000"); - CONFIGS1.setProperty("attrList.code", "202005"); - CONFIGS1.setProperty("attrList.message", "invalid.attrList.parameter"); - - CONFIGS1.setProperty("max.qaaLevel.size", "1"); - CONFIGS1.setProperty("max.spUrl.size", "inv"); - CONFIGS1.setProperty("validation.active", "true"); - CONFIGS1.setProperty("hashDigest.className", - "org.bouncycastle.crypto.digests.SHA512Digest"); - CONFIGS1.setProperty("invalidAgeDateValue.code", "35"); - CONFIGS1.setProperty("invalidAttributeValue.code", "34"); - CONFIGS1.setProperty("invalidAttributeValue.message", - "Unexpected or invalid content was encountered within a " - + "<saml:Attribute> or <saml:AttributeValue> element."); - } - - /** - * Tests the {@link PEPSUtil#createInstance(Properties)} method for the given - * properties object. - */ - @Test - public void testCreateInstance() { - Assert.assertNotNull(PEPSUtil.createInstance(CONFIGS2)); - } - - /** - * Tests the {@link PEPSUtil#getConfigs()}. - */ - @Test - public void testGetConfigs() { - final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1); - assertEquals(pepsUtils.getConfigs(), CONFIGS1); - } - - /** - * Tests the {@link PEPSUtil#getConfigs()}. - */ - @Test - public void testGetConfigsDifferent() { - final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1); - assertNotSame(pepsUtils.getConfigs(), CONFIGS2); - } - - /** - * Tests the {@link PEPSUtil#getConfig(String)} method for the given existing - * config. - */ - @Test - public void testGetConfigExists() { - assertEquals(PEPSUtil.getConfig("hashDigest.className"), - "org.bouncycastle.crypto.digests.SHA512Digest"); - } - - /** - * Tests the {@link PEPSUtil#getConfig(String)} method for the given not - * existing config. - */ - @Test - public void testGetConfigNoExists() { - assertNull(PEPSUtil.getConfig("doesnt.exists")); - } - - /** - * Tests the {@link PEPSUtil#getConfig(String)} method for the given null - * value. - */ - @Test(expected = NullPointerException.class) - public void testGetConfigNull() { - assertNull(PEPSUtil.getConfig(null)); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the - * given param values. - */ - @Test - public void testIsValidParameterExists() { - assertTrue(PEPSUtil.isValidParameter("qaaLevel", "1")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the - * given param values. - */ - @Test - public void testIsValidParameterExistsGreat() { - assertFalse(PEPSUtil.isValidParameter("qaaLevel", "12")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the - * given param values. - */ - @Test - public void testIsValidParameterExistsIvalidConf() { - assertFalse(PEPSUtil - .isValidParameter("spUrl", "http://localhost:8080/SP/")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the - * given param values. - */ - @Test - public void testIsValidParameterNotExists() { - assertFalse(PEPSUtil.isValidParameter("doesntexists", - "http://localhost:8080/SP/")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the - * given param values. - */ - @Test - public void testIsValidParameterNullParamName() { - assertFalse(PEPSUtil.isValidParameter(null, "http://localhost:8080/SP/")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the - * given param values. - */ - @Test - public void testIsValidParameterNullParamValue() { - assertFalse(PEPSUtil.isValidParameter("spUrl", null)); - } - - /** - * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} method - * for the given object values. - */ - @Test - public void testValidateParameterValid() { - final IPersonalAttributeList persAttrList = new PersonalAttributeList(); - persAttrList.populate("isAgeOver:true:[15,]:Available;"); - PEPSUtil.validateParameter("ServiceProviderAction", - PEPSParameters.ATTRIBUTE_LIST.toString(), persAttrList); - } - - /** - * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} method - * for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterNull() { - PEPSUtil.validateParameter("ServiceProviderAction", - PEPSParameters.ATTRIBUTE_LIST.toString(), null); - } - - /** - * Tests the {@link PEPSUtil#validateParameter(String, String, String)} method - * for the given string values. - * - * The tested class just invokes - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * so further tests will be later. - */ - @Test - public void testValidateParameter() { - PEPSUtil.validateParameter("ServiceProviderAction", - PEPSParameters.ATTRIBUTE_LIST.toString(), - "isAgeOver:true:[15,]:Available;"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, PEPSErrors)} - * method for the given string value and {@link PEPSErrors} enum. - * - * The tested class just invokes - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * so further tests will be later. - */ - @Test - public void testValidateParameterPEPSErrors() { - PEPSUtil.validateParameter("CountrySelectorAction", - PEPSParameters.ATTRIBUTE_LIST.toString(), - "isAgeOver:true:[15,]:Available;", - PEPSErrors.SP_COUNTRY_SELECTOR_INVALID_ATTR); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test - public void testValidateParameterValidParams() { - PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "1", - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterInvalidParamValue() { - PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "10", - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterInvalidParamName() { - PEPSUtil.validateParameter("ServiceProviderAction", "doesnt.exists", "1", - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterNullParamName() { - PEPSUtil.validateParameter("ServiceProviderAction", null, "1", - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterNullParamValue() { - PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", null, - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given - * string value. - */ - @Test - public void testEncodeSAMLToken() { - assertEquals(PEPSUtil.encodeSAMLToken(SAML_BYTE_SAMPLE), SAML_BASE64_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given - * null. - */ - @Test(expected = NullPointerException.class) - public void testEncodeSAMLTokenNull() { - assertNotSame(PEPSUtil.encodeSAMLToken(null), SAML_BASE64_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given - * empty byte[] value. - */ - @Test - public void testEncodeSAMLTokenEmpty() { - assertEquals(PEPSUtil.encodeSAMLToken(EMPTY_BYTE), EMPTY_STRING); - } - - /** - * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given - * byte[] value. - */ - @Test - public void testDecodeSAMLToken() { - assertArrayEquals(PEPSUtil.decodeSAMLToken(SAML_BASE64_SAMPLE), - SAML_BYTE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given - * null value. - */ - @Test(expected = NullPointerException.class) - public void testDecodeSAMLTokenNull() { - assertNotSame(PEPSUtil.decodeSAMLToken(null), SAML_BYTE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given - * empty string value. - */ - @Test(expected = StringIndexOutOfBoundsException.class) - public void testDecodeSAMLTokenEmpty() { - assertTrue(PEPSUtil.decodeSAMLToken(EMPTY_STRING) == EMPTY_BYTE); - } - - /** - * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given - * byte[] value. - */ - @Test - public void testHashPersonalToken() { - assertArrayEquals(PEPSUtil.hashPersonalToken(SAML_BASE64_BYTE_SAMPLE), - HASH_BYTE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given - * null value. - */ - @Test(expected = InternalErrorPEPSException.class) - public void testHashPersonalTokenNull() { - assertNull(PEPSUtil.hashPersonalToken(null)); - } - - /** - * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given - * empty value. - */ - @Test - public void testHashPersonalTokenEmpty() { - assertArrayEquals(PEPSUtil.hashPersonalToken(EMPTY_BYTE), EMPTY_HASH_BYTE); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * correct message. - */ - @Test - public void testGetStorkErrorCodeExists() { - assertEquals(PEPSUtil.getStorkErrorCode(MESSAGE_SAMPLE), ERROR_CODE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * invalid message. - */ - @Test - public void testGetStorkErrorCodeNoExists() { - assertNull(PEPSUtil.getStorkErrorCode(ERROR_MESSAGE_SAMPLE)); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * empty message. - */ - @Test - public void testGetStorkErrorCodeEmpty() { - assertNull(PEPSUtil.getStorkErrorCode(EMPTY_STRING)); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * null message. - */ - @Test - public void testGetStorkErrorCodeNull() { - assertNull(PEPSUtil.getStorkErrorCode(null)); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * invalid message. - */ - @Test - public void testGetStorkErrorCodeWithSepFake() { - assertNull(PEPSUtil.getStorkErrorCode("-")); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * invalid message. - */ - @Test - public void testGetStorkErrorCodeWithSepAndCodeFake() { - assertNull(PEPSUtil.getStorkErrorCode("000001 -")); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given correct message. - */ - @Test - public void testGetStorkErrorMessageExists() { - assertEquals(PEPSUtil.getStorkErrorMessage(MESSAGE_SAMPLE), - ERROR_MESSAGE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given invalid message. - */ - @Test - public void testGetStorkErrorMessageNoExists() { - assertEquals(PEPSUtil.getStorkErrorMessage(ERROR_MESSAGE_SAMPLE), - ERROR_MESSAGE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given empty message. - */ - @Test - public void testGetStorkErrorMessageEmpty() { - assertEquals(PEPSUtil.getStorkErrorMessage(EMPTY_STRING), - EMPTY_STRING); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given null message. - */ - @Test - public void testGetStorkErrorMessageNull() { - assertNull(PEPSUtil.getStorkErrorMessage(null)); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given invalid message. - */ - @Test - public void testGetStorkErrorMessageWithSepFake() { - assertEquals(PEPSUtil.getStorkErrorMessage("-"),"-"); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given invalid message. - */ - @Test - public void testGetStorkErrorMessageWithSepAndCodeFake() { - assertEquals(PEPSUtil.getStorkErrorMessage("000001 -"),"000001 -"); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java b/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java deleted file mode 100644 index 7052b320a..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java +++ /dev/null @@ -1,747 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map; - -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; - -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKStatusCode; - -/** - * The PersonalAttributeList's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.5 $, $Date: 2010-11-17 05:17:02 $ - */ -public final class PersonalAttributeListTestCase { - - /** - * isAgeOver constant value. - */ - private static final String ISAGEOVER_CONS = "isAgeOver"; - - /** - * 1 constant value. - */ - private static final int ONE_CONS = 1; - - /** - * 2 constant value. - */ - private static final int TWO_CONS = 2; - - /** - * An empty attribute. - */ - @SuppressWarnings("unused") - private static final PersonalAttributeList EMPTY_ATTR_LIST = - new PersonalAttributeList(0); - - /** - * An attribute with a complex value (canonicalResidenceAddress). - */ - private static PersonalAttribute complexAttrValue = null; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST = - "isAgeOver:true:[15,]:Available;"; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST2 = - "isAgeOver:true:[18,]:Available;"; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST3 = - "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST3_REVERSE = - "isAgeOver:true:[18,]:Available;isAgeOver:true:[15,]:Available;"; - /** - * Simple attribute value list string. - */ - private static final String COMPLEX_ATTRLIST = - "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=Ed. B," - + "state=Porto,countryCodeAddress=PT,streetNumber=379," - + "streetName=Avenida Sidonio Pais,town=Porto,]:Available;"; - /** - * Mix attribute list string. - */ - private static final String STR_MIX_ATTR_LIST = - "isAgeOver:true:[15,]:Available;canonicalResidenceAddress:true:[" - + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT," - + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto,]:" - + "Available;"; - - /** - * Mix attribute list 2 string. - */ - private static final String STR_MIX_ATTR_LIST2 = - "isAgeOver:true:[15,]:Available;canonicalResidenceAddress:true:[" - + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT," - + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto,]:Available;" - + "mandateContent:true:[" - + "isJoint=\"isjoint\",typeOfPower=\"power\",ValidTo=\"validto\",validfrom=\"validfrom\",AQAA=\"3\",isChained=\"ischained\",]:" - + "Available;"; - - /** - * Attribute List example. - */ - @SuppressWarnings({ "serial" }) - private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute( - "age", true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - /** - * Init PersonalAttributeListTestCase class. - */ - @SuppressWarnings("serial") - @BeforeClass - public static void runsBeforeTheTestSuite() { - final Map<String, String> values = new HashMap<String, String>() { - { - put("countryCodeAddress", "PT"); - put("state", "Porto"); - put("town", "Porto"); - put("postalCode", "4100"); - put("streetName", "Avenida Sidonio Pais"); - put("streetNumber", "379"); - put("apartmentNumber", "Ed. B"); - } - }; - - complexAttrValue = - new PersonalAttribute("canonicalResidenceAddress", true, values, - STORKStatusCode.STATUS_AVAILABLE.toString()); - - } - - /** - * Testing Personal Attribute List add method. Personal Attribute list must be - * size 1 - Simple attribute. - */ - @Test - public void testAddSimpleAttr() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(ATTR_VALUE); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List add method. Personal Attribute list must be - * size 1 - Complex attribute. - */ - @Test - public void testAddCompleAttr() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(complexAttrValue); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List add method. Personal Attribute list must be - * size 0 - no attribute. - */ - @Test - public void testAddNull() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(null); - Assert.assertTrue(attrList.size() == 0); - } - - /** - * Testing Personal Attribute List add method. Same attribute name added - * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added - * twice. - */ - @SuppressWarnings("serial") - @Test - public void testAddSameAttrName() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertTrue(attrList.size() == 2); - } - - /** - * Testing Personal Attribute List add method. Same attribute name added - * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added - * twice. - */ - @SuppressWarnings("serial") - @Test - public void testAddSameAttrNameEmpty() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add(""); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertTrue(attrList.size() == 2); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must be - * size 1 - Simple Value. - */ - @Test - public void testPutSimpleAttr() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(ATTR_VALUE.getName(), ATTR_VALUE); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must be - * size 1 - Complex Value. - */ - @Test - public void testPutComplexAttr() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(ATTR_VALUE.getName(), complexAttrValue); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must be - * size 0 - no attribute. - */ - @Test - public void testPutNull() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put("", null); - Assert.assertTrue(attrList.size() == 0); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must be - * size 2 - IsAgeOver attribute added twice. - */ - @SuppressWarnings("serial") - @Test - public void testPutSameAttrName() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(attrValueUnder.getName(), attrValueUnder); - attrList.put(attrValueOver.getName(), attrValueOver); - Assert.assertTrue(attrList.size() == 2); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must be - * size 2 - IsAgeOver attribute added twice. - */ - @SuppressWarnings("serial") - @Test - public void testPutSameAttrNameEmpty() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add(""); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(attrValueUnder.getName(), attrValueUnder); - attrList.put(attrValueOver.getName(), attrValueOver); - Assert.assertTrue(attrList.size() == 2); - } - - /** - * Testing Personal Attribute List get method. Personal Attribute list must be - * size 1 - Simple attribute. - */ - @Test - public void testGetSimpleAttr() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(ATTR_VALUE); - Assert.assertEquals(ATTR_VALUE, attrList.get(ATTR_VALUE.getName())); - } - - /** - * Testing Personal Attribute List add method. Personal Attribute list must be - * size 1 - Complex attribute. - */ - @Test - public void testGetCompleAttr() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(complexAttrValue); - Assert.assertEquals(complexAttrValue.toString(), - attrList.get(complexAttrValue.getName()).toString()); - } - - /** - * Testing Personal Attribute List get method. Personal Attribute list must be - * size 2 - IsAgeOver attribute. - */ - @SuppressWarnings("serial") - @Test - public void testGetIsAgeOverAttr() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertEquals(SIMPLE_ATTRLIST, - attrList.get(attrValueUnder.getName()).toString()); - Assert.assertEquals(SIMPLE_ATTRLIST2, - attrList.get(attrValueOver.getName()).toString()); - } - - /** - * Testing Personal Attribute List populate method. Personal Attribute list - * must be size 1 - Simple attribute. - */ - @Test - public void testPopulateSimpleAttr() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(SIMPLE_ATTRLIST); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List populate method. Personal Attribute list - * must be size 1 - Complex attribute. - */ - @Test - public void testPopulateComplexAttr() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(COMPLEX_ATTRLIST); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List populate method. Personal Attribute list - * must be size 1 - Simple and Complex attribute. - */ - @Test - public void testPopulateMixAttrs() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(STR_MIX_ATTR_LIST); - Assert.assertTrue(attrList.size() == 2); - } - - /** - * Testing Personal Attribute List toString method using add. - */ - @SuppressWarnings("serial") - @Test - public void testToStringFromAdd() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); - } - - /** - * Testing Personal Attribute List toString method using put. - * - */ - @SuppressWarnings("serial") - @Test - public void testToStringFromPut() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(attrValueUnder.getName(), attrValueUnder); - attrList.put(attrValueOver.getName(), attrValueOver); - Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); - } - - /** - * Testing Personal Attribute List toString method using populate. - */ - @Test - public void testToStringFromSimplePopulate() { - final String strAttrList = "isAgeOver:true"; - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(strAttrList); - Assert.assertEquals("isAgeOver:true:[]:;", attrList.toString()); - } - - /** - * Testing Personal Attribute List toString method using populate. - */ - @Test - public void testToStringFromPopulate() { - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(SIMPLE_ATTRLIST3); - Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); - } - - /** - * Testing Personal Attribute List populate method, with invalid values. - */ - @Test - public void testPopulateWithInvalidValuesFormat() { - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate("name:type:values:status;"); - Assert.assertEquals(pal, new PersonalAttributeList()); - } - - /** - * Testing Personal Attribute List populate method, with invalid format. - */ - @Test - public void testPopulateWithInvalidFormat() { - - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate("name:type::status;"); - Assert.assertEquals(pal, new PersonalAttributeList()); - } - - /** - * Testing Personal Attribute List clone method using add. - */ - @SuppressWarnings("serial") - @Test - public void testCloneFromAdd() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertNotSame(attrList, attrList.clone()); - } - - /** - * Testing Personal Attribute List clone method using put. - */ - @SuppressWarnings("serial") - @Test - public void testCloneFromPut() { - final PersonalAttribute attrValueUnder = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver = - new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final PersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(attrValueUnder.getName(), attrValueUnder); - attrList.put(attrValueOver.getName(), attrValueOver); - Assert.assertNotSame(attrList, attrList.clone()); - } - - /** - * Testing Personal Attribute List clone method using populate. - */ - @Test - public void testCloneFromPopulate() { - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(SIMPLE_ATTRLIST3); - Assert.assertNotSame(pal, pal.clone()); - } - - /** - * Testing Personal Attribute List iterator. - */ - @Test - public void testIterator() { - final String strAttrList = - "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - final Iterator<PersonalAttribute> itAttr = pal.iterator(); - while (itAttr.hasNext()) { - final PersonalAttribute attr = itAttr.next(); - Assert.assertEquals(ISAGEOVER_CONS, attr.getName()); - } - } - - /** - * Testing Personal Attribute List's GetOptionalAttributes method with empty attribute list. - */ - @Test - public void testGetOptionalAttributesWithEmptyList() { - final PersonalAttributeList pal = new PersonalAttributeList(); - Assert.assertTrue(pal.getOptionalAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's GetOptionalAttributes method without optional attributes. - */ - @Test - public void testGetOptionalAttributesWithoutOptional() { - final String strAttrList = - "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getOptionalAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's GetOptionalAttributes method with one optional attribute. - */ - @Test - public void testGetOptionalAttributesWithOneOptional() { - final String strAttrList = - "age:false:[]:;isAgeOver:true:[15,]:;isAgeOver:true:[18,]:;"; - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getOptionalAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's GetOptionalAttributes method with two optional attribute. - */ - @Test - public void testGetOptionalAttributesWithOnlyOptional() { - final String strAttrList = - "age:false:[]:;isAgeOver:false:[18,]:;"; - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getOptionalAttributes().size() == TWO_CONS); - } - - /** - * Testing Personal Attribute List's getMandatoryAttributes method with empty attribute list. - */ - @Test - public void testGetMandatoryAttributesWithEmptyList() { - final PersonalAttributeList pal = new PersonalAttributeList(); - Assert.assertTrue(pal.getMandatoryAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getMandatoryAttributes method without mandatory attributes. - */ - @Test - public void testGetMandatoryAttributesWithoutMandatory() { - final String strAttrList = - "isAgeOver:false:[15,]:Available;isAgeOver:false:[18,]:Available;"; - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getMandatoryAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's GetMandatoryAttributes method with one mandatory attribute. - */ - @Test - public void testGetMandatoryAttributesWithOneMandatory() { - final String strAttrList = - "age:true:[]:;isAgeOver:false:[15,]:;isAgeOver:false:[18,]:;"; - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getMandatoryAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's GetMandatoryAttributes method with two mandatory attribute. - */ - @Test - public void testGetMandatoryAttributesWithOnlyMandatory() { - final String strAttrList = - "age:true:[]:;isAgeOver:true:[18,]:;"; - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getMandatoryAttributes().size() == TWO_CONS); - } - - /** - * Testing Personal Attribute List's getSimpleValueAttributes method with empty attribute list. - */ - @Test - public void testGetSimpleValueAttributesWithEmptyList() { - final PersonalAttributeList pal = new PersonalAttributeList(); - Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getSimpleValueAttributes() method without simple attributes. - */ - @Test - public void testGetSimpleValueAttributesWithoutSimple() { - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(COMPLEX_ATTRLIST); - Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getSimpleValueAttributes() method with one simple attribute. - */ - @Test - public void testGetSimpleValueAttributesWithOneSimple() { - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(STR_MIX_ATTR_LIST); - Assert.assertTrue(pal.getSimpleValueAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's GetMandatoryAttributes method with two simple attribute. - */ - @Test - public void testGetSimpleValueAttributesWithOnlySimple() { - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(SIMPLE_ATTRLIST3); - Assert.assertTrue(pal.getSimpleValueAttributes().size() == TWO_CONS); - } - - /** - * Testing Personal Attribute List's getComplexValueAttributes method with empty attribute list. - */ - @Test - public void testGetComplexAttributesWithEmptyList() { - final PersonalAttributeList pal = new PersonalAttributeList(); - Assert.assertTrue(pal.getComplexAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getComplexAttributes() method without complex attributes. - */ - @Test - public void testGetComplexAttributesWithoutSimple() { - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(SIMPLE_ATTRLIST2); - Assert.assertTrue(pal.getComplexAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getComplexAttributes() method with one complex attribute. - */ - @Test - public void testGetComplexAttributesWithOneComplex() { - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(STR_MIX_ATTR_LIST); - Assert.assertTrue(pal.getComplexAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's GetMandatoryAttributes method with only two Complex attribute. - */ - @Test - public void testGetComplexAttributesWithOnlyComplex() { - final PersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(STR_MIX_ATTR_LIST2); - Assert.assertTrue(pal.getComplexAttributes().size() == TWO_CONS); - } - -} diff --git a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java b/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java deleted file mode 100644 index 458d510e0..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java +++ /dev/null @@ -1,182 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Map; - -import junit.framework.Assert; - -import org.junit.BeforeClass; -import org.junit.Test; - -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.STORKStatusCode; - -/** - * The PersonalAttribute's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.4 $, $Date: 2010-11-17 05:17:03 $ - */ -public final class PersonalAttributeTestCase { - - /** - * An empty attribute. - */ - private static final PersonalAttribute EMPTYATTR = new PersonalAttribute(); - - /** - * An attribute with a complex value (canonicalResidenceAddress). - */ - private static PersonalAttribute complexAttrValue = null; - - /** - * An attribute with a simple value (age). - */ - @SuppressWarnings("serial") - private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute( - "age", true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - /** - * Init PersonalAttributeTestCase class. - */ - @SuppressWarnings("serial") - @BeforeClass - public static void runsBeforeTheTestSuite() { - final Map<String, String> values = new HashMap<String, String>() { - { - put("countryCodeAddress", "PT"); - put("state", "Porto"); - put("town", "Porto"); - put("postalCode", "4100"); - put("streetName", "Avenida Sidonio Pais"); - put("streetNumber", "379"); - put("apartmentNumber", "B"); - } - }; - - complexAttrValue = - new PersonalAttribute("canonicalResidenceAddress", true, values, - STORKStatusCode.STATUS_AVAILABLE.toString()); - - } - - /** - * Tests the {@link PersonalAttribute#toString()} method for the given simple - * attribute value. Values must match. - */ - @Test - public void testToStringValues() { - Assert.assertEquals("age:true:[15,]:Available;", ATTR_VALUE.toString()); - } - - /** - * Tests the {@link PersonalAttribute#toString()} method for the given complex - * attribute value. Values must match. - */ - @Test - public void testToStringComplexValues() { - Assert.assertEquals( - "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=B," - + "state=Porto,countryCodeAddress=PT,streetNumber=379," - + "streetName=Avenida Sidonio Pais,town=Porto,]:Available;", - complexAttrValue.toString()); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given - * empty attribute. Must return true. - */ - @Test - public void testToIsEmptyStatusWithNull() { - Assert.assertTrue(EMPTYATTR.isEmptyStatus()); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given - * new attribute. Must return true. - */ - @Test - public void testToIsEmptyStatusWithEmptyString() { - final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); - attr.setStatus(""); - Assert.assertTrue(attr.isEmptyStatus()); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given - * empty attribute. Must return true. - */ - @Test - public void testToIsEmptyValueWithNull() { - final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); - attr.setValue(null); - Assert.assertTrue(attr.isEmptyValue()); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given - * empty attribute. Must return true. - */ - @Test - public void testToIsEmptyValue() { - Assert.assertTrue(EMPTYATTR.isEmptyValue()); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the - * given empty attribute. Must return true. - */ - @Test - public void testToIsEmptyComplexValueWithNull() { - final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); - attr.setComplexValue(null); - Assert.assertTrue(attr.isEmptyComplexValue()); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the - * given empty attribute. Must return true. - */ - @Test - public void testToIsEmptyComplexValueWithEmptyComplexValue() { - Assert.assertTrue(EMPTYATTR.isEmptyComplexValue()); - } - - /** - * Tests the {@link PersonalAttribute#clone()} method for the given attribute. - * Must return true. - */ - @Test - public void testCloneToComplexValue() { - Assert.assertNotSame(complexAttrValue, complexAttrValue.clone()); - } - - /** - * Tests the {@link PersonalAttribute#clone()} method for the given attribute. - * Must return true. - */ - @Test - public void testCloneToValue() { - Assert.assertNotSame(ATTR_VALUE, ATTR_VALUE.clone()); - } -} diff --git a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java b/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java deleted file mode 100644 index 270311128..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java +++ /dev/null @@ -1,5 +0,0 @@ -/** - * This package provides all JUnit test classes. - */ -package eu.stork.peps.tests; - diff --git a/id/server/legacy-backup/stork2-commons/src/test/resources/log4j.xml b/id/server/legacy-backup/stork2-commons/src/test/resources/log4j.xml deleted file mode 100644 index 0ad2ea9a4..000000000 --- a/id/server/legacy-backup/stork2-commons/src/test/resources/log4j.xml +++ /dev/null @@ -1,19 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd"> - -<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"> - <appender name="MainLogger" class="org.apache.log4j.DailyRollingFileAppender"> - <param name="File" value="stork-commons.log" /> - <param name="DatePattern" value="'.'yyyy-MM-dd" /> - <param name="Append" value="true" /> - <layout class="org.apache.log4j.PatternLayout"> - <param name="ConversionPattern" value="%d{HH:mm:ss:SSS} - %p - %C{1} - %m%n" /> - </layout> - </appender> - - <root> - <priority value="info" /> - <appender-ref ref="MainLogger" /> - </root> - -</log4j:configuration> diff --git a/id/server/legacy-backup/stork2-saml-engine/Releases b/id/server/legacy-backup/stork2-saml-engine/Releases deleted file mode 100644 index 0031906e6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/Releases +++ /dev/null @@ -1,83 +0,0 @@ -Created 06-04-2011 - -Branch : STORKPEPS_0_5_UPDATE_06042011 -Date : 06-04-2011 -Changes: Updated SAML Engine version to 0.5.1. - -Branch : STORKPEPS_0_5_UPDATE_07072011 -Date : 07-07-2011 -Changes: Inserted HttpOnly HTTP Header to present XSS Attacks. - Removed logs. - -Branch : STORKPEPS_0_6_1 -Date : 07-11-2011 -Changes: Improved error exception handling (few changes on the exception Interceptors classes) - Improved Errors (three new categories classes: SysAdmin specific errors, CPEPS translation errors, Citizen errors) - Fix some minor bugs found. - New Copyright License added. - -Branch : STORKPEPS_0_6_1 -Date : 28-11-2011 -Changes: Complex value are displayed to citizen on the Citizen Consent Value form! - Fix minor bug found on check attribute value error code and message (saml token message, log messages, citizen messages). - -Branch : STORKPEPS_1_0 -Date : 02-12-2011 -Changes: Version Update to 1.0 - -Branch : STORKPEPS_1_1_0 -Date : 01-11-2013 -Changes: Version Update to 1.1.0 - Dependencies updated - Business Logic Part I changes - SAML Engine Changes merged (from SamlEngine/1.1.0/PEPS branch to be easier to merge this branch with trunk) - Fixed some errors on Test Case - Added SAML Engine Attributes to configuration files - Jersey dependency fix - -Branch : PEPS (Trunk) -Date : 02-12-2013 -Version: 1.1.1 -Changes: Version Update to 1.1.1 - Added AUB IdP URL to peps.xml - Business Logic Part I changes: - 1 ) APResponseAction changed: - *) created private variables with filtered attribute lists (optional/mandatory and - simple/complex attributes) to send to consent value page - 2) CitizenConsentAction changed: - *) Removed callbackURL (this is in the AuthenticationOnBehalfOfAction and CitizenAuthenticationAction classes) - 3) ColleagueRequestAction changed: - created private variables with filtered attribute lists (optional/mandatory) to send to consent type page - - 4) AUSPEPSSAML - Fixed bug when missing SP URL on configurations... wrong validateParameter method used. - 5) citizenConsent.jsp - some changes on page: - *) complex attributes and simple attributes were split - *) optional and mandatory attributes shown using bootstrap - *) fixed some issues on some labels - 6) presentConsent.jsp - some changes on page: - *) optional and mandatory attributes shown using bootstrap - *) fixed some issues on some labels - - 7) applicationContext.xml - few changes: - *) removed callbackURL from CitizenConsentAction - *) callbackURL added to AuthenticationOnBehalfOfAction and CitizenAuthenticationAction - *) changed from file to classpath the origin of configuration files (peps.xml, pepsUtil.properties and specific.properties) - - Integrated Anonimity funcionality - -Branch : PEPS (Trunk) -Date : 15-01-2014 -Version: 1.2.0 -Release: 2 -Changes: Updated Version to 1.2.0 - Added request flow of PV (incomplete) - Added AP mandatory attribute to get data for business attributes - *) based on configuration file it adds the missing attributes (eIdentifier, givenName, surname and dateOfBirth) or change isRequired to true. - changes original isRequired state in response - Fixed some bugs in Test Case - Changed some packages names on S-PEPS - Power Validation is complete now - Business Logic I and II integration (Request Complete!) - BL I doesn't redirect to BL II if all attributes already have value - Bug fix on normalization -
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/pom.xml b/id/server/legacy-backup/stork2-saml-engine/pom.xml deleted file mode 100644 index 05e95441d..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/pom.xml +++ /dev/null @@ -1,202 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>MOA.id</groupId> - <artifactId>moa-id</artifactId> - <version>1.9.98-SNAPSHOT</version> - </parent> - - <modelVersion>4.0.0</modelVersion> - <groupId>eu.stork</groupId> - <artifactId>SamlEngine</artifactId> - <packaging>jar</packaging> - <name>STORKSAMLEngine</name> - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <saml.version>1.1.0</saml.version> - <samlspec.version>0.5.2</samlspec.version> - <samlspecacept.version>0.5.1</samlspecacept.version> - <commons.version>1.2.0</commons.version> - <opensaml.version>2.6.0</opensaml.version> - <timestamp>${maven.build.timestamp}</timestamp> - </properties> - <version>${saml.version}</version> - <description> - The STORKSAMLEngine library provides tools to support developers working with the Security Assertion Markup Language (SAML). - </description> - - <repositories> - <repository> - <id>org.opensaml</id> - <url>https://build.shibboleth.net/nexus/content/repositories/releases</url> - </repository> - <!-- repository OpenSaml --> - <repository> - <id>shibboleth-release</id> - <name>Internet2 Releases</name> - <layout>default</layout> - <url>https://build.shibboleth.net/nexus/content/repositories/releases</url> - <snapshots> - <enabled>false</enabled> - </snapshots> - </repository> - </repositories> - - <dependencies> - <!-- Compile dependencies --> - <dependency> - <groupId>eu.stork</groupId> - <artifactId>Commons</artifactId> - <version>${commons.version}</version> - </dependency> - - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>opensaml</artifactId> - <version>${opensaml.version}</version> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - </exclusion> - </exclusions> - </dependency> - - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - <version>1.7.5</version> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - <version>1.7.5</version> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - <version>1.7.5</version> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - <version>1.7.5</version> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - <version>1.7.5</version> - </dependency> - - <dependency> - <groupId>commons-io</groupId> - <artifactId>commons-io</artifactId> - <version>2.2</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.11.0</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.11</version> - <scope>test</scope> - </dependency> - </dependencies> - - <build> - <pluginManagement> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>2.3.2</version> - <configuration> - <source>1.6</source> - <target>1.6</target> - </configuration> - </plugin> - - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <skip>true</skip> - </configuration> - </plugin> - </plugins> - </pluginManagement> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-source-plugin</artifactId> - <executions> - <execution> - <id>attach-sources</id> - <phase>verify</phase> - <goals> - <goal>jar</goal> - </goals> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-jar-plugin</artifactId> - <configuration> - <archive> - <manifestEntries> - <SAMLEngineVersion>${saml.version}</SAMLEngineVersion> - <SAMLSpecVersion-accept>${samlspecacept.version}</SAMLSpecVersion-accept> - <SAMLSpecVersion-send>${samlspec.version}</SAMLSpecVersion-send> - <SAMLSpecKnownIssues>None</SAMLSpecKnownIssues> - <timestamp>${timestamp}</timestamp> - </manifestEntries> - </archive> - </configuration> - </plugin> - </plugins> - </build> - <profiles> - <profile> - <id>metrics</id> - <build> - <plugins> - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>cobertura-maven-plugin</artifactId> - <version>2.5.1</version> - <configuration> - <formats> - <format>html</format> - <format>xml</format> - </formats> - </configuration> - </plugin> - </plugins> - </build> - </profile> - </profiles> - <reporting> - </reporting> -</project> diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/config/embedded/StorkSamlEngine_CPEPS.xml b/id/server/legacy-backup/stork2-saml-engine/src/main/config/embedded/StorkSamlEngine_CPEPS.xml deleted file mode 100644 index 9a6086c74..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/config/embedded/StorkSamlEngine_CPEPS.xml +++ /dev/null @@ -1,69 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- Types of consent obtained from the user for this authentication and - data transfer. Allow values: 'unspecified'. --> - <entry key="consentAuthnRequest">unspecified</entry> - <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', - 'unspecified'. --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier Allow values: - 'entity'. --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS --> - <!--The SOAP binding is only supported for direct communication between - SP-MW and VIdP --> - <entry key="protocolBinding">HTTP-POST</entry> - - <entry key="eIDSectorShare">true</entry> - <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!--PEPS in the Service Provider's country --> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country --> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive - number) --> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response --> - <entry key="ipAddrValidation">false</entry> - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry> - <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/config/embedded/quartz.properties b/id/server/legacy-backup/stork2-saml-engine/src/main/config/embedded/quartz.properties deleted file mode 100644 index dfa62f3ae..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/config/embedded/quartz.properties +++ /dev/null @@ -1,5 +0,0 @@ -org.quartz.scheduler.instanceName = UpdateScheduler -org.quartz.threadPool.threadCount = 1 -org.quartz.jobStore.class =org.quartz.simpl.RAMJobStore -org.quartz.plugin.shutdownhook.class = org.quartz.plugins.management.ShutdownHookPlugin -org.quartz.plugin.shutdownhook.cleanShutdown = true
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/config/jBoss/context.xml b/id/server/legacy-backup/stork2-saml-engine/src/main/config/jBoss/context.xml deleted file mode 100644 index 9520f2161..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/config/jBoss/context.xml +++ /dev/null @@ -1 +0,0 @@ -<Context cookies="true" />
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/config/jBoss/jboss-classloading.xml b/id/server/legacy-backup/stork2-saml-engine/src/main/config/jBoss/jboss-classloading.xml deleted file mode 100644 index 20c6509de..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/config/jBoss/jboss-classloading.xml +++ /dev/null @@ -1,4 +0,0 @@ -<classloading xmlns="urn:jboss:classloading:1.0" name="PEPS.war" - domain="PEPS_Domain" export-all="NON_EMPTY" import-all="true" - parent-first="true"> -</classloading> diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF b/id/server/legacy-backup/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF deleted file mode 100644 index 254272e1c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF +++ /dev/null @@ -1,3 +0,0 @@ -Manifest-Version: 1.0 -Class-Path: - diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java deleted file mode 100644 index bcf5e289b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java +++ /dev/null @@ -1,421 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine; - -import java.io.ByteArrayInputStream; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; -import java.util.HashMap; -import java.util.Map; -import java.util.Properties; - -import javax.xml.XMLConstants; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.opensaml.Configuration; -import org.opensaml.DefaultBootstrap; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.xml.ConfigurationException; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.Marshaller; -import org.opensaml.xml.io.MarshallerFactory; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.io.Unmarshaller; -import org.opensaml.xml.io.UnmarshallerFactory; -import org.opensaml.xml.io.UnmarshallingException; -import org.opensaml.xml.parse.BasicParserPool; -import org.opensaml.xml.parse.XMLParserException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.auth.engine.core.STORKSAMLCore; -import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryMarshaller; -import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SignModuleFactory; -import eu.stork.peps.configuration.ConfigurationCreator; -import eu.stork.peps.configuration.ConfigurationReader; -import eu.stork.peps.configuration.InstanceEngine; -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * Class that wraps the operations over SAML tokens, both generation and - * validation of SAML requests and SAML responses. Compliant with "OASIS Secure - * Assertion Markup Language (SAML) 2.0, May 2005", but taking into account - * STORK specific requirements. - * - * @author fjquevedo - * @author iinigo - */ - -public class SAMLEngine { - - /** The Document Builder Factory. */ - private static javax.xml.parsers.DocumentBuilderFactory dbf = null; - - /** The instance of every engine SAML. */ - private static Map<String, InstanceEngine> instanceConfigs; - - /** The instances of SAML engine. */ - private static Map<String, Map<String, Object>> instances; - - /** The logger. */ - private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class - .getName()); - - /** The Constant MODULE_SIGN_CONF. */ - private static final String MODULE_SIGN_CONF = "SignatureConf"; - - /** The Constant SAML_ENGINE_SIGN_CLASS. */ - private static final String SAML_ENGINE_SIGN_CLASS = "class"; - - /** The Constant SAML_ENGINE_CONF. */ - private static final String SAML_ENGINE_CONF = "SamlEngineConf"; - - /** The Constant SAML_ENGINE_FILE_CONF. */ - private static final String SAML_ENGINE_FILE_CONF = "fileConfiguration"; - - /** The codification of characters. */ - private static final String CHARACTER_ENCODING = "UTF-8"; - - /** The SAML core. */ - private STORKSAMLCore samlCore; - - /** The Module of Signature. */ - private SAMLEngineSignI signer; - - - /** Initializes the SAML engine. */ - /** Configure Document Builder Factory. */ - - static { - startUp(); - loadDocumentFactory(); - } - - /** - * Load document factory. - */ - private static void loadDocumentFactory() { - - try { - dbf = javax.xml.parsers.DocumentBuilderFactory.newInstance(); - dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); - dbf.setNamespaceAware(true); - dbf.setIgnoringComments(true); - } catch (ParserConfigurationException e) { - LOG.error("Error parser configuration."); - throw new STORKSAMLEngineRuntimeException(e); - } - - } - - /** - * Method that initializes the basic services for the SAML Engine, like the - * OpenSAML library and the BouncyCastle provider. - */ - private static void startUp() { - - LOG.info("SAMLEngine: Initialize OpenSAML"); - - //TLenz: MOA-ID uses an own Bootstrap -// try { -// DefaultBootstrap.bootstrap(); -// } catch (ConfigurationException e) { -// LOG.error("Problem initializing the OpenSAML library."); -// throw new STORKSAMLEngineRuntimeException(e); -// } - - LOG.debug("Read all file configurations. (instances of SAMLEngine)"); - try { - instanceConfigs = ConfigurationReader.readConfiguration(); - } catch (SAMLEngineException e) { - LOG.error("Error read configuration file."); - throw new STORKSAMLEngineRuntimeException(e); - } - - LOG.debug("Create all instaces of saml engine. (instances of SAMLEngine)"); - try { - instances = ConfigurationCreator - .createConfiguration(instanceConfigs); - } catch (STORKSAMLEngineException e) { - LOG.error("Error initializing instances from Stork SAML engine."); - throw new STORKSAMLEngineRuntimeException(e); - } - } - - /** - * Instantiates a new SAML engine. - */ - private SAMLEngine() { - - } - - /** - * Instantiates a new SAML engine. - * - * @param nameInstance the name instance - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - protected SAMLEngine(final String nameInstance) - throws STORKSAMLEngineException { - LOG.info("Loading Specific Configuration."); - - LOG.debug("Create intance of saml messages."); - - Map<String, Object> instance = instances.get(nameInstance); - - if (instance == null || instance.isEmpty()) { - LOG.error("Instance: " + nameInstance + " not exist."); - throw new STORKSAMLEngineException("Instance: " + nameInstance - + " not exist."); - } - - Properties properties = (Properties) instance.get(SAML_ENGINE_CONF); - - if (properties == null) { - LOG.error("SamlEngine.xml: not exist."); - throw new STORKSAMLEngineException("SamlEngine.xml: not exist."); - } - - samlCore = new STORKSAMLCore(properties); - - final HashMap<String, String> propertiesSign = (HashMap<String, String>) instance - .get(MODULE_SIGN_CONF); - - LOG.debug("Loading Module of sign."); - signer = SignModuleFactory.getInstance(propertiesSign - .get(SAML_ENGINE_SIGN_CLASS)); - - try { - LOG.info("Initialize module of sign."); - signer.init(propertiesSign.get(SAML_ENGINE_FILE_CONF)); - LOG.info("Load cryptographic service provider of module of sign."); - signer.loadCryptServiceProvider(); - } catch (SAMLEngineException e) { - LOG.error("Error create signature module: " - + propertiesSign.get(SAML_ENGINE_FILE_CONF)); - LOG.info("Exception" + e); - throw new STORKSAMLEngineException(e); - } - } - - /** - * Gets the Signer properties. - * - * @return the SAML Sign properties - */ - protected SAMLEngineSignI getSigner() { - return signer; - } - - /** - * Gets the SAML core properties. - * - * @return the SAML core properties - */ - protected final STORKSAMLCore getSamlCoreProperties() { - return samlCore; - } - - /** - * Method that transform the received SAML object into a byte array - * representation. - * - * @param samlToken the SAML token. - * - * @return the byte[] of the SAML token. - * - * @throws SAMLEngineException the SAML engine exception - */ - private byte[] marshall(final XMLObject samlToken) - throws SAMLEngineException { - - try { - javax.xml.parsers.DocumentBuilder docBuilder = null; - - final MarshallerFactory marshallerFactory = Configuration - .getMarshallerFactory(); - - final Marshaller marshaller; - if (samlToken.getElementQName().toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - marshaller = new CustomAttributeQueryMarshaller(); - else - marshaller = marshallerFactory - .getMarshaller(samlToken); - - docBuilder = dbf.newDocumentBuilder(); - - final Document doc = docBuilder.newDocument(); - - marshaller.marshall(samlToken, doc); - - // Obtain a byte array representation of the marshalled SAML object - final DOMSource domSource = new DOMSource(doc); - final StringWriter writer = new StringWriter(); - final StreamResult result = new StreamResult(writer); - final TransformerFactory transFactory = TransformerFactory - .newInstance(); - Transformer transformer; - - transformer = transFactory.newTransformer(); - transformer.transform(domSource, result); - LOG.debug("SAML request \n"+ writer.toString()); - return writer.toString().getBytes(CHARACTER_ENCODING); - - } catch (ParserConfigurationException e) { - LOG.error("ParserConfigurationException."); - throw new SAMLEngineException(e); - } catch (MarshallingException e) { - LOG.error("MarshallingException."); - throw new SAMLEngineException(e); - } catch (TransformerConfigurationException e) { - LOG.error("TransformerConfigurationException."); - throw new SAMLEngineException(e); - } catch (TransformerException e) { - LOG.error("TransformerException."); - throw new SAMLEngineException(e); - } catch (UnsupportedEncodingException e) { - LOG.error("UnsupportedEncodingException: " + CHARACTER_ENCODING); - throw new SAMLEngineException(e); - } - } - - /** - * Method that signs a SAML Token. - * - * @param tokenSaml the token SAML - * - * @return the SAML object sign - * - * @throws SAMLEngineException the SAML engine exception - */ - private SignableSAMLObject sign(final SignableSAMLObject tokenSaml) - throws SAMLEngineException { - LOG.debug("Sign SamlToken."); - signer.sign(tokenSaml); - return tokenSaml; - } - - /** - * Sign and transform to byte array. - * - * @param samlToken the SAML token - * - * @return the byte[] of the SAML token - * - * @throws SAMLEngineException the SAML engine exception - */ - protected final byte[] signAndMarshall(final SignableSAMLObject samlToken) - throws SAMLEngineException { - LOG.debug("Marshall Saml Token."); - SignableSAMLObject signElement = sign(samlToken); - return marshall(signElement); - } - - /** - * Method that unmarshalls a SAML Object from a byte array representation to - * an XML Object. - * - * @param samlToken Byte array representation of a SAML Object - * - * @return XML Object (superclass of SAMLObject) - * - * @throws SAMLEngineException the SAML engine exception - */ - protected final XMLObject unmarshall(final byte[] samlToken) - throws SAMLEngineException { - try { - // Get parser pool manager - final BasicParserPool ppMgr = new BasicParserPool(); - // Note: this is necessary due to an unresolved Xerces deferred DOM - // issue/bug - final HashMap<String, Boolean> features = new HashMap<String, Boolean>(); - features.put(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); - ppMgr.setBuilderFeatures(features); - - ppMgr.setNamespaceAware(true); - - // Parse SAMLToken - Document document = ppMgr.parse(new ByteArrayInputStream(samlToken)); - if (document != null){ - final Element root = document.getDocumentElement(); - // Get appropriate unmarshaller - final UnmarshallerFactory unmarshallerFact = Configuration.getUnmarshallerFactory(); - // Unmarshall using the SAML Token root element - if (unmarshallerFact != null && root != null){ - final Unmarshaller unmarshaller; - if (root.getLocalName().equals(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - unmarshaller = new CustomAttributeQueryUnmarshaller(); - else - unmarshaller = unmarshallerFact.getUnmarshaller(root); - try { - return unmarshaller.unmarshall(root); - } catch (NullPointerException e){ - LOG.error("Error element tag incomplet or null."); - throw new SAMLEngineException("NullPointerException", e); - } - } else { - LOG.error("Error element tag incomplet or null."); - throw new SAMLEngineException("NullPointerException : unmarshallerFact or root is null"); - } - } else { - LOG.error("Error element tag incomplet or null."); - throw new SAMLEngineException("NullPointerException : document is null"); - } - } catch (XMLParserException e) { - LOG.error("XML Parsing Error.", e); - throw new SAMLEngineException(e); - } catch (UnmarshallingException e) { - LOG.error("TransformerException.", e); - throw new SAMLEngineException(e); - } catch (NullPointerException e) { - LOG.error("Error element tag incomplet or null.", e); - throw new SAMLEngineException(e); - } - } - - /** - * Method that validates an XML Signature contained in a SAML Token. - * - * @param samlToken the SAML token - * - * @return the SAML object - * - * @throws SAMLEngineException the SAML engine exception - */ - protected final SAMLObject validateSignature( - final SignableSAMLObject samlToken) throws SAMLEngineException { - - LOG.info("Validate Signature"); - signer.validateSignature(samlToken); - - return samlToken; - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java deleted file mode 100644 index e9116ea8c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java +++ /dev/null @@ -1,885 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.UnsupportedEncodingException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -import javax.xml.namespace.QName; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang.StringUtils; -import org.joda.time.DateTime; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLVersion; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; -import org.opensaml.saml2.common.Extensions; -import org.opensaml.saml2.common.impl.ExtensionsBuilder; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.AttributeQuery; -import org.opensaml.saml2.core.AttributeValue; -import org.opensaml.saml2.core.AuthnContext; -import org.opensaml.saml2.core.AuthnRequest; -import org.opensaml.saml2.core.AuthnStatement; -import org.opensaml.saml2.core.Issuer; -import org.opensaml.saml2.core.LogoutRequest; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.NameID; -import org.opensaml.saml2.core.Response; -import org.opensaml.saml2.core.Status; -import org.opensaml.saml2.core.StatusCode; -import org.opensaml.saml2.core.StatusMessage; -import org.opensaml.saml2.core.Subject; -import org.opensaml.saml2.core.SubjectConfirmation; -import org.opensaml.saml2.core.SubjectConfirmationData; -import org.opensaml.saml2.core.SubjectLocality; -import org.opensaml.saml2.core.impl.AssertionBuilder; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.schema.XSAny; -import org.opensaml.xml.schema.XSString; -import org.opensaml.xml.signature.KeyInfo; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Document; -import org.xml.sax.SAXException; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.QAAAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.SAMLCore; -import eu.stork.peps.auth.engine.core.SPApplication; -import eu.stork.peps.auth.engine.core.SPCountry; -import eu.stork.peps.auth.engine.core.SPInstitution; -import eu.stork.peps.auth.engine.core.SPSector; -import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryBuilder; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * The Class SAMLEngineUtils. - * - * @author fjquevedo - * @author iinigo - */ -public final class SAMLEngineUtils { - - /** The Constant UTF_8. */ - public static final String UTF_8 = "UTF-8"; - - /** The Constant SHA_512. */ - public static final String SHA_512 = "SHA-512"; - - - /** The generator. */ - private static SecureRandomIdentifierGenerator generator; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory - .getLogger(SAMLEngineUtils.class.getName()); - - /** - * Method that generates a random value according to NCName grammar. - * - * NCName ::= NCNameStartChar NCNameChar* NCNameChar ::= NameChar - ':' - * NCNameStartChar ::= Letter | '_' NameStartChar ::= ":" | [A-Z] | "_" | - * [a-z] | [#xC0-#xD6] | [#xD8-#xF6] | [#xF8-#x2FF] | [#x370-#x37D] | - * [#x37F-#x1FFF] | [#x200C-#x200D] | [#x2070-#x218F] | [#x2C00-#x2FEF] | - * [#x3001-#xD7FF] | [#xF900-#xFDCF] | [#xFDF0-#xFFFD] | [#x10000-#xEFFFF] - * NameChar ::= NameStartChar | "-" | "." | [0-9] | #xB7 | [#x0300-#x036F] | - * [#x203F-#x2040] Name ::= NameStartChar (NameChar)* Letter ::= BaseChar | - * Ideographic BaseChar ::= [#x0041-#x005A] | [#x0061-#x007A] | - * [#x00C0-#x00D6] | [#x00D8-#x00F6] | [#x00F8-#x00FF] | [#x0100-#x0131] | - * [#x0134-#x013E] | [#x0141-#x0148] | [#x014A-#x017E] | [#x0180-#x01C3] | - * [#x01CD-#x01F0] | [#x01F4-#x01F5] | [#x01FA-#x0217] | [#x0250-#x02A8] | - * [#x02BB-#x02C1] | #x0386 | [#x0388-#x038A] | #x038C | [#x038E-#x03A1] | - * [#x03A3-#x03CE] | [#x03D0-#x03D6] | #x03DA | #x03DC | #x03DE | #x03E0 | - * [#x03E2-#x03F3] | [#x0401-#x040C] | [#x040E-#x044F] | [#x0451-#x045C] | - * [#x045E-#x0481] | [#x0490-#x04C4] | [#x04C7-#x04C8] | [#x04CB-#x04CC] | - * [#x04D0-#x04EB] | [#x04EE-#x04F5] | [#x04F8-#x04F9] | [#x0531-#x0556] | - * #x0559 | [#x0561-#x0586] | [#x05D0-#x05EA] | [#x05F0-#x05F2] | - * [#x0621-#x063A] | [#x0641-#x064A] | [#x0671-#x06B7] | [#x06BA-#x06BE] | - * [#x06C0-#x06CE] | [#x06D0-#x06D3] | #x06D5 | [#x06E5-#x06E6] | - * [#x0905-#x0939] | #x093D | [#x0958-#x0961] | [#x0985-#x098C] | - * [#x098F-#x0990] | [#x0993-#x09A8] | [#x09AA-#x09B0] | #x09B2 | - * [#x09B6-#x09B9] | [#x09DC-#x09DD] | [#x09DF-#x09E1] | [#x09F0-#x09F1] | - * [#x0A05-#x0A0A] | [#x0A0F-#x0A10] | [#x0A13-#x0A28] | [#x0A2A-#x0A30] | - * [#x0A32-#x0A33] | [#x0A35-#x0A36] | [#x0A38-#x0A39] | [#x0A59-#x0A5C] | - * #x0A5E | [#x0A72-#x0A74] | [#x0A85-#x0A8B] | #x0A8D | [#x0A8F-#x0A91] | - * [#x0A93-#x0AA8] | [#x0AAA-#x0AB0] | [#x0AB2-#x0AB3] | [#x0AB5-#x0AB9] | - * #x0ABD | #x0AE0 | [#x0B05-#x0B0C] | [#x0B0F-#x0B10] | [#x0B13-#x0B28] | - * [#x0B2A-#x0B30] | [#x0B32-#x0B33] | [#x0B36-#x0B39] | #x0B3D | - * [#x0B5C-#x0B5D] | [#x0B5F-#x0B61] | [#x0B85-#x0B8A] | [#x0B8E-#x0B90] | - * [#x0B92-#x0B95] | [#x0B99-#x0B9A] | #x0B9C | [#x0B9E-#x0B9F] | - * [#x0BA3-#x0BA4] | [#x0BA8-#x0BAA] | [#x0BAE-#x0BB5] | [#x0BB7-#x0BB9] | - * [#x0C05-#x0C0C] | [#x0C0E-#x0C10] | [#x0C12-#x0C28] | [#x0C2A-#x0C33] | - * [#x0C35-#x0C39] | [#x0C60-#x0C61] | [#x0C85-#x0C8C] | [#x0C8E-#x0C90] | - * [#x0C92-#x0CA8] | [#x0CAA-#x0CB3] | [#x0CB5-#x0CB9] | #x0CDE | - * [#x0CE0-#x0CE1] | [#x0D05-#x0D0C] | [#x0D0E-#x0D10] | [#x0D12-#x0D28] | - * [#x0D2A-#x0D39] | [#x0D60-#x0D61] | [#x0E01-#x0E2E] | #x0E30 | - * [#x0E32-#x0E33] | [#x0E40-#x0E45] | [#x0E81-#x0E82] | #x0E84 | - * [#x0E87-#x0E88] | #x0E8A | #x0E8D | [#x0E94-#x0E97] | [#x0E99-#x0E9F] | - * [#x0EA1-#x0EA3] | #x0EA5 | #x0EA7 | [#x0EAA-#x0EAB] | [#x0EAD-#x0EAE] | - * #x0EB0 | [#x0EB2-#x0EB3] | #x0EBD | [#x0EC0-#x0EC4] | [#x0F40-#x0F47] | - * [#x0F49-#x0F69] | [#x10A0-#x10C5] | [#x10D0-#x10F6] | #x1100 | - * [#x1102-#x1103] | [#x1105-#x1107] | #x1109 | [#x110B-#x110C] | - * [#x110E-#x1112] | #x113C | #x113E | #x1140 | #x114C | #x114E | #x1150 | - * [#x1154-#x1155] | #x1159 | [#x115F-#x1161] | #x1163 | #x1165 | #x1167 | - * #x1169 | [#x116D-#x116E] | [#x1172-#x1173] | #x1175 | #x119E | #x11A8 | - * #x11AB | [#x11AE-#x11AF] | [#x11B7-#x11B8] | #x11BA | [#x11BC-#x11C2] | - * #x11EB | #x11F0 | #x11F9 | [#x1E00-#x1E9B] | [#x1EA0-#x1EF9] | - * [#x1F00-#x1F15] | [#x1F18-#x1F1D] | [#x1F20-#x1F45] | [#x1F48-#x1F4D] | - * [#x1F50-#x1F57] | #x1F59 | #x1F5B | #x1F5D | [#x1F5F-#x1F7D] | - * [#x1F80-#x1FB4] | [#x1FB6-#x1FBC] | #x1FBE | [#x1FC2-#x1FC4] | - * [#x1FC6-#x1FCC] | [#x1FD0-#x1FD3] | [#x1FD6-#x1FDB] | [#x1FE0-#x1FEC] | - * [#x1FF2-#x1FF4] | [#x1FF6-#x1FFC] | #x2126 | [#x212A-#x212B] | #x212E | - * [#x2180-#x2182] | [#x3041-#x3094] | [#x30A1-#x30FA] | [#x3105-#x312C] | - * [#xAC00-#xD7A3] Ideographic ::= [#x4E00-#x9FA5] | #x3007 | - * [#x3021-#x3029] - * - * @return Random ID value - */ - - //Initialization of a generator of identifiers for all token SAML. - - static { - loadRandomIdentifierGenerator(); - } - - - /** - * Load random identifier generator. - * - *@throws STORKSAMLEngineRuntimeException the STORKSAML engine runtime exception - */ - private static void loadRandomIdentifierGenerator() { - - try { - generator = new SecureRandomIdentifierGenerator(); - } catch (NoSuchAlgorithmException ex) { - LOG.error("Error init SecureRandomIdentifierGenerator", ex); - throw new STORKSAMLEngineRuntimeException(ex); - } - - } - - /** - * Creates the SAML object. - * - * @param qname the QName - * - * @return the XML object - */ - public static XMLObject createSamlObject(final QName qname) { - if (qname.toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - { - CustomAttributeQueryBuilder builder = new CustomAttributeQueryBuilder(); - return builder.buildObject(qname); - } - else - { - return Configuration.getBuilderFactory().getBuilder(qname).buildObject( - qname); - } - } - - /** - * Creates the SAML object. - * - * @param qname the quality name - * @param qname1 the qname1 - * - * @return the xML object - */ - public static XMLObject createSamlObject(final QName qname, - final QName qname1) { - return Configuration.getBuilderFactory().getBuilder(qname1) - .buildObject(qname, qname1); - } - - /** - * Encode value with an specific algorithm. - * - * @param value the value - * @param alg the algorithm - * - * @return the string - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static String encode(final String value, final String alg) - throws STORKSAMLEngineException { - LOG.debug("Encode value with " + alg + " algorithm."); - byte[] buffer; - - final StringBuffer hash = new StringBuffer(""); - try { - buffer = value.getBytes(UTF_8); - MessageDigest msgDig; - msgDig = MessageDigest.getInstance(alg); - - - msgDig.update(buffer); - final byte[] digest = msgDig.digest(); - - final int signedByte = 0xff; - for (byte aux : digest) { - final int byt = aux & signedByte; - if (Integer.toHexString(byt).length() == 1) { - hash.append('0'); - } - hash.append(Integer.toHexString(byt)); - } - - } catch (UnsupportedEncodingException e1) { - LOG.error("UnsupportedEncodingException: " + UTF_8); - throw new STORKSAMLEngineException(e1); - } catch (NoSuchAlgorithmException e) { - LOG.error("NoSuchAlgorithmException: " + alg); - throw new STORKSAMLEngineException(e); - } - - return hash.toString(); - } - - /** - * Generate assertion. - * - * @param version the version - * @param identifier the identifier - * @param issueInstant the issue instant - * @param issuer the issuer - * - * @return the assertion - */ - public static Assertion generateAssertion(final SAMLVersion version, - final String identifier, final DateTime issueInstant, - final Issuer issuer) { - final AssertionBuilder assertionBuilder = new AssertionBuilder(); - final Assertion assertion = assertionBuilder.buildObject(); - assertion.setVersion(version); - assertion.setID(identifier); - assertion.setIssueInstant(issueInstant); - - // <saml:Issuer> - assertion.setIssuer(issuer); - return assertion; - } - - /** - * Generate authentication statement. - * - * @param authnInstant the authentication instant - * @param authnContext the authentication context - * - * @return the authentication statement - */ - public static AuthnStatement generateAthnStatement(final DateTime authnInstant, - final AuthnContext authnContext) { - // <saml:AuthnStatement> - final AuthnStatement authnStatement = (AuthnStatement) SAMLEngineUtils - .createSamlObject(AuthnStatement.DEFAULT_ELEMENT_NAME); - - authnStatement.setAuthnInstant(authnInstant); - authnStatement.setAuthnContext(authnContext); - - return authnStatement; - } - - - - - - /** - * Generate attribute from a list of values. - * - * @param name the name of the attribute. - * @param status the status of the parameter: "Available", "NotAvailable" or - * "Withheld". - * @param values the value of the attribute. - * @param isHashing the is hashing with "SHA-512" algorithm. - * @return the attribute - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static Attribute generateAttrComplex(final String name, - final String status, final Map<String, String> values, - final boolean isHashing) throws STORKSAMLEngineException { - LOG.debug("Generate attribute complex: " + name); - final Attribute attribute = (Attribute) SAMLEngineUtils - .createSamlObject(Attribute.DEFAULT_ELEMENT_NAME); - - attribute.setName(name); - attribute.setNameFormat(Attribute.URI_REFERENCE); - - attribute.getUnknownAttributes().put( - new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", - SAMLCore.STORK10_PREFIX.getValue()), status); - - if (!values.isEmpty()) { - LOG.debug("Add attribute values."); - - // Create an attribute that contains all XSAny elements. - final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject( - AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME); - - final Iterator<Entry<String, String>> iterator = values.entrySet() - .iterator(); - while (iterator.hasNext()) { - final Map.Entry<String, String> pairs = iterator.next(); - - final String value = pairs.getValue(); - - if (StringUtils.isNotBlank(value)) { - // Create the attribute statement - final XSAny attrValueSimple = (XSAny) SAMLEngineUtils - .createSamlObject(new QName(SAMLCore.STORK10_NS.getValue(), - pairs.getKey().toString(), - SAMLCore.STORK10_PREFIX.getValue()), XSAny.TYPE_NAME); - - // if it's necessary encode the information. - if (isHashing) { - attrValueSimple - .setTextContent(encode(value, SHA_512)); - } else { - attrValueSimple.setTextContent(value); - } - - attrValue.getUnknownXMLObjects().add(attrValueSimple); - attribute.getAttributeValues().add(attrValue); - } - } - - } - return attribute; - } - - /** - * Generate extension. - * - * @return the extensions - */ - public static Extensions generateExtension() { - final ExtensionsBuilder extensionsBuilder = new ExtensionsBuilder(); - return extensionsBuilder.buildObject( - "urn:oasis:names:tc:SAML:2.0:protocol", "Extensions", "saml2p"); - } - - - - - /** - * Generate issuer. - * - * @return the issuer - */ - public static Issuer generateIssuer() { - return (Issuer) SAMLEngineUtils - .createSamlObject(Issuer.DEFAULT_ELEMENT_NAME); - } - - /** - * Generate key info. - * - * @return the key info - */ - public static KeyInfo generateKeyInfo() { - return (KeyInfo) SAMLEngineUtils - .createSamlObject(KeyInfo.DEFAULT_ELEMENT_NAME); - } - - /** - * Generate name id. - * - * @return the name id - */ - public static NameID generateNameID() { - return (NameID) SAMLEngineUtils - .createSamlObject(NameID.DEFAULT_ELEMENT_NAME); - } - - /** - * Generate name id. - * - * @param nameQualifier the name qualifier - * @param format the format - * @param spNameQualifier the sP name qualifier - * - * @return the name id - */ - public static NameID generateNameID(final String nameQualifier, - final String format, final String spNameQualifier) { - // <saml:NameID> - final NameID nameId = (NameID) Configuration.getBuilderFactory() - .getBuilder(NameID.DEFAULT_ELEMENT_NAME).buildObject( - NameID.DEFAULT_ELEMENT_NAME); - - // optional - nameId.setNameQualifier(nameQualifier); - - // optional - nameId.setFormat(format); - - // optional - nameId.setSPNameQualifier(spNameQualifier); - - return nameId; - } - - /** - * Generate NCName. - * - * @return the string - */ - public static String generateNCName() { - return generator.generateIdentifier(); - } - - - /** - * Generate the quality authentication assurance level. - * - * @param qaal the level of quality authentication assurance. - * - * @return the quality authentication assurance attribute - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static QAAAttribute generateQAAAttribute(final int qaal) - throws STORKSAMLEngineException { - LOG.debug("Generate QAAAttribute."); - - final QAAAttribute qaaAttribute = (QAAAttribute) SAMLEngineUtils - .createSamlObject(QAAAttribute.DEF_ELEMENT_NAME); - qaaAttribute.setQaaLevel(String.valueOf(qaal)); - return qaaAttribute; - } - - /** - * Generate requested attribute. - * - * @param name the name - * @param friendlyName the friendly name - * @param isRequired the is required - * @param value the value - * - * @return the requested attribute - */ - public static RequestedAttribute generateReqAuthnAttributeSimple( - final String name, final String friendlyName, - final String isRequired, final List<String> value) { - LOG.debug("Generate the requested attribute."); - - final RequestedAttribute requested = (RequestedAttribute) SAMLEngineUtils - .createSamlObject(RequestedAttribute.DEF_ELEMENT_NAME); - requested.setName(name); - requested.setNameFormat(RequestedAttribute.URI_REFERENCE); - - requested.setFriendlyName(friendlyName); - - requested.setIsRequired(isRequired); - - // The value is optional in an authentication request. - if (!value.isEmpty()) { - for (int nextValue = 0; nextValue < value.size(); nextValue++) { - final String valor = value.get(nextValue); - if (StringUtils.isNotBlank(valor)) { - - if(!name.equals("http://www.stork.gov.eu/1.0/signedDoc")){ - - // Create the attribute statement - final XSAny attrValue = (XSAny) SAMLEngineUtils - .createSamlObject( - new QName(SAMLCore.STORK10_NS.getValue(), - "AttributeValue", - SAMLCore.STORK10_PREFIX.getValue()), - XSAny.TYPE_NAME); - - attrValue.setTextContent(valor.trim()); - requested.getAttributeValues().add(attrValue); - - }else{ - - DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); - domFactory.setNamespaceAware(true); - Document document = null; - DocumentBuilder builder; - - // Parse the signedDoc value into an XML DOM Document - try { - builder = domFactory.newDocumentBuilder(); - InputStream is; - is = new ByteArrayInputStream(valor.trim().getBytes("UTF-8")); - document = builder.parse(is); - is.close(); - } catch (SAXException e1) { - LOG.error("SAX Error while parsing signModule attribute", e1); - throw new STORKSAMLEngineRuntimeException(e1); - } catch (ParserConfigurationException e2) { - LOG.error("Parser Configuration Error while parsing signModule attribute", e2); - throw new STORKSAMLEngineRuntimeException(e2); - } catch (UnsupportedEncodingException e3) { - LOG.error("Unsupported encoding Error while parsing signModule attribute", e3); - throw new STORKSAMLEngineRuntimeException(e3); - } catch (IOException e4) { - LOG.error("IO Error while parsing signModule attribute", e4); - throw new STORKSAMLEngineRuntimeException(e4); - } - - // Create the XML statement(this will be overwritten with the previous DOM structure) - final XSAny xmlValue = (XSAny) SAMLEngineUtils - .createSamlObject( - new QName(SAMLCore.STORK10_NS.getValue(), - "XMLValue", - SAMLCore.STORK10_PREFIX.getValue()), - XSAny.TYPE_NAME); - - //Set the signedDoc XML content to this element - xmlValue.setDOM(document.getDocumentElement()); - - // Create the attribute statement - final XSAny attrValue = (XSAny) SAMLEngineUtils - .createSamlObject( - new QName(SAMLCore.STORK10_NS.getValue(), - "AttributeValue", - SAMLCore.STORK10_PREFIX.getValue()), - XSAny.TYPE_NAME); - - //Add previous signedDocXML to the AttributeValue Element - attrValue.getUnknownXMLObjects().add(xmlValue); - - requested.getAttributeValues().add(attrValue); - } - - - } - } - } - - return requested; - } - - /** - * Generate response. - * - * @param version the version - * @param identifier the identifier - * @param issueInstant the issue instant - * @param status the status - * - * @return the response - */ - public static Response generateResponse(final SAMLVersion version, - final String identifier, final DateTime issueInstant, - final Status status) { - final Response response = (Response) SAMLEngineUtils - .createSamlObject(Response.DEFAULT_ELEMENT_NAME); - response.setID(identifier); - response.setIssueInstant(issueInstant); - response.setStatus(status); - return response; - } - - /** - * Method that generates a SAML Authentication Request basing on the - * provided information. - * - * @param identifier the identifier - * @param version the version - * @param issueInstant the issue instant - * - * @return the authentication request - */ - public static AuthnRequest generateSAMLAuthnRequest(final String identifier, - final SAMLVersion version, final DateTime issueInstant) { - LOG.debug("Generate basic authentication request."); - final AuthnRequest authnRequest = (AuthnRequest) SAMLEngineUtils - .createSamlObject(AuthnRequest.DEFAULT_ELEMENT_NAME); - - authnRequest.setID(identifier); - authnRequest.setVersion(version); - authnRequest.setIssueInstant(issueInstant); - return authnRequest; - } - - /*public static AttributeQuery generateSAMLAttrQueryRequest(final String identifier, - final SAMLVersion version, final DateTime issueInstant) { - LOG.debug("Generate attribute query request."); - final AttributeQuery attrQueryRequest = (AttributeQuery) SAMLEngineUtils - .createSamlObject(AttributeQuery.DEFAULT_ELEMENT_NAME); - - attrQueryRequest.setID(identifier); - attrQueryRequest.setVersion(version); - attrQueryRequest.setIssueInstant(issueInstant); - return attrQueryRequest; - }*/ - - public static CustomAttributeQuery generateSAMLAttrQueryRequest(final String identifier, - final SAMLVersion version, final DateTime issueInstant) { - LOG.debug("Generate attribute query request."); - final CustomAttributeQuery attrQueryRequest = (CustomAttributeQuery) SAMLEngineUtils - .createSamlObject(CustomAttributeQuery.DEFAULT_ELEMENT_NAME); - - attrQueryRequest.setID(identifier); - attrQueryRequest.setVersion(version); - attrQueryRequest.setIssueInstant(issueInstant); - return attrQueryRequest; - } - - public static LogoutRequest generateSAMLLogoutRequest(final String identifier, - final SAMLVersion version, final DateTime issueInstant) { - LOG.debug("Generate logout request."); - final LogoutRequest logoutRequest = (LogoutRequest)SAMLEngineUtils. - createSamlObject(LogoutRequest.DEFAULT_ELEMENT_NAME); - - - logoutRequest.setID(identifier); - logoutRequest.setVersion(version); - logoutRequest.setIssueInstant(issueInstant); - return logoutRequest; - } - - public static LogoutResponse generateSAMLLogoutResponse(final String identifier, - final SAMLVersion version, final DateTime issueInstant, - final Status status, final String inResponseTo) { - LOG.debug("Generate logout response."); - final LogoutResponse logoutResponse = (LogoutResponse)SAMLEngineUtils. - createSamlObject(LogoutResponse.DEFAULT_ELEMENT_NAME); - - logoutResponse.setInResponseTo(inResponseTo); - logoutResponse.setStatus(status); - logoutResponse.setID(identifier); - logoutResponse.setVersion(version); - logoutResponse.setIssueInstant(issueInstant); - return logoutResponse; - } - - /** - * Generate service provider application. - * - * @param spApplication the service provider application - * - * @return the sP application - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static SPApplication generateSPApplication(final String spApplication) - throws STORKSAMLEngineException { - LOG.debug("Generate SPApplication."); - - final SPApplication applicationAttr = (SPApplication) SAMLEngineUtils - .createSamlObject(SPApplication.DEF_ELEMENT_NAME); - applicationAttr.setSPApplication(spApplication); - return applicationAttr; - } - - /** - * Generate service provider country. - * - * @param spCountry the service provider country - * - * @return the service provider country - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static SPCountry generateSPCountry(final String spCountry) - throws STORKSAMLEngineException { - LOG.debug("Generate SPApplication."); - - final SPCountry countryAttribute = (SPCountry) SAMLEngineUtils - .createSamlObject(SPCountry.DEF_ELEMENT_NAME); - countryAttribute.setSPCountry(spCountry); - return countryAttribute; - } - - /** - * Generate service provider institution. - * - * @param spInstitution the service provider institution - * - * @return the service provider institution - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static SPInstitution generateSPInstitution(final String spInstitution) - throws STORKSAMLEngineException { - LOG.debug("Generate SPInstitution."); - - final SPInstitution institutionAttr = (SPInstitution) SAMLEngineUtils - .createSamlObject(SPInstitution.DEF_ELEMENT_NAME); - institutionAttr.setSPInstitution(spInstitution); - return institutionAttr; - } - - /** - * Generate service provider sector. - * - * @param spSector the service provider sector - * - * @return the service provider sector - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static SPSector generateSPSector(final String spSector) - throws STORKSAMLEngineException { - LOG.debug("Generate SPSector."); - - final SPSector sectorAttribute = (SPSector) SAMLEngineUtils - .createSamlObject(SPSector.DEF_ELEMENT_NAME); - sectorAttribute.setSPSector(spSector); - return sectorAttribute; - } - - /** - * Generate status. - * - * @param statusCode the status code - * - * @return the status - */ - public static Status generateStatus(final StatusCode statusCode) { - final Status status = (Status) SAMLEngineUtils - .createSamlObject(Status.DEFAULT_ELEMENT_NAME); - status.setStatusCode(statusCode); - return status; - } - - /** - * Generate status code. - * - * @param value the value - * - * @return the status code - */ - public static StatusCode generateStatusCode(final String value) { - final StatusCode statusCode = (StatusCode) SAMLEngineUtils - .createSamlObject(StatusCode.DEFAULT_ELEMENT_NAME); - statusCode.setValue(value); - return statusCode; - } - - - /** - * Generate status message. - * - * @param message the message - * - * @return the status message - */ - public static StatusMessage generateStatusMessage(final String message) { - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .createSamlObject(StatusMessage.DEFAULT_ELEMENT_NAME); - statusMessage.setMessage(message); - return statusMessage; - } - - /** - * Generate subject. - * - * @return the subject - */ - public static Subject generateSubject() { - return (Subject) SAMLEngineUtils - .createSamlObject(Subject.DEFAULT_ELEMENT_NAME); - } - - /** - * Generate subject confirmation. - * - * @param method the method - * @param data the data - * - * @return the subject confirmation - */ - public static SubjectConfirmation generateSubjectConfirmation( - final String method, final SubjectConfirmationData data) { - final SubjectConfirmation subjectConf = (SubjectConfirmation) Configuration - .getBuilderFactory().getBuilder( - SubjectConfirmation.DEFAULT_ELEMENT_NAME).buildObject( - SubjectConfirmation.DEFAULT_ELEMENT_NAME); - - subjectConf.setMethod(method); - - subjectConf.setSubjectConfirmationData(data); - - return subjectConf; - } - - - /** - * Generate subject confirmation data. - * - * @param notOnOrAfter the not on or after - * @param recipient the recipient - * @param inResponseTo the in response to - * - * @return the subject confirmation data - */ - public static SubjectConfirmationData generateSubjectConfirmationData( - final DateTime notOnOrAfter, final String recipient, - final String inResponseTo) { - final SubjectConfirmationData subjectConfData = (SubjectConfirmationData) SAMLEngineUtils - .createSamlObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME); - subjectConfData.setNotOnOrAfter(notOnOrAfter); - subjectConfData.setRecipient(recipient); - subjectConfData.setInResponseTo(inResponseTo); - return subjectConfData; - } - - - /** - * Generate subject locality. - * - * @param address the address - * - * @return the subject locality - */ - public static SubjectLocality generateSubjectLocality(final String address) { - final SubjectLocality subjectLocality = (SubjectLocality) SAMLEngineUtils - .createSamlObject(SubjectLocality.DEFAULT_ELEMENT_NAME); - subjectLocality.setAddress(address); - return subjectLocality; - } - - - - - /** - * Method that returns the current time. - * - * @return the current time - */ - public static DateTime getCurrentTime() { - return new DateTime(); - } - - - /** - * Instantiates a new SAML engine utilities. - */ - private SAMLEngineUtils() { - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java deleted file mode 100644 index bfec3aa21..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java +++ /dev/null @@ -1,3705 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; - -import javax.xml.namespace.QName; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.OutputKeys; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.apache.commons.lang.StringUtils; -import org.bouncycastle.jce.X509Principal; -import org.joda.time.DateTime; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLVersion; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.common.Extensions; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.AttributeQuery; -import org.opensaml.saml2.core.AttributeStatement; -import org.opensaml.saml2.core.AttributeValue; -import org.opensaml.saml2.core.Audience; -import org.opensaml.saml2.core.AudienceRestriction; -import org.opensaml.saml2.core.AuthnContext; -import org.opensaml.saml2.core.AuthnContextDecl; -import org.opensaml.saml2.core.AuthnRequest; -import org.opensaml.saml2.core.AuthnStatement; -import org.opensaml.saml2.core.Conditions; -import org.opensaml.saml2.core.Issuer; -import org.opensaml.saml2.core.LogoutRequest; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.NameID; -import org.opensaml.saml2.core.OneTimeUse; -import org.opensaml.saml2.core.Response; -import org.opensaml.saml2.core.Status; -import org.opensaml.saml2.core.StatusCode; -import org.opensaml.saml2.core.StatusMessage; -import org.opensaml.saml2.core.Subject; -import org.opensaml.saml2.core.SubjectConfirmation; -import org.opensaml.saml2.core.SubjectConfirmationData; -import org.opensaml.saml2.core.SubjectLocality; -import org.opensaml.saml2.core.impl.SubjectConfirmationBuilder; -import org.opensaml.xml.Namespace; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.schema.XSAny; -import org.opensaml.xml.schema.impl.XSAnyBuilder; -import org.opensaml.xml.schema.impl.XSAnyImpl; -import org.opensaml.xml.schema.impl.XSAnyMarshaller; -import org.opensaml.xml.schema.impl.XSAnyUnmarshaller; -import org.opensaml.xml.schema.impl.XSDateTimeImpl; -import org.opensaml.xml.schema.impl.XSStringImpl; -import org.opensaml.xml.signature.KeyInfo; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; -import org.opensaml.xml.validation.ValidatorSuite; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Document; -import org.xml.sax.SAXException; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.commons.STORKLogoutRequest; -import eu.stork.peps.auth.commons.STORKLogoutResponse; -import eu.stork.peps.auth.engine.core.AuthenticationAttributes; -import eu.stork.peps.auth.engine.core.CitizenCountryCode; -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.CustomRequestAbstractType; -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; -import eu.stork.peps.auth.engine.core.EIDSectorShare; -import eu.stork.peps.auth.engine.core.QAAAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttributes; -import eu.stork.peps.auth.engine.core.SAMLCore; -import eu.stork.peps.auth.engine.core.SPApplication; -import eu.stork.peps.auth.engine.core.SPCountry; -import eu.stork.peps.auth.engine.core.SPID; -import eu.stork.peps.auth.engine.core.SPInformation; -import eu.stork.peps.auth.engine.core.SPInstitution; -import eu.stork.peps.auth.engine.core.SPSector; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; -import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesBuilder; -import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesMarshaller; -import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeBuilder; -import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeMarshaller; -import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareBuilder; -import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareMarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareBuilder; -import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareMarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDSectorShareBuilder; -import eu.stork.peps.auth.engine.core.impl.EIDSectorShareMarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDSectorShareUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.QAAAttributeBuilder; -import eu.stork.peps.auth.engine.core.impl.QAAAttributeMarshaller; -import eu.stork.peps.auth.engine.core.impl.QAAAttributeUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributeBuilder; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributeMarshaller; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributeUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributesBuilder; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributesMarshaller; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributesUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPApplicationBuilder; -import eu.stork.peps.auth.engine.core.impl.SPApplicationMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPApplicationUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPCountryBuilder; -import eu.stork.peps.auth.engine.core.impl.SPCountryMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPCountryUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPIDBuilder; -import eu.stork.peps.auth.engine.core.impl.SPIDMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPIDUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPInformationBuilder; -import eu.stork.peps.auth.engine.core.impl.SPInformationMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPInformationUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPInstitutionBuilder; -import eu.stork.peps.auth.engine.core.impl.SPInstitutionMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPInstitutionUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPSectorBuilder; -import eu.stork.peps.auth.engine.core.impl.SPSectorMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPSectorUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesBuilder; -import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesMarshaller; -import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesUnmarshaller; -import eu.stork.peps.auth.engine.core.validator.CustomAttributeQueryValidator; -import eu.stork.peps.auth.engine.core.validator.ExtensionsSchemaValidator; -import eu.stork.peps.auth.engine.core.validator.QAAAttributeSchemaValidator; -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * Class that wraps the operations over SAML tokens, both generation and - * validation of SAML STORK requests and SAML STORK responses. Complaint with - * "OASIS Secure Assertion Markup Language (SAML) 2.0, May 2005", but taking - * into account STORK specific requirements. - * - * @author fjquevedo - * @author iinigo - */ -public final class STORKSAMLEngine extends SAMLEngine { - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory - .getLogger(STORKSAMLEngine.class.getName()); - - private static final String ATTRIBUTE_EMPTY_LITERAL = "Attribute name is null or empty."; - /** - * Gets the single instance of STORKSAMLEngine. - * - * @param nameInstance the name instance - * - * @return single instance of STORKSAMLEngine - */ - public static synchronized STORKSAMLEngine getInstance( - final String nameInstance) { - STORKSAMLEngine engine = null; - LOG.info("Get instance: " + nameInstance); - try { - engine = new STORKSAMLEngine(nameInstance.trim()); - } catch (Exception e) { - LOG.error("Error get instance: " + nameInstance); - } - return engine; - } - - /** - * Instantiate a new STORKSAML engine. - * - * @param nameInstance the name instance - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private STORKSAMLEngine(final String nameInstance) - throws STORKSAMLEngineException { - // Initialization OpenSAML. - super(nameInstance); - LOG.info("Register STORK objects provider."); - Configuration.registerObjectProvider(QAAAttribute.DEF_ELEMENT_NAME, - new QAAAttributeBuilder(), new QAAAttributeMarshaller(), - new QAAAttributeUnmarshaller()); - - Configuration.registerObjectProvider(EIDSectorShare.DEF_ELEMENT_NAME, - new EIDSectorShareBuilder(), new EIDSectorShareMarshaller(), - new EIDSectorShareUnmarshaller()); - - Configuration.registerObjectProvider( - EIDCrossSectorShare.DEF_ELEMENT_NAME, - new EIDCrossSectorShareBuilder(), - new EIDCrossSectorShareMarshaller(), - new EIDCrossSectorShareUnmarshaller()); - - Configuration.registerObjectProvider( - EIDCrossBorderShare.DEF_ELEMENT_NAME, - new EIDCrossBorderShareBuilder(), - new EIDCrossBorderShareMarshaller(), - new EIDCrossBorderShareUnmarshaller()); - - Configuration.registerObjectProvider(SPSector.DEF_ELEMENT_NAME, - new SPSectorBuilder(), new SPSectorMarshaller(), - new SPSectorUnmarshaller()); - - Configuration.registerObjectProvider(SPInstitution.DEF_ELEMENT_NAME, - new SPInstitutionBuilder(), new SPInstitutionMarshaller(), - new SPInstitutionUnmarshaller()); - - Configuration.registerObjectProvider(SPApplication.DEF_ELEMENT_NAME, - new SPApplicationBuilder(), new SPApplicationMarshaller(), - new SPApplicationUnmarshaller()); - - Configuration.registerObjectProvider(SPCountry.DEF_ELEMENT_NAME, - new SPCountryBuilder(), new SPCountryMarshaller(), - new SPCountryUnmarshaller()); - - Configuration.registerObjectProvider(XSAny.TYPE_NAME, - new XSAnyBuilder(), new XSAnyMarshaller(), - new XSAnyUnmarshaller()); - - Configuration.registerObjectProvider( - RequestedAttribute.DEF_ELEMENT_NAME, - new RequestedAttributeBuilder(), - new RequestedAttributeMarshaller(), - new RequestedAttributeUnmarshaller()); - - Configuration.registerObjectProvider( - RequestedAttributes.DEF_ELEMENT_NAME, - new RequestedAttributesBuilder(), - new RequestedAttributesMarshaller(), - new RequestedAttributesUnmarshaller()); - - Configuration.registerObjectProvider( - AuthenticationAttributes.DEF_ELEMENT_NAME, - new AuthenticationAttributesBuilder(), - new AuthenticationAttributesMarshaller(), - new AuthenticationAttributesUnmarshaller()); - - Configuration.registerObjectProvider( - VIDPAuthenticationAttributes.DEF_ELEMENT_NAME, - new VIDPAuthenticationAttributesBuilder(), - new VIDPAuthenticationAttributesMarshaller(), - new VIDPAuthenticationAttributesUnmarshaller()); - - Configuration.registerObjectProvider( - CitizenCountryCode.DEF_ELEMENT_NAME, - new CitizenCountryCodeBuilder(), - new CitizenCountryCodeMarshaller(), - new CitizenCountryCodeUnmarshaller()); - - Configuration.registerObjectProvider( - SPID.DEF_ELEMENT_NAME, - new SPIDBuilder(), - new SPIDMarshaller(), - new SPIDUnmarshaller()); - - Configuration.registerObjectProvider( - SPInformation.DEF_ELEMENT_NAME, - new SPInformationBuilder(), - new SPInformationMarshaller(), - new SPInformationUnmarshaller()); - - LOG.info("Register STORK object validators."); - final ValidatorSuite validatorSuite = new ValidatorSuite( - QAAAttribute.DEF_LOCAL_NAME); - - validatorSuite.registerValidator(QAAAttribute.DEF_ELEMENT_NAME, - new QAAAttributeSchemaValidator()); - final Extensions extensions = SAMLEngineUtils.generateExtension(); - validatorSuite.registerValidator(extensions.getElementQName(), - new ExtensionsSchemaValidator()); - - Configuration.registerValidatorSuite( - "stork:QualityAuthenticationAssuranceLevel", validatorSuite); - - } - - /** - * Generate authentication response base. - * - * @param status the status - * @param assertConsumerURL the assert consumer URL. - * @param inResponseTo the in response to - * - * @return the response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private Response genAuthnRespBase(final Status status, - final String assertConsumerURL, final String inResponseTo) - throws STORKSAMLEngineException { - LOG.debug("Generate Authentication Response base."); - final Response response = SAMLEngineUtils.generateResponse( - SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), - SAMLEngineUtils.getCurrentTime(), status); - - // Set name Spaces - this.setNameSpaces(response); - - // Mandatory STORK - LOG.debug("Generate Issuer"); - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - issuer.setValue(super.getSamlCoreProperties().getResponder()); - - // Format Entity Optional STORK - issuer.setFormat(super.getSamlCoreProperties().getFormatEntity()); - - response.setIssuer(issuer); - - // destination Mandatory Stork - response.setDestination(assertConsumerURL.trim()); - - // inResponseTo Mandatory Stork - response.setInResponseTo(inResponseTo.trim()); - - // Optional STORK - response.setConsent(super.getSamlCoreProperties() - .getConsentAuthnResponse()); - - return response; - } - - /** - * Generate attribute query response base. - * - * @param status the status - * @param destinationURL the assert consumer URL. - * @param inResponseTo the in response to - * - * @return the response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private Response genAttrQueryRespBase(final Status status, - final String destinationURL, final String inResponseTo) - throws STORKSAMLEngineException { - LOG.debug("Generate Attribute query Response base."); - final Response response = SAMLEngineUtils.generateResponse( - SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), - SAMLEngineUtils.getCurrentTime(), status); - - // Set name Spaces - this.setNameSpaces(response); - - // Mandatory STORK - LOG.debug("Generate Issuer"); - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - issuer.setValue(super.getSamlCoreProperties().getResponder()); - - // Format Entity Optional STORK - issuer.setFormat(super.getSamlCoreProperties().getFormatEntity()); - - response.setIssuer(issuer); - - // destination Mandatory Stork - response.setDestination(destinationURL.trim()); - - // inResponseTo Mandatory Stork - response.setInResponseTo(inResponseTo.trim()); - - // Optional STORK - response.setConsent(super.getSamlCoreProperties() - .getConsentAuthnResponse()); - - return response; - } - - /** - * Generate assertion. - * - * @param ipAddress the IP address. - * @param assertConsumerURL the assert consumer URL. - * @param inResponseTo the in response to - * @param issuer the issuer - * @param notOnOrAfter the not on or after - * - * @return the assertion - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private Assertion generateAssertion(final String ipAddress, - final String assertConsumerURL, final String inResponseTo, - final String issuer, final DateTime notOnOrAfter) - throws STORKSAMLEngineException { - LOG.info("Generate Assertion."); - - // Mandatory STORK - LOG.debug("Generate Issuer to Assertion"); - final Issuer issuerAssertion = SAMLEngineUtils.generateIssuer(); - issuerAssertion.setValue(super.getSamlCoreProperties().getResponder()); - - // Format Entity Optional STORK - issuerAssertion.setFormat(super.getSamlCoreProperties() - .getFormatEntity()); - - final Assertion assertion = SAMLEngineUtils.generateAssertion( - SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), - SAMLEngineUtils.getCurrentTime(), issuerAssertion); - - final Subject subject = SAMLEngineUtils.generateSubject(); - - // Mandatory STORK verified - // String format = NameID.UNSPECIFIED - // specification: 'SAML:2.0' exist - // opensaml: "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" - // opensaml "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" - final String format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"; - - final String nameQualifier = ""; - - LOG.debug("Generate NameID"); - final NameID nameId = SAMLEngineUtils.generateNameID(super - .getSamlCoreProperties().getResponder(), format, nameQualifier); - nameId.setValue(format); - subject.setNameID(nameId); - - // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer. - // Optional in other case. - LOG.debug("Generate SubjectConfirmationData."); - final SubjectConfirmationData dataBearer = SAMLEngineUtils - .generateSubjectConfirmationData(SAMLEngineUtils - .getCurrentTime(), assertConsumerURL, inResponseTo); - - // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer. - // Optional in other case. - LOG.debug("Generate SubjectConfirmation"); - final SubjectConfirmation subjectConf = SAMLEngineUtils - .generateSubjectConfirmation(SubjectConfirmation.METHOD_BEARER, - dataBearer); - - final ArrayList<SubjectConfirmation> listSubjectConf = new ArrayList<SubjectConfirmation>(); - listSubjectConf.add(subjectConf); - - for (final Iterator<SubjectConfirmation> iter = listSubjectConf - .iterator(); iter.hasNext();) { - final SubjectConfirmation element = iter.next(); - - if (SubjectConfirmation.METHOD_BEARER.equals(element.getMethod())) { - // ipAddress Mandatory if method is Bearer. - - if (StringUtils.isBlank(ipAddress)) { - throw new STORKSAMLEngineException( - "ipAddress is null or empty"); - } - element.getSubjectConfirmationData().setAddress( - ipAddress.trim()); - } - - element.getSubjectConfirmationData() - .setRecipient(assertConsumerURL); - element.getSubjectConfirmationData().setNotOnOrAfter(notOnOrAfter); - } - - // The SAML 2.0 specification allows multiple SubjectConfirmations - subject.getSubjectConfirmations().addAll(listSubjectConf); - - // Mandatory Stork - assertion.setSubject(subject); - - // Conditions that MUST be evaluated when assessing the validity of - // and/or when using the assertion. - final Conditions conditions = this.generateConditions(SAMLEngineUtils - .getCurrentTime(), notOnOrAfter, issuer); - - assertion.setConditions(conditions); - - LOG.debug("Generate stork Authentication Statement."); - final AuthnStatement storkAuthnStat = this - .generateStorkAuthStatement(ipAddress); - assertion.getAuthnStatements().add(storkAuthnStat); - - return assertion; - } - - private String getAttributeName(final PersonalAttribute attribute) throws STORKSAMLEngineException { - if (StringUtils.isBlank(attribute.getName())) { - LOG.error(ATTRIBUTE_EMPTY_LITERAL); - throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); - } - - final String attributeName = super.getSamlCoreProperties() - .getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.error("Attribute name: {} it is not known.", attribute - .getName()); - throw new STORKSAMLEngineException("Attribute name: " - + attribute.getName() + " it is not known."); - } - return attributeName; - } - /** - * Generate attribute statement. - * - * @param personalAttrList the personal attribute list - * @param isHashing the is hashing - * - * @return the attribute statement - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - * @throws IOException - */ - private AttributeStatement generateAttributeStatement( - final IPersonalAttributeList personalAttrList, - final boolean isHashing) throws STORKSAMLEngineException { - LOG.debug("Generate attribute statement"); - - final AttributeStatement attrStatement = (AttributeStatement) SAMLEngineUtils - .createSamlObject(AttributeStatement.DEFAULT_ELEMENT_NAME); - - for (PersonalAttribute attribute : personalAttrList) { - - String attributeName = getAttributeName(attribute); - - // Verification that only one value it's permitted, simple or - // complex, not both. - - final boolean simpleNull = (attribute.getValue() == null); - final boolean simpleEmpty = (simpleNull || (!simpleNull && attribute - .getValue().isEmpty())); - - final boolean complexNull = (attribute.getComplexValue() == null); - final boolean complexEmpty = (complexNull || (!complexNull && attribute - .getComplexValue().isEmpty())); - - if ((!simpleEmpty && !complexEmpty)) { - throw new STORKSAMLEngineException( - "Attribute name: " - + attribute.getName() - + " must be contain one value, simple or complex value."); - } else { - - if (!simpleEmpty) { - attrStatement.getAttributes().add( - this.generateAttrSimple(attributeName, attribute - .getStatus(), attribute.getValue(), - isHashing)); - } else if (!complexEmpty) { - attrStatement.getAttributes().add( - SAMLEngineUtils.generateAttrComplex(attributeName, - attribute.getStatus(), attribute - .getComplexValue(), isHashing)); - } else if (!simpleNull) { - attrStatement.getAttributes().add( - this.generateAttrSimple(attributeName, attribute - .getStatus(), new ArrayList<String>(), - isHashing)); - } else { - // Add attribute complex. - attrStatement.getAttributes().add( - SAMLEngineUtils.generateAttrComplex(attributeName, - attribute.getStatus(), - new HashMap<String, String>(), isHashing)); - } - } - } - return attrStatement; - } - private XSAny createAttributeValueForSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException { - DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); - domFactory.setNamespaceAware(true); - Document document = null; - DocumentBuilder builder; - - // Parse the signedDoc value into an XML DOM Document - try { - builder = domFactory.newDocumentBuilder(); - InputStream is; - is = new ByteArrayInputStream(value.trim().getBytes("UTF-8")); - document = builder.parse(is); - is.close(); - } catch (SAXException e1) { - LOG.error("SAX Error while parsing signModule attribute", e1); - throw new STORKSAMLEngineRuntimeException(e1); - } catch (ParserConfigurationException e2) { - LOG.error("Parser Configuration Error while parsing signModule attribute", e2); - throw new STORKSAMLEngineRuntimeException(e2); - } catch (UnsupportedEncodingException e3) { - LOG.error("Unsupported encoding Error while parsing signModule attribute", e3); - throw new STORKSAMLEngineRuntimeException(e3); - } catch (IOException e4) { - LOG.error("IO Error while parsing signModule attribute", e4); - throw new STORKSAMLEngineRuntimeException(e4); - } - - // Create the attribute statement - final XSAny xmlValue = (XSAny) SAMLEngineUtils - .createSamlObject( - AttributeValue.DEFAULT_ELEMENT_NAME, - XSAny.TYPE_NAME); - - //Set the signedDoc XML content to this element - xmlValue.setDOM(document.getDocumentElement()); - - // Create the attribute statement - final XSAny attrValue = (XSAny) SAMLEngineUtils - .createSamlObject( - AttributeValue.DEFAULT_ELEMENT_NAME, - XSAny.TYPE_NAME); - - //Add previous signedDocXML to the AttributeValue Element - - // if it's necessary encode the information. - if (!isHashing) { - attrValue.getUnknownXMLObjects().add(xmlValue); - } - return attrValue; - } - - private XSAny createAttributeValueForNonSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException { - // Create the attribute statement - final XSAny attrValue = (XSAny) SAMLEngineUtils - .createSamlObject( - AttributeValue.DEFAULT_ELEMENT_NAME, - XSAny.TYPE_NAME); - // if it's necessary encode the information. - if (isHashing) { - attrValue.setTextContent(SAMLEngineUtils.encode(value, SAMLEngineUtils.SHA_512)); - } else { - attrValue.setTextContent(value); - } - return attrValue; - } - - /** - * Generate attribute from a list of values. - * - * @param name the name of the attribute. - * @param values the value of the attribute. - * @param isHashing the is hashing with "SHA-512" algorithm. - * @param status the status of the parameter: "Available", "NotAvailable" or - * "Withheld". - * - * @return the attribute - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private Attribute generateAttrSimple(final String name, - final String status, final List<String> values, - final boolean isHashing) throws STORKSAMLEngineException { - LOG.debug("Generate attribute simple: " + name); - final Attribute attribute = (Attribute) SAMLEngineUtils - .createSamlObject(Attribute.DEFAULT_ELEMENT_NAME); - - attribute.setName(name); - attribute.setNameFormat(Attribute.URI_REFERENCE); - - attribute.getUnknownAttributes().put( - new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", - SAMLCore.STORK10_PREFIX.getValue()), status); - - if (values != null) { - LOG.debug("Add attribute values."); - for (int i = 0; i < values.size(); i++) { - final String value = values.get(i); - if (StringUtils.isNotBlank(value)) { - XSAny attrValue = null; - if (!name.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - // Create the attribute statement - attrValue = createAttributeValueForNonSignedDoc(value, isHashing); - - } else { - attrValue = createAttributeValueForSignedDoc(value, isHashing); - attribute.getAttributeValues().add(attrValue); - } - attribute.getAttributeValues().add(attrValue); - } - } - } - return attribute; - } - - /** - * Generate conditions that MUST be evaluated when assessing the validity of - * and/or when using the assertion. - * - * @param notBefore the not before - * @param notOnOrAfter the not on or after - * @param audienceURI the audience URI. - * - * @return the conditions - */ - private Conditions generateConditions(final DateTime notBefore, - final DateTime notOnOrAfter, final String audienceURI) { - LOG.debug("Generate conditions."); - final Conditions conditions = (Conditions) SAMLEngineUtils - .createSamlObject(Conditions.DEFAULT_ELEMENT_NAME); - conditions.setNotBefore(notBefore); - conditions.setNotOnOrAfter(notOnOrAfter); - - final AudienceRestriction restrictions = (AudienceRestriction) SAMLEngineUtils - .createSamlObject(AudienceRestriction.DEFAULT_ELEMENT_NAME); - - final Audience audience = (Audience) SAMLEngineUtils - .createSamlObject(Audience.DEFAULT_ELEMENT_NAME); - audience.setAudienceURI(audienceURI); - - restrictions.getAudiences().add(audience); - conditions.getAudienceRestrictions().add(restrictions); - - if (super.getSamlCoreProperties().isOneTimeUse()) { - final OneTimeUse oneTimeUse = (OneTimeUse) SAMLEngineUtils - .createSamlObject(OneTimeUse.DEFAULT_ELEMENT_NAME); - conditions.getConditions().add(oneTimeUse); - } - return conditions; - } - - /** - * Generate personal attribute list. - * - * @param assertion the assertion - * - * @return the personal attribute list - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private IPersonalAttributeList generatePersonalAttributeList( - final Assertion assertion) throws STORKSAMLEngineException { - LOG.debug("Generate personal attribute list from XMLObject."); - final List<XMLObject> listExtensions = assertion.getOrderedChildren(); - - boolean find = false; - AttributeStatement requestedAttr = null; - - // Search the attribute statement. - for (int i = 0; i < listExtensions.size() && !find; i++) { - final XMLObject xml = listExtensions.get(i); - if (xml instanceof AttributeStatement) { - requestedAttr = (AttributeStatement) xml; - find = true; - } - } - - if (!find) { - LOG.error("Error: AttributeStatement it's not present."); - throw new STORKSAMLEngineException( - "AttributeStatement it's not present."); - } - - final List<Attribute> reqAttrs = requestedAttr.getAttributes(); - - final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); - String attributeName; - - // Process the attributes. - for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { - final Attribute attribute = reqAttrs.get(nextAttribute); - - final PersonalAttribute personalAttribute = new PersonalAttribute(); - - attributeName = attribute.getName(); - personalAttribute.setName(attributeName.substring(attributeName - .lastIndexOf('/') + 1)); - - personalAttribute.setStatus(attribute.getUnknownAttributes().get( - new QName(SAMLCore.STORK10_NS.getValue(), - "AttributeStatus", SAMLCore.STORK10_PREFIX - .getValue()))); - - final ArrayList<String> simpleValues = new ArrayList<String>(); - final HashMap<String, String> multiValues = new HashMap<String, String>(); - - final List<XMLObject> values = attribute.getOrderedChildren(); - - - // Process the values. - for (int nextValue = 0; nextValue < values.size(); nextValue++) { - - final XMLObject xmlObject = values.get(nextValue); - - if (xmlObject instanceof XSStringImpl) { - - simpleValues.add(((XSStringImpl) xmlObject).getValue()); - - } else if (xmlObject instanceof XSAnyImpl) { - - if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - - final XSAnyImpl xmlString = (XSAnyImpl) values - .get(nextValue); - - TransformerFactory transFactory = TransformerFactory - .newInstance(); - Transformer transformer = null; - try { - transformer = transFactory.newTransformer(); - transformer.setOutputProperty( - OutputKeys.OMIT_XML_DECLARATION, "yes"); - } catch (TransformerConfigurationException e) { - LOG.error("Error transformer configuration exception", e); - } - StringWriter buffer = new StringWriter(); - try { - if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ - transformer.transform(new DOMSource(xmlString - .getUnknownXMLObjects().get(0).getDOM()), - new StreamResult(buffer)); - } - } catch (TransformerException e) { - LOG.error("Error transformer exception", e); - } - String str = buffer.toString(); - - simpleValues.add(str); - - } else if (isComplex(xmlObject)) - { - LOG.info(attributeName + " found"); - // Process complex value. - final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; - - for (int nextComplexValue = 0; nextComplexValue < complexValue - .getUnknownXMLObjects().size(); nextComplexValue++) { - - final XSAnyImpl simple = (XSAnyImpl) complexValue - .getUnknownXMLObjects().get( - nextComplexValue); - - multiValues.put(simple.getElementQName() - .getLocalPart(), simple.getTextContent()); - } - - } - else { - // Process simple value. - simpleValues.add(((XSAnyImpl) xmlObject) - .getTextContent()); - } - - } else { - LOG.error("Error: attribute value it's unknown."); - throw new STORKSAMLEngineException( - "Attribute value it's unknown."); - } - } - - personalAttribute.setValue(simpleValues); - personalAttribute.setComplexValue(multiValues); - personalAttrList.add(personalAttribute); - } - - return personalAttrList; - } - - /** - * Generate stork authentication request. - * - * @param request the request that contain all parameters for generate an - * authentication request. - * - * @return the STORK authentication request that has been processed. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAuthnRequest generateSTORKAuthnRequest( - final STORKAuthnRequest request) throws STORKSAMLEngineException { - LOG.info("Generate SAMLAuthnRequest."); - - // Validate Parameters mandatories - validateParamAuthnReq(request); - - final AuthnRequest authnRequestAux = SAMLEngineUtils - .generateSAMLAuthnRequest(SAMLEngineUtils.generateNCName(), - SAMLVersion.VERSION_20, SAMLEngineUtils - .getCurrentTime()); - - // Set name spaces. - setNameSpaces(authnRequestAux); - - // Add parameter Mandatory STORK - authnRequestAux.setForceAuthn(Boolean.TRUE); - - // Add parameter Mandatory STORK - authnRequestAux.setIsPassive(Boolean.FALSE); - - authnRequestAux.setAssertionConsumerServiceURL(request - .getAssertionConsumerServiceURL()); - - authnRequestAux.setProviderName(request.getProviderName()); - - // Add protocol binding - authnRequestAux.setProtocolBinding(super.getSamlCoreProperties() - .getProtocolBinding()); - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(request.getDestination())) { - authnRequestAux.setDestination(request.getDestination()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - authnRequestAux.setConsent(super.getSamlCoreProperties() - .getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - if(request.getIssuer()!=null){ - issuer.setValue(request.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties() - .getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - authnRequestAux.setIssuer(issuer); - - // Generate stork extensions. - final Extensions storkExtensions = this - .generateSTORKExtensions(request); - // add the extensions to the SAMLAuthnRequest - authnRequestAux.setExtensions(storkExtensions); - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKAuthnRequest authRequest = processExtensions(authnRequestAux - .getExtensions()); - - try { - authRequest.setTokenSaml(super.signAndMarshall(authnRequestAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - authRequest.setSamlId(authnRequestAux.getID()); - authRequest.setDestination(authnRequestAux.getDestination()); - authRequest.setAssertionConsumerServiceURL(authnRequestAux - .getAssertionConsumerServiceURL()); - - authRequest.setProviderName(authnRequestAux.getProviderName()); - authRequest.setIssuer(authnRequestAux.getIssuer().getValue()); - - return authRequest; - } - - /** - * Generate stork authentication response. - * - * @param request the request - * @param responseAuthReq the response authentication request - * @param ipAddress the IP address - * @param isHashing the is hashing - * - * @return the sTORK authentication response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAuthnResponse generateSTORKAuthnResponse( - final STORKAuthnRequest request, - final STORKAuthnResponse responseAuthReq, final String ipAddress, - final boolean isHashing) throws STORKSAMLEngineException { - LOG.info("generateSTORKAuthnResponse"); - - // Validate parameters - validateParamResponse(request, responseAuthReq); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils - .generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - LOG.debug("Generate Response"); - - // RESPONSE - final Response response = genAuthnRespBase(status, request - .getAssertionConsumerServiceURL(), request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() - .getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, request - .getAssertionConsumerServiceURL(), request.getSamlId(), request - .getIssuer(), notOnOrAfter); - - final AttributeStatement attrStatement = this - .generateAttributeStatement(responseAuthReq - .getPersonalAttributeList(), isHashing); - - assertion.getAttributeStatements().add(attrStatement); - - // Add assertions - response.getAssertions().add(assertion); - - final STORKAuthnResponse authresponse = new STORKAuthnResponse(); - - try { - authresponse.setTokenSaml(super.signAndMarshall(response)); - authresponse.setSamlId(response.getID()); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - return authresponse; - } - - /** - * Generate stork authentication response. - * - * @param request the request - * @param responseAuthReq the response authentication request - * @param ipAddress the IP address - * @param isHashing the is hashing - * - * @return the sTORK authentication response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAuthnResponse generateSTORKAuthnResponseAfterQuery( - final STORKAuthnRequest request, - final STORKAuthnResponse responseAuthReq, final String ipAddress, - final boolean isHashing, List<STORKAttrQueryResponse> res) throws STORKSAMLEngineException { - LOG.info("generateSTORKAuthnResponse"); - - // Validate parameters - validateParamResponse(request, responseAuthReq); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils - .generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - LOG.debug("Generate Response"); - - // RESPONSE - final Response response = genAuthnRespBase(status, request - .getAssertionConsumerServiceURL(), request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() - .getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, request - .getAssertionConsumerServiceURL(), request.getSamlId(), request - .getIssuer(), notOnOrAfter); - - final AttributeStatement attrStatement = this - .generateAttributeStatement(responseAuthReq - .getPersonalAttributeList(), isHashing); - - assertion.getAttributeStatements().add(attrStatement); - - // Add assertions - response.getAssertions().add(assertion); - // Check for response queries - if (res != null && res.size() > 0) - { - //Iterate through them - for (int i = 0; i < res.size(); i++) - { - //If response contains multiple assertions iterate through them as well - if (res.get(i).getAssertions().size() > 1) - { - for (int j = 0; j < res.get(i).getAssertions().size(); j++) - { - Assertion tempAssertion = res.get(i).getAssertions().get(j); - tempAssertion.setParent(response); - response.getAssertions().add(tempAssertion); - } - } else { - Assertion tempAssertion = res.get(i).getAssertion(); - tempAssertion.setParent(response); - response.getAssertions().add(tempAssertion); - } - } - } - - final STORKAuthnResponse authresponse = new STORKAuthnResponse(); - - try { - authresponse.setTokenSaml(super.signAndMarshall(response)); - authresponse.setSamlId(response.getID()); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - return authresponse; - } - - /** - * Generate stork authentication response fail. - * - * @param request the request - * @param response the response - * @param ipAddress the IP address - * @param isHashing the is hashing - * - * @return the sTORK authentication response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAuthnResponse generateSTORKAuthnResponseFail( - final STORKAuthnRequest request, final STORKAuthnResponse response, - final String ipAddress, final boolean isHashing) - throws STORKSAMLEngineException { - LOG.info("generateSTORKAuthnResponseFail"); - - validateParamResponseFail(request, response); - - // Mandatory - final StatusCode statusCode = SAMLEngineUtils - .generateStatusCode(response.getStatusCode()); - - // Mandatory SAML - LOG.debug("Generate StatusCode."); - // Subordinate code it's optional in case not covered into next codes: - // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed - // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue - // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy - // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied - // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported - - if (StringUtils.isNotBlank(response.getSubStatusCode())) { - final StatusCode newStatusCode = SAMLEngineUtils - .generateStatusCode(response.getSubStatusCode()); - statusCode.setStatusCode(newStatusCode); - } - - LOG.debug("Generate Status."); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - if (StringUtils.isNotBlank(response.getMessage())) { - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .generateStatusMessage(response.getMessage()); - - status.setStatusMessage(statusMessage); - } - - LOG.debug("Generate Response."); - // RESPONSE - final Response responseFail = genAuthnRespBase(status, request - .getAssertionConsumerServiceURL(), request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() - .getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, request - .getAssertionConsumerServiceURL(), request.getSamlId(), request - .getIssuer(), notOnOrAfter); - - responseFail.getAssertions().add(assertion); - - LOG.debug("Sign and Marshall ResponseFail."); - - final STORKAuthnResponse storkResponse = new STORKAuthnResponse(); - - try { - storkResponse.setTokenSaml(super.signAndMarshall(responseFail)); - storkResponse.setSamlId(responseFail.getID()); - } catch (SAMLEngineException e) { - LOG.error("SAMLEngineException.", e); - throw new STORKSAMLEngineException(e); - } - return storkResponse; - } - - /** - * Generate stork attribute query request. - * - * @param request the request that contain all parameters for generate an - * attribute query request. - * - * @return the STORK attribute query request that has been processed. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAttrQueryRequest generateSTORKAttrQueryRequest( - final STORKAttrQueryRequest request) throws STORKSAMLEngineException { - LOG.info("Generate STORKAttrQueryRequest."); - - // Validate Parameters mandatories - validateParamAttrQueryReq(request); - - //final AttributeQuery attrQueryRequestAux = SAMLEngineUtils - final CustomAttributeQuery attrQueryRequestAux = SAMLEngineUtils - .generateSAMLAttrQueryRequest(SAMLEngineUtils.generateNCName(), - SAMLVersion.VERSION_20, SAMLEngineUtils - .getCurrentTime()); - - // Set name spaces. - setNameSpaces(attrQueryRequestAux); - - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(request.getDestination())) { - attrQueryRequestAux.setDestination(request.getDestination()); - } - - // Add parameter optional STORK - // Consumer URL is needed if using HTTP-Post - if (StringUtils.isNotBlank(request.getAssertionConsumerServiceURL())) { - attrQueryRequestAux.setAssertionConsumerServiceURL(request.getAssertionConsumerServiceURL()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - attrQueryRequestAux.setConsent(super.getSamlCoreProperties() - .getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - //Set the subject - needed for attribute query validation - Subject subject = SAMLEngineUtils.generateSubject(); - SubjectConfirmationBuilder builder = new SubjectConfirmationBuilder(); - SubjectConfirmation subjectConfirmation = builder.buildObject(); - subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer"); - subject.getSubjectConfirmations().add(subjectConfirmation); - attrQueryRequestAux.setSubject(subject); - - if(request.getIssuer()!=null){ - issuer.setValue(request.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties() - .getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - attrQueryRequestAux.setIssuer(issuer); - - // Generate stork extensions. - final Extensions storkExtensions = this - .generateSTORKAttrExtensions(request); - // add the extensions to the SAMLAuthnRequest - attrQueryRequestAux.setExtensions(storkExtensions); - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKAttrQueryRequest attrQueryRequest = processAttrExtensions(attrQueryRequestAux - .getExtensions()); - - try { - attrQueryRequest.setTokenSaml(super.signAndMarshall(attrQueryRequestAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - attrQueryRequest.setSamlId(attrQueryRequestAux.getID()); - attrQueryRequest.setDestination(attrQueryRequestAux.getDestination()); - attrQueryRequest.setAssertionConsumerServiceURL(attrQueryRequestAux.getAssertionConsumerServiceURL()); - attrQueryRequest.setIssuer(attrQueryRequestAux.getIssuer().getValue()); - - return attrQueryRequest; - } - - /** - * Generate stork attribute query response. - * - * @param request the request - * @param responseAttrQueryRes the response authentication request - * @param ipAddress the IP address - * @param isHashing the hashing of values - * - * @return the sTORK authentication response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAttrQueryResponse generateSTORKAttrQueryResponse( - final STORKAttrQueryRequest request, - final STORKAttrQueryResponse responseAttrQueryRes, final String ipAddress, - final String destinationUrl, final boolean isHashing) throws STORKSAMLEngineException { - LOG.info("generateSTORKAttrQueryResponse"); - - // Validate parameters - validateParamAttrQueryResponse(request, responseAttrQueryRes); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils - .generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - LOG.debug("Generate Response"); - - // RESPONSE - final Response response = genAuthnRespBase(status, destinationUrl, - request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() - .getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, "" - ,request.getSamlId(), request.getIssuer(), notOnOrAfter); - - final AttributeStatement attrStatement = this - .generateAttributeStatement(responseAttrQueryRes - .getPersonalAttributeList(), isHashing); - - assertion.getAttributeStatements().add(attrStatement); - - // Add assertions - response.getAssertions().add(assertion); - - final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); - - try { - attrQueryResponse.setTokenSaml(super.signAndMarshall(response)); - attrQueryResponse.setSamlId(response.getID()); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - return attrQueryResponse; - } - - /** - * Generate stork attribute query response from multiple assertions - * - * @param request the request - * @param responseAttrQueryRes the response to the query request - * @param responses the responses to include in the response (aggregation) - * @param ipAddress the IP address - * @param isHashing the hashing of values - * - * @return the sTORK attribute query response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAttrQueryResponse generateSTORKAttrQueryResponseWithAssertions( - final STORKAttrQueryRequest request, final STORKAttrQueryResponse responseAttrQueryRes, - final List<STORKAttrQueryResponse> responses, final String ipAddress, - final String destinationUrl, final boolean isHashing) throws STORKSAMLEngineException { - LOG.info("generateSTORKAttrQueryResponse"); - - // Validate parameters - validateParamAttrQueryResponse(request, responseAttrQueryRes); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils - .generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - LOG.debug("Generate Response"); - - // RESPONSE - final Response response = genAuthnRespBase(status, destinationUrl, - request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() - .getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, "" - ,request.getSamlId(), request.getIssuer(), notOnOrAfter); - - final AttributeStatement attrStatement = this - .generateAttributeStatement(responseAttrQueryRes - .getPersonalAttributeList(), isHashing); - - assertion.getAttributeStatements().add(attrStatement); - - // Add the assertions from the former Query responses - response.getAssertions().add(assertion); - if (responses != null && responses.size() > 0) - { - for (int i = 0; i < responses.size(); i++) - { - Assertion tempAssertion = responses.get(i).getAssertion(); - tempAssertion.setParent(response); - response.getAssertions().add(tempAssertion); - } - } - - final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); - - try { - attrQueryResponse.setTokenSaml(super.signAndMarshall(response)); - attrQueryResponse.setSamlId(response.getID()); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - return attrQueryResponse; - } - - /** - * Generate stork attribute query response fail. - * - * @param request the request - * @param response the response - * @param ipAddress the IP address - * @param isHashing the is hashing - * - * @return the STORK attribute query response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAttrQueryResponse generateSTORKAttrQueryResponseFail( - final STORKAttrQueryRequest request, final STORKAttrQueryResponse response, - final String ipAddress, final String destinationUrl, final boolean isHashing) - throws STORKSAMLEngineException { - LOG.info("generateSTORKAttrQueryResponseFail"); - - validateParamAttrQueryResponseFail(request, response); - - // Mandatory - final StatusCode statusCode = SAMLEngineUtils - .generateStatusCode(response.getStatusCode()); - - // Mandatory SAML - LOG.debug("Generate StatusCode."); - // Subordinate code it's optional in case not covered into next codes: - // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed - // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue - // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy - // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied - // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported - - if (StringUtils.isNotBlank(response.getSubStatusCode())) { - final StatusCode newStatusCode = SAMLEngineUtils - .generateStatusCode(response.getSubStatusCode()); - statusCode.setStatusCode(newStatusCode); - } - - LOG.debug("Generate Status."); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - if (StringUtils.isNotBlank(response.getMessage())) { - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .generateStatusMessage(response.getMessage()); - - status.setStatusMessage(statusMessage); - } - - LOG.debug("Generate Response."); - // RESPONSE - final Response responseFail = genAuthnRespBase(status, destinationUrl, - request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() - .getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, "", - request.getSamlId(), request - .getIssuer(), notOnOrAfter); - - responseFail.getAssertions().add(assertion); - - LOG.debug("Sign and Marshall ResponseFail."); - - final STORKAttrQueryResponse storkResponse = new STORKAttrQueryResponse(); - - try { - storkResponse.setTokenSaml(super.signAndMarshall(responseFail)); - storkResponse.setSamlId(responseFail.getID()); - } catch (SAMLEngineException e) { - LOG.error("SAMLEngineException.", e); - throw new STORKSAMLEngineException(e); - } - return storkResponse; - } - - /** - * Generate stork logout request. - * - * @param request the request that contain all parameters for generate an - * logout request. - * - * @return the STORK logout request that has been processed. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKLogoutRequest generateSTORKLogoutRequest( - final STORKLogoutRequest request) throws STORKSAMLEngineException { - LOG.info("Generate STORKLogoutRequest."); - - // Validate Parameters mandatories - validateParamLogoutReq(request); - - final LogoutRequest logoutRequestAux = SAMLEngineUtils - .generateSAMLLogoutRequest(SAMLEngineUtils.generateNCName(), - SAMLVersion.VERSION_20, SAMLEngineUtils - .getCurrentTime()); - - // Set name spaces. - setNameSpaces(logoutRequestAux); - - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(request.getDestination())) { - logoutRequestAux.setDestination(request.getDestination()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - logoutRequestAux.setConsent(super.getSamlCoreProperties() - .getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - - if(request.getIssuer()!=null){ - issuer.setValue(request.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties() - .getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - logoutRequestAux.setIssuer(issuer); - - // Set the name ID - final NameID newNameID = SAMLEngineUtils.generateNameID(); - newNameID.setValue(request.getSpProvidedId()); - logoutRequestAux.setNameID(newNameID); - - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKLogoutRequest logoutRequest = new STORKLogoutRequest(); - - try { - logoutRequest.setTokenSaml(super.signAndMarshall(logoutRequestAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - logoutRequest.setSamlId(logoutRequestAux.getID()); - logoutRequest.setDestination(logoutRequestAux.getDestination()); - logoutRequest.setIssuer(logoutRequestAux.getIssuer().getValue()); - logoutRequest.setSpProvidedId(logoutRequestAux.getNameID().getValue()); - - return logoutRequest; - } - - - /** - * Generate stork logout response. - * @param request the request thats being responded to - * @param response the tesponse that contain all parameters for generate an - * logout request. - * - * @return the STORK logout response that has been processed. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKLogoutResponse generateSTORKLogoutResponse( - final STORKLogoutRequest request, - final STORKLogoutResponse response) throws STORKSAMLEngineException { - LOG.info("Generate STORKLogoutResponse."); - - // Validate Parameters mandatories - validateParamLogoutRes(request, response); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils - .generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - final LogoutResponse logoutResponseAux= SAMLEngineUtils - .generateSAMLLogoutResponse(SAMLEngineUtils.generateNCName(), - SAMLVersion.VERSION_20, SAMLEngineUtils - .getCurrentTime(), status, request.getSamlId()); - - // Set name spaces. - setNameSpaces(logoutResponseAux); - - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(response.getDestination())) { - logoutResponseAux.setDestination(response.getDestination()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - logoutResponseAux.setConsent(super.getSamlCoreProperties() - .getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - - if(response.getIssuer()!=null){ - issuer.setValue(response.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties() - .getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - logoutResponseAux.setIssuer(issuer); - - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKLogoutResponse logoutResponse = new STORKLogoutResponse(); - - try { - logoutResponse.setTokenSaml(super.signAndMarshall(logoutResponseAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - logoutResponse.setSamlId(logoutResponseAux.getID()); - logoutResponse.setDestination(logoutResponseAux.getDestination()); - logoutResponse.setIssuer(logoutResponseAux.getIssuer().getValue()); - logoutResponse.setStatusCode(logoutResponseAux.getStatus().getStatusCode().toString()); - logoutResponse.setStatusMessage(logoutResponseAux.getStatus().getStatusMessage().toString()); - - return logoutResponse; - } - - /** - * Generate failed stork logout response. - * - * @param response the response that contain all parameters for generate an - * logout request. - * - * @return the STORK logout response that has been processed. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKLogoutResponse generateSTORKLogoutResponseFail( - final STORKLogoutRequest request, - final STORKLogoutResponse response ) throws STORKSAMLEngineException { - LOG.info("Generate STORKLogoutResponse."); - - // Validate Parameters mandatories - validateParamLogoutResFail(request, response); - - // Mandatory - final StatusCode statusCode = SAMLEngineUtils - .generateStatusCode(response.getStatusCode()); - - // Mandatory SAML - LOG.debug("Generate StatusCode."); - // Subordinate code it's optional in case not covered into next codes: - // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed - // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue - // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy - // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied - // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported - - if (StringUtils.isNotBlank(response.getSubStatusCode())) { - final StatusCode newStatusCode = SAMLEngineUtils - .generateStatusCode(response.getSubStatusCode()); - statusCode.setStatusCode(newStatusCode); - } - - LOG.debug("Generate Status."); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - if (StringUtils.isNotBlank(response.getStatusMessage())) { - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils - .generateStatusMessage(response.getStatusMessage()); - - status.setStatusMessage(statusMessage); - } - - final LogoutResponse logoutResponseAux= SAMLEngineUtils - .generateSAMLLogoutResponse(SAMLEngineUtils.generateNCName(), - SAMLVersion.VERSION_20, SAMLEngineUtils - .getCurrentTime(), status, request.getSamlId()); - - // Set name spaces. - setNameSpaces(logoutResponseAux); - - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(response.getDestination())) { - logoutResponseAux.setDestination(response.getDestination()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - logoutResponseAux.setConsent(super.getSamlCoreProperties() - .getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - - if(response.getIssuer()!=null){ - issuer.setValue(response.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties() - .getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - logoutResponseAux.setIssuer(issuer); - - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKLogoutResponse logoutResponse = new STORKLogoutResponse(); - - try { - logoutResponse.setTokenSaml(super.signAndMarshall(logoutResponseAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - logoutResponse.setSamlId(logoutResponseAux.getID()); - logoutResponse.setDestination(logoutResponseAux.getDestination()); - logoutResponse.setIssuer(logoutResponseAux.getIssuer().getValue()); - logoutResponse.setStatusCode(logoutResponseAux.getStatus().getStatusCode().toString()); - logoutResponse.setStatusMessage(logoutResponseAux.getStatus().getStatusMessage().toString()); - - return logoutResponse; - } - - /** - * Generate stork authentication statement for the authentication statement. - * - * @param ipAddress the IP address - * - * @return the authentication statement - */ - private AuthnStatement generateStorkAuthStatement(final String ipAddress) { - LOG.debug("Generate stork authenticate statement."); - final SubjectLocality subjectLocality = SAMLEngineUtils - .generateSubjectLocality(ipAddress); - - final AuthnContext authnContext = (AuthnContext) SAMLEngineUtils - .createSamlObject(AuthnContext.DEFAULT_ELEMENT_NAME); - - final AuthnContextDecl authnContextDecl = (AuthnContextDecl) SAMLEngineUtils - .createSamlObject(AuthnContextDecl.DEFAULT_ELEMENT_NAME); - - authnContext.setAuthnContextDecl(authnContextDecl); - - final AuthnStatement authnStatement = SAMLEngineUtils - .generateAthnStatement(new DateTime(), authnContext); - - // Optional STORK - authnStatement.setSessionIndex(null); - authnStatement.setSubjectLocality(subjectLocality); - - return authnStatement; - } - - /** - * Generate stork extensions. - * - * @param request the request - * - * @return the extensions - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private Extensions generateSTORKExtensions(final STORKAuthnRequest request) - throws STORKSAMLEngineException { - LOG.debug("Generate STORKExtensions"); - - final Extensions extensions = SAMLEngineUtils.generateExtension(); - - LOG.debug("Generate QAAAttribute"); - final QAAAttribute qaaAttribute = SAMLEngineUtils - .generateQAAAttribute(request.getQaa()); - extensions.getUnknownXMLObjects().add(qaaAttribute); - - - if (StringUtils.isNotEmpty(request - .getSpSector())) { - // Add information about service provider. - LOG.debug("Generate SPSector"); - final SPSector sector = SAMLEngineUtils.generateSPSector(request - .getSpSector()); - extensions.getUnknownXMLObjects().add(sector); - } - - //Delete from specification. Kept for compatibility with Provider Name value - LOG.debug("Generate SPInstitution"); - final SPInstitution institution = SAMLEngineUtils - .generateSPInstitution(request.getProviderName()); - extensions.getUnknownXMLObjects().add(institution); - - - if (StringUtils.isNotEmpty(request.getSpApplication())) { - LOG.debug("Generate SPApplication"); - final SPApplication application = SAMLEngineUtils - .generateSPApplication(request.getSpApplication()); - extensions.getUnknownXMLObjects().add(application); - } - - if (StringUtils.isNotEmpty(request.getSpCountry())) { - LOG.debug("Generate SPCountry"); - final SPCountry country = SAMLEngineUtils.generateSPCountry(request - .getSpCountry()); - extensions.getUnknownXMLObjects().add(country); - } - - //eIDSectorShare: optional; default value: false. - String valueSectorShare = super.getSamlCoreProperties() - .iseIDSectorShare(); - - if (StringUtils.isNotEmpty(valueSectorShare)) { - // Add information about the use of the SAML message. - LOG.debug("Generate EIDSectorShare"); - final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils - .createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME); - - eIdSectorShare.setEIDSectorShare(String.valueOf(Boolean.valueOf(valueSectorShare))); - - extensions.getUnknownXMLObjects().add(eIdSectorShare); - } - - String valueCrossSectorShare = super.getSamlCoreProperties() - .iseIDCrossSectorShare(); - - if (StringUtils.isNotEmpty(valueCrossSectorShare)) { - LOG.debug("Generate EIDCrossSectorShare"); - final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils - .createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); - eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(Boolean.valueOf(valueCrossSectorShare))); - extensions.getUnknownXMLObjects().add(eIdCrossSecShare); - } - - - String valueCrossBorderShare = super.getSamlCoreProperties() - .iseIDCrossBorderShare(); - - if (StringUtils.isNotEmpty(valueCrossBorderShare)) { - LOG.debug("Generate EIDCrossBorderShare"); - final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils - .createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); - eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(Boolean.valueOf(valueCrossBorderShare))); - extensions.getUnknownXMLObjects().add(eIdCrossBordShare); - } - - - // Add information about requested attributes. - LOG.debug("Generate RequestedAttributes."); - final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils - .createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME); - - LOG.debug("SAML Engine configuration properties load."); - final Iterator<PersonalAttribute> iterator = request - .getPersonalAttributeList().iterator(); - - while (iterator.hasNext()) { - - final PersonalAttribute attribute = iterator.next(); - - if (attribute == null || StringUtils.isBlank(attribute.getName())) { - LOG.error(ATTRIBUTE_EMPTY_LITERAL); - throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); - } - - // Verified if exits the attribute name. - final String attributeName = super.getSamlCoreProperties() - .getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.debug("Attribute name: {} was not found.", attribute - .getName()); - throw new STORKSAMLEngineException("Attribute name: " - + attribute.getName() + " was not found."); - } - - // Friendly name it's an optional attribute. - String friendlyName = null; - - if (super.getSamlCoreProperties().isFriendlyName()) { - friendlyName = attribute.getName(); - } - - - String isRequired = null; - if (super.getSamlCoreProperties().isRequired()) { - isRequired = String.valueOf(attribute.isRequired()); - } - - - LOG.debug("Generate requested attribute: " + attributeName); - final RequestedAttribute requestedAttr = SAMLEngineUtils - .generateReqAuthnAttributeSimple(attributeName, - friendlyName, isRequired, attribute - .getValue()); - - // Add requested attribute. - reqAttributes.getAttributes().add(requestedAttr); - } - - // Add requested attributes. - extensions.getUnknownXMLObjects().add(reqAttributes); - - CitizenCountryCode citizenCountryCode = null; - if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())){ - LOG.debug("Generate CitizenCountryCode"); - citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils - .createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME); - - citizenCountryCode.setCitizenCountryCode(request - .getCitizenCountryCode().toUpperCase()); - } - - SPID spid = null; - if(request.getSPID()!=null && StringUtils.isNotBlank(request.getSPID())) { - LOG.debug("Generate SPID"); - spid = (SPID) SAMLEngineUtils - .createSamlObject(SPID.DEF_ELEMENT_NAME); - - spid.setSPID(request.getSPID().toUpperCase()); - } - - AuthenticationAttributes authenticationAttr = (AuthenticationAttributes) SAMLEngineUtils - .createSamlObject(AuthenticationAttributes.DEF_ELEMENT_NAME); - - final VIDPAuthenticationAttributes vIDPauthenticationAttr = (VIDPAuthenticationAttributes) SAMLEngineUtils - .createSamlObject(VIDPAuthenticationAttributes.DEF_ELEMENT_NAME); - - final SPInformation spInformation = (SPInformation) SAMLEngineUtils - .createSamlObject(SPInformation.DEF_ELEMENT_NAME); - - if(citizenCountryCode!=null){ - vIDPauthenticationAttr.setCitizenCountryCode(citizenCountryCode); - } - - if(spid!=null){ - spInformation.setSPID(spid); - } - - vIDPauthenticationAttr.setSPInformation(spInformation); - - authenticationAttr - .setVIDPAuthenticationAttributes(vIDPauthenticationAttr); - extensions.getUnknownXMLObjects().add(authenticationAttr); - - - return extensions; - - } - - /** - * Generate stork extensions. - * - * @param request the attribute query request - * - * @return the extensions - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private Extensions generateSTORKAttrExtensions(final STORKAttrQueryRequest request) - throws STORKSAMLEngineException { - LOG.debug("Generate STORKExtensions"); - - final Extensions extensions = SAMLEngineUtils.generateExtension(); - - LOG.debug("Generate QAAAttribute"); - final QAAAttribute qaaAttribute = SAMLEngineUtils - .generateQAAAttribute(request.getQaa()); - extensions.getUnknownXMLObjects().add(qaaAttribute); - - - if (StringUtils.isNotEmpty(request - .getSpSector())) { - // Add information about service provider. - LOG.debug("Generate SPSector"); - final SPSector sector = SAMLEngineUtils.generateSPSector(request - .getSpSector()); - extensions.getUnknownXMLObjects().add(sector); - } - - - if (StringUtils.isNotEmpty(request.getSpApplication())) { - LOG.debug("Generate SPApplication"); - final SPApplication application = SAMLEngineUtils - .generateSPApplication(request.getSpApplication()); - extensions.getUnknownXMLObjects().add(application); - } - - if (StringUtils.isNotEmpty(request.getSpCountry())) { - LOG.debug("Generate SPCountry"); - final SPCountry country = SAMLEngineUtils.generateSPCountry(request - .getSpCountry()); - extensions.getUnknownXMLObjects().add(country); - } - - final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils - .createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME); - - eIdSectorShare.setEIDSectorShare(String.valueOf(request.isEIDSectorShare())); - - extensions.getUnknownXMLObjects().add(eIdSectorShare); - - final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils - .createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); - eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(request.isEIDCrossSectorShare())); - extensions.getUnknownXMLObjects().add(eIdCrossSecShare); - - final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils - .createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); - eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(request.isEIDCrossBorderShare())); - extensions.getUnknownXMLObjects().add(eIdCrossBordShare); - - - // Add information about requested attributes. - LOG.debug("Generate RequestedAttributes."); - final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils - .createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME); - - LOG.debug("SAML Engine configuration properties load."); - final Iterator<PersonalAttribute> iterator = request - .getPersonalAttributeList().iterator(); - - while (iterator.hasNext()) { - - final PersonalAttribute attribute = iterator.next(); - - if (attribute == null || StringUtils.isBlank(attribute.getName())) { - LOG.error(ATTRIBUTE_EMPTY_LITERAL); - throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); - } - - // Verified if exits the attribute name. - final String attributeName = super.getSamlCoreProperties() - .getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.debug("Attribute name: {} was not found.", attribute - .getName()); - throw new STORKSAMLEngineException("Attribute name: " - + attribute.getName() + " was not found."); - } - - // Friendly name it's an optional attribute. - String friendlyName = null; - - if (super.getSamlCoreProperties().isFriendlyName()) { - friendlyName = attribute.getName(); - } - - - String isRequired = null; - if (super.getSamlCoreProperties().isRequired()) { - isRequired = String.valueOf(attribute.isRequired()); - } - - - LOG.debug("Generate requested attribute: " + attributeName); - final RequestedAttribute requestedAttr = SAMLEngineUtils - .generateReqAuthnAttributeSimple(attributeName, - friendlyName, isRequired, attribute - .getValue()); - - // Add requested attribute. - reqAttributes.getAttributes().add(requestedAttr); - } - - // Add requested attributes. - extensions.getUnknownXMLObjects().add(reqAttributes); - - CitizenCountryCode citizenCountryCode = null; - if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())){ - LOG.debug("Generate CitizenCountryCode"); - citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils - .createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME); - - citizenCountryCode.setCitizenCountryCode(request - .getCitizenCountryCode().toUpperCase()); - } - - SPID spid = null; - if(request.getSPID()!=null && StringUtils.isNotBlank(request.getSPID())) { - LOG.debug("Generate SPID"); - spid = (SPID) SAMLEngineUtils - .createSamlObject(SPID.DEF_ELEMENT_NAME); - - spid.setSPID(request.getSPID().toUpperCase()); - } - - - return extensions; - - } - - /** - * Gets the alias from X.509 Certificate at keystore. - * - * @param keyInfo the key info - * @param storkOwnKeyStore - * @param storkOwnKeyStore - * - * @return the alias - */ - private String getAlias(final KeyInfo keyInfo, KeyStore storkOwnKeyStore) { - - LOG.debug("Recover alias information"); - - String alias = null; - try { - final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo - .getX509Datas().get(0).getX509Certificates().get(0); - - // Transform the KeyInfo to X509Certificate. - CertificateFactory certFact; - certFact = CertificateFactory.getInstance("X.509"); - - final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 - .decode(xmlCert.getValue())); - - final X509Certificate cert = (X509Certificate) certFact - .generateCertificate(bis); - - final String tokenSerialNumber = cert.getSerialNumber().toString(16); - final X509Principal tokenIssuerDN = new X509Principal(cert.getIssuerDN().getName()); - - - String aliasCert; - X509Certificate certificate; - boolean find = false; - - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e - .hasMoreElements() - && !find; ) { - aliasCert = e.nextElement(); - certificate = (X509Certificate) storkOwnKeyStore - .getCertificate(aliasCert); - - final String serialNum = certificate.getSerialNumber() - .toString(16); - - X509Principal issuerDN = new X509Principal(certificate - .getIssuerDN().getName()); - - if(serialNum.equalsIgnoreCase(tokenSerialNumber) - && X509PrincipalUtil.equals2(issuerDN, tokenIssuerDN)){ - alias = aliasCert; - find = true; - } - - } - - } catch (KeyStoreException e) { - LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); - } catch (CertificateException e) { - LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); - } catch (RuntimeException e) { - LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); - } - return alias; - } - - /** - * Gets the country from X.509 Certificate. - * - * @param keyInfo the key info - * - * @return the country - */ - private String getCountry(final KeyInfo keyInfo) { - LOG.debug("Recover country information."); - - String result = ""; - try { - final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo - .getX509Datas().get(0).getX509Certificates().get(0); - - // Transform the KeyInfo to X509Certificate. - CertificateFactory certFact; - certFact = CertificateFactory.getInstance("X.509"); - - final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 - .decode(xmlCert.getValue())); - - final X509Certificate cert = (X509Certificate) certFact - .generateCertificate(bis); - - String distName = cert.getSubjectDN().toString(); - - distName = StringUtils.deleteWhitespace(StringUtils - .upperCase(distName)); - - final String countryCode = "C="; - final int init = distName.indexOf(countryCode); - - if (init > StringUtils.INDEX_NOT_FOUND) { // Exist country code. - int end = distName.indexOf(',', init); - - if (end <= StringUtils.INDEX_NOT_FOUND) { - end = distName.length(); - } - - if (init < end && end > StringUtils.INDEX_NOT_FOUND) { - result = distName.substring(init + countryCode.length(), - end); - //It must be a two characters value - if(result.length()>2){ - result = result.substring(0, 2); - } - } - } - - } catch (CertificateException e) { - LOG.error("Procces getCountry from certificate."); - } - return result.trim(); - } - - /** - * Process all elements XMLObjects from the extensions. - * - * @param extensions the extensions from the authentication request. - * - * @return the STORK authentication request - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private STORKAuthnRequest processExtensions(final Extensions extensions) - throws STORKSAMLEngineException { - LOG.debug("Procces the extensions."); - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - final QAAAttribute qaa = (QAAAttribute) extensions - .getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0); - request.setQaa(Integer.parseInt(qaa.getQaaLevel())); - - List optionalElements = extensions.getUnknownXMLObjects( - SPSector.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPSector sector = (SPSector) extensions.getUnknownXMLObjects( - SPSector.DEF_ELEMENT_NAME).get(0); - request.setSpSector(sector.getSPSector()); - } - - optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPApplication application = (SPApplication) extensions - .getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0); - request.setSpApplication(application.getSPApplication()); - } - - optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPCountry application = (SPCountry) extensions - .getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0); - request.setSpCountry(application.getSPCountry()); - } - - - List listCrossBorderShare = extensions - .getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME); - - if (!listCrossBorderShare .isEmpty()) { - final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0); - request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare - .getEIDCrossBorderShare())); - } - - - List listCrosSectorShare = extensions - .getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME); - - if (!listCrosSectorShare.isEmpty()) { - final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0); - request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare - .getEIDCrossSectorShare())); - } - - List listSectorShareExtension = extensions - .getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME); - if (!listSectorShareExtension.isEmpty()) { - final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0); - request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare())); - } - - - - List<XMLObject> authAttrs = extensions - .getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME); - - if (authAttrs != null && !authAttrs.isEmpty()) { - - final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs - .get(0); - - VIDPAuthenticationAttributes vidpAuthnAttr = null; - if (authnAttr != null && !authAttrs.isEmpty()){ - vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes(); - } - - CitizenCountryCode citizenCountryCodeElement = null; - SPInformation spInformation = null; - if (vidpAuthnAttr != null){ - citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode(); - spInformation = vidpAuthnAttr.getSPInformation(); - } - - String citizenCountryCode = null; - if(citizenCountryCodeElement!=null){ - citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode(); - } - - if(citizenCountryCode!= null && StringUtils.isNotBlank(citizenCountryCode)){ - request.setCitizenCountryCode(citizenCountryCode); - } - - SPID spidElement = null; - if (spInformation != null){ - spidElement = spInformation.getSPID(); - } - - String spid = null; - if(spidElement!=null){ - spid = spidElement.getSPID(); - } - - if (spid != null && StringUtils.isNotBlank(spid)) { - request.setSPID(spid); - } - } - - if (extensions - .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) { - LOG.error("Extensions not contains any requested attribute."); - throw new STORKSAMLEngineException( - "Extensions not contains any requested attribute."); - } - - final RequestedAttributes requestedAttr = (RequestedAttributes) extensions - .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) - .get(0); - - final List<RequestedAttribute> reqAttrs = requestedAttr.getAttributes(); - - final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); - - String attributeName; - for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { - final RequestedAttribute attribute = reqAttrs.get(nextAttribute); - final PersonalAttribute personalAttribute = new PersonalAttribute(); - personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired())); - personalAttribute.setFriendlyName(attribute.getFriendlyName()); - attributeName = attribute.getName(); - - // recover the last name from the string. - personalAttribute.setName(attributeName.substring(attributeName - .lastIndexOf('/') + 1)); - - final ArrayList<String> valores = new ArrayList<String>(); - final List<XMLObject> values = attribute.getOrderedChildren(); - - for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) { - - // Process attributes simples. An AuthenticationRequest only - // must contains simple values. - - final XMLObject xmlObject = values.get(nextSimpleValue); - - if(xmlObject instanceof XSStringImpl){ - - final XSStringImpl xmlString = (XSStringImpl) values - .get(nextSimpleValue); - valores.add(xmlString.getValue()); - - }else{ - - if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - - final XSAnyImpl xmlString = (XSAnyImpl) values - .get(nextSimpleValue); - - TransformerFactory transFactory = TransformerFactory.newInstance(); - Transformer transformer = null; - try { - transformer = transFactory.newTransformer(); - transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - } catch (TransformerConfigurationException e) { - LOG.error("Error transformer configuration exception", e); - } - StringWriter buffer = new StringWriter(); - try { - if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ - transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), - new StreamResult(buffer)); - } - } catch (TransformerException e) { - LOG.error("Error transformer exception", e); - } - String str = buffer.toString(); - - valores.add(str); - - }else{ - - final XSAnyImpl xmlString = (XSAnyImpl) values - .get(nextSimpleValue); - valores.add(xmlString.getTextContent()); - } - - - - } - } - personalAttribute.setValue(valores); - personalAttrList.add(personalAttribute); - } - - request.setPersonalAttributeList(personalAttrList); - - return request; - } - - - /** - * Process all elements XMLObjects from the extensions. - * - * @param extensions the extensions from the authentication request. - * - * @return the STORK authentication request - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private STORKAttrQueryRequest processAttrExtensions(final Extensions extensions) - throws STORKSAMLEngineException { - LOG.debug("Procces the atribute query extensions."); - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - final QAAAttribute qaa = (QAAAttribute) extensions - .getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0); - request.setQaa(Integer.parseInt(qaa.getQaaLevel())); - - List optionalElements = extensions.getUnknownXMLObjects( - SPSector.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPSector sector = (SPSector) extensions.getUnknownXMLObjects( - SPSector.DEF_ELEMENT_NAME).get(0); - request.setSpSector(sector.getSPSector()); - } - - optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPApplication application = (SPApplication) extensions - .getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0); - request.setSpApplication(application.getSPApplication()); - } - - optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPCountry application = (SPCountry) extensions - .getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0); - request.setSpCountry(application.getSPCountry()); - } - - - List listCrossBorderShare = extensions - .getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME); - - if (!listCrossBorderShare .isEmpty()) { - final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0); - request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare - .getEIDCrossBorderShare())); - } - - - List listCrosSectorShare = extensions - .getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME); - - if (!listCrosSectorShare.isEmpty()) { - final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0); - request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare - .getEIDCrossSectorShare())); - } - - List listSectorShareExtension = extensions - .getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME); - if (!listSectorShareExtension.isEmpty()) { - final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0); - request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare())); - } - - - - List<XMLObject> authAttrs = extensions - .getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME); - - if (authAttrs != null && !authAttrs.isEmpty()) { - - final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs - .get(0); - - VIDPAuthenticationAttributes vidpAuthnAttr = null; - if (authnAttr != null && !authAttrs.isEmpty()){ - vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes(); - } - - CitizenCountryCode citizenCountryCodeElement = null; - SPInformation spInformation = null; - if (vidpAuthnAttr != null){ - citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode(); - spInformation = vidpAuthnAttr.getSPInformation(); - } - - String citizenCountryCode = null; - if(citizenCountryCodeElement!=null){ - citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode(); - } - - if(citizenCountryCode!= null && StringUtils.isNotBlank(citizenCountryCode)){ - request.setCitizenCountryCode(citizenCountryCode); - } - - SPID spidElement = null; - if (spInformation != null){ - spidElement = spInformation.getSPID(); - } - - String spid = null; - if(spidElement!=null){ - spid = spidElement.getSPID(); - } - - if (spid != null && StringUtils.isNotBlank(spid)) { - request.setSPID(spid); - } - } - - if (extensions - .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) { - LOG.error("Extensions not contains any requested attribute."); - throw new STORKSAMLEngineException( - "Extensions not contains any requested attribute."); - } - - final RequestedAttributes requestedAttr = (RequestedAttributes) extensions - .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) - .get(0); - - final List<RequestedAttribute> reqAttrs = requestedAttr.getAttributes(); - - final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); - - String attributeName; - for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { - final RequestedAttribute attribute = reqAttrs.get(nextAttribute); - final PersonalAttribute personalAttribute = new PersonalAttribute(); - personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired())); - personalAttribute.setFriendlyName(attribute.getFriendlyName()); - attributeName = attribute.getName(); - - // recover the last name from the string. - personalAttribute.setName(attributeName.substring(attributeName - .lastIndexOf('/') + 1)); - - final ArrayList<String> valores = new ArrayList<String>(); - final List<XMLObject> values = attribute.getOrderedChildren(); - - for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) { - - // Process attributes simples. An AuthenticationRequest only - // must contains simple values. - - final XMLObject xmlObject = values.get(nextSimpleValue); - - if(xmlObject instanceof XSStringImpl){ - - final XSStringImpl xmlString = (XSStringImpl) values - .get(nextSimpleValue); - valores.add(xmlString.getValue()); - - }else{ - - if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - - final XSAnyImpl xmlString = (XSAnyImpl) values - .get(nextSimpleValue); - - TransformerFactory transFactory = TransformerFactory.newInstance(); - Transformer transformer = null; - try { - transformer = transFactory.newTransformer(); - transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - } catch (TransformerConfigurationException e) { - LOG.error("Error transformer configuration exception", e); - } - StringWriter buffer = new StringWriter(); - try { - if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ - transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), - new StreamResult(buffer)); - } - } catch (TransformerException e) { - LOG.error("Error transformer exception", e); - } - String str = buffer.toString(); - - valores.add(str); - - }else{ - - final XSAnyImpl xmlString = (XSAnyImpl) values - .get(nextSimpleValue); - valores.add(xmlString.getTextContent()); - } - - - - } - } - personalAttribute.setValue(valores); - personalAttrList.add(personalAttribute); - } - - request.setPersonalAttributeList(personalAttrList); - - return request; - } - - /** - * Sets the name spaces. - * - * @param tokenSaml the new name spaces - */ - private void setNameSpaces(final XMLObject tokenSaml) { - LOG.debug("Set namespaces."); - - final Namespace saml2 = new Namespace(SAMLConstants.SAML20_NS, - SAMLConstants.SAML20_PREFIX); - tokenSaml.addNamespace(saml2); - - final Namespace digSig = new Namespace( - "http://www.w3.org/2000/09/xmldsig#", "ds"); - tokenSaml.addNamespace(digSig); - - final Namespace storkp = new Namespace(SAMLCore.STORK10P_NS.getValue(), - SAMLCore.STORK10P_PREFIX.getValue()); - tokenSaml.addNamespace(storkp); - - final Namespace stork = new Namespace(SAMLCore.STORK10_NS.getValue(), - SAMLCore.STORK10_PREFIX.getValue()); - - tokenSaml.addNamespace(stork); - } - - /** - * Validate parameters from authentication request. - * - * @param request the request. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamAuthnReq(final STORKAuthnRequest request) - throws STORKSAMLEngineException { - LOG.info("Validate parameters from authentication request."); - - // URL to which Authentication Response must be sent. - if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); - } - - // the name of the original service provider requesting the - // authentication. - if (StringUtils.isBlank(request.getProviderName())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: Service Provider it's mandatory."); - } - - // object that contain all attributes requesting. - if (request.getPersonalAttributeList() == null - || request.getPersonalAttributeList().isEmpty()) { - throw new STORKSAMLEngineException( - "attributeQueries is null or empty."); - } - - // Quality authentication assurance level. - if ((request.getQaa() < QAAAttribute.MIN_VALUE) - || (request.getQaa() > QAAAttribute.MAX_VALUE)) { - throw new STORKSAMLEngineException("Qaal: " + request.getQaa() - + ", is invalid."); - } - - } - - /** - * Validate parameters from attribute query request. - * - * @param request the request. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamAttrQueryReq(final STORKAttrQueryRequest request) - throws STORKSAMLEngineException { - LOG.info("Validate parameters from attribute query request."); - - // URL to which AP Response must be sent. - if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); - } - - // Destination of the request - not mandatory - /*if (StringUtils.isBlank(request.getDestination())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: Destination is mandatory."); - }*/ - - // SP country is empty - if (StringUtils.isBlank(request.getSpCountry())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: SP country is mandatory."); - } - - // object that contain all attributes requesting. - if (request.getPersonalAttributeList() == null - || request.getPersonalAttributeList().isEmpty()) { - throw new STORKSAMLEngineException( - "attributeQueries is null or empty."); - } - - // Quality authentication assurance level. - if ((request.getQaa() < QAAAttribute.MIN_VALUE) - || (request.getQaa() > QAAAttribute.MAX_VALUE)) { - throw new STORKSAMLEngineException("Qaal: " + request.getQaa() - + ", is invalid."); - } - } - - /** - * Validate parameters from logout request. - * - * @param request the request. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamLogoutReq(final STORKLogoutRequest request) - throws STORKSAMLEngineException { - LOG.info("Validate parameters from logout request."); - - // URL to which AP Response must be sent. - /*if (StringUtils.isBlank(request.get())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); - }*/ - - // Destination of the request - if (StringUtils.isBlank(request.getDestination())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: Destination is mandatory."); - } - - // SP Provided Id - if (StringUtils.isBlank(request.getSpProvidedId())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: SP provided Id is mandatory."); - } - } - - /** - * Validate parameters from logout response. - * - * @param response the response. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamLogoutRes(final STORKLogoutRequest request, - final STORKLogoutResponse response) throws STORKSAMLEngineException { - LOG.info("Validate parameters from logout request."); - - // Issuer is mandatory - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException( - "Issuer must be not empty or null."); - } - - // Destination of the request - if (StringUtils.isBlank(response.getDestination())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: Destination is mandatory."); - } - - // SP Provided Id - if (StringUtils.isBlank(request.getSpProvidedId())) { - throw new STORKSAMLEngineException( - "StorkSamlEngine: SP provided Id is mandatory."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - - /** - * Validate parameters from response. - * - * @param request the request - * @param responseAuthReq the response authentication request - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamResponse(final STORKAuthnRequest request, - final STORKAuthnResponse responseAuthReq) - throws STORKSAMLEngineException { - LOG.info("Validate parameters response."); - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException( - "Issuer must be not empty or null."); - } - - if (responseAuthReq.getPersonalAttributeList() == null - || responseAuthReq.getPersonalAttributeList().isEmpty()) { - LOG.error("PersonalAttributeList is null or empty."); - throw new STORKSAMLEngineException( - "PersonalAttributeList is null or empty."); - } - - if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException( - "assertionConsumerServiceURL is null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameters from response. - * - * @param request the request - * @param responseAttrQueryReq the response authentication request - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamAttrQueryResponse(final STORKAttrQueryRequest request, - final STORKAttrQueryResponse responseAttrQueryReq) - throws STORKSAMLEngineException { - LOG.info("Validate attribute querey parameters response."); - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException( - "Issuer must be not empty or null."); - } - - if (responseAttrQueryReq.getPersonalAttributeList() == null - || responseAttrQueryReq.getPersonalAttributeList().isEmpty()) { - LOG.error("PersonalAttributeList is null or empty."); - throw new STORKSAMLEngineException( - "PersonalAttributeList is null or empty."); - } - - /*if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException( - "assertionConsumerServiceURL is null or empty."); - }*/ - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameter from response fail. - * - * @param request the request - * @param response the response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamResponseFail(final STORKAuthnRequest request, - final STORKAuthnResponse response) throws STORKSAMLEngineException { - LOG.info("Validate parameters response fail."); - if (StringUtils.isBlank(response.getStatusCode())) { - throw new STORKSAMLEngineException("Code error it's null or empty."); - } - - if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException( - "assertionConsumerServiceURL is null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameter from response fail. - * - * @param request the request - * @param response the response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamAttrQueryResponseFail(final STORKAttrQueryRequest request, - final STORKAttrQueryResponse response) throws STORKSAMLEngineException { - LOG.info("Validate parameters response fail."); - if (StringUtils.isBlank(response.getStatusCode())) { - throw new STORKSAMLEngineException("Code error it's null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameter from response fail. - * - * @param request the request - * @param response the response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private void validateParamLogoutResFail(final STORKLogoutRequest request, - final STORKLogoutResponse response) throws STORKSAMLEngineException { - LOG.info("Validate parameters response fail."); - - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException( - "Issuer must be not empty or null."); - } - - if (StringUtils.isBlank(response.getStatusCode())) { - throw new STORKSAMLEngineException("Code error it's null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate stork authentication request. - * - * @param tokenSaml the token SAML - * - * @return the sTORK authentication request - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAuthnRequest validateSTORKAuthnRequest(final byte[] tokenSaml) - throws STORKSAMLEngineException { - LOG.info("validateSTORKAuthnRequest"); - - final AuthnRequest samlRequest = (AuthnRequest) validateStorkSaml(tokenSaml); - - LOG.debug("Validate Extensions."); - final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator(); - try { - validatorExt.validate(samlRequest.getExtensions()); - } catch (ValidationException e) { - LOG.error("ValidationException: validate Extensions.", e); - throw new STORKSAMLEngineException(e); - } - - LOG.debug("Generate STORKAuthnRequest."); - final STORKAuthnRequest authnRequest = processExtensions(samlRequest - .getExtensions()); - - authnRequest.setCountry(this.getCountry(samlRequest.getSignature() - .getKeyInfo())); - - authnRequest.setAlias(this.getAlias(samlRequest.getSignature() - .getKeyInfo(), super.getSigner().getTrustStore())); - - authnRequest.setSamlId(samlRequest.getID()); - authnRequest.setDestination(samlRequest.getDestination()); - authnRequest.setAssertionConsumerServiceURL(samlRequest - .getAssertionConsumerServiceURL()); - - authnRequest.setProviderName(samlRequest.getProviderName()); - authnRequest.setIssuer(samlRequest.getIssuer().getValue()); - - //Delete unknown elements from requested ones - final Iterator<PersonalAttribute> iterator = authnRequest.getPersonalAttributeList().iterator(); - IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) authnRequest.getPersonalAttributeList(); - while (iterator.hasNext()) { - - final PersonalAttribute attribute = iterator.next(); - - // Verify if the attribute name exits. - final String attributeName = super.getSamlCoreProperties() - .getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName()); - cleanPerAttrList.remove(attribute.getName()); - } - - } - authnRequest.setPersonalAttributeList(cleanPerAttrList); - - return authnRequest; - - } - - /** - * Validate stork attribute query request. - * - * @param tokenSaml the token SAML - * - * @return the STORK attribute query request - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAttrQueryRequest validateSTORKAttrQueryRequest(final byte[] tokenSaml) - throws STORKSAMLEngineException { - LOG.info("validateSTORKAttrQueryRequest"); - - //final AttributeQuery samlRequest = (AttributeQuery) validateStorkSaml(tokenSaml); - final CustomRequestAbstractType samlRequest = (CustomRequestAbstractType) validateStorkSaml(tokenSaml); - - LOG.debug("Validate Extensions."); - final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator(); - try { - validatorExt.validate(samlRequest.getExtensions()); - } catch (ValidationException e) { - LOG.error("ValidationException: validate Extensions.", e); - throw new STORKSAMLEngineException(e); - } - - LOG.debug("Generate STORKAttrQueryRequest."); - final STORKAttrQueryRequest attrRequest = processAttrExtensions(samlRequest - .getExtensions()); - - attrRequest.setCountry(this.getCountry(samlRequest.getSignature() - .getKeyInfo())); - - attrRequest.setAlias(this.getAlias(samlRequest.getSignature() - .getKeyInfo(), super.getSigner().getTrustStore())); - - attrRequest.setSamlId(samlRequest.getID()); - attrRequest.setDestination(samlRequest.getDestination()); - attrRequest.setAssertionConsumerServiceURL(samlRequest - .getAssertionConsumerServiceURL()); - - /*authnRequest.setProviderName(samlRequest.getProviderName());*/ - attrRequest.setIssuer(samlRequest.getIssuer().getValue()); - - //Delete unknown elements from requested ones - final Iterator<PersonalAttribute> iterator = attrRequest.getPersonalAttributeList().iterator(); - IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) attrRequest.getPersonalAttributeList(); - while (iterator.hasNext()) { - - final PersonalAttribute attribute = iterator.next(); - - // Verify if the attribute name exits. - final String attributeName = super.getSamlCoreProperties() - .getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName()); - cleanPerAttrList.remove(attribute.getName()); - } - - } - attrRequest.setPersonalAttributeList(cleanPerAttrList); - - return attrRequest; - - } - - /** - * Validate stork logout request. - * - * @param tokenSaml the token SAML - * - * @return the STORK logout request - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKLogoutRequest validateSTORKLogoutRequest(final byte[] tokenSaml) - throws STORKSAMLEngineException { - LOG.info("validateSTORKLogoutRequest"); - - final LogoutRequest samlRequest = (LogoutRequest)validateStorkSaml(tokenSaml); - - LOG.debug("Validate Extensions."); - final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator(); - try { - validatorExt.validate(samlRequest.getExtensions()); - } catch (ValidationException e) { - LOG.error("ValidationException: validate Extensions.", e); - throw new STORKSAMLEngineException(e); - } - - LOG.debug("Generate STORKLogoutRequest."); - final STORKLogoutRequest logoutRequest = new STORKLogoutRequest(); - - logoutRequest.setCountry(this.getCountry(samlRequest.getSignature() - .getKeyInfo())); - - logoutRequest.setAlias(this.getAlias(samlRequest.getSignature() - .getKeyInfo(), super.getSigner().getTrustStore())); - - logoutRequest.setSamlId(samlRequest.getID()); - logoutRequest.setDestination(samlRequest.getDestination()); - - logoutRequest.setIssuer(samlRequest.getIssuer().getValue()); - - logoutRequest.setSpProvidedId(samlRequest.getNameID().getValue()); - - return logoutRequest; - - } - - /** - * Validate stork authentication response. - * - * @param tokenSaml the token SAML - * @param userIP the user IP - * - * @return the Stork authentication response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAuthnResponse validateSTORKAuthnResponse( - final byte[] tokenSaml, final String userIP) - throws STORKSAMLEngineException { - - LOG.info("validateSTORKAuthnResponse"); - final Response samlResponse = (Response) validateStorkSaml(tokenSaml); - - LOG.debug("Create StorkAuthResponse."); - final STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - - authnResponse.setCountry(this.getCountry(samlResponse.getSignature() - .getKeyInfo())); - - LOG.debug("Set ID."); - authnResponse.setSamlId(samlResponse.getID()); - LOG.debug("Set InResponseTo."); - authnResponse.setInResponseTo(samlResponse.getInResponseTo()); - LOG.debug("Set statusCode."); - authnResponse.setStatusCode(samlResponse.getStatus().getStatusCode() - .getValue()); - - // Subordinate code. - if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { - authnResponse.setSubStatusCode(samlResponse.getStatus() - .getStatusCode().getStatusCode().getValue()); - } - - if (samlResponse.getStatus().getStatusMessage() != null) { - LOG.debug("Set statusMessage."); - authnResponse.setMessage(samlResponse.getStatus() - .getStatusMessage().getMessage()); - } - - LOG.debug("validateStorkResponse"); - final Assertion assertion = (Assertion) validateStorkResponse( - samlResponse, userIP); - - if(assertion!=null){ - final DateTime serverDate = new DateTime(); - - if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { - LOG.error("Token date expired (getNotOnOrAfter = " - + assertion.getConditions().getNotOnOrAfter() - + ", server_date: " + serverDate + ")"); - throw new STORKSAMLEngineException( - "Token date expired (getNotOnOrAfter = " - + assertion.getConditions().getNotOnOrAfter() - + " ), server_date: " + serverDate); - } - - LOG.debug("Set notOnOrAfter."); - authnResponse.setNotOnOrAfter(assertion.getConditions() - .getNotOnOrAfter()); - - LOG.debug("Set notBefore."); - authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - authnResponse.setAudienceRestriction(((AudienceRestriction) assertion - .getConditions().getAudienceRestrictions().get(0)) - .getAudiences().get(0).getAudienceURI()); - authnResponse.setAssertions(samlResponse.getAssertions()); - } - - // Case no error. - if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(authnResponse - .getStatusCode())) { - LOG.debug("Status Success. Set PersonalAttributeList."); - authnResponse - .setPersonalAttributeList(generatePersonalAttributeList(assertion)); - authnResponse.setFail(false); - } else { - LOG.debug("Status Fail."); - authnResponse.setFail(true); - } - LOG.debug("Return result."); - return authnResponse; - - } - - /** - * Validate stork authentication response. - * - * @param tokenSaml the token SAML - * @param userIP the user IP - * - * @return the Stork authentication response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAuthnResponse validateSTORKAuthnResponseWithQuery( - final byte[] tokenSaml, final String userIP) - throws STORKSAMLEngineException { - - LOG.info("validateSTORKAuthnResponse"); - final Response samlResponse = (Response) validateStorkSaml(tokenSaml); - - LOG.debug("Create StorkAuthResponse."); - final STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - - authnResponse.setCountry(this.getCountry(samlResponse.getSignature() - .getKeyInfo())); - - LOG.debug("Set ID."); - authnResponse.setSamlId(samlResponse.getID()); - LOG.debug("Set InResponseTo."); - authnResponse.setInResponseTo(samlResponse.getInResponseTo()); - LOG.debug("Set statusCode."); - authnResponse.setStatusCode(samlResponse.getStatus().getStatusCode() - .getValue()); - - // Subordinate code. - if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { - authnResponse.setSubStatusCode(samlResponse.getStatus() - .getStatusCode().getStatusCode().getValue()); - } - - if (samlResponse.getStatus().getStatusMessage() != null) { - LOG.debug("Set statusMessage."); - authnResponse.setMessage(samlResponse.getStatus() - .getStatusMessage().getMessage()); - } - - LOG.debug("validateStorkResponse"); - final Assertion assertion = (Assertion) validateStorkResponse( - samlResponse, userIP); - - if(assertion!=null){ - final DateTime serverDate = new DateTime(); - - if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { - LOG.error("Token date expired (getNotOnOrAfter = " - + assertion.getConditions().getNotOnOrAfter() - + ", server_date: " + serverDate + ")"); - throw new STORKSAMLEngineException( - "Token date expired (getNotOnOrAfter = " - + assertion.getConditions().getNotOnOrAfter() - + " ), server_date: " + serverDate); - } - - LOG.debug("Set notOnOrAfter."); - authnResponse.setNotOnOrAfter(assertion.getConditions() - .getNotOnOrAfter()); - - LOG.debug("Set notBefore."); - authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - authnResponse.setAudienceRestriction(((AudienceRestriction) assertion - .getConditions().getAudienceRestrictions().get(0)) - .getAudiences().get(0).getAudienceURI()); - } - - // Case no error. - if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(authnResponse - .getStatusCode())) { - LOG.debug("Status Success. Set PersonalAttributeList."); - authnResponse - .setPersonalAttributeList(generatePersonalAttributeList(assertion)); - authnResponse.setFail(false); - } else { - LOG.debug("Status Fail."); - authnResponse.setFail(true); - } - - authnResponse.setAssertions(samlResponse.getAssertions()); - if (samlResponse.getAssertions().size() > 1) - { - PersonalAttributeList total = new PersonalAttributeList(); - List<IPersonalAttributeList> attrList = new ArrayList(); - for (int i = 0; i < samlResponse.getAssertions().size(); i++) - { - Assertion tempAssertion = (Assertion)samlResponse.getAssertions().get(i); - IPersonalAttributeList temp = generatePersonalAttributeList(tempAssertion); - if (temp != null) - { - attrList.add(temp); - for (PersonalAttribute attribute : temp) { - PersonalAttribute attr = (PersonalAttribute)attribute.clone(); - attr.setName(attr.getName()+tempAssertion.getID()); - total.add(attr); - } - } - } - authnResponse.setPersonalAttributeLists(attrList); - authnResponse.setTotalPersonalAttributeList(total); - } - - LOG.debug("Return result."); - return authnResponse; - - } - - /** - * Validate stork attribute query response. - * - * @param tokenSaml the token SAML - * @param userIP the user IP - * - * @return the Stork attribute query response - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public STORKAttrQueryResponse validateSTORKAttrQueryResponse( - final byte[] tokenSaml, final String userIP) - throws STORKSAMLEngineException { - - LOG.info("validateSTORKAttrQueryResponse"); - final Response samlResponse = (Response) validateStorkSaml(tokenSaml); - - LOG.debug("Create StorkAttrQueryResponse."); - final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); - - attrQueryResponse.setCountry(this.getCountry(samlResponse.getSignature() - .getKeyInfo())); - - LOG.debug("Set ID."); - attrQueryResponse.setSamlId(samlResponse.getID()); - LOG.debug("Set InResponseTo."); - attrQueryResponse.setInResponseTo(samlResponse.getInResponseTo()); - LOG.debug("Set statusCode."); - attrQueryResponse.setStatusCode(samlResponse.getStatus().getStatusCode() - .getValue()); - - - // Subordinate code. - if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { - attrQueryResponse.setSubStatusCode(samlResponse.getStatus() - .getStatusCode().getStatusCode().getValue()); - } - - if (samlResponse.getStatus().getStatusMessage() != null) { - LOG.debug("Set statusMessage."); - attrQueryResponse.setMessage(samlResponse.getStatus() - .getStatusMessage().getMessage()); - } - - LOG.debug("validateStorkResponse"); - final Assertion assertion = (Assertion) validateStorkResponse( - samlResponse, userIP); - - if(assertion!=null){ - final DateTime serverDate = new DateTime(); - - attrQueryResponse.setAssertion(assertion); - - if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { - LOG.error("Token date expired (getNotOnOrAfter = " - + assertion.getConditions().getNotOnOrAfter() - + ", server_date: " + serverDate + ")"); - throw new STORKSAMLEngineException( - "Token date expired (getNotOnOrAfter = " - + assertion.getConditions().getNotOnOrAfter() - + " ), server_date: " + serverDate); - } - - LOG.debug("Set notOnOrAfter."); - attrQueryResponse.setNotOnOrAfter(assertion.getConditions() - .getNotOnOrAfter()); - - LOG.debug("Set notBefore."); - attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - attrQueryResponse.setAudienceRestriction(((AudienceRestriction) assertion - .getConditions().getAudienceRestrictions().get(0)) - .getAudiences().get(0).getAudienceURI()); - } - - // Case no error. - if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(attrQueryResponse - .getStatusCode())) { - LOG.debug("Status Success. Set PersonalAttributeList."); - attrQueryResponse - .setPersonalAttributeList(generatePersonalAttributeList(assertion)); - attrQueryResponse.setFail(false); - } else { - LOG.debug("Status Fail."); - attrQueryResponse.setFail(true); - } - - attrQueryResponse.setAssertions(samlResponse.getAssertions()); - if (samlResponse.getAssertions().size() > 1) - { - PersonalAttributeList total = new PersonalAttributeList(); - List<IPersonalAttributeList> attrList = new ArrayList(); - for (int i = 0; i < samlResponse.getAssertions().size(); i++) - { - Assertion tempAssertion = (Assertion)samlResponse.getAssertions().get(i); - IPersonalAttributeList temp = generatePersonalAttributeList(tempAssertion); - if (temp != null) - { - attrList.add(temp); - for (PersonalAttribute attribute : temp) { - PersonalAttribute attr = (PersonalAttribute)attribute.clone(); - attr.setName(attr.getName()+tempAssertion.getID()); - total.add(attr); - } - } - } - attrQueryResponse.setPersonalAttributeLists(attrList); - attrQueryResponse.setTotalPersonalAttributeList(total); - } - - LOG.debug("Return result."); - return attrQueryResponse; - - } - - /** - * Validate stork response. - * - * @param samlResponse the SAML response - * @param userIP the user IP - * - * @return the assertion - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private Assertion validateStorkResponse(final Response samlResponse, - final String userIP) throws STORKSAMLEngineException { - // Exist only one Assertion - - if (samlResponse.getAssertions() == null - || samlResponse.getAssertions().isEmpty()) { - LOG.info("Assertion is null or empty."); //in replace of throw new STORKSAMLEngineException("Assertion is null or empty.") - return null; - } - - final Assertion assertion = (Assertion) samlResponse.getAssertions() - .get(0); - - LOG.debug("Verified method Bearer"); - for (final Iterator<SubjectConfirmation> iter = assertion.getSubject() - .getSubjectConfirmations().iterator(); iter.hasNext();) { - final SubjectConfirmation element = iter.next(); - final boolean isBearer = SubjectConfirmation.METHOD_BEARER - .equals(element.getMethod()); - - final boolean ipValidate = super.getSamlCoreProperties() - .isIpValidation(); - - if (ipValidate) { - if (isBearer) { - if (StringUtils.isBlank(userIP)) { - LOG.error("browser_ip is null or empty."); - throw new STORKSAMLEngineException( - "browser_ip is null or empty."); - } else if (StringUtils.isBlank(element - .getSubjectConfirmationData().getAddress())) { - LOG.error("token_ip attribute is null or empty."); - throw new STORKSAMLEngineException( - "token_ip attribute is null or empty."); - } - } - - final boolean ipEqual = element.getSubjectConfirmationData() - .getAddress().equals(userIP); - - // Validation ipUser - if (!ipEqual && ipValidate) { - LOG.error("SubjectConfirmation BEARER: "); - throw new STORKSAMLEngineException( - "IPs doesn't match : token_ip (" - + element.getSubjectConfirmationData() - .getAddress() + ") browser_ip (" - + userIP + ")"); - } - } - - } - return assertion; - } - - /** - * Validate stork SAML. - * - * @param tokenSaml the token SAML - * - * @return the signable SAML object - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - private SignableSAMLObject validateStorkSaml(final byte[] tokenSaml) - throws STORKSAMLEngineException { - - LOG.info("Validate StorkSaml message."); - - if (tokenSaml == null) { - LOG.error("Saml authentication request is null."); - throw new STORKSAMLEngineException( - "Saml authentication request is null."); - } - - LOG.debug("Generate AuthnRequest from request."); - SignableSAMLObject samlObject; - - try { - samlObject = (SignableSAMLObject) super.unmarshall(tokenSaml); - } catch (SAMLEngineException e) { - LOG.error("SAMLEngineException unmarshall.", e); - throw new STORKSAMLEngineException(e); - } - - boolean validateSign = true; - - if (StringUtils.isNotBlank(super.getSamlCoreProperties().getProperty( - "validateSignature"))) { - validateSign = Boolean.valueOf(super.getSamlCoreProperties() - .getProperty("validateSignature")); - } - - if (validateSign) { - LOG.debug("Validate Signature."); - try { - super.validateSignature(samlObject); - } catch (SAMLEngineException e) { - LOG.error("SAMLEngineException validateSignature.", e); - throw new STORKSAMLEngineException(e); - } - } - - LOG.debug("Validate Schema."); - final ValidatorSuite validatorSuite = Configuration - .getValidatorSuite("saml2-core-schema-validator"); - try { - if (samlObject.getElementQName().toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - { - CustomAttributeQueryValidator val = - new CustomAttributeQueryValidator(); - val.validate((CustomAttributeQuery)samlObject); - } - else - validatorSuite.validate(samlObject); - } catch (ValidationException e) { - LOG.error("ValidationException.", e); - throw new STORKSAMLEngineException(e); - } - - return samlObject; - } - - private boolean isComplex(XMLObject xmlObject) - { - boolean isComplex = false; - - final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; - - for (int nextComplexValue = 0; nextComplexValue < complexValue - .getUnknownXMLObjects().size(); nextComplexValue++) { - - final XSAnyImpl simple = (XSAnyImpl) complexValue - .getUnknownXMLObjects().get( - nextComplexValue); - - if (simple.getElementQName().getLocalPart() != null) - { - isComplex = true; - break; - } - } - - return isComplex; - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java deleted file mode 100644 index 724a522d1..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java +++ /dev/null @@ -1,69 +0,0 @@ -package eu.stork.peps.auth.engine; - -import org.bouncycastle.asn1.DERObjectIdentifier; -import org.bouncycastle.jce.X509Principal; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Utility class used to decrease complexity of comparison of 2 X509principal - * - * @author vanegdi - * @version $Revision: 1.00 $, $Date: 2013-05-24 20:53:51 $ - */ -public final class X509PrincipalUtil{ - - private static final DERObjectIdentifier[] DER_OBJECT_IDENTIFIERS_ARRAY= { - X509Principal.CN, - X509Principal.OU, - X509Principal.O, - X509Principal.L, - X509Principal.ST, - X509Principal.C, - X509Principal.E - }; - - private static final Logger LOG = LoggerFactory.getLogger(eu.stork.peps.auth.engine.X509PrincipalUtil.class); - - /** - * Compares 2 X509Principals to detect if they equals - * @param principal1 - * @param principal2 - * @return true if arguments are not null and equals - */ - public static boolean equals(X509Principal principal1, X509Principal principal2) { - boolean continueProcess = true; - if (principal1 == null || principal2 == null){ - return false; - } - - int cpt = 0; - while(continueProcess && cpt < DER_OBJECT_IDENTIFIERS_ARRAY.length){ - continueProcess = continueProcess && x509ValuesByIdentifierEquals(principal1, principal2, DER_OBJECT_IDENTIFIERS_ARRAY[cpt]); - cpt++; - } - return continueProcess; - } - - public static boolean equals2(X509Principal principal1, X509Principal principal2) { - - if (principal1 == null || principal2 == null){ - return false; - } - - if (principal1.getName().equals(principal2.getName())) - return true; - else - return false; - - } - - private static boolean x509ValuesByIdentifierEquals(X509Principal principal1, X509Principal principal2, DERObjectIdentifier identifier){ - return principal1.getValues(identifier).equals(principal2.getValues(identifier)); - } - - private X509PrincipalUtil(){ - // default contructor - LOG.error("Fake X509PrincipalUtil : never be called"); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java deleted file mode 100644 index a9efe6362..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface AuthenticationAttributes. - * @author fjquevedo - */ -public interface AuthenticationAttributes extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "AuthenticationAttributes"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "AuthenticationAttributesType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - - /** - * Gets the citizen country code. - * - * @return the citizen country code - */ - VIDPAuthenticationAttributes getVIDPAuthenticationAttributes(); - - - /** - * Sets the vIDP authentication attributes. - * - * @param newVIDPAuthenticationAttr the new vIDP authentication attributes - */ - void setVIDPAuthenticationAttributes(VIDPAuthenticationAttributes newVIDPAuthenticationAttr); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java deleted file mode 100644 index 4af7524ea..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * @author fjquevedo - */ -public interface CitizenCountryCode extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "CitizenCountryCode"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "CitizenCountryCodeType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the SP country. - * - * @return the sP country - */ - String getCitizenCountryCode(); - - - /** - * Sets the citizen country code. - * - * @param citizenCountryCode the new citizen country code - */ - void setCitizenCountryCode(String citizenCountryCode); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java deleted file mode 100644 index 94dfdb0e8..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java +++ /dev/null @@ -1,51 +0,0 @@ -package eu.stork.peps.auth.engine.core; - -import java.util.List; -import javax.xml.namespace.QName; - -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.Subject; -import org.opensaml.saml2.core.SubjectQuery; - -public interface CustomAttributeQuery extends CustomRequestAbstractType { - /** Element local name. */ - public static final String DEFAULT_ELEMENT_LOCAL_NAME = "AttributeQuery"; - - /** Default element name. */ - public static final QName DEFAULT_ELEMENT_NAME = new QName(SAMLConstants.SAML20P_NS, DEFAULT_ELEMENT_LOCAL_NAME, - SAMLConstants.SAML20P_PREFIX); - - /** Local name of the XSI type. */ - public static final String TYPE_LOCAL_NAME = "CustomAttributeQueryType"; - - /** QName of the XSI type. */ - public static final QName TYPE_NAME = new QName(SAMLConstants.SAML20P_NS, TYPE_LOCAL_NAME, - SAMLConstants.SAML20P_PREFIX); - - /** AssertionConsumerServiceURL attribute name. */ - public static final String ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME - = "AssertionConsumerServiceURL"; - - /** - * Gets the Attributes of this query. - * - * @return the list of Attributes of this query - */ - public List<Attribute> getAttributes(); - - /** - * Gets the Subject of this request. - * - * @return the Subject of this request - */ - public Subject getSubject(); - - /** - * Sets the Subject of this request. - * - * @param newSubject the Subject of this request - */ - public void setSubject(Subject newSubject); - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java deleted file mode 100644 index 77dd8c4a5..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java +++ /dev/null @@ -1,176 +0,0 @@ -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.joda.time.DateTime; -import org.opensaml.common.SAMLVersion; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.common.Extensions; -import org.opensaml.saml2.core.Issuer; - -public interface CustomRequestAbstractType extends SignableSAMLObject { - - /** Local name of the XSI type. */ - public static final String TYPE_LOCAL_NAME = "RequestAbstractType"; - - /** QName of the XSI type. */ - public static final QName TYPE_NAME = new QName(SAMLConstants.SAML20P_NS, TYPE_LOCAL_NAME, - SAMLConstants.SAML20P_PREFIX); - - /** ID attribute name. */ - public static final String ID_ATTRIB_NAME = "ID"; - - /** Version attribute name. */ - public static final String VERSION_ATTRIB_NAME = "Version"; - - /** IssueInstant attribute name. */ - public static final String ISSUE_INSTANT_ATTRIB_NAME = "IssueInstant"; - - /** Destination attribute name. */ - public static final String DESTINATION_ATTRIB_NAME = "Destination"; - - /** Destination attribute name. */ - public static final String ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME = "AssertionConsumerServiceURL"; - - /** Consent attribute name. */ - public static final String CONSENT_ATTRIB_NAME = "Consent"; - - /** Unspecified consent URI. */ - public static final String UNSPECIFIED_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:unspecified"; - - /** Obtained consent URI. */ - public static final String OBTAINED_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:obtained"; - - /** Prior consent URI. */ - public static final String PRIOR_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:prior"; - - /** Implicit consent URI. */ - public static final String IMPLICIT_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:current-implicit"; - - /** Explicit consent URI. */ - public static final String EXPLICIT_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:current-explicit"; - - /** Unavailable consent URI. */ - public static final String UNAVAILABLE_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:unavailable"; - - /** Inapplicable consent URI. */ - public static final String INAPPLICABLE_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:inapplicable"; - - /** - * Gets the SAML Version of this request. - * - * @return the SAML Version of this request. - */ - public SAMLVersion getVersion(); - - /** - * Sets the SAML Version of this request. - * - * @param newVersion the SAML Version of this request - */ - public void setVersion(SAMLVersion newVersion); - - /** - * Gets the unique identifier of the request. - * - * @return the unique identifier of the request - */ - public String getID(); - - /** - * Sets the unique identifier of the request. - * - * @param newID the unique identifier of the request - */ - - public void setID(String newID); - - /** - * Gets the date/time the request was issued. - * - * @return the date/time the request was issued - */ - - public DateTime getIssueInstant(); - - /** - * Sets the date/time the request was issued. - * - * @param newIssueInstant the date/time the request was issued - */ - public void setIssueInstant(DateTime newIssueInstant); - - /** - * Gets the URI of the destination of the request. - * - * @return the URI of the destination of the request - */ - public String getDestination(); - - /** - * Sets the URI of the destination of the request. - * - * @param newDestination the URI of the destination of the request - */ - public void setDestination(String newDestination); - - /** - * Sets the index of the particular Assertion Consumer Service to which the response to this request should be - * delivered. - * - * @param newAssertionConsumerServiceIndex the new value of the AssertionConsumerServiceIndex attribute - */ - public void setAssertionConsumerServiceURL(String newServiceUrl); - - /** - * Gets the URL of the particular Assertion Consumer Service to which the response to this request should be - * delivered. - * - * @return the value of the AssertionConsumerServiceURL attribute - */ - public String getAssertionConsumerServiceURL(); - - /** - * Gets the consent obtained from the principal for sending this request. - * - * @return the consent obtained from the principal for sending this request - */ - public String getConsent(); - - /** - * Sets the consent obtained from the principal for sending this request. - * - * @param newConsent the new consent obtained from the principal for sending this request - */ - public void setConsent(String newConsent); - - /** - * Gets the issuer of this request. - * - * @return the issuer of this request - */ - public Issuer getIssuer(); - - /** - * Sets the issuer of this request. - * - * @param newIssuer the issuer of this request - */ - public void setIssuer(Issuer newIssuer); - - /** - * Gets the Extensions of this request. - * - * @return the Status of this request - */ - public Extensions getExtensions(); - - /** - * Sets the Extensions of this request. - * - * @param newExtensions the Extensions of this request - */ - public void setExtensions(Extensions newExtensions); - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java deleted file mode 100644 index 03541ece1..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * @author fjquevedo - */ -public interface EIDCrossBorderShare extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "eIDCrossBorderShare"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "eIDCrossBorderShareType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - - /** - * Gets the eID cross border share. - * - * @return the eID cross border share - */ - String getEIDCrossBorderShare(); - - - /** - * Sets the eID cross border share. - * - * @param eIDCrossBorderShare the new eID cross border share - */ - void setEIDCrossBorderShare(String eIDCrossBorderShare); - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java deleted file mode 100644 index 14c504510..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossSectorShare. - * @author fjquevedo - */ -public interface EIDCrossSectorShare extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String ELEM_LOCAL_NAME = "eIDCrossSectorShare"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), ELEM_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "eIDCrossSectorShareType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the eID cross sector share. - * - * @return the eID cross sector share - */ - String getEIDCrossSectorShare(); - - /** - * Sets the eID cross sector share. - * - * @param eIDCrossSectorShare the new eID cross sector share - */ - void setEIDCrossSectorShare(String eIDCrossSectorShare); - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java deleted file mode 100644 index 0202f000c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDSectorShare. - * @author fjquevedo - */ -public interface EIDSectorShare extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "eIDSectorShare"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "eIDSectorShare"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - - /** - * Gets the eID sector share. - * - * @return the eID sector share - */ - String getEIDSectorShare(); - - /** - * Sets the eID sector share. - * - * @param eIDSectorShare the new eID sector share - */ - void setEIDSectorShare(String eIDSectorShare); - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java deleted file mode 100644 index d99d23896..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * STORK Quality Authentication Assurance Level Attribute Interface. - * - * @author fjquevedo - */ -public interface QAAAttribute extends SAMLObject { - - /** Element local name. */ - String DEF_LOCAL_NAME = "QualityAuthenticationAssuranceLevel"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "QualityAuthenticationAssuranceLevelAbstractType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** The minimum value allowed. */ - int MIN_VALUE = 1; - - /** The Max value allowed. */ - int MAX_VALUE = 4; - - /** - * Gets the qAA level. - * - * @return the qAA level - */ - String getQaaLevel(); - - /** - * Sets the qAA level. - * - * @param qaaLevel the new qAA level - * - */ - void setQaaLevel(String qaaLevel); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java deleted file mode 100644 index ffd32b3cf..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import java.util.List; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; -import org.opensaml.xml.AttributeExtensibleXMLObject; -import org.opensaml.xml.schema.XSBooleanValue; -import org.opensaml.xml.XMLObject; - -/** - * The Interface RequestedAttribute. - * - * @author fjquevedo - */ -public interface RequestedAttribute extends SAMLObject, - AttributeExtensibleXMLObject { - - /** Element local name. */ - String DEF_LOCAL_NAME = "RequestedAttribute"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "RequestedAttributeAbstractType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** NAME_ATTRIB_NAME attribute name. */ - String NAME_ATTRIB_NAME = "Name"; - - /** NAME_FORMAT_ATTRIB_NAME attribute name. */ - String NAME_FORMAT_ATTR = "NameFormat"; - - /** IS_REQUIRED_ATTRIB_NAME attribute name. */ - String IS_REQUIRED_ATTR = "isRequired"; - - /** FRIENDLY_NAME_ATTRIB_NAME attribute name. */ - String FRIENDLY_NAME_ATT = "FriendlyName"; - - /** Unspecified attribute format ID. */ - String UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"; - - /** URI reference attribute format ID. */ - String URI_REFERENCE = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"; - - /** Basic attribute format ID. */ - String BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic"; - - /** - * Gets the name. - * - * @return the name - */ - String getName(); - - /** - * Sets the name. - * - * @param name the new name - */ - void setName(String name); - - /** - * Gets the name format. - * - * @return the name format - */ - String getNameFormat(); - - /** - * Sets the name format. - * - * @param nameFormat the new name format - */ - void setNameFormat(String nameFormat); - - /** - * Gets the friendly name. - * - * @return the friendly name - */ - String getFriendlyName(); - - /** - * Sets the friendly name. - * - * @param friendlyName the new friendly name - */ - void setFriendlyName(String friendlyName); - - /** - * Gets the checks if is required. - * - * @return the checks if is required - */ - String isRequired(); - - /** - * Gets the checks if is required xs boolean. - * - * @return the checks if is required xs boolean - */ - String getIsRequiredXSBoolean(); - - /** - * Sets the checks if is required. - * - * @param newIsRequired the new checks if is required - */ - void setIsRequired(String newIsRequired); - - /** - * Gets the attribute values. - * - * @return the attribute values - */ - List<XMLObject> getAttributeValues(); - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java deleted file mode 100644 index 6e3da28c3..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import java.util.List; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface RequestedAttributes. - * - * @author fjquevedo - */ -public interface RequestedAttributes extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "RequestedAttributes"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "RequestedAttributesType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the attributes. - * - * @return the attributes - */ - List<RequestedAttribute> getAttributes(); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java deleted file mode 100644 index cbedcf7d9..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -/** - * The Enumeration SAMLCore. - * - * @author fjquevedo - */ - -public enum SAMLCore { - - /** The consent authentication request. */ - CONSENT_AUTHN_REQ("consentAuthnRequest"), - - /** The consent authentication response. */ - CONSENT_AUTHN_RES("consentAuthnResponse"), - - /** The FORC e_ auth n_ tag. */ - FORCE_AUTHN_TAG("forceAuthN"), - - /** The I s_ passiv e_ tag. */ - IS_PASSIVE_TAG("isPassive"), - - /** The FORMA t_ entity. */ - FORMAT_ENTITY("formatEntity"), - - /** The FRIENDLY name. */ - FRIENDLY_NAME("friendlyName"), - - /** The IS_REQUIRED AN ATTRIBUTE */ - IS_REQUIRED("isRequired"), - - /** The PRO t_ bindin g_ tag. */ - PROT_BINDING_TAG("protocolBinding"), - - /** The ASSER t_ con s_ tag. */ - ASSERT_CONS_TAG("assertionConsumerServiceURL"), - - /** The REQUESTE r_ tag. */ - REQUESTER_TAG("requester"), - - /** The RESPONDE r_ tag. */ - RESPONDER_TAG("responder"), - - /** The STOR k10_ ns. */ - STORK10_NS("urn:eu:stork:names:tc:STORK:1.0:assertion"), - - /** The STOR k10 p_ ns. */ - STORK10P_NS("urn:eu:stork:names:tc:STORK:1.0:protocol"), - - /** The STOR k10_ prefix. */ - STORK10_PREFIX("stork"), - - /** The STOR k10 p_ prefix. */ - STORK10P_PREFIX("storkp"), - - /** The STOR k10_ bas e_ uri. */ - STORK10_BASE_URI("http://www.stork.gov.eu/1.0/"), - - /** The ON e_ tim e_ use. */ - ONE_TIME_USE("oneTimeUse"); - - /** The value. */ - private String value; - - /** - * Instantiates a new sAML core. - * - * @param fullName the full name - */ - private SAMLCore(final String fullName) { - this.value = fullName; - } - - /** - * Gets the value. - * - * @return the value - */ - public String getValue() { - return value; - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java deleted file mode 100644 index e846983d8..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import java.security.KeyStore; -import java.security.cert.X509Certificate; - -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; - -import eu.stork.peps.exceptions.SAMLEngineException; - -/** - * The Interface SAMLEngineSignI. - * - * @author fjquevedo - */ -public interface SAMLEngineSignI { - - /** - * Sign. - * - * @param tokenSaml the token SAML - * - * @return the sAML object - * - * @throws SAMLEngineException the SAML engine exception - */ - SAMLObject sign(SignableSAMLObject tokenSaml) throws SAMLEngineException; - - /** - * Gets the certificate. - * - * @return the certificate - */ - X509Certificate getCertificate(); - - /** - * Gets the trustStore used when validating SAMLTokens - * - * @return the trustStore - * - */ - KeyStore getTrustStore(); - - /** - * Validate signature. - * - * @param tokenSaml the token SAML - * - * @return the sAML object - * - * @throws SAMLEngineException the SAML engine exception - */ - SAMLObject validateSignature(SignableSAMLObject tokenSaml) - throws SAMLEngineException; - - /** - * Initialize the signature module. - * - * @param fileConf the configuration file. - * - * @throws SAMLEngineException the STORKSAML engine runtime - * exception - */ - void init(String fileConf) throws SAMLEngineException; - - /** - * Load cryptographic service provider. - * - * @throws SAMLEngineException the SAML engine exception - */ - void loadCryptServiceProvider() throws SAMLEngineException; - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java deleted file mode 100644 index 9510bf790..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface SPApplication. - * - * @author fjquevedo - */ -public interface SPApplication extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "spApplication"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "spApplicationType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** - * Gets the service provider application. - * - * @return the service provider application - */ - String getSPApplication(); - - /** - * Sets the service provider application. - * - * @param spApplication the new service provider application - */ - void setSPApplication(String spApplication); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java deleted file mode 100644 index 829ace878..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface SPCountry. - * - * @author fjquevedo - */ -public interface SPCountry extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "spCountry"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "spCountryType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** - * Gets the service provider country. - * - * @return the service provider country - */ - String getSPCountry(); - - /** - * Sets the service provider country. - * - * @param spCountry the new service provider country - */ - void setSPCountry(String spCountry); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java deleted file mode 100644 index bd13f6dbf..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * @author iinigo - */ -public interface SPID extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "SPID"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "SPIDType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the SP ID. - * - * @return the SP ID - */ - String getSPID(); - - - /** - * Sets the SP ID. - * - * @param SPID the new SP ID - */ - void setSPID(String newSPID); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java deleted file mode 100644 index bc870c2cc..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * @author iinigo - */ -public interface SPInformation extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "SPInformation"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "SPInformationType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the SP Id. - * - * @return the SP Id - */ - SPID getSPID(); - - - /** - * Sets the SP Id. - * - * @param newSPId the new SP Id - */ - void setSPID(SPID newSPID); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java deleted file mode 100644 index add45023c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * - * @author fjquevedo - */ -public interface SPInstitution extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "spInstitution"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "spInstitutionType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** - * Gets the service provider institution. - * - * @return the service provider institution - */ - String getSPInstitution(); - - /** - * Sets the service provider institution. - * - * @param spInstitution the new service provider institution - */ - void setSPInstitution(String spInstitution); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java deleted file mode 100644 index 8322a0d47..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface SPSector. - * - * @author fjquevedo - */ -public interface SPSector extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "spSector"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "spSectorType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10_PREFIX.getValue()); - - /** - * Gets the service provider sector. - * - * @return the service provider sector - */ - String getSPSector(); - - /** - * Sets the service provider sector. - * - * @param spSector the new service provider sector - */ - void setSPSector(String spSector); -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java deleted file mode 100644 index 4c314ae68..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java +++ /dev/null @@ -1,508 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import java.util.Properties; - -import org.apache.commons.lang.StringUtils; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.NameIDType; -import org.opensaml.saml2.core.RequestAbstractType; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * The Class SAMLCore. - * - * @author fjquevedo - */ -public final class STORKSAMLCore { - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory - .getLogger(STORKSAMLCore.class.getName()); - - /** The consent authentication request. */ - private String consentAuthnReq = null; - - /** The consent authentication response. */ - private String consentAuthnResp = null; - - /** The id cross border share. */ - private String eIDCrossBordShare = null; - - /** The e id cross sect share. */ - private String eIDCrossSectShare = null; - - /** The e id sector share. */ - private String eIDSectorShare = null; - - /** The format entity. */ - private String formatEntity = null; - - /** The friendly name. */ - private boolean friendlyName = false; - - /** The IP validation. */ - private boolean ipValidation = false; - - /** The one time use. */ - private boolean oneTimeUse = true; - - /** The protocol binding. */ - private String protocolBinding = null; - - /** The requester. */ - private String requester = null; - - - /** The responder. */ - private String responder = null; - - /** The SAML core properties. */ - private Properties samlCoreProp = null; - - /** The time not on or after. */ - private Integer timeNotOnOrAfter = null; - - /** The is required parameter. */ - private boolean isRequired = true; - - private static final String SAML_ENGINE_LITERAL = "SamlEngine.xml: "; - - /** - * Gets the isRequired. - * - * @return the isRequired - */ - public boolean isRequired() { - return isRequired; - } - - /** - * Sets the isRequired. - * - * @param isRequired the required. - */ - public void setRequired(boolean isRequired) { - this.isRequired = isRequired; - } - - /** - * Instantiates a new sAML core. - * - * @param instance the instance - */ - public STORKSAMLCore(final Properties instance) { - loadConfiguration(instance); - } - - /** - * Gets the consent. - * - * @return the consent - */ - public String getConsentAuthnRequest() { - return consentAuthnReq; - } - - /** - * Gets the consent authentication response. - * - * @return the consent authentication response. - */ - public String getConsentAuthnResp() { - return consentAuthnResp; - } - - /** - * Gets the consent authentication response. - * - * @return the consent authentication response - */ - public String getConsentAuthnResponse() { - return consentAuthnResp; - } - - /** - * Gets the format entity. - * - * @return the format entity - */ - public String getFormatEntity() { - return formatEntity; - } - - /** - * Gets the property. - * - * @param key the key - * - * @return the property - */ - public String getProperty(final String key) { - return samlCoreProp.getProperty(key); - } - - /** - * Gets the protocol binding. - * - * @return the protocol binding - */ - public String getProtocolBinding() { - return protocolBinding; - } - - /** - * Gets the requester. - * - * @return the requester - */ - public String getRequester() { - return requester; - } - - /** - * Gets the responder. - * - * @return the responder - */ - public String getResponder() { - return responder; - } - - /** - * Gets the time not on or after. - * - * @return the time not on or after - */ - public Integer getTimeNotOnOrAfter() { - return timeNotOnOrAfter; - } - - /** - * Checks if is e id cross border share. - * - * @return true, if is e id cross border share - */ - public String iseIDCrossBorderShare() { - return eIDCrossBordShare; - } - - /** - * Checks if is e id cross border share. - * - * @return true, if is e id cross border share - */ - public String iseIDCrossBordShare() { - return eIDCrossBordShare; - } - - /** - * Checks if is e id cross sector share. - * - * @return true, if is e id cross sector share - */ - public String iseIDCrossSectorShare() { - return eIDCrossSectShare; - } - - /** - * Checks if is e id cross sect share. - * - * @return true, if is e id cross sect share - */ - public String iseIDCrossSectShare() { - return eIDCrossSectShare; - } - - /** - * Checks if is e id sector share. - * - * @return true, if is e id sector share - */ - public String iseIDSectorShare() { - return eIDSectorShare; - } - - /** - * Checks if is friendly name. - * - * @return true, if checks if is friendly name - */ - public boolean isFriendlyName() { - return friendlyName; - } - - /** - * Checks if is IP validation. - * - * @return true, if is IP validation - */ - public boolean isIpValidation() { - return ipValidation; - } - - /** - * Checks if is one time use. - * - * @return true, if is one time use - */ - public boolean isOneTimeUse() { - return oneTimeUse; - } - - /** - * Method that loads the configuration file for the SAML Engine. - * - * @param instance the instance of the Engine properties. - */ - private void loadConfiguration(final Properties instance) { - - try { - LOGGER.info("SAMLCore: Loading SAMLEngine properties."); - - samlCoreProp = instance; - - final String parameter = samlCoreProp - .getProperty(SAMLCore.FORMAT_ENTITY.getValue()); - - if ("entity".equalsIgnoreCase(parameter)) { - formatEntity = NameIDType.ENTITY; - } - - friendlyName = Boolean.valueOf(samlCoreProp - .getProperty(SAMLCore.FRIENDLY_NAME.getValue())); - - String isRequiredValue = samlCoreProp. - getProperty(SAMLCore.IS_REQUIRED.getValue()); - if (isRequiredValue != null) { - isRequired = Boolean.valueOf(isRequiredValue); - } - - eIDSectorShare = samlCoreProp - .getProperty("eIDSectorShare"); - eIDCrossSectShare = samlCoreProp - .getProperty("eIDCrossSectorShare"); - eIDCrossBordShare = samlCoreProp - .getProperty("eIDCrossBorderShare"); - - ipValidation = Boolean.valueOf(samlCoreProp - .getProperty("ipAddrValidation")); - - final String oneTimeUseProp = samlCoreProp - .getProperty(SAMLCore.ONE_TIME_USE.getValue()); - - if (StringUtils.isNotBlank(oneTimeUseProp)) { - oneTimeUse = Boolean.valueOf(oneTimeUseProp); - } - - // Protocol Binding - loadProtocolBiding(); - - // Consent Authentication Request - consentAuthnReq = samlCoreProp - .getProperty(SAMLCore.CONSENT_AUTHN_REQ.getValue()); - - if ("unspecified".equalsIgnoreCase(consentAuthnReq)) { - consentAuthnReq = RequestAbstractType.UNSPECIFIED_CONSENT; - } - - loadConsentAuthResp(); - - timeNotOnOrAfter = Integer.valueOf(samlCoreProp - .getProperty("timeNotOnOrAfter")); - - if (timeNotOnOrAfter.intValue() < 0) { - LOGGER.error(SAML_ENGINE_LITERAL + "timeNotOnOrAfter" - + " is negative number."); - - throw new SAMLEngineException(SAML_ENGINE_LITERAL - + "timeNotOnOrAfter" + " is negative number."); - } - - requester = samlCoreProp.getProperty(SAMLCore.REQUESTER_TAG.getValue()); - responder = samlCoreProp.getProperty(SAMLCore.RESPONDER_TAG.getValue()); - - } catch (SAMLEngineException e) { - LOGGER.error("SAMLCore: error loadConfiguration. ", e); - throw new STORKSAMLEngineRuntimeException(e); - } catch (RuntimeException e) { - LOGGER.error("SAMLCore: error loadConfiguration. ", e); - throw new STORKSAMLEngineRuntimeException(e); - } - } - - /** - * Load consent authentication response. - */ - private void loadConsentAuthResp() { - // Consent Authentication Response - consentAuthnResp = samlCoreProp - .getProperty(SAMLCore.CONSENT_AUTHN_RES.getValue()); - - if ("obtained".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = RequestAbstractType.OBTAINED_CONSENT; - } else if ("prior".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = RequestAbstractType.PRIOR_CONSENT; - } else if ("curent-implicit".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = - "urn:oasis:names:tc:SAML:2.0:consent:current-implicit"; - } else if ("curent-explicit".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = - "urn:oasis:names:tc:SAML:2.0:consent:current-explicit"; - } else if ("unspecified".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = RequestAbstractType.UNSPECIFIED_CONSENT; - } - } - - /** - * Load protocol biding. - * - * @throws SAMLEngineException the SAML engine exception - */ - private void loadProtocolBiding() throws SAMLEngineException { - // Protocol Binding - protocolBinding = samlCoreProp.getProperty(SAMLCore.PROT_BINDING_TAG.getValue()); - - if (StringUtils.isBlank(protocolBinding)) { - LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG - + " it's mandatory."); - throw new SAMLEngineException(SAML_ENGINE_LITERAL - + SAMLCore.PROT_BINDING_TAG + " it's mandatory."); - } else if (protocolBinding.equalsIgnoreCase("HTTP-POST")) { - protocolBinding = SAMLConstants.SAML2_POST_BINDING_URI; - } else { - LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG - + " it's not supporting."); - - throw new SAMLEngineException(SAML_ENGINE_LITERAL - + SAMLCore.PROT_BINDING_TAG + " it's not supporting."); - } - } - - /** - * Sets the consent authentication response. - * - * @param newConsAuthnResp the new consent authentication response - */ - public void setConsentAuthnResp(final String newConsAuthnResp) { - this.consentAuthnResp = newConsAuthnResp; - } - - /** - * Sets an eID that can be shared outside of the Service Provider’s member state. - * - * @param newEIDCrossBord the new eid cross border share - */ - public void setEIDCrossBordShare(final String newEIDCrossBord) { - this.eIDCrossBordShare = newEIDCrossBord; - } - - /** - * Sets an eID that can be shared outside of the Service Provider’s sector. - * - * @param newEIDCrossSect the new eid cross sect share - */ - public void setEIDCrossSectShare(final String newEIDCrossSect) { - this.eIDCrossSectShare = newEIDCrossSect; - } - - /** - * Sets an eID that can be shared within the Service Provider’s sector. - * - * @param newEIDSectorShare the new eid sector share - */ - public void seteIDSectorShare(final String newEIDSectorShare) { - this.eIDSectorShare = newEIDSectorShare; - } - - /** - * Sets the format entity. - * - * @param newFormatEntity the new format entity - */ - public void setFormatEntity(final String newFormatEntity) { - this.formatEntity = newFormatEntity; - } - - /** - * Sets the friendly name. - * - * @param newFriendlyName the new friendly name - */ - public void setFriendlyName(final boolean newFriendlyName) { - this.friendlyName = newFriendlyName; - } - - /** - * Sets the IP validation. - * - * @param newIpValidation the new IP validation - */ - public void setIpValidation(final boolean newIpValidation) { - this.ipValidation = newIpValidation; - } - - /** - * Sets the one time use. - * - * @param newOneTimeUse the new one time use - */ - public void setOneTimeUse(final boolean newOneTimeUse) { - this.oneTimeUse = newOneTimeUse; - } - - /** - * Sets the protocol binding. - * - * @param newProtBinding the new protocol binding - */ - public void setProtocolBinding(final String newProtBinding) { - this.protocolBinding = newProtBinding; - } - - /** - * Sets the requester. - * - * @param newRequester the new requester - */ - public void setRequester(final String newRequester) { - this.requester = newRequester; - } - - /** - * Sets the responder. - * - * @param newResponder the new responder - */ - public void setResponder(final String newResponder) { - this.responder = newResponder; - } - - /** - * Sets the time not on or after. - * - * @param newTimeNotOnOrAft the new time not on or after - */ - public void setTimeNotOnOrAfter(final Integer newTimeNotOnOrAft) { - this.timeNotOnOrAfter = newTimeNotOnOrAft; - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java deleted file mode 100644 index 6ee9e0e1b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface VIDPAuthenticationAttributes. - * - * @author fjquevedo - */ -public interface VIDPAuthenticationAttributes extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "VIDPAuthenticationAttributes"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "VIDPAuthenticationAttributesType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, - SAMLCore.STORK10P_PREFIX.getValue()); - - - /** - * Gets the citizen country code. - * - * @return the citizen country code - */ - CitizenCountryCode getCitizenCountryCode(); - - /** - * Sets the citizen country code. - * - * @param newCitizenCountryCode the new citizen country code - */ - void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode); - - /** - * Gets the SP information - * - * @return the SP information - */ - SPInformation getSPInformation(); - - /** - * Sets the SP information - * - * @param newSPInformation the new SPInformation - */ - void setSPInformation(SPInformation newSPInformation); - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java deleted file mode 100644 index 2d9039d4c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.AuthenticationAttributes; - -/** - * The Class AuthenticationAttributesBuilder. - * - * @author fjquevedo - */ -public class AuthenticationAttributesBuilder extends - AbstractSAMLObjectBuilder<AuthenticationAttributes> { - - - - /** - * Builds the object. - * - * @return the authentication attributes - */ - public final AuthenticationAttributes buildObject() { - return buildObject(AuthenticationAttributes.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace URI - * @param localName the local name - * @param namespacePrefix the namespace prefix - * - * @return the authentication attributes - */ - public final AuthenticationAttributes buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new AuthenticationAttributesImpl(namespaceURI, localName, - namespacePrefix); - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java deleted file mode 100644 index e0de20f7d..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSignableSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.AuthenticationAttributes; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class AuthenticationAttributesImpl. - * - * @author fjquevedo - */ -public final class AuthenticationAttributesImpl extends AbstractSignableSAMLObject implements -AuthenticationAttributes { - - private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationAttributesImpl.class.getName()); - - /** The indexed children. */ - private VIDPAuthenticationAttributes vIDPAuthenAttr; - - /** - * Instantiates a new authentication attributes implementation. - * - * @param namespaceURI the namespace uri - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected AuthenticationAttributesImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - * - */ - public List<XMLObject> getOrderedChildren() { - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - children.add(vIDPAuthenAttr); - - if (getSignature() != null) { - children.add(getSignature()); - } - - return Collections.unmodifiableList(children); - } - - /** - * Gets the signature reference id. - * - * @return the signature reference id - * - */ - public String getSignatureReferenceID() { - return null; - } - - /** - * Gets the vidp authentication attributes. - * - * @return the VIDP authentication attributes - * - */ - public VIDPAuthenticationAttributes getVIDPAuthenticationAttributes() { - return vIDPAuthenAttr; - } - - /** - * Sets the vidp authentication attributes. - * - * @param newVIDPAuthenAttr the new vidp authen attr - * - */ - public void setVIDPAuthenticationAttributes( - final VIDPAuthenticationAttributes newVIDPAuthenAttr) { - vIDPAuthenAttr = prepareForAssignment(this.vIDPAuthenAttr, newVIDPAuthenAttr); - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java deleted file mode 100644 index 072da4edd..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; - -/** - * The Class AuthenticationAttributesMarshaller. - * - * @author fjquevedo - */ -public class AuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller { - - - - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java deleted file mode 100644 index f8a58a273..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; - -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; - -import eu.stork.peps.auth.engine.core.AuthenticationAttributes; - -/** - * The Class AuthenticationAttributesUnmarshaller. - * - * @author fjquevedo - */ -public class AuthenticationAttributesUnmarshaller extends - AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentObject the parent object - * @param childObject the child object - * - * @throws UnmarshallingException the unmarshalling exception - * - */ - protected final void processChildElement(final XMLObject parentObject, - final XMLObject childObject) throws UnmarshallingException { - final AuthenticationAttributes attrStatement = (AuthenticationAttributes) parentObject; - - if (childObject instanceof VIDPAuthenticationAttributes) { - attrStatement.setVIDPAuthenticationAttributes((VIDPAuthenticationAttributes) childObject); - } else { - super.processChildElement(parentObject, childObject); - } - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java deleted file mode 100644 index 64651691f..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; - -/** - * The Class CitizenCountryCodeBuilder. - * - * @author fjquevedo - */ -public class CitizenCountryCodeBuilder extends AbstractSAMLObjectBuilder<CitizenCountryCode> { - - /** - * Builds the object. - * - * @return the citizen country code - */ - public final CitizenCountryCode buildObject() { - return buildObject(CitizenCountryCode.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the citizen country code - */ - public final CitizenCountryCode buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new CitizenCountryCodeImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java deleted file mode 100644 index 374398cf1..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class CitizenCountryCodeImpl. - * - * @author fjquevedo - */ -public class CitizenCountryCodeImpl extends AbstractSAMLObject implements CitizenCountryCode { - - private static final Logger LOGGER = LoggerFactory.getLogger(CitizenCountryCodeImpl.class.getName()); - /** The citizen country code. */ - private String citizenCountryCode; - - /** - * Instantiates a new sP country impl. - * - * @param namespaceURI the namespace uri - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected CitizenCountryCodeImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the citizen country code. - * - * @return the citizen country code - */ - public final String getCitizenCountryCode() { - return citizenCountryCode; - } - - /** - * Sets the citizen country code. - * - * @param newCitizenCountryCode the new citizen country code - */ - public final void setCitizenCountryCode(final String newCitizenCountryCode) { - this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java deleted file mode 100644 index decae04c5..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; - -/** - * The Class SPCountryMarshaller. - * - * @author fjquevedo - */ -public class CitizenCountryCodeMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject; - XMLHelper.appendTextContent(domElement, citizenCountryCode.getCitizenCountryCode()); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java deleted file mode 100644 index 93132b508..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; - -/** - * The Class CitizenCountryCodeUnmarshaller. - * - * @author fjquevedo - */ -public class CitizenCountryCodeUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param elementContent the element content - */ - protected final void processElementContent(final XMLObject samlObject, - final String elementContent) { - final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject; - citizenCountryCode.setCitizenCountryCode(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java deleted file mode 100644 index 48da2a24b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java +++ /dev/null @@ -1,26 +0,0 @@ -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; -import org.opensaml.common.xml.SAMLConstants; -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; - -public class CustomAttributeQueryBuilder extends AbstractSAMLObjectBuilder<CustomAttributeQuery> { - /** - * Constructor. - */ - public CustomAttributeQueryBuilder() { - - } - - /** {@inheritDoc} */ - public CustomAttributeQuery buildObject() { - return buildObject(SAMLConstants.SAML20P_NS, CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME, - SAMLConstants.SAML20P_PREFIX); - } - - /** {@inheritDoc} */ - public CustomAttributeQuery buildObject(String namespaceURI, String localName, String namespacePrefix) { - return new CustomAttributeQueryImpl(namespaceURI, localName, namespacePrefix); - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java deleted file mode 100644 index fdd7c268d..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java +++ /dev/null @@ -1,63 +0,0 @@ -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.impl.SubjectQueryImpl; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.util.XMLObjectChildrenList; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; - - -public class CustomAttributeQueryImpl extends SubjectQueryImpl implements CustomAttributeQuery { - /** Attribute child elements. */ - private final XMLObjectChildrenList<Attribute> attributes; - private String serviceURL; - - /** - * Constructor. - * - * @param namespaceURI the namespace the element is in - * @param elementLocalName the local name of the XML element this Object represents - * @param namespacePrefix the prefix for the given namespace - */ - protected CustomAttributeQueryImpl(String namespaceURI, String elementLocalName, String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - attributes = new XMLObjectChildrenList<Attribute>(this); - } - - /** {@inheritDoc} */ - public List<Attribute> getAttributes() { - return attributes; - } - - /** {@inheritDoc} */ - public List<XMLObject> getOrderedChildren() { - ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - if (super.getOrderedChildren() != null) { - children.addAll(super.getOrderedChildren()); - } - children.addAll(attributes); - - if (children.size() == 0) { - return null; - } - - return Collections.unmodifiableList(children); - } - - public String getAssertionConsumerServiceURL() { - // TODO Auto-generated method stub - return this.serviceURL; - } - - public void setAssertionConsumerServiceURL(String newServiceUrl) { - // TODO Auto-generated method stub - this.serviceURL = newServiceUrl; - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java deleted file mode 100644 index 7f2013ca8..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java +++ /dev/null @@ -1,50 +0,0 @@ -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.Configuration; -import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.impl.SubjectQueryMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.CustomRequestAbstractType; - -public class CustomAttributeQueryMarshaller extends SubjectQueryMarshaller { - - /** {@inheritDoc} */ - protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException { - CustomRequestAbstractType req = (CustomRequestAbstractType) samlObject; - - if (req.getVersion() != null) { - domElement.setAttributeNS(null, RequestAbstractType.VERSION_ATTRIB_NAME, req.getVersion().toString()); - } - - if (req.getID() != null) { - domElement.setAttributeNS(null, RequestAbstractType.ID_ATTRIB_NAME, req.getID()); - domElement.setIdAttributeNS(null, RequestAbstractType.ID_ATTRIB_NAME, true); - } - - if (req.getVersion() != null) { - domElement.setAttributeNS(null, RequestAbstractType.VERSION_ATTRIB_NAME, req.getVersion().toString()); - } - - if (req.getIssueInstant() != null) { - String iiStr = Configuration.getSAMLDateFormatter().print(req.getIssueInstant()); - domElement.setAttributeNS(null, RequestAbstractType.ISSUE_INSTANT_ATTRIB_NAME, iiStr); - } - - if (req.getDestination() != null) { - domElement.setAttributeNS(null, RequestAbstractType.DESTINATION_ATTRIB_NAME, req.getDestination()); - } - - if (req.getAssertionConsumerServiceURL() != null) { - domElement.setAttributeNS(null, CustomRequestAbstractType.ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME, req.getAssertionConsumerServiceURL()); - } - - if (req.getConsent() != null) { - domElement.setAttributeNS(null, RequestAbstractType.CONSENT_ATTRIB_NAME, req.getConsent()); - } - } - - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java deleted file mode 100644 index e351b65b0..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java +++ /dev/null @@ -1,114 +0,0 @@ -package eu.stork.peps.auth.engine.core.impl; - -import org.joda.time.DateTime; -import org.joda.time.chrono.ISOChronology; -import org.opensaml.common.SAMLVersion; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.impl.SubjectQueryUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.AbstractXMLObjectUnmarshaller; -import org.opensaml.xml.io.UnmarshallingException; -import org.opensaml.xml.util.DatatypeHelper; -import org.opensaml.xml.util.XMLHelper; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Attr; -import org.w3c.dom.Element; -import org.w3c.dom.NamedNodeMap; -import org.w3c.dom.Node; -import org.w3c.dom.Text; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.CustomRequestAbstractType; - -public class CustomAttributeQueryUnmarshaller extends SubjectQueryUnmarshaller { - - private final Logger log = LoggerFactory.getLogger(AbstractXMLObjectUnmarshaller.class); - /** {@inheritDoc} */ - protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject) - throws UnmarshallingException { - CustomAttributeQuery query = (CustomAttributeQuery) parentSAMLObject; - - if (childSAMLObject instanceof Attribute) { - query.getAttributes().add((Attribute) childSAMLObject); - } else { - super.processChildElement(parentSAMLObject, childSAMLObject); - } - } - - /** {@inheritDoc} */ - public XMLObject unmarshall(Element domElement) throws UnmarshallingException { - if (log.isTraceEnabled()) { - log.trace("Starting to unmarshall DOM element {}", XMLHelper.getNodeQName(domElement)); - } - - checkElementIsTarget(domElement); - - //String namespaceURI, String elementLocalName, String namespacePrefix - XMLObject xmlObject = new CustomAttributeQueryImpl(SAMLConstants.SAML20P_NS, CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME, - SAMLConstants.SAML20P_PREFIX); - - if (log.isTraceEnabled()) { - log.trace("Unmarshalling attributes of DOM Element {}", XMLHelper.getNodeQName(domElement)); - } - - NamedNodeMap attributes = domElement.getAttributes(); - Node attribute; - for (int i = 0; i < attributes.getLength(); i++) { - attribute = attributes.item(i); - - // These should allows be attribute nodes, but just in case... - if (attribute.getNodeType() == Node.ATTRIBUTE_NODE) { - unmarshallAttribute(xmlObject, (Attr) attribute); - } - } - - if (log.isTraceEnabled()) { - log.trace("Unmarshalling other child nodes of DOM Element {}", XMLHelper.getNodeQName(domElement)); - } - - Node childNode = domElement.getFirstChild(); - while (childNode != null) { - - if (childNode.getNodeType() == Node.ATTRIBUTE_NODE) { - unmarshallAttribute(xmlObject, (Attr) childNode); - } else if (childNode.getNodeType() == Node.ELEMENT_NODE) { - unmarshallChildElement(xmlObject, (Element) childNode); - } else if (childNode.getNodeType() == Node.TEXT_NODE - || childNode.getNodeType() == Node.CDATA_SECTION_NODE) { - unmarshallTextContent(xmlObject, (Text) childNode); - } - - childNode = childNode.getNextSibling(); - } - - xmlObject.setDOM(domElement); - return xmlObject; - } - - /** {@inheritDoc} */ - protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException { - CustomRequestAbstractType req = (CustomRequestAbstractType) samlObject; - - if (attribute.getLocalName().equals(RequestAbstractType.VERSION_ATTRIB_NAME)) { - req.setVersion(SAMLVersion.valueOf(attribute.getValue())); - } else if (attribute.getLocalName().equals(RequestAbstractType.ID_ATTRIB_NAME)) { - req.setID(attribute.getValue()); - attribute.getOwnerElement().setIdAttributeNode(attribute, true); - } else if (attribute.getLocalName().equals(RequestAbstractType.ISSUE_INSTANT_ATTRIB_NAME) - && !DatatypeHelper.isEmpty(attribute.getValue())) { - req.setIssueInstant(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC())); - } else if (attribute.getLocalName().equals(RequestAbstractType.DESTINATION_ATTRIB_NAME)) { - req.setDestination(attribute.getValue()); - } else if (attribute.getLocalName().equals(RequestAbstractType.CONSENT_ATTRIB_NAME)) { - req.setConsent(attribute.getValue()); - } else if (attribute.getLocalName().equals(CustomRequestAbstractType.ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME)) { - req.setAssertionConsumerServiceURL(attribute.getValue()); - }else { - super.processAttribute(samlObject, attribute); - } - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java deleted file mode 100644 index 3f4fc633d..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; - -/** - * The Class EIDCrossBorderShareBuilder. - * - * @author fjquevedo - */ -public class EIDCrossBorderShareBuilder extends AbstractSAMLObjectBuilder<EIDCrossBorderShare> { - - - /** - * Builds the object. - * - * @return the identifier cross border share - */ - public final EIDCrossBorderShare buildObject() { - return buildObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); - } - - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the eID cross border share - */ - public final EIDCrossBorderShare buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new EIDCrossBorderShareImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java deleted file mode 100644 index 3827f5085..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class EIDCrossBorderShareImpl. - * - * @author fjquevedo - */ -public class EIDCrossBorderShareImpl extends AbstractSAMLObject implements - EIDCrossBorderShare { - - private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossBorderShareImpl.class.getName()); - /** The citizen country code. */ - private String eIDCrossBorderShare; - - /** - * Instantiates a new eID cross border share implementation. - * - * @param namespaceURI the namespace URI - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected EIDCrossBorderShareImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - - - /** - * Gets the eID cross border share. - * - * @return the eID cross border share - */ - public final String getEIDCrossBorderShare() { - return eIDCrossBorderShare; - } - - - /** - * Sets the eID cross border share. - * - * @param newEIDCrossBorderShare the new eID cross border share - */ - public final void setEIDCrossBorderShare(String newEIDCrossBorderShare) { - this.eIDCrossBorderShare = prepareForAssignment(this.eIDCrossBorderShare, newEIDCrossBorderShare); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - * {@inheritDoc} - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java deleted file mode 100644 index c5e113013..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; - - -/** - * The Class EIDCrossBorderShareMarshaller. - * - * @author fjquevedo - */ -public class EIDCrossBorderShareMarshaller extends AbstractSAMLObjectMarshaller { - - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject; - XMLHelper.appendTextContent(domElement, crossBorderShare.getEIDCrossBorderShare()); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java deleted file mode 100644 index e74bee6ca..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; - -/** - * The Class EIDCrossBorderShareUnmarshaller. - * - * @author fjquevedo - */ -public class EIDCrossBorderShareUnmarshaller extends - AbstractSAMLObjectUnmarshaller { - - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param elementContent the element content - */ - protected final void processElementContent(final XMLObject samlObject, - final String elementContent) { - final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject; - crossBorderShare.setEIDCrossBorderShare(elementContent); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java deleted file mode 100644 index 5e91e18fd..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; - -/** - * The Class EIDCrossSectorShareBuilder. - * - * @author fjquevedo - */ -public class EIDCrossSectorShareBuilder extends - AbstractSAMLObjectBuilder<EIDCrossSectorShare> { - - /** - * Builds the object. - * - * @return the eID cross sector share - */ - public final EIDCrossSectorShare buildObject() { - return buildObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the eID cross sector share implementation - */ - public final EIDCrossSectorShareImpl buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new EIDCrossSectorShareImpl(namespaceURI, localName, - namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java deleted file mode 100644 index 7b2ad3dbd..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; - -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - - -/** - * The Class EIDCrossSectorShareImpl. - * - * @author fjquevedo - */ -public class EIDCrossSectorShareImpl extends AbstractSAMLObject implements - EIDCrossSectorShare { - - private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossSectorShareImpl.class.getName()); - /** The citizen country code. */ - private String eIDCrossSectorShare; - - - /** - * Instantiates a new eID cross sector share implementation. - * - * @param namespaceURI the namespace URI - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected EIDCrossSectorShareImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - - - /** - * Gets the eID cross sector share. - * - * @return the eID cross sector share - */ - public final String getEIDCrossSectorShare() { - return eIDCrossSectorShare; - } - - - /** - * Sets the eID cross sector share. - * - * @param newEIDCrossSectorShare the new eID cross sector share - */ - public final void setEIDCrossSectorShare(String newEIDCrossSectorShare) { - this.eIDCrossSectorShare = prepareForAssignment(this.eIDCrossSectorShare, newEIDCrossSectorShare); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java deleted file mode 100644 index 3ee9df698..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; - - -/** - * The Class EIDCrossSectorShareMarshaller. - * - * @author fjquevedo - */ -public class EIDCrossSectorShareMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject; - XMLHelper.appendTextContent(domElement, crossSectorShare.getEIDCrossSectorShare()); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java deleted file mode 100644 index 94c7689be..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; - -/** - * The Class EIDCrossSectorShareUnmarshaller. - * - * @author fjquevedo - */ -public class EIDCrossSectorShareUnmarshaller extends - AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void processElementContent(final XMLObject samlObject, - final String domElement) { - - final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject; - crossSectorShare.setEIDCrossSectorShare(domElement); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java deleted file mode 100644 index 230ff3ca4..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.EIDSectorShare; - -/** - * The Class EIDSectorShareBuilder. - * - * @author fjquevedo - */ -public class EIDSectorShareBuilder extends - AbstractSAMLObjectBuilder<EIDSectorShare> { - - /** - * Builds the object. - * - * @return the eID sector share - */ - public final EIDSectorShare buildObject() { - return buildObject(EIDSectorShare.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the eID sector share - */ - public final EIDSectorShare buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new EIDSectorShareImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java deleted file mode 100644 index 49ef68cb9..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.EIDSectorShare; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -// TODO: Auto-generated Javadoc -/** - * The Class EIDSectorShareImpl. - * - * @author fjquevedo - */ -public class EIDSectorShareImpl extends AbstractSAMLObject implements - EIDSectorShare { - - private static final Logger LOGGER = LoggerFactory.getLogger(EIDSectorShareImpl.class.getName()); - - /** The e id sector share. */ - private String eIDSectorShare; - /** - * Instantiates a new eID sector share implementation. - * - * @param namespaceURI the namespace URI - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected EIDSectorShareImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - - /** - * Gets the eID sector share. - * - * @return the eID sector share - */ - public final String getEIDSectorShare() { - return eIDSectorShare; - } - - /** - * Sets the eID sector share. - * - * @param newEIDSectorShare the new eID sector share - */ - public final void setEIDSectorShare(String newEIDSectorShare) { - this.eIDSectorShare = prepareForAssignment(this.eIDSectorShare, newEIDSectorShare); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java deleted file mode 100644 index 0ce449cd1..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.saml2.core.impl.AbstractNameIDTypeMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDSectorShare; - -/** - * The Class EIDSectorShareMarshaller. - * - * @author fjquevedo - */ -public class EIDSectorShareMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final EIDSectorShare sectorShare = (EIDSectorShare) samlObject; - XMLHelper.appendTextContent(domElement, sectorShare.getEIDSectorShare()); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java deleted file mode 100644 index f7f00adb9..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDSectorShare; - - -/** - * The Class EIDSectorShareUnmarshaller. - * - * @author fjquevedo - */ -public class EIDSectorShareUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void processElementContent(final XMLObject samlObject, - final String domElement) { - final EIDSectorShare sectorShare = (EIDSectorShare) samlObject; - sectorShare.setEIDSectorShare(domElement); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java deleted file mode 100644 index 41676931b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class QAAAttributeBuilder. - * - * @author fjquevedo - */ -public class QAAAttributeBuilder extends - AbstractSAMLObjectBuilder<QAAAttribute> { - - /** - * Builds the object. - * - * @return the quality authentication assurance object - */ - public final QAAAttribute buildObject() { - return buildObject(QAAAttribute.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the quality authentication assurance object - - */ - public final QAAAttribute buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new QAAAttributeImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java deleted file mode 100644 index 46f3bb402..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.QAAAttribute; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class QAAAttributeImpl. - * - * @author fjquevedo - */ -public class QAAAttributeImpl extends AbstractSAMLObject implements - QAAAttribute { - - private static final Logger LOGGER = LoggerFactory.getLogger(QAAAttributeImpl.class.getName()); - /** The quality authentication assurance level. */ - private String qaaLevel; - - /** - * Constructor. - * - * @param namespaceURI the namespace the element is in - * @param elementLocalName the local name of the XML element this Object - * represents - * @param namespacePrefix the prefix for the given namespace - */ - protected QAAAttributeImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the quality authentication assurance level. - * - * @return the quality authentication assurance level - */ - public final String getQaaLevel() { - return qaaLevel; - } - - /** - * Sets the quality authentication assurance level. - * - * @param newQaaLevel the new quality authentication assurance level - */ - public final void setQaaLevel(final String newQaaLevel) { - this.qaaLevel = prepareForAssignment(this.qaaLevel, newQaaLevel); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java deleted file mode 100644 index 000879368..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class QAAAttributeMarshaller. - * - * @author fjquevedo - */ -public class QAAAttributeMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final QAAAttribute qaaAttribute = (QAAAttribute) samlObject; - XMLHelper.appendTextContent(domElement, qaaAttribute.getQaaLevel()); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java deleted file mode 100644 index 8445e4eeb..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class QAAAttributeUnmarshaller. - * - * @author fjquevedo - */ -public class QAAAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param elementContent the element content - */ - protected final void processElementContent(final XMLObject samlObject, - final String elementContent) { - final QAAAttribute qaaLevel = (QAAAttribute) samlObject; - qaaLevel.setQaaLevel(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java deleted file mode 100644 index c9881c439..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; - -/** - * The Class RequestedAttributeBuilder. - * - * @author fjquevedo - */ -public class RequestedAttributeBuilder extends - AbstractSAMLObjectBuilder<RequestedAttribute> { - - - /** - * Builds the object. - * - * @return the requested attribute - */ - public final RequestedAttribute buildObject() { - return buildObject(RequestedAttribute.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the requested attribute - */ - public final RequestedAttribute buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new RequestedAttributeImpl(namespaceURI, localName, - namespacePrefix); - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java deleted file mode 100644 index ac2e8a3ee..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java +++ /dev/null @@ -1,220 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.schema.XSBooleanValue; -import org.opensaml.xml.util.AttributeMap; -import org.opensaml.xml.util.XMLObjectChildrenList; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -// TODO: Auto-generated Javadoc -/** - * The Class RequestedAttributeImpl. - * - * @author fjquevedo - */ -public class RequestedAttributeImpl extends AbstractSAMLObject implements - RequestedAttribute { - - private static final Logger LOGGER = LoggerFactory.getLogger(RequestedAttributeImpl.class.getName()); - /** - * The attribute values. - */ - private final XMLObjectChildrenList<XMLObject> attributeValues; - - /** - * The friendly name. - * - */ - private String friendlyName; - - /** - * The is required. - */ - private String isRequired; - - /** - * The name. - * - */ - private String name; - - /** - * The name format. - * - */ - private String nameFormat; - - /** - * The unknown attributes. - * - */ - private AttributeMap unknownAttributes; - - /** - * Instantiates a new requested attribute impl. - * - * @param namespaceURI the namespace uri - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected RequestedAttributeImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - unknownAttributes = new AttributeMap(this); - attributeValues = new XMLObjectChildrenList<XMLObject>(this); - } - - - /** - * Gets the attribute values. - * - * @return the attribute values - */ - public final List<XMLObject> getAttributeValues() { - return attributeValues; - } - - /** - * Gets the friendly name. - * - * @return the friendly name. - */ - public final String getFriendlyName() { - return friendlyName; - } - - - /** - * Gets the checks if is required. - * - * @return the boolean if it's required. - */ - public final String isRequired() { - return isRequired; - } - - - /** - * Gets the is required xs boolean. - * - * @return the XSBoolean if it's required. - */ - public final String getIsRequiredXSBoolean() { - return isRequired; - } - - - /** - * Gets the name. - * - * @return the name - */ - public final String getName() { - return name; - } - - - /** - * Gets the name format. - * - * @return the name format. - */ - public final String getNameFormat() { - return nameFormat; - } - - /** - * Gets the ordered children. - * - * @return the list of XMLObject. - */ - public final List<XMLObject> getOrderedChildren() { - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - children.addAll(attributeValues); - return Collections.unmodifiableList(children); - } - - /** - * Gets the unknown attributes. - * - * @return the attribute map - */ - public final AttributeMap getUnknownAttributes() { - return unknownAttributes; - } - - /** - * Sets the friendly name. - * - * @param newFriendlyName the new friendly name format - */ - public final void setFriendlyName(final String newFriendlyName) { - this.friendlyName = prepareForAssignment(this.friendlyName, - newFriendlyName); - } - - /** - * Set new boolean value isRequired. - * @param newIsRequired then new value - */ - public final void setIsRequired(final String newIsRequired) { - isRequired = prepareForAssignment(this.isRequired, newIsRequired); - - } - - /** - * Sets the name. - * - * @param newName the new name - */ - public final void setName(final String newName) { - this.name = prepareForAssignment(this.name, newName); - } - - /** - * Sets the name format. - * - * @param newNameFormat the new name format - */ - public final void setNameFormat(final String newNameFormat) { - this.nameFormat = prepareForAssignment(this.nameFormat, newNameFormat); - } - - /** - * Sets the unknown attributes. - * - * @param newUnknownAttr the new unknown attributes - */ - public final void setUnknownAttributes(final AttributeMap newUnknownAttr) { - this.unknownAttributes = newUnknownAttr; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java deleted file mode 100644 index 1a14a118a..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.Map.Entry; - -import javax.xml.namespace.QName; - -import org.opensaml.Configuration; -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Attr; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; - -/** - * The Class RequestedAttributeMarshaller. - * - * @author fjquevedo - */ -public class RequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall attributes. - * - * @param samlElement the SAML element - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallAttributes(final XMLObject samlElement, - final Element domElement) throws MarshallingException { - final RequestedAttribute requestedAttr = (RequestedAttribute) samlElement; - - if (requestedAttr.getName() != null) { - domElement.setAttributeNS(null, - RequestedAttribute.NAME_ATTRIB_NAME, requestedAttr - .getName()); - } - - if (requestedAttr.getNameFormat() != null) { - domElement.setAttributeNS(null, - RequestedAttribute.NAME_FORMAT_ATTR, requestedAttr - .getNameFormat()); - } - - if (requestedAttr.getFriendlyName() != null) { - domElement.setAttributeNS(null, - RequestedAttribute.FRIENDLY_NAME_ATT, requestedAttr - .getFriendlyName()); - } - - if (requestedAttr.getIsRequiredXSBoolean() != null) { - domElement.setAttributeNS(null, - RequestedAttribute.IS_REQUIRED_ATTR, requestedAttr - .getIsRequiredXSBoolean().toString()); - } - - Attr attr; - for (Entry<QName, String> entry : requestedAttr.getUnknownAttributes() - .entrySet()) { - attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(), - entry.getKey()); - attr.setValue(entry.getValue()); - domElement.setAttributeNodeNS(attr); - if (Configuration.isIDAttribute(entry.getKey()) - || requestedAttr.getUnknownAttributes().isIDAttribute( - entry.getKey())) { - attr.getOwnerElement().setIdAttributeNode(attr, true); - } - } - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java deleted file mode 100644 index c07f852d9..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import javax.xml.namespace.QName; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; - -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; -import org.opensaml.xml.schema.XSBooleanValue; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Attr; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.SAMLCore; - -/** - * The Class RequestedAttributeUnmarshaller. - * - * @author fjquevedo - */ -public class RequestedAttributeUnmarshaller extends - AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentSAMLObject parent SAMLObject - * @param childSAMLObject child SAMLObject - * - * @throws UnmarshallingException error at unmarshall XML object - */ - protected final void processChildElement(final XMLObject parentSAMLObject, - final XMLObject childSAMLObject) throws UnmarshallingException { - - final RequestedAttribute requestedAttr = (RequestedAttribute) parentSAMLObject; - - final QName childQName = childSAMLObject.getElementQName(); - if (childQName.getLocalPart().equals("AttributeValue") - && childQName.getNamespaceURI().equals(SAMLCore.STORK10_NS.getValue())) { - requestedAttr.getAttributeValues().add(childSAMLObject); - } else { - super.processChildElement(parentSAMLObject, childSAMLObject); - } - } - - /** - * Process attribute. - * - * @param samlObject the SAML object - * @param attribute the attribute - * @throws UnmarshallingException the unmarshalling exception - */ - protected final void processAttribute(final XMLObject samlObject, - final Attr attribute) throws UnmarshallingException { - - final RequestedAttribute requestedAttr = (RequestedAttribute) samlObject; - - if (attribute.getLocalName() - .equals(RequestedAttribute.NAME_ATTRIB_NAME)) { - requestedAttr.setName(attribute.getValue()); - } else if (attribute.getLocalName().equals( - RequestedAttribute.NAME_FORMAT_ATTR)) { - requestedAttr.setNameFormat(attribute.getValue()); - } else if (attribute.getLocalName().equals( - RequestedAttribute.FRIENDLY_NAME_ATT)) { - requestedAttr.setFriendlyName(attribute.getValue()); - } else if (attribute.getLocalName().equals( - RequestedAttribute.IS_REQUIRED_ATTR)) { - requestedAttr.setIsRequired(attribute - .getValue()); - - } else { - final QName attribQName = XMLHelper.getNodeQName(attribute); - if (attribute.isId()) { - requestedAttr.getUnknownAttributes().registerID(attribQName); - } - requestedAttr.getUnknownAttributes().put(attribQName, - attribute.getValue()); - } - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java deleted file mode 100644 index d421c53d2..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.RequestedAttributes; - -/** - * The Class RequestedAttributesBuilder. - * - * @author fjquevedo - */ -public class RequestedAttributesBuilder extends - AbstractSAMLObjectBuilder<RequestedAttributes> { - - - /** - * Builds the object. - * - * @return the requested attributes - */ - public final RequestedAttributes buildObject() { - return buildObject(RequestedAttributes.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the requested attributes - */ - public final RequestedAttributes buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new RequestedAttributesImpl(namespaceURI, localName, - namespacePrefix); - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java deleted file mode 100644 index 0a5b37add..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.util.IndexedXMLObjectChildrenList; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttributes; - -/** - * The Class RequestedAttributesImpl. - * - * @author fjquevedo - */ -public class RequestedAttributesImpl extends AbstractSAMLObject implements - RequestedAttributes { - - /** - * Instantiates a new requested attributes implement. - * - * @param namespaceURI the namespace URI - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected RequestedAttributesImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - indexedChildren = new IndexedXMLObjectChildrenList<XMLObject>(this); - } - - /** The indexed children. */ - private final IndexedXMLObjectChildrenList<XMLObject> indexedChildren; - - /** - * Gets the indexed children. - * - * @return the indexed children - */ - public final IndexedXMLObjectChildrenList<XMLObject> getIndexedChildren() { - return indexedChildren; - } - - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - children.addAll(indexedChildren); - - return Collections.unmodifiableList(children); - - } - - /** - * Gets the attributes. - * - * @return the attributes - * - * @see eu.stork.peps.auth.engine.core.RequestedAttributes#getAttributes() - */ - @SuppressWarnings("unchecked") - public final List<RequestedAttribute> getAttributes() { - return (List<RequestedAttribute>) indexedChildren - .subList(RequestedAttribute.DEF_ELEMENT_NAME); - } - - @Override - public int hashCode() { - throw new UnsupportedOperationException("hashCode method not implemented"); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java deleted file mode 100644 index dfc42adf3..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; - -/** - * The Class RequestedAttributesMarshaller. - * - * @author fjquevedo - */ -public class RequestedAttributesMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Instantiates a new requested attributes marshaller. - */ - public RequestedAttributesMarshaller() { - super(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java deleted file mode 100644 index 41b3afa40..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttributes; - -/** - * The Class RequestedAttributesUnmarshaller. - * - * @author fjquevedo - */ -public class RequestedAttributesUnmarshaller extends - AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentObject the parent object - * @param childObject the child object - * - * @throws UnmarshallingException error in unmarshall - */ - protected final void processChildElement(final XMLObject parentObject, - final XMLObject childObject) throws UnmarshallingException { - final RequestedAttributes attrStatement = (RequestedAttributes) parentObject; - - if (childObject instanceof RequestedAttribute) { - attrStatement.getAttributes().add((RequestedAttribute) childObject); - } else { - super.processChildElement(parentObject, childObject); - } - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java deleted file mode 100644 index a35c77936..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPApplication; - -/** - * The Class SPApplicationBuilder. - * - * @author fjquevedo - */ -public class SPApplicationBuilder extends - AbstractSAMLObjectBuilder<SPApplication> { - - /** - * Builds the object. - * - * @return the service provider application - */ - public final SPApplication buildObject() { - return buildObject(SPApplication.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the service provider application - */ - public final SPApplication buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new SPApplicationImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java deleted file mode 100644 index 0a428a521..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPApplication; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPApplicationImpl. - * - * @author fjquevedo - */ -public class SPApplicationImpl extends AbstractSAMLObject implements - SPApplication { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPApplicationImpl.class.getName()); - /** The service provider application. */ - private String spApplication; - - /** - * Instantiates a new service provider application. - * - * @param namespaceURI the namespace uri - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected SPApplicationImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the service provider application. - * - * @return the service provider application - */ - public final String getSPApplication() { - return spApplication; - } - - /** - * Sets the service provider application. - * - * @param newSpApplication the new service provider application - */ - public final void setSPApplication(final String newSpApplication) { - this.spApplication = prepareForAssignment(this.spApplication, - newSpApplication); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java deleted file mode 100644 index 4866c3535..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPApplication; - -/** - * The Class SPApplicationMarshaller. - * - * @author fjquevedo - */ -public class SPApplicationMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final SPApplication spApplication = (SPApplication) samlObject; - XMLHelper.appendTextContent(domElement, spApplication - .getSPApplication()); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java deleted file mode 100644 index a28432a13..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPApplication; - - -/** - * The Class SPApplicationUnmarshaller. - * - * @author fjquevedo - */ -public class SPApplicationUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param elementContent the element content - */ - protected final void processElementContent(final XMLObject samlObject, - final String elementContent) { - final SPApplication spApplication = (SPApplication) samlObject; - spApplication.setSPApplication(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java deleted file mode 100644 index 48ec92f49..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPCountry; - -/** - * The Class SPCountryBuilder. - * - * @author fjquevedo - */ -public class SPCountryBuilder extends AbstractSAMLObjectBuilder<SPCountry> { - - - /** - * Builds the object SPCountry. - * - * @return the service provider country - */ - public final SPCountry buildObject() { - return buildObject(SPCountry.DEF_ELEMENT_NAME); - } - - - /** - * Builds the object SPCountry. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the service provider country - */ - public final SPCountry buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new SPCountryImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java deleted file mode 100644 index 40a1ac86a..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPCountry; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPCountryImpl. - * - * @author fjquevedo - */ -public class SPCountryImpl extends AbstractSAMLObject implements SPCountry { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPCountryImpl.class.getName()); - /** The service provider country. */ - private String spCountry; - - /** - * Instantiates a new service provider country. - * - * @param namespaceURI the namespace uri - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected SPCountryImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the service provider country. - * - * @return the service provider country - */ - public final String getSPCountry() { - return spCountry; - } - - /** - * Sets the service provider country. - * - * @param newSpCountry the new service provider country - */ - public final void setSPCountry(final String newSpCountry) { - this.spCountry = prepareForAssignment(this.spCountry, newSpCountry); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java deleted file mode 100644 index e82634749..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPCountry; - -/** - * The Class SPCountryMarshaller. - * - * @author fjquevedo - */ -public class SPCountryMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final SPCountry spCountry = (SPCountry) samlObject; - XMLHelper.appendTextContent(domElement, spCountry.getSPCountry()); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java deleted file mode 100644 index deb695ac6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPCountry; - - -/** - * The Class SPCountryUnmarshaller. - * - * @author fjquevedo - */ -public class SPCountryUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param elementContent the element content - */ - protected final void processElementContent(final XMLObject samlObject, - final String elementContent) { - final SPCountry spCountry = (SPCountry) samlObject; - spCountry.setSPCountry(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java deleted file mode 100644 index b3640947b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPID; - -/** - * The Class SPIDBuilder. - * - * @author iinigo - */ -public class SPIDBuilder extends AbstractSAMLObjectBuilder<SPID> { - - /** - * Builds the object. - * - * @return the SP ID - */ - public final SPID buildObject() { - return buildObject(SPID.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the citizen country code - */ - public final SPID buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new SPIDImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java deleted file mode 100644 index 68611997b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPID; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPIDImpl. - * - * @author iinigo - */ -public class SPIDImpl extends AbstractSAMLObject implements SPID { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPIDImpl.class.getName()); - /** The citizen country code. */ - private String spId; - - /** - * Instantiates a new sP country impl. - * - * @param namespaceURI the namespace uri - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected SPIDImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the SP ID. - * - * @return the SP ID - */ - public final String getSPID() { - return spId; - } - - /** - * Sets the SP ID. - * - * @param newSPID the new SP ID - */ - public final void setSPID(final String newSPID) { - this.spId = prepareForAssignment(this.spId, newSPID); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java deleted file mode 100644 index 24389522e..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPID; - -/** - * The Class SPIDMarshaller. - * - * @author iinigo - */ -public class SPIDMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final SPID spid = (SPID) samlObject; - XMLHelper.appendTextContent(domElement, spid.getSPID()); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java deleted file mode 100644 index e4d230b94..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPID; - -/** - * The Class SPIDUnmarshaller. - * - * @author iinigo - */ -public class SPIDUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param elementContent the element content - */ - protected final void processElementContent(final XMLObject samlObject, - final String elementContent) { - final SPID spid = (SPID) samlObject; - spid.setSPID(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java deleted file mode 100644 index a6e1fe686..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SAMLCore; -import eu.stork.peps.auth.engine.core.SPInformation; - -/** - * The Class SPInformation. - * - * @author iinigo - */ -public final class SPInformationBuilder extends AbstractSAMLObjectBuilder<SPInformation> { - - - /** {@inheritDoc} */ - public SPInformation buildObject() { - return buildObject(SAMLCore.STORK10P_NS.getValue(), SPInformation.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - } - - /** {@inheritDoc} */ - public SPInformation buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new SPInformationImpl(namespaceURI, localName, namespacePrefix); - } - -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java deleted file mode 100644 index ff6e90999..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSignableSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPID; -import eu.stork.peps.auth.engine.core.SPInformation; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - - -/** - * The Class SPInformationImpl. - * - * @author iinigo - */ -public final class SPInformationImpl extends AbstractSignableSAMLObject implements -SPInformation { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPInformationImpl.class.getName()); - /** The citizen country code. */ - private SPID spId; - - - /** - * Instantiates a new requested attributes implement. - * - * @param namespaceURI the namespace URI - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected SPInformationImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - - /** - * getSPId. - * - * @return the SP ID - */ - public SPID getSPID() { - return spId; - } - - /** - * Gets the ordered children. - * - * @return the ordered children - * - */ - public List<XMLObject> getOrderedChildren() { - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - children.add(spId); - - if (getSignature() != null) { - children.add(getSignature()); - } - - return Collections.unmodifiableList(children); - - } - - /** - * Gets the signature reference id. - * - * @return the signature reference id - * - */ - public String getSignatureReferenceID() { - return null; - } - - /** - * Sets the SP Id. - * - * @param newSPId the new SP Id - * - */ - public void setSPID(SPID newSPId) { - this.spId = prepareForAssignment(this.spId, newSPId); - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java deleted file mode 100644 index 44845948c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; - -/** - * The Class SPInformationMarshaller. - * - * @author iinigo - */ -public class SPInformationMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Instantiates a new SP Information marshaller. - */ - public SPInformationMarshaller() { - super(); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java deleted file mode 100644 index 414b93386..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; - -import eu.stork.peps.auth.engine.core.SPID; -import eu.stork.peps.auth.engine.core.SPInformation; - -/** - * The Class SPInformationUnmarshaller. - * - * @author iinigo - */ -public class SPInformationUnmarshaller extends - AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentObject the parent object - * @param childObject the child object - * - * @throws UnmarshallingException the unmarshalling exception - * - */ - protected final void processChildElement(final XMLObject parentObject, - final XMLObject childObject) throws UnmarshallingException { - final SPInformation spInformation = (SPInformation) parentObject; - - if (childObject instanceof SPID) { - spInformation.setSPID((SPID) childObject); - } else { - super.processChildElement(parentObject, childObject); - } - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java deleted file mode 100644 index fe47cf99c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPInstitution; - -/** - * The Class SPInstitutionBuilder. - * - * @author fjquevedo - */ -public class SPInstitutionBuilder extends - AbstractSAMLObjectBuilder<SPInstitution> { - - /** - * Builds the object. - * - * @return the service provider institution - */ - public final SPInstitution buildObject() { - return buildObject(SPInstitution.DEF_ELEMENT_NAME); - } - - /** - * Builds the object SPInstitution. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the service provider institution - */ - public final SPInstitution buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new SPInstitutionImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java deleted file mode 100644 index 38438613a..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPInstitution; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPInstitutionImpl. - * - * @author fjquevedo - */ -public class SPInstitutionImpl extends AbstractSAMLObject implements - SPInstitution { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPInstitutionImpl.class.getName()); - /** The service provider institution. */ - private String spInstitution; - - /** - * Instantiates a new service provider institution. - * - * @param namespaceURI the namespace uri - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected SPInstitutionImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the service provider institution. - * - * @return the service provider institution - */ - public final String getSPInstitution() { - return spInstitution; - } - - /** - * Sets the service provider institution. - * - * @param newSpInstitution the new service provider institution - */ - public final void setSPInstitution(final String newSpInstitution) { - this.spInstitution = prepareForAssignment(this.spInstitution, - newSpInstitution); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } - } diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java deleted file mode 100644 index 504a1f035..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPInstitution; - -/** - * The Class SPInstitutionMarshaller. - * - * @author fjquevedo - */ -public class SPInstitutionMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final SPInstitution spInstitution = (SPInstitution) samlObject; - XMLHelper.appendTextContent(domElement, spInstitution - .getSPInstitution()); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java deleted file mode 100644 index 103d5f2b2..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPInstitution; - -/** - * The Class SPInstitutionUnmarshaller. - * - * @author fjquevedo - */ -public class SPInstitutionUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param elementContent the element content - */ - protected final void processElementContent(final XMLObject samlObject, - final String elementContent) { - final SPInstitution spInstitution = (SPInstitution) samlObject; - spInstitution.setSPInstitution(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java deleted file mode 100644 index a691b9008..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPSector; - -/** - * The Class SPSectorBuilder. - * - * @author fjquevedo - */ -public class SPSectorBuilder extends AbstractSAMLObjectBuilder<SPSector> { - - /** - * Builds the object SPSector. - * - * @return the service provider sector. - */ - public final SPSector buildObject() { - return buildObject(SPSector.DEF_ELEMENT_NAME); - } - - /** - * Builds the object SPSector. - * - * @param namespaceURI the namespace uri - * @param localName the local name - * @param namespacePrefix the namespace prefix - * @return the service provider sector - */ - public final SPSector buildObject(final String namespaceURI, - final String localName, final String namespacePrefix) { - return new SPSectorImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java deleted file mode 100644 index 4ac822876..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPSector; - - -/** - * The Class SPSectorImpl. - * - * @author fjquevedo - */ -public class SPSectorImpl extends AbstractSAMLObject implements SPSector { - - /** The service provider sector. */ - private String spSector; - - /** - * Instantiates a new Service provider sector implementation. - * - * @param namespaceURI the namespace URI - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected SPSectorImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - - /** - * Gets the service provider sector. - * - * @return the SP sector - * - * @see eu.stork.peps.auth.engine.core.SPSector#getSPSector() - */ - public final String getSPSector() { - return spSector; - } - - - /** - * Sets the service provider sector. - * - * @param newSpSector the new service provider sector - */ - public final void setSPSector(final String newSpSector) { - this.spSector = prepareForAssignment(this.spSector, newSpSector); - } - - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - throw new UnsupportedOperationException("hashCode method not implemented"); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java deleted file mode 100644 index c5331e8f4..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPSector; - -/** - * The Class SPSectorMarshaller. - * - * @author fjquevedo - */ -public class SPSectorMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject the SAML object - * @param domElement the DOM element - * @throws MarshallingException the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, - final Element domElement) throws MarshallingException { - final SPSector spSector = (SPSector) samlObject; - XMLHelper.appendTextContent(domElement, spSector.getSPSector()); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java deleted file mode 100644 index cbb05c6e5..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPSector; - -/** - * The Class SPSectorUnmarshaller. - * - * @author fjquevedo - */ -public class SPSectorUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - - /** - * Process element content. - * - * @param samlObject the SAML object - * @param elementContent the element content - */ - protected final void processElementContent(final XMLObject samlObject, - final String elementContent) { - final SPSector spSector = (SPSector) samlObject; - spSector.setSPSector(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java deleted file mode 100644 index cdb70c7a6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.io.IOException; -import java.io.InputStream; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.Provider; -import java.security.Security; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.InvalidPropertiesFormatException; -import java.util.List; -import java.util.Properties; - -import eu.stork.peps.auth.engine.X509PrincipalUtil; -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.NotImplementedException; -import org.bouncycastle.jce.X509Principal; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.Response; -import org.opensaml.security.SAMLSignatureProfileValidator; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.security.SecurityConfiguration; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; -import org.opensaml.xml.security.keyinfo.KeyInfoHelper; -import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; -import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.opensaml.xml.signature.KeyInfo; -import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.SignatureConstants; -import org.opensaml.xml.signature.SignatureException; -import org.opensaml.xml.signature.SignatureValidator; -import org.opensaml.xml.signature.Signer; -import org.opensaml.xml.validation.ValidationException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - - - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.exceptions.SAMLEngineException; - -/** - * The Class HWSign. Module of sign. - * - * @author fjquevedo - */ -public final class SignHW implements SAMLEngineSignI { - - /** The Constant CONFIGURATION_FILE. */ - private static final String CONF_FILE = "configurationFile"; - - /** The Constant KEYSTORE_TYPE. - private static final String KEYSTORE_TYPE = "keystoreType" */ - - /** The logger. */ - private static final Logger LOG = LoggerFactory.getLogger(SignHW.class - .getName()); - - /** The stork own key store. */ - private KeyStore storkOwnKeyStore = null; - - /** - * Gets the stork own key store. - * - * @return the stork own key store - */ - public KeyStore getStorkOwnKeyStore() { - return storkOwnKeyStore; - } - - /** - * Gets the stork trustStore. - * - * @return the stork own key store - */ - public KeyStore getTrustStore() { - return storkOwnKeyStore; - } - - /** - * Sets the stork own key store. - * - * @param newkOwnKeyStore the new stork own key store - */ - public void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) { - this.storkOwnKeyStore = newkOwnKeyStore; - } - - /** - * Gets the properties. - * - * @return the properties - */ - public Properties getProperties() { - return properties; - } - - /** - * Sets the properties. - * - * @param newProperties the new properties - */ - public void setProperties(final Properties newProperties) { - this.properties = newProperties; - } - - /** The HW sign prop. */ - private Properties properties = null; - - /** - * @see - * eu.stork.peps.auth.engine.core.SAMLEngineSignI#init(java.lang.String) - * @param fileConf file of configuration - * @throws SAMLEngineException error in read file - */ - public void init(final String fileConf) - throws SAMLEngineException { - InputStream inputStr = null; - try { - inputStr = SignHW.class.getResourceAsStream("/" - + fileConf); - properties = new Properties(); - - properties.loadFromXML(inputStr); - } catch (final InvalidPropertiesFormatException e) { - LOG.info("Exception: invalid properties format."); - throw new SAMLEngineException(e); - } catch (IOException e) { - LOG.info("Exception: invalid file: " + fileConf); - throw new SAMLEngineException(e); - } finally { - IOUtils.closeQuietly(inputStr); - } - } - - - /** - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate() - * @return the X509Certificate. - */ - public X509Certificate getCertificate() { - throw new NotImplementedException(); - } - - /** - * @see - * eu.stork.peps.auth.engine.core.SAMLEngineSignI#sign(SignableSAMLObject tokenSaml) - * @param tokenSaml signable SAML Object - * @return the SAMLObject signed. - * @throws SAMLEngineException error in sign token saml - */ - public SAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException { - - try { - LOG.info("Star procces of sign"); - final char[] pin = properties.getProperty("keyPassword") - .toCharArray(); - - storkOwnKeyStore.load(null, pin); - - final String serialNumber = properties.getProperty("serialNumber"); - final String issuer = properties.getProperty("issuer"); - - String alias = null; - String aliasCert; - X509Certificate certificate; - - boolean find = false; - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e - .hasMoreElements() && !find;) { - aliasCert = e.nextElement(); - certificate = (X509Certificate) storkOwnKeyStore - .getCertificate(aliasCert); - // Verified serial number, issuer - - final String serialNum = certificate.getSerialNumber() - .toString(16); - X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); - X509Principal issuerDNConf = new X509Principal(issuer); - - if(serialNum.equalsIgnoreCase(serialNumber) - && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ - alias = aliasCert; - find = true; - } - - } - - if (!find) { - throw new SAMLEngineException("Certificate cannot be found in keystore "); - } - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias); - final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey( - alias, pin); - - LOG.info("Recover BasicX509Credential."); - final BasicX509Credential credential = new BasicX509Credential(); - - LOG.debug("Load certificate"); - credential.setEntityCertificate(certificate); - - LOG.debug("Load privateKey"); - credential.setPrivateKey(privateKey); - - LOG.info("Star procces of sign"); - final Signature signature = (Signature) org.opensaml.xml.Configuration - .getBuilderFactory().getBuilder( - Signature.DEFAULT_ELEMENT_NAME).buildObject( - Signature.DEFAULT_ELEMENT_NAME); - - LOG.debug("Begin signature with openSaml"); - signature.setSigningCredential(credential); - - /*signature.setSignatureAlgorithm( - SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);*/ - signature.setSignatureAlgorithm( - SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - - - - final SecurityConfiguration securityConf = - org.opensaml.xml.Configuration.getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager = securityConf - .getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager - .getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager - .getFactory(credential); - final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac - .newInstance(); - - final KeyInfo keyInfo = keyInfoGenerator.generate(credential); - - signature.setKeyInfo(keyInfo); - - LOG.debug("Set Canonicalization Algorithm"); - signature.setCanonicalizationAlgorithm( - SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - //Create a second signature which will be used when signing assertion and response - final Signature signature2 = (Signature) Configuration - .getBuilderFactory().getBuilder( - Signature.DEFAULT_ELEMENT_NAME).buildObject( - Signature.DEFAULT_ELEMENT_NAME); - final SecurityConfiguration secConfiguration2 = Configuration - .getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2 - .getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2 - .getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2 - .getFactory(credential); - final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2 - .newInstance(); - - KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential); - signature2.setSigningCredential(credential); - signature2.setSignatureAlgorithm( - SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - signature2.setKeyInfo(keyInfo2); - signature2.setCanonicalizationAlgorithm( - SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - - LOG.info("Marshall samlToken."); - String qn = tokenSaml.getElementQName().toString(); - - if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - { - tokenSaml.setSignature(signature); - CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller(); - mars.marshall(tokenSaml); - Signer.signObject(signature); - } - else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME)) - { - Response res = (Response)tokenSaml; - List<Assertion> asserts = res.getAssertions(); - //If multiple assertions we just sign the response and not the assertion - if (asserts.size() > 1) - { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - //If single assertion we sign the assertion and response - else - { - Assertion assertion = (Assertion)asserts.get(0); - assertion.setSignature(signature); - tokenSaml.setSignature(signature2); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - Signer.signObject(signature2); - } - } - //Normally we just sign the total saml response - else - { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - - } catch (final MarshallingException e) { - LOG.error("MarshallingException"); - throw new SAMLEngineException(e); - } catch (final NoSuchAlgorithmException e) { - LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); - throw new SAMLEngineException(e); - } catch (final KeyStoreException e) { - LOG.error("Generic KeyStore exception."); - throw new SAMLEngineException(e); - } catch (final SignatureException e) { - LOG.error("Signature exception."); - throw new SAMLEngineException(e); - } catch (final SecurityException e) { - LOG.error("Security exception."); - throw new SAMLEngineException(e); - } catch (final CertificateException e) { - LOG.error("Certificate exception."); - throw new SAMLEngineException(e); - } catch (final IOException e) { - LOG.error("IO exception."); - throw new SAMLEngineException(e); - } catch (final UnrecoverableKeyException e) { - LOG.error("UnrecoverableKeyException exception."); - throw new SAMLEngineException(e); - } - - return tokenSaml; - } - - /** - * @see - * eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(SignableSAMLObject) - * @param tokenSaml the token saml - * @return the SAMLObject validated. - * @throws SAMLEngineException exception in validate signature - */ - public SAMLObject validateSignature(final SignableSAMLObject tokenSaml) - throws SAMLEngineException { - LOG.info("Start signature validation."); - try { - - // Validate structure signature - final SAMLSignatureProfileValidator signProfValidator = - new SAMLSignatureProfileValidator(); - - // Indicates signature id conform to SAML Signature profile - signProfValidator.validate(tokenSaml.getSignature()); - - String aliasCert; - X509Certificate certificate; - - final List<Credential> trustedCred = new ArrayList<Credential>(); - - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e - .hasMoreElements();) { - aliasCert = e.nextElement(); - final BasicX509Credential credential = new BasicX509Credential(); - certificate = (X509Certificate) storkOwnKeyStore - .getCertificate(aliasCert); - credential.setEntityCertificate(certificate); - trustedCred.add(credential); - } - - final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); - final List<X509Certificate> listCertificates = KeyInfoHelper - .getCertificates(keyInfo); - - if (listCertificates.size() != 1) { - throw new SAMLEngineException("Only must be one certificate"); - } - - // Exist only one certificate - final BasicX509Credential entityX509Cred = new BasicX509Credential(); - entityX509Cred.setEntityCertificate(listCertificates.get(0)); - - final ExplicitKeyTrustEvaluator keyTrustEvaluator = - new ExplicitKeyTrustEvaluator(); - if (!keyTrustEvaluator.validate(entityX509Cred, trustedCred)) { - throw new SAMLEngineException("Certificate it is not trusted."); - } - - final SignatureValidator sigValidator = new SignatureValidator( - entityX509Cred); - - sigValidator.validate(tokenSaml.getSignature()); - - } catch (final ValidationException e) { - LOG.error("ValidationException.", e); - throw new SAMLEngineException(e); - } catch (final KeyStoreException e) { - LOG.error("ValidationException.", e); - throw new SAMLEngineException(e); - } catch (final CertificateException e) { - LOG.error("CertificateException.", e); - throw new SAMLEngineException(e); - } - return tokenSaml; - } - - /** - * load cryptographic service provider. - * - * @throws SAMLEngineException the SAML engine exception - * Note this class was using pkcs11Provider - * final Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(inputStream) - * if (Security.getProperty(pkcs11Provider.getName()) == null) { - * Security.insertProviderAt(pkcs11Provider, Security .getProviders().length) - * } - * storkOwnKeyStore = KeyStore.getInstance(properties.getProperty(KEYSTORE_TYPE)) - */ - public void loadCryptServiceProvider() throws SAMLEngineException { - LOG.info("Load Cryptographic Service Provider"); - InputStream inputStream = null; - - try { - inputStream = SignHW.class.getResourceAsStream("/" - + properties.getProperty(CONF_FILE)); - - } catch (final Exception e) { - throw new SAMLEngineException( - "Error loading CryptographicServiceProvider", e); - } finally { - IOUtils.closeQuietly(inputStream); - } - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java deleted file mode 100644 index c37074eab..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * The Class ModuleSignFactory. - * - * @author fjquevedo - * - */ - -public final class SignModuleFactory { - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory - .getLogger(SignModuleFactory.class.getName()); - - /** - * Instantiates a new module sign factory. - */ - private SignModuleFactory() { - - } - - /** - * Gets the single instance of SignModuleFactory. - * - * @param className the class name - * - * @return single instance of SignModuleFactory - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static SAMLEngineSignI getInstance(final String className) - throws STORKSAMLEngineException { - LOG.info("[START]SignModuleFactory static"); - try { - final Class cls = Class.forName(className); - return (SAMLEngineSignI) cls.newInstance(); - } catch (Exception e) { - throw new STORKSAMLEngineException(e); - } - - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java deleted file mode 100644 index 45c8c1041..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java +++ /dev/null @@ -1,556 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.io.ByteArrayInputStream; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.Provider; -import java.security.Security; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.InvalidPropertiesFormatException; -import java.util.List; -import java.util.Properties; - -import eu.stork.peps.auth.engine.X509PrincipalUtil; -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.NotImplementedException; -import org.bouncycastle.jce.X509Principal; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.Response; -import org.opensaml.security.SAMLSignatureProfileValidator; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.security.SecurityConfiguration; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; -import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; -import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.opensaml.xml.signature.KeyInfo; -import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.SignatureConstants; -import org.opensaml.xml.signature.SignatureException; -import org.opensaml.xml.signature.SignatureValidator; -import org.opensaml.xml.signature.Signer; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.validation.ValidationException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.exceptions.SAMLEngineException; - -/** - * The Class SWSign. Class responsible for signing and validating of messages - * SAML with a certificate store software. - * - * @author fjquevedo - */ -public final class SignP12 implements SAMLEngineSignI { - - /** The logger. */ - private static final Logger LOG = LoggerFactory.getLogger(SignP12.class - .getName()); - - - /** The p12 store. */ - private KeyStore p12Store = null; - - - /** The trust store. */ - private KeyStore trustStore = null; - - - /** - * Gets the trust store. - * - * @return the trust store - */ - public KeyStore getTrustStore() { - return trustStore; - } - - /** - * Sets the trust store. - * - * @param newTrustStore the new trust store - */ - public void setTrustStore(final KeyStore newTrustStore) { - this.trustStore = newTrustStore; - } - - /** - * The instance. - * - * @return the properties - */ - - public Properties getProperties() { - return properties; - } - - - - /** - * Gets the p12 store. - * - * @return the p12 store - */ - public KeyStore getP12Store() { - return p12Store; - } - - - - /** - * Sets the p12 store. - * - * @param newP12Store the new p12 store - */ - public void setP12Store(final KeyStore newP12Store) { - this.p12Store = newP12Store; - } - - - - /** - * Sets the properties. - * - * @param newProperties the new properties - */ - public void setProperties(final Properties newProperties) { - this.properties = newProperties; - } - - /** The SW sign prop. */ - private Properties properties = null; - - - /** - * Initialize the file configuration. - * - * @param fileConf name of the file configuration - * - * @throws SAMLEngineException error at the load from file configuration - */ - public void init(final String fileConf) throws SAMLEngineException { - InputStream fileProperties = null; - properties = new Properties(); - try { - try { - LOG.debug("Fichero a cargar " + fileConf); - fileProperties = new FileInputStream(fileConf); - properties.loadFromXML(fileProperties); - } catch (Exception e) { - LOG.error("Fallo al cargar el recurso externo. Se reintenta como fichero interno."); - fileProperties = SignP12.class.getResourceAsStream("/" + fileConf); - if (fileProperties == null) { - fileProperties = Thread.currentThread().getContextClassLoader().getResourceAsStream(fileConf); - if (fileProperties == null) { - Enumeration<URL> files = ClassLoader.getSystemClassLoader().getResources(fileConf); - if (files != null && files.hasMoreElements()) { - LOG.info("Se han encontrado recurso/s. Se toma el primero."); - fileProperties = ClassLoader.getSystemClassLoader().getResourceAsStream(files.nextElement().getFile()); - } else { - throw new IOException("No se pudo recuperar el fichero: " + fileConf, e); - } - } - } - LOG.debug("Recuperados " + fileProperties.available() + " bytes"); - properties.loadFromXML(fileProperties); - } - } catch (InvalidPropertiesFormatException e) { - LOG.info("Exception: invalid properties format."); - throw new SAMLEngineException(e); - } catch (IOException e) { - LOG.info("Exception: invalid file: " + fileConf); - throw new SAMLEngineException(e); - } finally { - IOUtils.closeQuietly(fileProperties); - } - } - - /** - * Gets the certificate. - * - * @return the X509Certificate - * - */ - public X509Certificate getCertificate() { - throw new NotImplementedException(); - } - - /** - * Sign the token SAML. - * - * @param tokenSaml token SAML - * - * @return the X509Certificate signed. - * - * @throws SAMLEngineException error at sign SAML token - * - */ - public SAMLObject sign(final SignableSAMLObject tokenSaml) - throws SAMLEngineException { - LOG.info("Start Sign process"); - try { - - final String serialNumber = properties.getProperty("serialNumber"); - final String issuer = properties.getProperty("issuer"); - - String alias = null; - String aliasCert; - X509Certificate certificate; - - boolean find = false; - for (final Enumeration<String> e = p12Store.aliases(); e - .hasMoreElements() && !find;) { - aliasCert = e.nextElement(); - certificate = (X509Certificate) p12Store - .getCertificate(aliasCert); - - final String serialNum = certificate.getSerialNumber() - .toString(16); - - X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); - X509Principal issuerDNConf = new X509Principal(issuer); - - if(serialNum.equalsIgnoreCase(serialNumber) - && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ - alias = aliasCert; - find = true; - } - - } - - certificate = (X509Certificate) p12Store - .getCertificate(alias); - final PrivateKey privateKey = (PrivateKey) p12Store.getKey( - alias, properties.getProperty("keyPassword").toCharArray()); - - LOG.info("Recover BasicX509Credential."); - final BasicX509Credential credential = new BasicX509Credential(); - - LOG.debug("Load certificate"); - credential.setEntityCertificate(certificate); - - LOG.debug("Load privateKey"); - credential.setPrivateKey(privateKey); - - LOG.debug("Begin signature with openSaml"); - final Signature signature = (Signature) Configuration - .getBuilderFactory().getBuilder( - Signature.DEFAULT_ELEMENT_NAME).buildObject( - Signature.DEFAULT_ELEMENT_NAME); - - signature.setSigningCredential(credential); - - /*signature.setSignatureAlgorithm( - SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);*/ - signature.setSignatureAlgorithm( - SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - - final SecurityConfiguration secConfiguration = Configuration - .getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration - .getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager - .getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager - .getFactory(credential); - final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac - .newInstance(); - - final KeyInfo keyInfo = keyInfoGenerator.generate(credential); - - signature.setKeyInfo(keyInfo); - signature.setCanonicalizationAlgorithm( - SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - //Create a second signature which will be used when signing assertion and response - final Signature signature2 = (Signature) Configuration - .getBuilderFactory().getBuilder( - Signature.DEFAULT_ELEMENT_NAME).buildObject( - Signature.DEFAULT_ELEMENT_NAME); - final SecurityConfiguration secConfiguration2 = Configuration - .getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2 - .getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2 - .getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2 - .getFactory(credential); - final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2 - .newInstance(); - - KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential); - signature2.setSigningCredential(credential); - signature2.setSignatureAlgorithm( - SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - signature2.setKeyInfo(keyInfo2); - signature2.setCanonicalizationAlgorithm( - SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - - LOG.info("Marshall samlToken."); - String qn = tokenSaml.getElementQName().toString(); - - if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - { - tokenSaml.setSignature(signature); - CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller(); - mars.marshall(tokenSaml); - Signer.signObject(signature); - } - else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME)) - { - Response res = (Response)tokenSaml; - List<Assertion> asserts = res.getAssertions(); - //If multiple assertions we just sign the response and not the assertion - if (asserts.size() > 1) - { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - //If single assertion we sign the assertion and response - else - { - Assertion assertion = (Assertion)asserts.get(0); - assertion.setSignature(signature); - tokenSaml.setSignature(signature2); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - Signer.signObject(signature2); - } - } - //Normally we just sign the total saml response - else - { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - - } catch (MarshallingException e) { - LOG.error("MarshallingException"); - throw new SAMLEngineException(e); - } catch (NoSuchAlgorithmException e) { - LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); - throw new SAMLEngineException(e); - } catch (KeyStoreException e) { - LOG.error("Generic KeyStore exception."); - throw new SAMLEngineException(e); - } catch (SignatureException e) { - LOG.error("Signature exception."); - throw new SAMLEngineException(e); - } catch (SecurityException e) { - LOG.error("Security exception."); - throw new SAMLEngineException(e); - } catch (UnrecoverableKeyException e) { - LOG.error("UnrecoverableKey exception."); - throw new SAMLEngineException(e); - } - - return tokenSaml; - } - - /** - * Validate signature. - * - * @param tokenSaml token SAML - * - * @return the SAMLObject validated. - * - * @throws SAMLEngineException error validate signature - * - */ - public SAMLObject validateSignature(final SignableSAMLObject tokenSaml) - throws SAMLEngineException { - LOG.info("Start signature validation."); - try { - - // Validate structure signature - final SAMLSignatureProfileValidator sigProfValidator = - new SAMLSignatureProfileValidator(); - try { - // Indicates signature id conform to SAML Signature profile - sigProfValidator.validate(tokenSaml.getSignature()); - } catch (ValidationException e) { - LOG.error("ValidationException: signature isn't conform to SAML Signature profile."); - throw new SAMLEngineException(e); - } - - String aliasCert = null; - X509Certificate certificate; - - /*final List<Credential> trustCred = new ArrayList<Credential>(); - - for (final Enumeration<String> e = trustStore.aliases(); e - .hasMoreElements();) { - aliasCert = e.nextElement(); - final BasicX509Credential credential = new BasicX509Credential(); - certificate = (X509Certificate) trustStore - .getCertificate(aliasCert); - credential.setEntityCertificate(certificate); - trustCred.add(credential); - }*/ - - final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); - - final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo - .getX509Datas().get(0).getX509Certificates().get(0); - - final CertificateFactory certFact = CertificateFactory - .getInstance("X.509"); - final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 - .decode(xmlCert.getValue())); - final X509Certificate cert = (X509Certificate) certFact - .generateCertificate(bis); - - // Exist only one certificate - final BasicX509Credential entityX509Cred = new BasicX509Credential(); - entityX509Cred.setEntityCertificate(cert); - - boolean trusted = false; - - for (final Enumeration<String> e = trustStore.aliases(); e.hasMoreElements();) - { - aliasCert = e.nextElement(); - certificate = (X509Certificate) trustStore.getCertificate(aliasCert); - try { - cert.verify(certificate.getPublicKey()); - trusted = true; - break; - } - catch (Exception ex) { - //Do nothing - cert not trusted yet - } - } - - if (!trusted) - throw new SAMLEngineException("Certificate is not trusted."); - - /* - // Validate trust certificates - final ExplicitKeyTrustEvaluator keyTrustEvaluator = - new ExplicitKeyTrustEvaluator(); - if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) { - throw new SAMLEngineException("Certificate it is not trusted."); - }*/ - - // Validate signature - final SignatureValidator sigValidator = new SignatureValidator( - entityX509Cred); - sigValidator.validate(tokenSaml.getSignature()); - - } catch (ValidationException e) { - LOG.error("ValidationException."); - throw new SAMLEngineException(e); - } catch (KeyStoreException e) { - LOG.error("KeyStoreException.", e); - throw new SAMLEngineException(e); - } catch (GeneralSecurityException e) { - LOG.error("GeneralSecurityException.", e); - throw new SAMLEngineException(e); - } - return tokenSaml; - } - - - /** - * Load cryptographic service provider. - * - * @throws SAMLEngineException the SAML engine exception - */ - public void loadCryptServiceProvider() throws SAMLEngineException { - LOG.info("Load Cryptographic Service Provider"); - - FileInputStream fis = null; - FileInputStream fisTrustStore = null; - - try { - // Dynamically register Bouncy Castle provider. - boolean found = false; - // Check if BouncyCastle is already registered as a provider - final Provider[] providers = Security.getProviders(); - for (int i = 0; i < providers.length; i++) { - if (providers[i].getName().equals( - BouncyCastleProvider.PROVIDER_NAME)) { - found = true; - } - } - - // Register only if the provider has not been previously registered - if (!found) { - LOG.debug("SAMLCore: Register Bouncy Castle provider."); - Security.insertProviderAt(new BouncyCastleProvider(), Security - .getProviders().length); - } - - p12Store = KeyStore.getInstance(properties - .getProperty("keystoreType")); - - fis = new FileInputStream(properties - .getProperty("keystorePath")); - - p12Store.load(fis, properties.getProperty( - "keyStorePassword").toCharArray()); - - - trustStore = KeyStore.getInstance(properties - .getProperty("trustStoreType")); - - fisTrustStore = new FileInputStream(properties - .getProperty("trustStorePath")); - trustStore.load(fisTrustStore, properties.getProperty( - "trustStorePassword").toCharArray()); - - } catch (Exception e) { - throw new SAMLEngineException( - "Error loading CryptographicServiceProvider", e); - } finally { - IOUtils.closeQuietly(fis); - IOUtils.closeQuietly(fisTrustStore); - } - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java deleted file mode 100644 index ef33f66f2..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java +++ /dev/null @@ -1,538 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.io.ByteArrayInputStream; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.Provider; -import java.security.Security; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateExpiredException; -import java.security.cert.CertificateFactory; -import java.security.cert.CertificateNotYetValidException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.InvalidPropertiesFormatException; -import java.util.List; -import java.util.Properties; - -import eu.stork.peps.auth.engine.SAMLEngineUtils; -import eu.stork.peps.auth.engine.X509PrincipalUtil; -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.NotImplementedException; -import org.bouncycastle.jce.X509Principal; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.Response; -import org.opensaml.security.SAMLSignatureProfileValidator; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.security.SecurityConfiguration; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; -import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; -import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; -import org.opensaml.xml.security.trust.ExplicitX509CertificateTrustEvaluator; -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.opensaml.xml.signature.KeyInfo; -import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.SignatureConstants; -import org.opensaml.xml.signature.SignatureException; -import org.opensaml.xml.signature.SignatureValidator; -import org.opensaml.xml.signature.Signer; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.validation.ValidationException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.configuration.ConfigurationReader; -import eu.stork.peps.exceptions.SAMLEngineException; - - -/** - * The Class SWSign. Class responsible for signing and validating of messages - * SAML with a certificate store software. - * - * @author fjquevedo - */ -public class SignSW implements SAMLEngineSignI { - - /** The Constant KEYSTORE_TYPE. */ - private static final String KEYSTORE_TYPE = "keystoreType"; - - /** The Constant KEY_STORE_PASSWORD. */ - private static final String KEY_STORE_PASS = "keyStorePassword"; - - /** The logger. */ - private static final Logger LOG = LoggerFactory.getLogger(SignSW.class - .getName()); - - /** The stork own key store. */ - private KeyStore storkOwnKeyStore = null; - - /** - * The instance. - * - * @return the properties - */ - - public final Properties getProperties() { - return properties; - } - - /** - * Gets the stork own key store. - * - * @return the stork own key store - */ - public final KeyStore getStorkOwnKeyStore() { - return storkOwnKeyStore; - } - - /** - * Gets the stork trustStore. - * - * @return the stork own key store - */ - public KeyStore getTrustStore() { - return storkOwnKeyStore; - } - - /** - * Sets the stork own key store. - * - * @param newkOwnKeyStore the new stork own key store - */ - public final void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) { - this.storkOwnKeyStore = newkOwnKeyStore; - } - - /** - * Sets the properties. - * - * @param newProperties the new properties - */ - public final void setProperties(final Properties newProperties) { - this.properties = newProperties; - } - - /** The SW sign prop. */ - private Properties properties = null; - - - /** - * Inits the file configuration. - * - * @param fileConf name of the file configuration - * - * @throws SAMLEngineException error at the load from file configuration - */ - public final void init(final String fileConf) - throws SAMLEngineException { - InputStream fileProperties = null; - try { - // fetch base from system properties, give a default if there is nothing configured - String base = System.getProperty("eu.stork.samlengine.config.location"); - if(null != base) - if(!base.endsWith("/")) - base += "/"; - - if(null != base) - fileProperties = new FileInputStream(base + fileConf); - else - fileProperties = SignSW.class.getResourceAsStream("/" + fileConf); - properties = new Properties(); - - properties.loadFromXML(fileProperties); - fileProperties.close(); - } catch (InvalidPropertiesFormatException e) { - LOG.info("Exception: invalid properties format."); - throw new SAMLEngineException(e); - } catch (IOException e) { - LOG.info("Exception: invalid file: " + fileConf); - throw new SAMLEngineException(e); - } finally { - IOUtils.closeQuietly(fileProperties); - } - } - - /** - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate() - * @return the X509Certificate - */ - public final X509Certificate getCertificate() { - throw new NotImplementedException(); - } - - - /** - * Sign the token SAML. - * - * @param tokenSaml the token SAML. - * - * @return the SAML object - * - * @throws SAMLEngineException the SAML engine exception - * - */ - public final SAMLObject sign(final SignableSAMLObject tokenSaml) - throws SAMLEngineException { - LOG.info("Start Sign process."); - try { - final String serialNumber = properties.getProperty("serialNumber"); - final String issuer = properties.getProperty("issuer"); - - String alias = null; - String aliasCert; - X509Certificate certificate; - boolean find = false; - - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e - .hasMoreElements() && !find; ) { - aliasCert = e.nextElement(); - certificate = (X509Certificate) storkOwnKeyStore - .getCertificate(aliasCert); - - final String serialNum = certificate.getSerialNumber() - .toString(16); - - X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); - X509Principal issuerDNConf = new X509Principal(issuer); - - if(serialNum.equalsIgnoreCase(serialNumber) - && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ - alias = aliasCert; - find = true; - } - } - if (!find) { - throw new SAMLEngineException("Certificate cannot be found in keystore "); - } - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias); - final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey( - alias, properties.getProperty("keyPassword").toCharArray()); - - LOG.info("Recover BasicX509Credential."); - final BasicX509Credential credential = new BasicX509Credential(); - - LOG.debug("Load certificate"); - credential.setEntityCertificate(certificate); - - LOG.debug("Load privateKey"); - credential.setPrivateKey(privateKey); - - LOG.debug("Begin signature with openSaml"); - final Signature signature = (Signature) Configuration - .getBuilderFactory().getBuilder( - Signature.DEFAULT_ELEMENT_NAME).buildObject( - Signature.DEFAULT_ELEMENT_NAME); - - signature.setSigningCredential(credential); - signature.setSignatureAlgorithm( - SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - - - final SecurityConfiguration secConfiguration = Configuration - .getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration - .getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager - .getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager - .getFactory(credential); - final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac - .newInstance(); - - KeyInfo keyInfo = keyInfoGenerator.generate(credential); - - signature.setKeyInfo(keyInfo); - signature.setCanonicalizationAlgorithm( - SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - //Create a second signature which will be used when signing assertion and response - final Signature signature2 = (Signature) Configuration - .getBuilderFactory().getBuilder( - Signature.DEFAULT_ELEMENT_NAME).buildObject( - Signature.DEFAULT_ELEMENT_NAME); - final SecurityConfiguration secConfiguration2 = Configuration - .getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2 - .getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2 - .getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2 - .getFactory(credential); - final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2 - .newInstance(); - - KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential); - signature2.setSigningCredential(credential); - signature2.setSignatureAlgorithm( - SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - signature2.setKeyInfo(keyInfo2); - signature2.setCanonicalizationAlgorithm( - SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - - LOG.info("Marshall samlToken."); - String qn = tokenSaml.getElementQName().toString(); - - if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - { - tokenSaml.setSignature(signature); - CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller(); - mars.marshall(tokenSaml); - Signer.signObject(signature); - } - else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME)) - { - Response res = (Response)tokenSaml; - List<Assertion> asserts = res.getAssertions(); - //If multiple assertions we just sign the response and not the assertion - if (asserts.size() > 1) - { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - //If single assertion we sign the assertion and response - else - { - Assertion assertion = (Assertion)asserts.get(0); - assertion.setSignature(signature); - tokenSaml.setSignature(signature2); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - Signer.signObject(signature2); - } - } - //Normally we just sign the total saml response - else - { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml) - .marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - - - } catch (MarshallingException e) { - LOG.error("MarshallingException"); - throw new SAMLEngineException(e); - } catch (NoSuchAlgorithmException e) { - LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); - throw new SAMLEngineException(e); - } catch (KeyStoreException e) { - LOG.error("Generic KeyStore exception."); - throw new SAMLEngineException(e); - } catch (SignatureException e) { - LOG.error("Signature exception."); - throw new SAMLEngineException(e); - } catch (SecurityException e) { - LOG.error("Security exception."); - throw new SAMLEngineException(e); - } catch (UnrecoverableKeyException e) { - LOG.error("UnrecoverableKey exception."); - throw new SAMLEngineException(e); - } - - return tokenSaml; - } - - /** - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(org.opensaml.common.SignableSAMLObject) - * @param tokenSaml token SAML - * @return the SAMLObject validated. - * @throws SAMLEngineException error validate signature - */ - public final SAMLObject validateSignature(final SignableSAMLObject tokenSaml) - throws SAMLEngineException { - LOG.info("Start signature validation."); - try { - - // Validate structure signature - final SAMLSignatureProfileValidator sigProfValidator = - new SAMLSignatureProfileValidator(); - try { - // Indicates signature id conform to SAML Signature profile - sigProfValidator.validate(tokenSaml.getSignature()); - } catch (ValidationException e) { - LOG.error("ValidationException: signature isn't conform to SAML Signature profile."); - throw new SAMLEngineException(e); - } - - String aliasCert = null; - X509Certificate certificate; - - /*final List<Credential> trustCred = new ArrayList<Credential>(); - - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e - .hasMoreElements();) { - aliasCert = e.nextElement(); - final BasicX509Credential credential = new BasicX509Credential(); - certificate = (X509Certificate) storkOwnKeyStore - .getCertificate(aliasCert); - credential.setEntityCertificate(certificate); - trustCred.add(credential); - }*/ - - final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); - - final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo - .getX509Datas().get(0).getX509Certificates().get(0); - - final CertificateFactory certFact = CertificateFactory - .getInstance("X.509"); - final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 - .decode(xmlCert.getValue())); - final X509Certificate cert = (X509Certificate) certFact - .generateCertificate(bis); - - // Exist only one certificate - final BasicX509Credential entityX509Cred = new BasicX509Credential(); - entityX509Cred.setEntityCertificate(cert); - -// try { -// cert.checkValidity(); -// } -// catch (CertificateExpiredException exp) { -// throw new SAMLEngineException("Certificate expired."); -// } -// catch (CertificateNotYetValidException exp) { -// throw new SAMLEngineException("Certificate not yet valid."); -// } -// - boolean trusted = false; - - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements();) - { - aliasCert = e.nextElement(); - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(aliasCert); - try { - cert.verify(certificate.getPublicKey()); - trusted = true; - break; - } - catch (Exception ex) { - //Do nothing - cert not trusted yet - } - } - - if (!trusted) - throw new SAMLEngineException("Certificate is not trusted."); - - /* - // Validate trust certificates - final ExplicitX509CertificateTrustEvaluator chainTrustEvaluator = new ExplicitX509CertificateTrustEvaluator(); - - if (!chainTrustEvaluator.validate(entityX509Cred, trustCred)) { - throw new SAMLEngineException("Certificate is not trusted."); - } - /*final ExplicitKeyTrustEvaluator keyTrustEvaluator = - new ExplicitKeyTrustEvaluator(); - - if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) { - throw new SAMLEngineException("Certificate is not trusted."); - }*/ - - // Validate signature - final SignatureValidator sigValidator = new SignatureValidator( - entityX509Cred); - sigValidator.validate(tokenSaml.getSignature()); - - } catch (ValidationException e) { - LOG.error("ValidationException."); - throw new SAMLEngineException(e); - } catch (KeyStoreException e) { - LOG.error("KeyStoreException.", e); - throw new SAMLEngineException(e); - } catch (GeneralSecurityException e) { - LOG.error("GeneralSecurityException.", e); - throw new SAMLEngineException(e); - } - LOG.info(tokenSaml.getSignatureReferenceID()); - LOG.info("Start signature validation - END." ); - return tokenSaml; - } - - - /** - * Load cryptographic service provider. - * - * @throws SAMLEngineException the SAML engine exception - */ - public final void loadCryptServiceProvider() throws SAMLEngineException { - LOG.info("Load Cryptographic Service Provider"); - FileInputStream fis = null; - try { - // Dynamically register Bouncy Castle provider. - boolean found = false; - // Check if BouncyCastle is already registered as a provider - final Provider[] providers = Security.getProviders(); - for (int i = 0; i < providers.length; i++) { - if (providers[i].getName().equals( - BouncyCastleProvider.PROVIDER_NAME)) { - found = true; - } - } - - // Register only if the provider has not been previously registered - if (!found) { - LOG.info("SAMLCore: Register Bouncy Castle provider."); - Security.insertProviderAt(new BouncyCastleProvider(), Security - .getProviders().length); - } - - storkOwnKeyStore = KeyStore.getInstance(properties - .getProperty(KEYSTORE_TYPE)); - - LOG.info("Loading KeyInfo from keystore file " + properties.getProperty("keystorePath")); - fis = new FileInputStream(properties - .getProperty("keystorePath")); - - storkOwnKeyStore.load(fis, properties.getProperty( - KEY_STORE_PASS).toCharArray()); - - } catch (Exception e) { - LOG.error("Error loading CryptographicServiceProvider", e); - throw new SAMLEngineException( - "Error loading CryptographicServiceProvider", e); - } finally { - IOUtils.closeQuietly(fis); - } - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java deleted file mode 100644 index a60515593..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SAMLCore; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; - -/** - * The Class VIDPAuthenticationAttributesBuilder. - * - * @author fjquevedo - */ -public final class VIDPAuthenticationAttributesBuilder extends AbstractSAMLObjectBuilder<VIDPAuthenticationAttributes> { - - - /** {@inheritDoc} */ - public VIDPAuthenticationAttributes buildObject() { - return buildObject(SAMLCore.STORK10P_NS.getValue(), VIDPAuthenticationAttributes.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - } - - /** {@inheritDoc} */ - public VIDPAuthenticationAttributes buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new VIDPAuthenticationAttributesImpl(namespaceURI, localName, namespacePrefix); - } - -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java deleted file mode 100644 index 25737e307..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java +++ /dev/null @@ -1,132 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSignableSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; -import eu.stork.peps.auth.engine.core.SPInformation; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class VIDPAuthenticationAttributesImpl. - * - * @author fjquevedo - */ -public final class VIDPAuthenticationAttributesImpl extends AbstractSignableSAMLObject implements -VIDPAuthenticationAttributes { - - private static final Logger LOGGER = LoggerFactory.getLogger(VIDPAuthenticationAttributesImpl.class.getName()); - /** The citizen country code. */ - private CitizenCountryCode citizenCountryCode; - - /** The SP information. */ - private SPInformation spInformation; - - /** - * Instantiates a new requested attributes implement. - * - * @param namespaceURI the namespace URI - * @param elementLocalName the element local name - * @param namespacePrefix the namespace prefix - */ - protected VIDPAuthenticationAttributesImpl(final String namespaceURI, - final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - - /** - * getCitizenCountryCode. - * - * @return the citizen country code - */ - public CitizenCountryCode getCitizenCountryCode() { - return citizenCountryCode; - } - - /** - * getSPInformation - * - * @return the SP information - */ - public SPInformation getSPInformation() { - return spInformation; - } - - /** - * Gets the ordered children. - * - * @return the ordered children - * - */ - public List<XMLObject> getOrderedChildren() { - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - children.add(citizenCountryCode); - children.add(spInformation); - - if (getSignature() != null) { - children.add(getSignature()); - } - - return Collections.unmodifiableList(children); - - } - - /** - * Gets the signature reference id. - * - * @return the signature reference id - * - */ - public String getSignatureReferenceID() { - return null; - } - - /** - * Sets the citizen country code. - * - * @param newCitizenCountryCode the new citizen country code - * - */ - public void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode) { - this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode); - } - - /** - * Sets the SP information. - * - * @param newSPInformation the new SP information - * - */ - public void setSPInformation(SPInformation newSPInformation) { - this.spInformation = prepareForAssignment(this.spInformation, newSPInformation); - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java deleted file mode 100644 index 5635ddd6b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; - -/** - * The Class VIDPAuthenticationAttributesMarshaller. - * - * @author fjquevedo - */ -public class VIDPAuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Instantiates a new vIDP authentication attributes marshaller. - */ - public VIDPAuthenticationAttributesMarshaller() { - super(); - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java deleted file mode 100644 index ba4a4fe3a..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; -import eu.stork.peps.auth.engine.core.SPInformation; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; - -/** - * The Class VIDPAuthenticationAttributesUnmarshaller. - * - * @author fjquevedo - */ -public class VIDPAuthenticationAttributesUnmarshaller extends - AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentObject the parent object - * @param childObject the child object - * - * @throws UnmarshallingException the unmarshalling exception - * - */ - protected final void processChildElement(final XMLObject parentObject, - final XMLObject childObject) throws UnmarshallingException { - final VIDPAuthenticationAttributes vIDPAuthenticationAttr = (VIDPAuthenticationAttributes) parentObject; - - if (childObject instanceof CitizenCountryCode) { - vIDPAuthenticationAttr.setCitizenCountryCode((CitizenCountryCode) childObject); - } else if (childObject instanceof SPInformation) { - vIDPAuthenticationAttr.setSPInformation((SPInformation) childObject); - } else { - super.processChildElement(parentObject, childObject); - } - } -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java deleted file mode 100644 index 07db9c9db..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Implementations of STORK 1.0 core specification types and elements. - */ -package eu.stork.peps.auth.engine.core.impl;
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java deleted file mode 100644 index 51745d796..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Interfaces for STORK 1.0 core specification types and elements. - */ -package eu.stork.peps.auth.engine.core;
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java deleted file mode 100644 index a5f4202ff..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java +++ /dev/null @@ -1,57 +0,0 @@ -package eu.stork.peps.auth.engine.core.validator; - -import java.util.List; - -import org.opensaml.saml2.common.Extensions; -import org.opensaml.saml2.core.SubjectQuery; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.util.DatatypeHelper; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.QAAAttribute; - -public class CustomAttributeQueryValidator implements Validator<CustomAttributeQuery> { - - /* - * Validate action. - * - * @param qaa the quality authentication assurance level attribute - * - * @throws ValidationException the validation exception - */ - public final void validate(final CustomAttributeQuery attrQuery) throws ValidationException { - validateAssertion(attrQuery); - validateSubject(attrQuery); - validateDestination(attrQuery); - } - - - /** - * Validate assertion. - * - * @param attrQuery the attribute query - * - * @throws ValidationException the validation exception - */ - protected final void validateAssertion(final CustomAttributeQuery attrQuery) - throws ValidationException { - if (DatatypeHelper.isEmpty(attrQuery.getAssertionConsumerServiceURL())) { - throw new ValidationException("Consumer Service URL must be specified."); - } - } - - //Validate subject - protected void validateSubject(CustomAttributeQuery query) throws ValidationException { - if (query.getSubject() == null) - throw new ValidationException("Subject is required"); - } - - //Validate destination - protected void validateDestination(CustomAttributeQuery query) throws ValidationException { - if (query.getDestination() == null) - throw new ValidationException("Destination is required"); - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java deleted file mode 100644 index 491549aac..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.validator; - -import java.util.List; - -import org.opensaml.saml2.common.Extensions; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class ExtensionsSchemaValidator. - * - * @author fjquevedo - */ -public class ExtensionsSchemaValidator implements Validator<Extensions> { - - - /** - * validate the extensions. - * - * @param extensions the extensions - * - * @throws ValidationException the validation exception - */ - public final void validate(final Extensions extensions) - throws ValidationException { - if (extensions.getUnknownXMLObjects() == null - || extensions.getUnknownXMLObjects().size() <= 0) { - throw new ValidationException("Extension element is empty or not exist."); - } - - List<XMLObject> qaa = extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME); - - if (qaa.size() == 1) { - final Validator<QAAAttribute> validatorQaa = new QAAAttributeSchemaValidator(); - validatorQaa.validate((QAAAttribute) qaa.get(0)); - } else { - throw new ValidationException( - "Extensions must contain only one element QAALevel."); - } - - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java deleted file mode 100644 index 44c9db380..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.validator; - -import org.opensaml.xml.util.DatatypeHelper; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class QAAAttributeSchemaValidator. - * - * @author fjquevedo - */ -public class QAAAttributeSchemaValidator implements Validator<QAAAttribute> { - - - /** - * Validate action. - * - * @param qaa the quality authentication assurance level attribute - * - * @throws ValidationException the validation exception - */ - public final void validate(final QAAAttribute qaa) throws ValidationException { - validateAction(qaa); - } - - - /** - * Validate action. - * - * @param qaaAttribute the quality authentication assurance level attribute. - * - * @throws ValidationException the validation exception - */ - protected final void validateAction(final QAAAttribute qaaAttribute) - throws ValidationException { - if (DatatypeHelper.isEmpty(qaaAttribute.getQaaLevel())) { - throw new ValidationException("QAALevel label must be specified."); - } - - final int qaa = Integer.valueOf(qaaAttribute.getQaaLevel()); - - if (qaa < QAAAttribute.MIN_VALUE || qaa > QAAAttribute.MAX_VALUE) { - throw new ValidationException( - "QAALevel label must be greater than 0."); - } - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java deleted file mode 100644 index 07b632773..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Validation rules for STORK 1.0 core types and elements. - */ -package eu.stork.peps.auth.engine.core.validator;
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java deleted file mode 100644 index 30130b7f6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Provides the classes necessary to create a SAML message. - */ -package eu.stork.peps.auth.engine;
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java deleted file mode 100644 index c358f7cb7..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java +++ /dev/null @@ -1,136 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.HashMap; -import java.util.InvalidPropertiesFormatException; -import java.util.Map; -import java.util.Properties; - -import org.apache.commons.io.IOUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * The Class InstanceCreator. - * - * @author fjquevedo - */ -public final class ConfigurationCreator { - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory - .getLogger(ConfigurationCreator.class.getName()); - - /** - * Creates the configuration. - * - * @param instanceConfs the instance configuration - * - * @return the map< string, map< string, object>> - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - public static Map<String, Map<String, Object>> createConfiguration( - final Map<String, InstanceEngine> instanceConfs) throws STORKSAMLEngineException { - - final HashMap<String, Map<String, Object>> instances = - new HashMap<String, Map<String, Object>>(); - - LOGGER.info("Create configuration."); - try { - // Only create instances for SAMLEngine configuration. - // INSTANCE - for (Map.Entry<String, InstanceEngine> entry : instanceConfs - .entrySet()) { - final InstanceEngine iEngine = entry.getValue(); - - final Map<String, Object> intance = new HashMap<String, Object>(); - - // CONFIGURATION - for (ConfigurationEngine configuration : iEngine - .getConfiguration()) { - // Properties only for configuration SamlEngine. - if (configuration.getName().equalsIgnoreCase( - "SamlEngineConf")) { - intance.put(configuration.getName(), - getNewInstance(configuration.getParameters() - .get("fileConfiguration"))); - } else { - intance.put(configuration.getName(), configuration - .getParameters()); - } - } - instances.put(entry.getKey(), intance); - } - } catch (STORKSAMLEngineException ex) { - LOGGER.error("Can not create instance from file configuration."); - throw new STORKSAMLEngineException(ex); - } - return instances; - } - - - /** - * Gets the new instance. - * - * @param fileName the file name - * - * @return the properties from the new instance - * - * @throws STORKSAMLEngineException the STORKSAML engine - * runtime exception - */ - private static Properties getNewInstance(final String fileName) - throws STORKSAMLEngineException { - LOGGER.info("Create file configuration properties to Stork Saml Engine."); - InputStream fileEngineProp = null; - try { - // fetch base from system properties, give a default if there is nothing configured - String base = System.getProperty("eu.stork.samlengine.config.location"); - if(null != base) - if(!base.endsWith("/")) - base += "/"; - - if(null != base) - fileEngineProp = new FileInputStream(base + fileName); - else - fileEngineProp = ConfigurationCreator.class.getResourceAsStream("/" + fileName); - final Properties configuration = new Properties(); - configuration.loadFromXML(fileEngineProp); - return configuration; - } catch (InvalidPropertiesFormatException e) { - LOGGER.error("Invalid properties format."); - throw new STORKSAMLEngineException(e); - } catch (IOException e) { - LOGGER.error("Error read file: " + fileName); - throw new STORKSAMLEngineException(e); - } finally { - IOUtils.closeQuietly(fileEngineProp); - } - } - - /** - * Instantiates a new instance creator. - */ - private ConfigurationCreator() { - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java deleted file mode 100644 index d9e7e467a..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.util.Map; - -/** - * The Class ConfigurationEngine. - * - * @author fjquevedo - */ -public class ConfigurationEngine { - - /** The name of the configuration file. */ - private String name; - - /** The parameters. */ - private Map<String, String> parameters; - - /** - * Gets the name. - * - * @return the name - */ - public final String getName() { - return name; - } - - /** - * Gets the parameters. - * - * @return the parameters - */ - public final Map<String, String> getParameters() { - return parameters; - } - - /** - * Sets the name. - * - * @param newName the new name - */ - public final void setName(final String newName) { - this.name = newName; - } - - /** - * Sets the parameters. - * - * @param newParameters the parameters - */ - public final void setParameters(final Map<String, String> newParameters) { - this.parameters = newParameters; - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java deleted file mode 100644 index 06c2d2f94..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java +++ /dev/null @@ -1,233 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.HashMap; -import java.util.Map; - -import javax.xml.XMLConstants; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; -import org.xml.sax.SAXException; - -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * The Class ConfigurationReader. - * - * @author fjquevedo - */ -public final class ConfigurationReader { - - /** The Constant SAML_ENGINE_CONFIGURATION_FILE. */ - private static final String ENGINE_CONF_FILE = "SamlEngine.xml"; - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory - .getLogger(ConfigurationReader.class.getName()); - - /** The Constant NODE_CONFIGURATION. */ - private static final String NODE_CONF = "configuration"; - - /** The Constant NODE_CONFIGURATION_NAME. */ - private static final String NODE_CONF_NAME = "name"; - - /** The Constant NODE_INSTANCE_NAME. */ - private static final String NODE_INST_NAME = "name"; - - /** The Constant NODE_INSTANCE. */ - private static final String NODE_INSTANCE = "instance"; - - /** The Constant NODE_CONFIGURATION_NAME. */ - private static final String NODE_PARAM_NAME = "name"; - - /** The Constant NODE_CONFIGURATION_NAME. */ - private static final String NODE_PARAM_VALUE = "value"; - - /** The Constant NODE_CONFIGURATION_NAME. */ - private static final String NODE_PARAMETER = "parameter"; - - /** - * Generate parameters. - * - * @param configurationNode the configuration node - * - * @return the map< string, string> - */ - private static Map<String, String> generateParam( - final Element configurationNode) { - - final HashMap<String, String> parameters = new HashMap<String, String>(); - - final NodeList parameterNodes = configurationNode - .getElementsByTagName(NODE_PARAMETER); - - String parameterName; - String parameterValue; - - for (int k = 0; k < parameterNodes.getLength(); ++k) { - // for every parameter find, process. - final Element parameterNode = (Element) parameterNodes.item(k); - parameterName = parameterNode.getAttribute(NODE_PARAM_NAME); - parameterValue = parameterNode.getAttribute(NODE_PARAM_VALUE); - - // verified the content. - if (StringUtils.isBlank(parameterName) - || StringUtils.isBlank(parameterValue)) { - throw new STORKSAMLEngineRuntimeException( - "Error reader parameters (name - value)."); - } else { - parameters.put(parameterName.trim(), parameterValue.trim()); - } - } - return parameters; - } - - /** - * Read configuration. - * - * @return the map< string, instance engine> - * - * @throws SAMLEngineException the STORKSAML engine runtime - * exception - */ - public static Map<String, InstanceEngine> readConfiguration() - throws SAMLEngineException { - - // fetch base from system properties, give a default if there is nothing configured - String base = System.getProperty("eu.stork.samlengine.config.location"); - if(null != base) - if(!base.endsWith("/")) - base += "/"; - - LOGGER.info("Init reader: " + base + ENGINE_CONF_FILE); - final Map<String, InstanceEngine> instanceConfs = - new HashMap<String, InstanceEngine>(); - - Document document = null; - // Load configuration file - final DocumentBuilderFactory factory = DocumentBuilderFactory - .newInstance(); - DocumentBuilder builder; - - InputStream engineConf = null; - try { - - factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); - - builder = factory.newDocumentBuilder(); - - if(null != base) - engineConf = new FileInputStream(base + ENGINE_CONF_FILE); - else - engineConf = ConfigurationReader.class.getResourceAsStream("/" + ENGINE_CONF_FILE); - - document = builder.parse(engineConf); - - // Read instance - final NodeList list = document.getElementsByTagName(NODE_INSTANCE); - - for (int indexElem = 0; indexElem < list.getLength(); ++indexElem) { - final Element element = (Element) list.item(indexElem); - - final InstanceEngine instanceConf = new InstanceEngine(); - - // read every configuration. - final String instanceName = element - .getAttribute(NODE_INST_NAME); - - if (StringUtils.isBlank(instanceName)) { - throw new STORKSAMLEngineRuntimeException( - "Error reader instance name."); - } - instanceConf.setName(instanceName.trim()); - - final NodeList confNodes = element - .getElementsByTagName(NODE_CONF); - - for (int indexNode = 0; indexNode < confNodes.getLength(); ++indexNode) { - - final Element configurationNode = (Element) confNodes - .item(indexNode); - - final String configurationName = configurationNode - .getAttribute(NODE_CONF_NAME); - - if (StringUtils.isBlank(configurationName)) { - throw new STORKSAMLEngineRuntimeException( - "Error reader configuration name."); - } - - final ConfigurationEngine confSamlEngine = - new ConfigurationEngine(); - - // Set configuration name. - confSamlEngine.setName(configurationName.trim()); - - // Read every parameter for this configuration. - final Map<String, String> parameters = - generateParam(configurationNode); - - // Set parameters - confSamlEngine.setParameters(parameters); - - // Add parameters to the configuration. - instanceConf.getConfiguration().add(confSamlEngine); - } - - // Add to the list of configurations. - instanceConfs.put(element.getAttribute(NODE_INST_NAME), - instanceConf); - } - - } catch (SAXException e) { - LOGGER.error("Error: init library parser."); - throw new SAMLEngineException(e); - } catch (ParserConfigurationException e) { - LOGGER.error("Error: parser configuration file xml."); - throw new SAMLEngineException(e); - } catch (IOException e) { - LOGGER.error("Error: read configuration file."); - throw new SAMLEngineException(e); - } finally { - IOUtils.closeQuietly(engineConf); - } - - return instanceConfs; - } - - /** - * Instantiates a new configuration reader. - */ - private ConfigurationReader() { - - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java deleted file mode 100644 index d00607853..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.util.Map; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * The Class InstanceCreator. - * - * @author fjquevedo - */ -public final class ConfigurationSingleton { - - /** The instance of every engine SAML. */ - private static Map<String, InstanceEngine> instanceConfigs; - - /** The instances of SAML engine. */ - private static Map<String, Map<String, Object>> instances; - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory - .getLogger(ConfigurationSingleton.class.getName()); - - static { - LOGGER.debug("Read all file configurations. (instances of SAMLEngine)"); - try { - instanceConfigs = ConfigurationReader.readConfiguration(); - } catch (SAMLEngineException e) { - LOGGER.error("Error read configuration file."); - throw new STORKSAMLEngineRuntimeException(e); - } - } - - /** - * Gets the new instance. - * - * @param fileName the file name - * - * @return the properties from the new instance - * - * @throws STORKSAMLEngineException the STORKSAML engine runtime exception - */ - private static Map<String, Map<String, Object>> getInstance( - final String fileName) throws STORKSAMLEngineException { - return ConfigurationCreator.createConfiguration(instanceConfigs); - } - - /** - * Instantiates a new instance creator. - */ - private ConfigurationSingleton() { - } - -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java deleted file mode 100644 index 4d9bba8e7..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.util.ArrayList; -import java.util.List; - -/** - * The Class InstanceConfiguration. - * - * @author fjquevedo - */ -public class InstanceEngine { - - /** The configuration. */ - private List<ConfigurationEngine> configuration = new ArrayList<ConfigurationEngine>(); - - /** The name. */ - private String name; - - /** - * Gets the parameters. - * - * @return the parameters - */ - public final List<ConfigurationEngine> getConfiguration() { - return this.configuration; - } - - /** - * Gets the name. - * - * @return the name - */ - public final String getName() { - return name; - } - - /** - * Sets the parameters. - * - * @param newConfiguration the new parameters - */ - public final void setConfiguration(final List<ConfigurationEngine> newConfiguration) { - this.configuration = newConfiguration; - } - - /** - * Sets the name. - * - * @param newName the new name - */ - public final void setName(final String newName) { - this.name = newName; - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java deleted file mode 100644 index 344368e03..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Provides the classes necessary to create a SAML message instance. - */ -package eu.stork.peps.configuration; diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java deleted file mode 100644 index ac46f73e4..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.exceptions; - -/** - * The Class SAMLEngineException. - * - * @author fjquevedo - */ -public class SAMLEngineException extends Exception { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 2611361164977849837L; - - /** - * Instantiates a new SAMLEngine exception. - * - * @param wrappedException the wrapped exception - */ - public SAMLEngineException(final Exception wrappedException) { - super(wrappedException); - } - - /** - * Instantiates a new SAMLEngine exception. - * - * @param message the message - */ - public SAMLEngineException(final String message) { - super(message); - } - - /** - * Instantiates a new SAMLEngine exception. - * - * @param message the message - * @param wrappedException the wrapped exception - */ - public SAMLEngineException(final String message, - final Exception wrappedException) { - super(message, wrappedException); - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java deleted file mode 100644 index bddcbd1b3..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.exceptions; - -/** - * The Class STORKSAMLEngineException. - * - * @author fjquevedo - */ -public class STORKSAMLEngineException extends Exception { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = -8319723167019122930L; - - /** The error code. */ - private String errorCode; - - /** The error detail. */ - private String errorDetail; - - /** - * Instantiates a new sTORKSAML engine exception. - * - * @param wrappedException the wrapped exception - */ - public STORKSAMLEngineException(final Exception wrappedException) { - super(wrappedException); - } - - /** - * Instantiates a new sTORKSAML engine exception. - * - * @param errorMessage the error message - */ - public STORKSAMLEngineException(final String errorMessage) { - super(errorMessage); - } - - /** - * Instantiates a new sTORKSAML engine exception. - * - * @param message the message - * @param wrappedException the wrapped exception - */ - public STORKSAMLEngineException(final String message, - final Exception wrappedException) { - super(message, wrappedException); - } - - /** - * Instantiates a new sTORKSAML engine exception. - * - * @param newErrorCode the error code - * @param errorMessage the error message - * @param newErrorDetail the error detail - */ - public STORKSAMLEngineException(final String newErrorCode, - final String errorMessage, final String newErrorDetail) { - super(errorMessage); - this.errorCode = newErrorCode; - this.errorDetail = newErrorDetail; - } - - /** - * Gets the error code. - * - * @return the error code - */ - public final String getErrorCode() { - return this.errorCode; - } - - /** - * Gets the error detail. - * - * @return the error detail - */ - public final String getErrorDetail() { - return errorDetail; - } - - /** - * Gets the error message. - * - * @return the error message - */ - public final String getErrorMessage() { - return super.getMessage(); - } - - - /** - * Gets the message. - * - * @return the message of the exception. - * - * @see java.lang.Throwable#getMessage() - */ - public final String getMessage() { - return "Error (no. " + errorCode + ") processing request : " - + super.getMessage(); - } - - /** - * Sets the error code. - * - * @param newErrorCode the new error code - */ - public final void setErrorCode(final String newErrorCode) { - this.errorCode = newErrorCode; - } - - /** - * Sets the error detail. - * - * @param newErrorDetail the new error detail - */ - public final void setErrorDetail(final String newErrorDetail) { - this.errorDetail = newErrorDetail; - } - -} diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java deleted file mode 100644 index fb01fd5aa..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.exceptions; - -/** - * The Class STORKSAMLEngineRuntimeException. - * - * @author fjquevedo - */ -public class STORKSAMLEngineRuntimeException extends RuntimeException { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 5829810358581493517L; - - /** - * Instantiates a new sTORKSAML engine runtime exception. - * - * @param wrappedException the wrapped exception - */ - public STORKSAMLEngineRuntimeException(final Exception wrappedException) { - super(wrappedException); - } - - /** - * Creates a new instance of application exception. - * - * @param cause the exception cause. - */ - public STORKSAMLEngineRuntimeException(final String cause) { - super(cause); - } - - /** - * Instantiates a new sTORKSAML engine runtime exception. - * - * @param message the message - * @param wrappedException the wrapped exception - */ - public STORKSAMLEngineRuntimeException(final String message, - final Exception wrappedException) { - super(message, wrappedException); - } -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java b/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java deleted file mode 100644 index 0c7341995..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Provides the classes for STORK exceptions management. - */ -package eu.stork.peps.exceptions;
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SamlEngine.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SamlEngine.xml deleted file mode 100644 index 563196604..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SamlEngine.xml +++ /dev/null @@ -1,21 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<instances> - - - <!-- Configuration name--> - <instance name="outgoing"> - <!-- Configurations parameters StorkSamlEngine --> - <configuration name="SamlEngineConf"> - <parameter name="fileConfiguration" value="StorkSamlEngine_outgoing.xml" /> - </configuration> - - <!-- Settings module signature--> - <configuration name="SignatureConf"> - <!-- Specific signature module --> - <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" /> - <!-- Settings specific module --> - <parameter name="fileConfiguration" value="SignModule_outgoing.xml" /> - </configuration> - </instance> - -</instances>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml deleted file mode 100644 index 46f29b741..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS</entry> - <entry key="serialNumber">529E05C8</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml deleted file mode 100644 index fbf1bcdac..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">src/test/resources/keyStoreCountry1.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">529E04FF</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml deleted file mode 100644 index 7cf336ead..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">src/test/resources/keyStoreCountry2.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">529E04FF</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml deleted file mode 100644 index 0da5143c1..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">src/test/resources/keyStoreCountry3.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">529E04FF</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_P11.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_P11.xml deleted file mode 100644 index 96d06a8be..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_P11.xml +++ /dev/null @@ -1,11 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>HWModule sign with interface PKCS11.</comment> - <entry key="configurationFile">p11Config.cfg</entry> - <entry key="keyPassword">*******</entry> - <entry key="issuer">CN=XXXXXXXXX</entry> - <entry key="serialNumber">xxxxxxxxxxxxxx</entry> - <entry key="keystoreType">PKCS11</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_outgoing.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_outgoing.xml deleted file mode 100644 index 7139c5a41..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/SignModule_outgoing.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo-cert, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">4BA89DB2</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml deleted file mode 100644 index f45502c0c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml +++ /dev/null @@ -1,91 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - - <!-- - Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - - - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - <entry key="eIDSectorShare">true</entry> - <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> - --> - - - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">true</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive number)--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> - - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml deleted file mode 100644 index f45502c0c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml +++ /dev/null @@ -1,91 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - - <!-- - Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - - - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - <entry key="eIDSectorShare">true</entry> - <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> - --> - - - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">true</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive number)--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> - - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml deleted file mode 100644 index dd3768f4f..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml +++ /dev/null @@ -1,64 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - <!-- - Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - <entry key="eIDSectorShare">false</entry> - <entry key="eIDCrossSectorShare">false</entry> - <entry key="eIDCrossBorderShare">false</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml deleted file mode 100644 index 5048b28a7..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml +++ /dev/null @@ -1,61 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - <!-- - Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - <entry key="eIDSectorShare">false</entry> - <entry key="eIDCrossSectorShare">false</entry> - <entry key="eIDCrossBorderShare">false</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_outgoing.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_outgoing.xml deleted file mode 100644 index 79c69aedb..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/StorkSamlEngine_outgoing.xml +++ /dev/null @@ -1,93 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - - <!-- - Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - - - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - <entry key="eIDSectorShare">true</entry> - <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> - --> - - - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">true</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive number)--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> - - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> - <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry> - <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml deleted file mode 100644 index b318f9183..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml +++ /dev/null @@ -1,16 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_939726f0a02072f40b548de378612a50" IssueInstant="2013-10-04T16:57:55.547Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_939726f0a02072f40b548de378612a50"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>BgPDTVCv7BhiWIs6HsC06jaHaag=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>dIC61bGi6Jqp1zSVojpjaVq9WaZcDtNImXgo1Dyze5/hJA07Sy4TaHu+/IuLEC99aLjM6rxh2UUNqpPaQCFlF5eVkVv/c4gHEZVyevhjJKTidqmnuhlI78PGMx2thfxFsHsPcqHqOzy1Z6w18K1ds6APQP+aXI9TNKis+pykn4nJititYuiSseD0VY0F4QnXx+U6k3raoi1CAFE5fe7EuI/KfxuhhQLAbLq90Vm8R94ITBjfSS25mXstXNe9zppTSjDB42ld1TjDovDwXAn5OxiZasIEb5m68sRlxgoQ/2/+ZdYNNINFLAwkCbb8MiCbGASd626Bme0Kx+ropeWdxw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDXjCCAkagAwIBAgIEUk1MbDANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJJUzESMBAGA1UE -CAwJUmV5a2phdmlrMRIwEAYDVQQHDAlSZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNV -BAsMBlNUT1JLMjEXMBUGA1UEAwwOc2FtbC1kZW1vLWNlcnQwHhcNMTMxMDAzMTA1MzEyWhcNMjMx -MDAzMTA1MzEyWjBxMQswCQYDVQQGEwJJUzESMBAGA1UECAwJUmV5a2phdmlrMRIwEAYDVQQHDAlS -ZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNVBAsMBlNUT1JLMjEXMBUGA1UEAwwOc2Ft -bC1kZW1vLWNlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkSgTxZkNRXZTKLB0c -4oz7/8Dh56FX+0cYg7hjw4e8vn+ITXkxzrmUH57FtsvKln4mq1H0FHXL80u3IiWX8qY+QLgNeKeB -m85lXuyOb3wWpKAaQvpLAkejGLCx22AN2L0WZkKZV2puwRQVsRHCq6U6vToJXDZ6Ui6ltKsAl/ZS -8qUFpiIvqD5ea4ohz4JsFE/uApRc7pbJ4VbOmAAeH/tQTayptq2kPb2vvUVk+2cH5J7UD+GCI88E -e+mS+C33tV9NmWUHL69mYEe8FXjumbKA5e9i1ejn9i0/BLUtHFonHnL9YFMim0foI7NNc5mNg9aw -vm0PuByVU3kuibQkqGBLAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAA9X5B4NBmVuhjECi+KOnRRX -5oUV+jbYKhGZODDPi+F4Uo7ZtPFQ6sS3tE54+8AoDl5zQ5q5fDDVXhB42IIIjDxHKo8cBXie5FZ6 -mJtErvWZWYWdO0uV2OQAUALq2LieidqSFDJ+Pjl8w1New8oi3migwyE0jZo4Q97lJGDfJTruV0A2 -JE/Gt6QAAcWhhN2hZl92pYkIi5OeqHXyzBUp5vg8LLfNmeyziCAiXDC1Sy/aQU/cllZ3zFJMrqZM -s2xBpmB4sF1YRbIrr2OqEVE6M6DUx+pAQOd2uogV3AMT9D5MYpckI1jx/o/Tto7ju74nIVOskDiN -K0FR8izxcT0HixM=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</stork:AttributeValue><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">Sveinbjorn</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/></saml2:Subject></saml2p:AttributeQuery>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml deleted file mode 100644 index 29db86a73..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_f6c8fc355b9f125cb5283f038e1b3cdf" IssueInstant="2013-10-03T10:28:15.449Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignatureValue>hhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw -YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v -LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG -A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv -Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab -ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU -0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n -6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5 -y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z -9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F -6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM -pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT -/NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq -yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7 -Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</stork:AttributeValue><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">Sveinbjörn</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:1.0:cm:sender-vouches"/></saml2:Subject></saml2p:AttributeQuery>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml deleted file mode 100644 index a912ec57c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_483140d440fc4eef8e949ace49669f2e" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_483140d440fc4eef8e949ace49669f2e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>yMOVS1T/yRiVh3L6IBM9rR9Ie3w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>d8e/RyNNPmnHRIzTIuRSnW6B60oWGBGxjRua/HvNxTuod0qSarYJxEedhY9Wl1Z9WYXlry28FuKjp3DA3HhzNaVd7A7QpFqNC4dnizSVWFjxlhmoE/Uv3Y/ha9P/fk6nbtHCSKW4kHSX7QfFLeggcLmUG0IULRF8UmRdQ0WerCl0aSZZeSp8J3LsFBPeWCRSwXgfiLn+RehggzZmQU6g0ssxrpnsYEAtjAiOli+YVQGuumsZGaJ8zHA/DgJ2FTGovNUyfuSUFLhd9nLlSqFs2Avnx0Ck7Q1dxDO5truOm6e285YLHqLaGdetFyPQAj/Z4w4RJ5u5X6d7rhBjTfRAAw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw -YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v -LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG -A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv -Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab -ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU -0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n -6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5 -y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z -9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F -6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM -pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT -/NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq -yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7 -Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Status><saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/><saml2p:StatusMessage>urn:oasis:names:tc:SAML:2.0:status:Success</saml2p:StatusMessage></saml2p:Status><saml2:Assertion ID="_9ed05849dee5c154e62fa9e3ba53e9f3" IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer><saml2:Subject><saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="http://C-PEPS.gov.xx">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</saml2:NameID><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData Address="111.222.333.444" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" NotOnOrAfter="2013-10-08T09:16:17.255Z"/></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions NotBefore="2013-10-08T09:11:17.255Z" NotOnOrAfter="2013-10-08T09:16:17.255Z"><saml2:AudienceRestriction><saml2:Audience>http://S-PEPS.gov.xx</saml2:Audience></saml2:AudienceRestriction><saml2:OneTimeUse/></saml2:Conditions><saml2:AuthnStatement AuthnInstant="2013-10-08T09:11:17.255Z"><saml2:SubjectLocality Address="111.222.333.444"/><saml2:AuthnContext><saml2:AuthnContextDecl/></saml2:AuthnContext></saml2:AuthnStatement><saml2:AttributeStatement><saml2:Attribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16/12/2008</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/canonicalResidenceAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType"><stork:postalCode xsi:type="xs:anyType">105</stork:postalCode><stork:state xsi:type="xs:anyType">IS</stork:state><stork:streetNumber xsi:type="xs:anyType">10</stork:streetNumber><stork:streetName xsi:type="xs:anyType">Gudrunartun</stork:streetName><stork:town xsi:type="xs:anyType">Reykjavik</stork:town></saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/newAttribute2" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType"><stork:value3 xsi:type="xs:anyType">value3</stork:value3><stork:value4 xsi:type="xs:anyType">value4</stork:value4><stork:value1 xsi:type="xs:anyType">value1</stork:value1><stork:value2 xsi:type="xs:anyType">value2</stork:value2></saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</saml2:AttributeValue><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">123456789IS</saml2:AttributeValue></saml2:Attribute></saml2:AttributeStatement></saml2:Assertion></saml2p:Response>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml deleted file mode 100644 index f7bac4b61..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml +++ /dev/null @@ -1,26 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ForceAuthn="true" ID="_e54eee285e7b8e2772875c406ec39674" IsPassive="false" IssueInstant="2010-06-08T07:37:54.533Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="University of Oxford" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> -<ds:SignedInfo> -<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> -<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> -<ds:Reference URI="#_e54eee285e7b8e2772875c406ec39674"> -<ds:Transforms> -<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> -<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml2 saml2p stork storkp xs"/></ds:Transform> -</ds:Transforms> -<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> -<ds:DigestValue>yzsqaxBNicOrixBUno5cL0CBOpE=</ds:DigestValue> -</ds:Reference> -</ds:SignedInfo> -<ds:SignatureValue> -Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC -wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi -YIN/BUEtXkoYTjPtkmA= -</ds:SignatureValue> -<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw -MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG -9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu -h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r -/WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk -3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K -eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq -KAoZgbUK0Zld3Dsheg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><stork:spSector>EDU001</stork:spSector><stork:spInstitution>OXF001</stork:spInstitution><stork:spApplication>APP001</stork:spApplication><stork:spCountry>EN</stork:spCountry><storkp:eIDSectorShare>true</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>true</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>true</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">16</stork:AttributeValue><stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml deleted file mode 100644 index b61a8cf41..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml +++ /dev/null @@ -1,14 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://locahost:8080/PEPS/ServiceProvider" ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false" IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="PT-SP" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> -<ds:SignatureValue> -S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR -Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC -Xt8p8tK3EoMocZse2hw= -</ds:SignatureValue> -<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw -OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl -lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK -ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl -r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w -kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS -3cyl/wz8</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml deleted file mode 100644 index 07ff68d38..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml +++ /dev/null @@ -1,14 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://localhost:8080/PEPS/ServiceProvider" ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false" IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="PT-SP" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> -<ds:SignatureValue> -S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR -Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC -Xt8p8tK3EoMocZse2hw= -</ds:SignatureValue> -<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw -OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl -lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK -ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl -r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w -kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS -3cyl/wz8</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks Binary files differdeleted file mode 100644 index 289e952fe..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks Binary files differdeleted file mode 100644 index 5399bf689..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks Binary files differdeleted file mode 100644 index 5399bf689..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks Binary files differdeleted file mode 100644 index 5399bf689..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/logback-test.xml b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/logback-test.xml deleted file mode 100644 index ff900e124..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/logback-test.xml +++ /dev/null @@ -1,23 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - <!-- - Basic configuration used until the IdP can load the real configuration - --> -<configuration> - - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <layout class="ch.qos.logback.classic.PatternLayout"> - <Pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - </Pattern> - </layout> - </appender> - - <logger name="eu.stork"> - <level value="DEBUG" /> - </logger> - - <root> - <appender-ref ref="STDOUT" /> - <level value="INFO" /> - </root> - -</configuration>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/p11Conf.cfg b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/p11Conf.cfg deleted file mode 100644 index bd9f357ce..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/p11Conf.cfg +++ /dev/null @@ -1,24 +0,0 @@ -//ATTRIBUTE VALUE -//name name suffix of this provider instance -//library pathname of PKCS#11 implementation -//slotListIndex slot index - -//PREFIX DESCRIPTION -//CKO_ Object class -//CKA_ Attribute -//CKK_ Key type - -//attributes(operation, keytype, keyalgorithm) = { -// name1 = value1 -// [...] -//} - -name=nameProvider -library=library.dll -slotListIndex=0 -attributes(*,CKO_PUBLIC_KEY,CKK_RSA)={ - CKA_VERIFY=true -} -attributes(*,CKO_PRIVATE_KEY,CKK_RSA)={ - CKA_SIGN=true -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/storkDemoKeys.jks b/id/server/legacy-backup/stork2-saml-engine/src/test/resources/storkDemoKeys.jks Binary files differdeleted file mode 100644 index efaeac86c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/src/test/resources/storkDemoKeys.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/SamlEngine-1.1.0-sources.jar b/id/server/legacy-backup/stork2-saml-engine/target/SamlEngine-1.1.0-sources.jar Binary files differdeleted file mode 100644 index eba034378..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/SamlEngine-1.1.0-sources.jar +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/SamlEngine-1.1.0.jar b/id/server/legacy-backup/stork2-saml-engine/target/SamlEngine-1.1.0.jar Binary files differdeleted file mode 100644 index 3861f3825..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/SamlEngine-1.1.0.jar +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/SAMLEngine.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/SAMLEngine.class Binary files differdeleted file mode 100644 index d824b9c84..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/SAMLEngine.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/SAMLEngineUtils.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/SAMLEngineUtils.class Binary files differdeleted file mode 100644 index e0481e487..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/SAMLEngineUtils.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/STORKSAMLEngine.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/STORKSAMLEngine.class Binary files differdeleted file mode 100644 index 1624e3b2a..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/STORKSAMLEngine.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/X509PrincipalUtil.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/X509PrincipalUtil.class Binary files differdeleted file mode 100644 index 6209f6eb5..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/X509PrincipalUtil.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/AuthenticationAttributes.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/AuthenticationAttributes.class Binary files differdeleted file mode 100644 index f9c79ca30..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/AuthenticationAttributes.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CitizenCountryCode.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CitizenCountryCode.class Binary files differdeleted file mode 100644 index 7da2c0e42..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CitizenCountryCode.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CustomAttributeQuery.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CustomAttributeQuery.class Binary files differdeleted file mode 100644 index b12c0987d..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CustomAttributeQuery.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.class Binary files differdeleted file mode 100644 index f6d4055fe..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.class Binary files differdeleted file mode 100644 index 082d6024f..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.class Binary files differdeleted file mode 100644 index 72f9d84a6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDSectorShare.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDSectorShare.class Binary files differdeleted file mode 100644 index 57778783e..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/EIDSectorShare.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/QAAAttribute.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/QAAAttribute.class Binary files differdeleted file mode 100644 index ebe9ed6dd..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/QAAAttribute.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/RequestedAttribute.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/RequestedAttribute.class Binary files differdeleted file mode 100644 index 2a485d3b5..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/RequestedAttribute.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/RequestedAttributes.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/RequestedAttributes.class Binary files differdeleted file mode 100644 index 0c2fc75ef..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/RequestedAttributes.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SAMLCore.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SAMLCore.class Binary files differdeleted file mode 100644 index 25ac4c69e..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SAMLCore.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SAMLEngineSignI.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SAMLEngineSignI.class Binary files differdeleted file mode 100644 index a6c30d388..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SAMLEngineSignI.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPApplication.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPApplication.class Binary files differdeleted file mode 100644 index 8f8939d20..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPApplication.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPCountry.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPCountry.class Binary files differdeleted file mode 100644 index 00982e2a9..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPCountry.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPID.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPID.class Binary files differdeleted file mode 100644 index 3d686cfc2..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPID.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPInformation.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPInformation.class Binary files differdeleted file mode 100644 index 493bdb2de..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPInformation.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPInstitution.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPInstitution.class Binary files differdeleted file mode 100644 index caf16dc7d..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPInstitution.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPSector.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPSector.class Binary files differdeleted file mode 100644 index bcaef2a96..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/SPSector.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/STORKSAMLCore.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/STORKSAMLCore.class Binary files differdeleted file mode 100644 index 3de661743..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/STORKSAMLCore.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.class Binary files differdeleted file mode 100644 index 8f898214e..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.class Binary files differdeleted file mode 100644 index 38f3bc5b6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.class Binary files differdeleted file mode 100644 index c52b2e7db..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.class Binary files differdeleted file mode 100644 index 8efebb5e6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.class Binary files differdeleted file mode 100644 index 92c532e6e..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.class Binary files differdeleted file mode 100644 index 79b677b07..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.class Binary files differdeleted file mode 100644 index 345fa960b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.class Binary files differdeleted file mode 100644 index 8e36a67ac..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.class Binary files differdeleted file mode 100644 index 04cb2a479..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.class Binary files differdeleted file mode 100644 index fa1c1d3da..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.class Binary files differdeleted file mode 100644 index 5e9602ecf..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.class Binary files differdeleted file mode 100644 index acffd5114..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.class Binary files differdeleted file mode 100644 index 069e677c8..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.class Binary files differdeleted file mode 100644 index 2e95d47c9..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.class Binary files differdeleted file mode 100644 index 2861c96fa..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.class Binary files differdeleted file mode 100644 index 4a3efcf63..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.class Binary files differdeleted file mode 100644 index 030b16a43..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.class Binary files differdeleted file mode 100644 index 255c5fdb6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.class Binary files differdeleted file mode 100644 index 01b48443b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.class Binary files differdeleted file mode 100644 index 94d8fc317..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.class Binary files differdeleted file mode 100644 index f8faa5b80..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.class Binary files differdeleted file mode 100644 index 3cef6c8c0..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.class Binary files differdeleted file mode 100644 index 1a270f4e2..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.class Binary files differdeleted file mode 100644 index d13aee589..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.class Binary files differdeleted file mode 100644 index 2e3019255..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.class Binary files differdeleted file mode 100644 index cac3037cf..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.class Binary files differdeleted file mode 100644 index dd88db632..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.class Binary files differdeleted file mode 100644 index 7aef0f4fd..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.class Binary files differdeleted file mode 100644 index 013cb7e68..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.class Binary files differdeleted file mode 100644 index 9340a804b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.class Binary files differdeleted file mode 100644 index 6e47992f2..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.class Binary files differdeleted file mode 100644 index 783031d78..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.class Binary files differdeleted file mode 100644 index 06a34b622..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.class Binary files differdeleted file mode 100644 index ecb7104f6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.class Binary files differdeleted file mode 100644 index 7ae6d8f45..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.class Binary files differdeleted file mode 100644 index 2c878b0e7..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.class Binary files differdeleted file mode 100644 index cf03e83df..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.class Binary files differdeleted file mode 100644 index a60f07621..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.class Binary files differdeleted file mode 100644 index cdf24dffc..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.class Binary files differdeleted file mode 100644 index ce812be90..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.class Binary files differdeleted file mode 100644 index ca335f0bf..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.class Binary files differdeleted file mode 100644 index 2137135e4..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.class Binary files differdeleted file mode 100644 index d8b4e1c3f..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.class Binary files differdeleted file mode 100644 index d1179ef11..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.class Binary files differdeleted file mode 100644 index 79b4fed37..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.class Binary files differdeleted file mode 100644 index 762681c9d..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDImpl.class Binary files differdeleted file mode 100644 index 98285837e..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.class Binary files differdeleted file mode 100644 index 827f8de30..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.class Binary files differdeleted file mode 100644 index 8f5f14fe2..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.class Binary files differdeleted file mode 100644 index c3bd1f9b4..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.class Binary files differdeleted file mode 100644 index 9acde181f..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.class Binary files differdeleted file mode 100644 index 09863dfee..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.class Binary files differdeleted file mode 100644 index 0b6c4d39f..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.class Binary files differdeleted file mode 100644 index 05515dd54..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.class Binary files differdeleted file mode 100644 index 0a9807fd0..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.class Binary files differdeleted file mode 100644 index 230330a60..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.class Binary files differdeleted file mode 100644 index d1897e4fd..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.class Binary files differdeleted file mode 100644 index e498256ae..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.class Binary files differdeleted file mode 100644 index 58d18fe48..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.class Binary files differdeleted file mode 100644 index 097e76b80..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.class Binary files differdeleted file mode 100644 index 99a0c19ee..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignHW.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignHW.class Binary files differdeleted file mode 100644 index dc7acbc35..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignHW.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.class Binary files differdeleted file mode 100644 index 96b8cf7c7..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignP12.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignP12.class Binary files differdeleted file mode 100644 index 7be1d5f01..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignP12.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignSW.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignSW.class Binary files differdeleted file mode 100644 index 1751aabd4..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/SignSW.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.class Binary files differdeleted file mode 100644 index 5c62d013b..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.class Binary files differdeleted file mode 100644 index 3749dbffe..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.class Binary files differdeleted file mode 100644 index be892f684..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.class Binary files differdeleted file mode 100644 index 850171df3..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.class Binary files differdeleted file mode 100644 index 97bf40b90..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.class Binary files differdeleted file mode 100644 index b6db104c7..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.class Binary files differdeleted file mode 100644 index 2eda7b183..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationCreator.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationCreator.class Binary files differdeleted file mode 100644 index 87d2375ce..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationCreator.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationEngine.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationEngine.class Binary files differdeleted file mode 100644 index df1854e68..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationEngine.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationReader.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationReader.class Binary files differdeleted file mode 100644 index 0a4bf3830..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationReader.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationSingleton.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationSingleton.class Binary files differdeleted file mode 100644 index 15f565fc9..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/ConfigurationSingleton.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/InstanceEngine.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/InstanceEngine.class Binary files differdeleted file mode 100644 index 10ebf1a10..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/configuration/InstanceEngine.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/SAMLEngineException.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/SAMLEngineException.class Binary files differdeleted file mode 100644 index 1fc62d91c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/SAMLEngineException.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/STORKSAMLEngineException.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/STORKSAMLEngineException.class Binary files differdeleted file mode 100644 index 7ff0077b6..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/STORKSAMLEngineException.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.class b/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.class Binary files differdeleted file mode 100644 index b19b665df..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/classes/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.class +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/maven-archiver/pom.properties b/id/server/legacy-backup/stork2-saml-engine/target/maven-archiver/pom.properties deleted file mode 100644 index d1dd33256..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/maven-archiver/pom.properties +++ /dev/null @@ -1,5 +0,0 @@ -#Generated by Maven -#Wed Mar 05 21:42:19 CET 2014 -version=1.1.0 -groupId=eu.stork -artifactId=SamlEngine diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SamlEngine.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SamlEngine.xml deleted file mode 100644 index 563196604..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SamlEngine.xml +++ /dev/null @@ -1,21 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<instances> - - - <!-- Configuration name--> - <instance name="outgoing"> - <!-- Configurations parameters StorkSamlEngine --> - <configuration name="SamlEngineConf"> - <parameter name="fileConfiguration" value="StorkSamlEngine_outgoing.xml" /> - </configuration> - - <!-- Settings module signature--> - <configuration name="SignatureConf"> - <!-- Specific signature module --> - <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" /> - <!-- Settings specific module --> - <parameter name="fileConfiguration" value="SignModule_outgoing.xml" /> - </configuration> - </instance> - -</instances>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf0.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf0.xml deleted file mode 100644 index 46f29b741..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf0.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS</entry> - <entry key="serialNumber">529E05C8</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf1.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf1.xml deleted file mode 100644 index fbf1bcdac..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf1.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">src/test/resources/keyStoreCountry1.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">529E04FF</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf2.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf2.xml deleted file mode 100644 index 7cf336ead..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf2.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">src/test/resources/keyStoreCountry2.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">529E04FF</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf3.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf3.xml deleted file mode 100644 index 0da5143c1..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_Conf3.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">src/test/resources/keyStoreCountry3.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">529E04FF</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_P11.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_P11.xml deleted file mode 100644 index 96d06a8be..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_P11.xml +++ /dev/null @@ -1,11 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>HWModule sign with interface PKCS11.</comment> - <entry key="configurationFile">p11Config.cfg</entry> - <entry key="keyPassword">*******</entry> - <entry key="issuer">CN=XXXXXXXXX</entry> - <entry key="serialNumber">xxxxxxxxxxxxxx</entry> - <entry key="keystoreType">PKCS11</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_outgoing.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_outgoing.xml deleted file mode 100644 index 7139c5a41..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/SignModule_outgoing.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo-cert, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">4BA89DB2</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf0.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf0.xml deleted file mode 100644 index f45502c0c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf0.xml +++ /dev/null @@ -1,91 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - - <!-- - Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - - - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - <entry key="eIDSectorShare">true</entry> - <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> - --> - - - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">true</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive number)--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> - - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf1.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf1.xml deleted file mode 100644 index f45502c0c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf1.xml +++ /dev/null @@ -1,91 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - - <!-- - Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - - - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - <entry key="eIDSectorShare">true</entry> - <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> - --> - - - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">true</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive number)--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> - - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf2.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf2.xml deleted file mode 100644 index dd3768f4f..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf2.xml +++ /dev/null @@ -1,64 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - <!-- - Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - <entry key="eIDSectorShare">false</entry> - <entry key="eIDCrossSectorShare">false</entry> - <entry key="eIDCrossBorderShare">false</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf3.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf3.xml deleted file mode 100644 index 5048b28a7..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_Conf3.xml +++ /dev/null @@ -1,61 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - <!-- - Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - <entry key="eIDSectorShare">false</entry> - <entry key="eIDCrossSectorShare">false</entry> - <entry key="eIDCrossBorderShare">false</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry> -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_outgoing.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_outgoing.xml deleted file mode 100644 index 79c69aedb..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/StorkSamlEngine_outgoing.xml +++ /dev/null @@ -1,93 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- - Types of consent obtained from the user for this authentication and - data transfer. - Allow values: 'unspecified'. - --> - <entry key="consentAuthnRequest">unspecified</entry> - - <!-- - Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. - --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS--> - <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> - <entry key="protocolBinding">HTTP-POST</entry> - - - - - <!--URI representing the classification of the identifier - Allow values: 'entity'. - <entry key="eIDSectorShare">true</entry> - <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> - --> - - - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">true</entry> - - <!--PEPS in the Service Provider's country--> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country--> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive number)--> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response--> - <entry key="ipAddrValidation">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> - - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> - <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry> - <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml deleted file mode 100644 index b318f9183..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml +++ /dev/null @@ -1,16 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_939726f0a02072f40b548de378612a50" IssueInstant="2013-10-04T16:57:55.547Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_939726f0a02072f40b548de378612a50"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>BgPDTVCv7BhiWIs6HsC06jaHaag=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>dIC61bGi6Jqp1zSVojpjaVq9WaZcDtNImXgo1Dyze5/hJA07Sy4TaHu+/IuLEC99aLjM6rxh2UUNqpPaQCFlF5eVkVv/c4gHEZVyevhjJKTidqmnuhlI78PGMx2thfxFsHsPcqHqOzy1Z6w18K1ds6APQP+aXI9TNKis+pykn4nJititYuiSseD0VY0F4QnXx+U6k3raoi1CAFE5fe7EuI/KfxuhhQLAbLq90Vm8R94ITBjfSS25mXstXNe9zppTSjDB42ld1TjDovDwXAn5OxiZasIEb5m68sRlxgoQ/2/+ZdYNNINFLAwkCbb8MiCbGASd626Bme0Kx+ropeWdxw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDXjCCAkagAwIBAgIEUk1MbDANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJJUzESMBAGA1UE -CAwJUmV5a2phdmlrMRIwEAYDVQQHDAlSZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNV -BAsMBlNUT1JLMjEXMBUGA1UEAwwOc2FtbC1kZW1vLWNlcnQwHhcNMTMxMDAzMTA1MzEyWhcNMjMx -MDAzMTA1MzEyWjBxMQswCQYDVQQGEwJJUzESMBAGA1UECAwJUmV5a2phdmlrMRIwEAYDVQQHDAlS -ZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNVBAsMBlNUT1JLMjEXMBUGA1UEAwwOc2Ft -bC1kZW1vLWNlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkSgTxZkNRXZTKLB0c -4oz7/8Dh56FX+0cYg7hjw4e8vn+ITXkxzrmUH57FtsvKln4mq1H0FHXL80u3IiWX8qY+QLgNeKeB -m85lXuyOb3wWpKAaQvpLAkejGLCx22AN2L0WZkKZV2puwRQVsRHCq6U6vToJXDZ6Ui6ltKsAl/ZS -8qUFpiIvqD5ea4ohz4JsFE/uApRc7pbJ4VbOmAAeH/tQTayptq2kPb2vvUVk+2cH5J7UD+GCI88E -e+mS+C33tV9NmWUHL69mYEe8FXjumbKA5e9i1ejn9i0/BLUtHFonHnL9YFMim0foI7NNc5mNg9aw -vm0PuByVU3kuibQkqGBLAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAA9X5B4NBmVuhjECi+KOnRRX -5oUV+jbYKhGZODDPi+F4Uo7ZtPFQ6sS3tE54+8AoDl5zQ5q5fDDVXhB42IIIjDxHKo8cBXie5FZ6 -mJtErvWZWYWdO0uV2OQAUALq2LieidqSFDJ+Pjl8w1New8oi3migwyE0jZo4Q97lJGDfJTruV0A2 -JE/Gt6QAAcWhhN2hZl92pYkIi5OeqHXyzBUp5vg8LLfNmeyziCAiXDC1Sy/aQU/cllZ3zFJMrqZM -s2xBpmB4sF1YRbIrr2OqEVE6M6DUx+pAQOd2uogV3AMT9D5MYpckI1jx/o/Tto7ju74nIVOskDiN -K0FR8izxcT0HixM=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</stork:AttributeValue><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">Sveinbjorn</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/></saml2:Subject></saml2p:AttributeQuery>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml deleted file mode 100644 index 29db86a73..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_f6c8fc355b9f125cb5283f038e1b3cdf" IssueInstant="2013-10-03T10:28:15.449Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignatureValue>hhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw -YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v -LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG -A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv -Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab -ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU -0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n -6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5 -y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z -9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F -6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM -pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT -/NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq -yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7 -Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</stork:AttributeValue><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">Sveinbjörn</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:1.0:cm:sender-vouches"/></saml2:Subject></saml2p:AttributeQuery>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml deleted file mode 100644 index a912ec57c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_483140d440fc4eef8e949ace49669f2e" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_483140d440fc4eef8e949ace49669f2e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>yMOVS1T/yRiVh3L6IBM9rR9Ie3w=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>d8e/RyNNPmnHRIzTIuRSnW6B60oWGBGxjRua/HvNxTuod0qSarYJxEedhY9Wl1Z9WYXlry28FuKjp3DA3HhzNaVd7A7QpFqNC4dnizSVWFjxlhmoE/Uv3Y/ha9P/fk6nbtHCSKW4kHSX7QfFLeggcLmUG0IULRF8UmRdQ0WerCl0aSZZeSp8J3LsFBPeWCRSwXgfiLn+RehggzZmQU6g0ssxrpnsYEAtjAiOli+YVQGuumsZGaJ8zHA/DgJ2FTGovNUyfuSUFLhd9nLlSqFs2Avnx0Ck7Q1dxDO5truOm6e285YLHqLaGdetFyPQAj/Z4w4RJ5u5X6d7rhBjTfRAAw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw -YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v -LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG -A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv -Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab -ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU -0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n -6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5 -y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z -9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F -6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM -pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT -/NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq -yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7 -Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Status><saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/><saml2p:StatusMessage>urn:oasis:names:tc:SAML:2.0:status:Success</saml2p:StatusMessage></saml2p:Status><saml2:Assertion ID="_9ed05849dee5c154e62fa9e3ba53e9f3" IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer><saml2:Subject><saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="http://C-PEPS.gov.xx">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</saml2:NameID><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData Address="111.222.333.444" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" NotOnOrAfter="2013-10-08T09:16:17.255Z"/></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions NotBefore="2013-10-08T09:11:17.255Z" NotOnOrAfter="2013-10-08T09:16:17.255Z"><saml2:AudienceRestriction><saml2:Audience>http://S-PEPS.gov.xx</saml2:Audience></saml2:AudienceRestriction><saml2:OneTimeUse/></saml2:Conditions><saml2:AuthnStatement AuthnInstant="2013-10-08T09:11:17.255Z"><saml2:SubjectLocality Address="111.222.333.444"/><saml2:AuthnContext><saml2:AuthnContextDecl/></saml2:AuthnContext></saml2:AuthnStatement><saml2:AttributeStatement><saml2:Attribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16/12/2008</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/canonicalResidenceAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType"><stork:postalCode xsi:type="xs:anyType">105</stork:postalCode><stork:state xsi:type="xs:anyType">IS</stork:state><stork:streetNumber xsi:type="xs:anyType">10</stork:streetNumber><stork:streetName xsi:type="xs:anyType">Gudrunartun</stork:streetName><stork:town xsi:type="xs:anyType">Reykjavik</stork:town></saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/newAttribute2" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType"><stork:value3 xsi:type="xs:anyType">value3</stork:value3><stork:value4 xsi:type="xs:anyType">value4</stork:value4><stork:value1 xsi:type="xs:anyType">value1</stork:value1><stork:value2 xsi:type="xs:anyType">value2</stork:value2></saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</saml2:AttributeValue><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" stork:AttributeStatus="Available"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">123456789IS</saml2:AttributeValue></saml2:Attribute></saml2:AttributeStatement></saml2:Assertion></saml2p:Response>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml deleted file mode 100644 index f7bac4b61..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml +++ /dev/null @@ -1,26 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ForceAuthn="true" ID="_e54eee285e7b8e2772875c406ec39674" IsPassive="false" IssueInstant="2010-06-08T07:37:54.533Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="University of Oxford" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> -<ds:SignedInfo> -<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> -<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> -<ds:Reference URI="#_e54eee285e7b8e2772875c406ec39674"> -<ds:Transforms> -<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> -<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml2 saml2p stork storkp xs"/></ds:Transform> -</ds:Transforms> -<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> -<ds:DigestValue>yzsqaxBNicOrixBUno5cL0CBOpE=</ds:DigestValue> -</ds:Reference> -</ds:SignedInfo> -<ds:SignatureValue> -Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC -wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi -YIN/BUEtXkoYTjPtkmA= -</ds:SignatureValue> -<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw -MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG -9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu -h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r -/WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk -3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K -eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq -KAoZgbUK0Zld3Dsheg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><stork:spSector>EDU001</stork:spSector><stork:spInstitution>OXF001</stork:spInstitution><stork:spApplication>APP001</stork:spApplication><stork:spCountry>EN</stork:spCountry><storkp:eIDSectorShare>true</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>true</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>true</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">16</stork:AttributeValue><stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">18</stork:AttributeValue></stork:RequestedAttribute><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml deleted file mode 100644 index b61a8cf41..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml +++ /dev/null @@ -1,14 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://locahost:8080/PEPS/ServiceProvider" ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false" IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="PT-SP" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> -<ds:SignatureValue> -S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR -Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC -Xt8p8tK3EoMocZse2hw= -</ds:SignatureValue> -<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw -OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl -lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK -ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl -r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w -kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS -3cyl/wz8</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml deleted file mode 100644 index 07ff68d38..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml +++ /dev/null @@ -1,14 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://localhost:8080/PEPS/ServiceProvider" ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false" IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="PT-SP" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> -<ds:SignatureValue> -S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR -Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC -Xt8p8tK3EoMocZse2hw= -</ds:SignatureValue> -<ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw -OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl -lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK -ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl -r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w -kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS -3cyl/wz8</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/></storkp:RequestedAttributes></saml2p:Extensions></saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry0.jks b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry0.jks Binary files differdeleted file mode 100644 index 289e952fe..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry0.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry1.jks b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry1.jks Binary files differdeleted file mode 100644 index 5399bf689..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry1.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry2.jks b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry2.jks Binary files differdeleted file mode 100644 index 5399bf689..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry2.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry3.jks b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry3.jks Binary files differdeleted file mode 100644 index 5399bf689..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/keyStoreCountry3.jks +++ /dev/null diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/logback-test.xml b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/logback-test.xml deleted file mode 100644 index ff900e124..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/logback-test.xml +++ /dev/null @@ -1,23 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - <!-- - Basic configuration used until the IdP can load the real configuration - --> -<configuration> - - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <layout class="ch.qos.logback.classic.PatternLayout"> - <Pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - </Pattern> - </layout> - </appender> - - <logger name="eu.stork"> - <level value="DEBUG" /> - </logger> - - <root> - <appender-ref ref="STDOUT" /> - <level value="INFO" /> - </root> - -</configuration>
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/p11Conf.cfg b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/p11Conf.cfg deleted file mode 100644 index bd9f357ce..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/p11Conf.cfg +++ /dev/null @@ -1,24 +0,0 @@ -//ATTRIBUTE VALUE -//name name suffix of this provider instance -//library pathname of PKCS#11 implementation -//slotListIndex slot index - -//PREFIX DESCRIPTION -//CKO_ Object class -//CKA_ Attribute -//CKK_ Key type - -//attributes(operation, keytype, keyalgorithm) = { -// name1 = value1 -// [...] -//} - -name=nameProvider -library=library.dll -slotListIndex=0 -attributes(*,CKO_PUBLIC_KEY,CKK_RSA)={ - CKA_VERIFY=true -} -attributes(*,CKO_PRIVATE_KEY,CKK_RSA)={ - CKA_SIGN=true -}
\ No newline at end of file diff --git a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/storkDemoKeys.jks b/id/server/legacy-backup/stork2-saml-engine/target/test-classes/storkDemoKeys.jks Binary files differdeleted file mode 100644 index efaeac86c..000000000 --- a/id/server/legacy-backup/stork2-saml-engine/target/test-classes/storkDemoKeys.jks +++ /dev/null diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml index d242147f1..ea9e06fd6 100644 --- a/id/server/moa-id-commons/pom.xml +++ b/id/server/moa-id-commons/pom.xml @@ -23,6 +23,11 @@ <name>local</name> <url>file:${basedir}/../../../repository</url> </repository> + <repository> + <id>shibboleth.internet2.edu</id> + <name>Internet2</name> + <url>https://build.shibboleth.net/nexus/content/groups/public/</url> + </repository> <repository> <id>hyberjaxb</id> <url>http://repository.highsource.org/maven2/releases/</url> @@ -51,6 +56,33 @@ <dependencies> <dependency> + <groupId>at.gv.util</groupId> + <artifactId>egovutils</artifactId> + <exclusions> + <exclusion> + <groupId>*</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml</artifactId> + <exclusions> + <exclusion> + <groupId>*</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-lang3</artifactId> + </dependency> + + <dependency> <groupId>at.gv.egiz.components</groupId> <artifactId>egiz-configuration-api</artifactId> <version>0.2</version> @@ -62,6 +94,51 @@ </dependency> <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_jce_full</artifactId> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_moa</artifactId> + </dependency> + + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_X509TrustManager</artifactId> + </dependency> + + <dependency> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + <version>${jodatime.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + </dependency> +<!-- <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> --> +<!-- <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + </dependency> --> + + + <dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate-core</artifactId> <version>${hibernate.version}</version> @@ -78,34 +155,44 @@ </dependency> <dependency> - <groupId>org.apache.commons</groupId> - <artifactId>commons-lang3</artifactId> + <groupId>jaxen</groupId> + <artifactId>jaxen</artifactId> </dependency> - <dependency> - <groupId>commons-httpclient</groupId> - <artifactId>commons-httpclient</artifactId> - </dependency> -<!-- <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - </dependency> --> <dependency> - <groupId>MOA</groupId> - <artifactId>moa-common</artifactId> - <type>jar</type> + <groupId>saxpath</groupId> + <artifactId>saxpath</artifactId> </dependency> -<!-- <dependency> - <groupId>MOA</groupId> - <artifactId>moa-common</artifactId> - <type>compile</type> + <groupId>xalan-bin-dist</groupId> + <artifactId>xalan</artifactId> + <scope>compile</scope> + <optional>true</optional> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <optional>true</optional> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xml-apis</artifactId> + <scope>compile</scope> + <optional>true</optional> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>serializer</artifactId> + <scope>runtime</scope> + <optional>true</optional> </dependency> ---> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_X509TrustManager</artifactId> + <groupId>org.apache.commons</groupId> + <artifactId>commons-lang3</artifactId> + </dependency> + <dependency> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> </dependency> <dependency> @@ -125,38 +212,6 @@ <artifactId>jaxb2-basics-runtime</artifactId> <version>0.11.0</version> </dependency> - -<!-- <dependency> - <groupId>org.hibernate.javax.persistence</groupId> - <artifactId>hibernate-jpa-2.1-api</artifactId> - <version>1.0.0.Final</version> - </dependency> - - <dependency> - <groupId>org.jvnet.hyperjaxb3</groupId> - <artifactId>hyperjaxb3-ejb-runtime</artifactId> - <version>0.5.6</version> - </dependency> - - <dependency> - <groupId>org.jvnet.hyperjaxb3</groupId> - <artifactId>maven-hyperjaxb3-plugin</artifactId> - <version>0.5.6</version> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </exclusion> - <exclusion> - <groupId>org.hibernate.javax.persistence</groupId> - <artifactId>hibernate-jpa-2.0-api</artifactId> - </exclusion> - <exclusion> - <artifactId>spring</artifactId> - <groupId>org.springframework</groupId> - </exclusion> - </exclusions> - </dependency> --> <dependency> <groupId>mysql</groupId> @@ -188,11 +243,13 @@ </dependency> <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>${junit.version}</version> + <scope>test</scope> </dependency> + <!-- for testing only ? --> <dependency> <groupId>org.springframework</groupId> @@ -209,14 +266,14 @@ <dependency> <groupId>com.h2database</groupId> <artifactId>h2</artifactId> - <version>1.4.178</version> + <version>1.4.191</version> <scope>test</scope> </dependency> <dependency> - <groupId>commons-dbcp</groupId> - <artifactId>commons-dbcp</artifactId> - <version>1.4</version> + <groupId>org.apache.commons</groupId> + <artifactId>commons-dbcp2</artifactId> + <version>2.1.1</version> </dependency> <dependency> @@ -228,63 +285,11 @@ </dependencies> <build> - <defaultGoal>install</defaultGoal> - - <pluginManagement> - <plugins> - <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.--> -<!-- <plugin> - <groupId>org.eclipse.m2e</groupId> - <artifactId>lifecycle-mapping</artifactId> - <version>1.0.0</version> - <configuration> - <lifecycleMappingMetadata> - <pluginExecutions> - <pluginExecution> - <pluginExecutionFilter> - <groupId>org.jvnet.hyperjaxb3</groupId> - <artifactId>maven-hyperjaxb3-plugin</artifactId> - <versionRange>0.5.6</versionRange> - <goals> - <goal>generate</goal> - </goals> - </pluginExecutionFilter> - <action> - <ignore /> - </action> - </pluginExecution> - </pluginExecutions> - </lifecycleMappingMetadata> - </configuration> - </plugin> --> - </plugins> - - </pluginManagement> - - <plugins> -<!-- <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>build-helper-maven-plugin</artifactId> - <version>1.9.1</version> - <executions> - <execution> - <id>add-source</id> - <phase>generate-sources</phase> - <goals> - <goal>add-source</goal> - </goals> - <configuration> - <sources> - <source>${project.build.directory}/generated-sources/xjc</source> - </sources> - </configuration> - </execution> - </executions> - </plugin> --> - - <plugin> + <plugins> + <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> + <version>2.0.2</version> <configuration> <source>1.7</source> <target>1.7</target> @@ -294,9 +299,6 @@ <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jar-plugin</artifactId> <configuration> - <skipIfEmpty>true</skipIfEmpty> - <skip>true</skip> - <skipTests>true</skipTests> <archive> <addMavenDescriptor>false</addMavenDescriptor> </archive> @@ -310,38 +312,8 @@ </executions> </plugin> -<!-- <plugin> - <groupId>org.jvnet.hyperjaxb3</groupId> - <artifactId>maven-hyperjaxb3-plugin</artifactId> - <version>0.5.6</version> - <executions> - <execution> - <phase>generate-sources</phase> - <goals> - <goal>generate</goal> - </goals> - </execution> - </executions> - <configuration> - <extension>true</extension> - <schemaDirectory>src/main/resources</schemaDirectory> - <bindingDirectory>src/main/resources</bindingDirectory> - <persistenceXml>src/main/resources/persistence_template.xml</persistenceXml> - <generatePackage>at.gv.egovernment.moa.id.commons.db.dao.config.deprecated</generatePackage> - </configuration> - </plugin> --> - <plugin> - <inherited>true</inherited> - <artifactId>maven-compiler-plugin</artifactId> - <version>2.0.2</version> - <configuration> - <source>1.7</source> - <target>1.7</target> - </configuration> - </plugin> - <!-- CLI for 2.x to 3.x migragtion --> - <plugin> +<!-- <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jar-plugin</artifactId> <version>2.4</version> @@ -354,7 +326,7 @@ </manifest> </archive> </configuration> - </plugin> + </plugin> --> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-dependency-plugin</artifactId> @@ -375,69 +347,49 @@ </executions> </plugin> - -<!-- <plugin> + <plugin> <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <version>2.5</version> + <artifactId>maven-jar-plugin</artifactId> <configuration> - <charset>UTF-8</charset> - <docencoding>UTF-8</docencoding> - <quiet>true</quiet> - <author>false</author> - <version>false</version> - <use>true</use> - <excludePackageNames> - at.gv.egovernment.moa.spss.server.*;at.gv.egovernment.moa.spss.api.impl.*;at.gv.egovernment.moa.spss.impl.* - </excludePackageNames> - <tags> - <tag> - <name>pre</name> - <placement>a</placement> - <head>Preconditions:</head> - </tag> - <tag> - <name>post</name> - <placement>a</placement> - <head>Postconditions:</head> - </tag> - </tags> - <links> - <link>http://java.sun.com/j2se/1.4/docs/api/</link> - <link>http://java.sun.com/j2se/1.5.0/docs/api/</link> - <link>http://logging.apache.org/log4j/docs/api/</link> - </links> - <target>1.5</target> + <archive> + <addMavenDescriptor>false</addMavenDescriptor> + </archive> </configuration> <executions> <execution> - <id>generate-javadoc</id> - <phase>package</phase> <goals> - <goal>jar</goal> + <goal>test-jar</goal> </goals> </execution> </executions> - </plugin> --> - -<!-- <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>properties-maven-plugin</artifactId> - <version>1.0-alpha-2</version> - <executions> - <execution> - <phase>initialize</phase> - <goals> - <goal>read-project-properties</goal> - </goals> - <configuration> - <files> - <file>${basedir}/../../../moa-id.properties</file> - </files> - </configuration> - </execution> - </executions> - </plugin> --> + </plugin> + <plugin> + <artifactId>maven-enforcer-plugin</artifactId> + <version>1.1.1</version> + <executions> + <execution> + <id>enforce-banned-dependencies</id> + <goals> + <goal>enforce</goal> + </goals> + <configuration> + <rules> + <bannedDependencies> + <searchTransitive>true</searchTransitive> + <excludes> + <!-- <exclude>commons-logging</exclude> --> + <exclude>org.slf4j:1.5*</exclude> + <exclude>org.slf4j:1.6*</exclude> + <!-- <exclude>org.springframework:2.*</exclude> + <exclude>org.springframework:3.0.*</exclude> --> + </excludes> + </bannedDependencies> + </rules> + <fail>true</fail> + </configuration> + </execution> + </executions> + </plugin> <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.--> <plugin> diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java new file mode 100644 index 000000000..8d893be9d --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java @@ -0,0 +1,193 @@ + + + +package at.gv.egovernment.moa.id.commons; + +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import iaik.asn1.ObjectID; + + +/** + * Constants used throughout moa-id-auth component. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class MOAIDAuthConstants extends MOAIDConstants{ + + /** servlet parameter "Target" */ + public static final String PARAM_TARGET = "Target"; + /** servlet parameter "useMandate" */ + public static final String PARAM_USEMANDATE = "useMandate"; + public static final String PARAM_USEMISMANDATE = "useMISMandate"; + public static final String PARAM_USEELGAMANDATE = "useELGAMandate"; + /** servlet parameter "OA" */ + public static final String PARAM_OA = "OA"; + /** servlet parameter "bkuURI" */ + public static final String PARAM_BKU = "bkuURI"; + public static final String PARAM_MODUL = "MODUL"; + public static final String PARAM_ACTION = "ACTION"; + public static final String PARAM_SSO = "SSO"; + public static final String INTERFEDERATION_IDP = "interIDP"; + public static final String PARAM_TARGET_PENDINGREQUESTID = "pendingid"; + + public static final String PARAM_SLOSTATUS = "status"; + public static final String PARAM_SLORESTART = "restart"; + public static final String SLOSTATUS_SUCCESS = "success"; + public static final String SLOSTATUS_ERROR = "error"; + + /** servlet parameter "sourceID" */ + public static final String PARAM_SOURCEID = "sourceID"; + /** servlet parameter "BKUSelectionTemplate" */ + public static final String PARAM_BKUTEMPLATE = "BKUSelectionTemplate"; + /** servlet parameter "CCC (Citizen Country Code)" */ + public static final String PARAM_CCC = "CCC"; + /** servlet parameter "BKUSelectionTemplate" */ + public static final String PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE = "InputProcessorSignTemplate"; + /** default BKU URL */ + public static final String DEFAULT_BKU = "http://localhost:3495/http-security-layer-request"; + /** default BKU URL for https connections*/ + public static final String DEFAULT_BKU_HTTPS = "https://127.0.0.1:3496/https-security-layer-request"; + /** servlet parameter "returnURI" */ + public static final String PARAM_RETURN = "returnURI"; + /** servlet parameter "Template" */ + public static final String PARAM_TEMPLATE = "Template"; + /** servlet parameter "MOASessionID" */ + public static final String PARAM_SESSIONID = "MOASessionID"; + /** servlet parameter "XMLResponse" */ + public static final String PARAM_XMLRESPONSE = "XMLResponse"; + /** servlet parameter "SAMLArtifact" */ + public static final String PARAM_SAMLARTIFACT = "SAMLArtifact"; + /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet} is mapped to */ + public static final String REQ_START_AUTHENTICATION = "StartAuthentication"; + /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet} is mapped to */ + public static final String REQ_VERIFY_IDENTITY_LINK = "VerifyIdentityLink"; + /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet} is mapped to */ + public static final String REQ_GET_FOREIGN_ID = "GetForeignID"; + /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet} is mapped to */ + public static final String REQ_VERIFY_CERTIFICATE = "VerifyCertificate"; + /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet} is mapped to */ + public static final String GET_MIS_SESSIONID = "GetMISSessionID"; + /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet} is mapped to */ + public static final String REQ_PROCESS_VALIDATOR_INPUT = "ProcessInput"; + /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet} is mapped to */ + public static final String REQ_VERIFY_AUTH_BLOCK = "VerifyAuthBlock"; + /** Logging hierarchy used for controlling debug output of XML structures to files */ + public static final String DEBUG_OUTPUT_HIERARCHY = "moa.id.auth"; + /** Header Name for controlling the caching mechanism of the browser */ + public static final String HEADER_EXPIRES = "Expires"; + /** Header Value for controlling the caching mechanism of the browser */ + public static final String HEADER_VALUE_EXPIRES = "Sat, 6 May 1995 12:00:00 GMT"; + /** Header Name for controlling the caching mechanism of the browser */ + public static final String HEADER_PRAGMA = "Pragma"; + /** Header Value for controlling the caching mechanism of the browser */ + public static final String HEADER_VALUE_PRAGMA = "no-cache"; + /** Header Name for controlling the caching mechanism of the browser */ + public static final String HEADER_CACHE_CONTROL = "Cache-control"; + /** Header Value for controlling the caching mechanism of the browser */ + public static final String HEADER_VALUE_CACHE_CONTROL = "no-store, no-cache, must-revalidate"; + /** Header Value for controlling the caching mechanism of the browser */ + public static final String HEADER_VALUE_CACHE_CONTROL_IE = "post-check=0, pre-check=0"; + /** + * the identity link signer X509Subject names of those identity link signer certificates + * not including the identity link signer OID. The authorisation for signing the identity + * link must be checked by using their issuer names. After february 19th 2007 the OID of + * the certificate will be used fo checking the authorisation for signing identity links. + */ + public static final String[] IDENTITY_LINK_SIGNERS_WITHOUT_OID = + new String[] {"T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitgieds der Datenschutzkommission", + "T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitglieds der Datenschutzkommission"}; + + /** the number of the certifcate extension "Eigenschaft zur Ausstellung von Personenbindungen" */ + public static final String IDENTITY_LINK_SIGNER_OID_NUMBER = "1.2.40.0.10.1.7.1"; + /** + * the OID of the identity link signer certificate (Eigenschaft zur Ausstellung von Personenbindungen); + * used for checking the authorisation for signing the identity link for identity links signed after february 19th 2007 + */ + public static final ObjectID IDENTITY_LINK_SIGNER_OID = new ObjectID(IDENTITY_LINK_SIGNER_OID_NUMBER); + + /** the number of the certifcate extension for party representatives */ + public static final String PARTY_REPRESENTATION_OID_NUMBER = "1.2.40.0.10.3"; + +// /** the number of the certifcate extension for party organ representatives */ +// public static final String PARTY_ORGAN_REPRESENTATION_OID_NUMBER = PARTY_REPRESENTATION_OID_NUMBER + ".10"; + + /** OW */ + public static final String OW_ORGANWALTER = PARTY_REPRESENTATION_OID_NUMBER + ".4"; + + /** List of OWs */ + public static final List<ObjectID> OW_LIST = Arrays.asList( + new ObjectID(OW_ORGANWALTER)); + + /**BKU type identifiers to use bkuURI from configuration*/ + public static final String REQ_BKU_TYPE_LOCAL = "local"; + public static final String REQ_BKU_TYPE_ONLINE = "online"; + public static final String REQ_BKU_TYPE_HANDY = "handy"; + public static final List<String> REQ_BKU_TYPES = Arrays.asList(REQ_BKU_TYPE_LOCAL, REQ_BKU_TYPE_ONLINE, REQ_BKU_TYPE_HANDY); + + public static final List<String> LEGACYPARAMETERWHITELIST + = Arrays.asList(PARAM_TARGET, PARAM_BKU, PARAM_OA, PARAM_TEMPLATE, PARAM_USEMANDATE, PARAM_CCC, PARAM_SOURCEID); + + public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; + public final static String EXT_SAML_MANDATE_OID = "OID"; + public final static String EXT_SAML_MANDATE_RAW = "Mandate"; + public final static String EXT_SAML_MANDATE_NAME = "MandatorName"; + public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth"; + public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk"; + public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; + public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; + public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; + + public static final String PARAM_APPLET_HEIGTH = "heigth"; + public static final String PARAM_APPLET_WIDTH = "width"; + + public static final Map<String, String> COUNTRYCODE_XX_TO_NAME = + Collections.unmodifiableMap(new HashMap<String, String>() { + private static final long serialVersionUID = 1L; + { + put("AT", "Other Countries");//"Workaround for PEPS Simulator" + put("BE", "België/Belgique"); + //put("CH", "Schweiz"); + put("EE", "Eesti"); + put("ES", "España"); + put("FI", "Suomi"); + put("IS", "Ísland"); + put("IT", "Italia"); + put("LI", "Liechtenstein"); + put("LT", "Lithuania"); + put("LU", "Luxemburg"); + put("PT", "Portugal"); + put("SE", "Sverige"); + put("SI", "Slovenija"); + } + }); + + public static final String COUNTRYCODE_AUSTRIA = "AT"; + + public static final String REGEX_PATTERN_TARGET = "^[A-Za-z]{2}(-.*)?$"; + + public static final String MDC_TRANSACTION_ID = "transactionId"; + public static final String MDC_SESSION_ID = "sessionId"; + + //AuthnRequest IssueInstant validation + public static final int TIME_JITTER = 5; //all 5 minutes time jitter + + public static final String PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH = "interfederationAuthentication"; + public static final String PROCESSCONTEXT_REQUIRELOCALAUTHENTICATION = "requireLocalAuthentication"; + public static final String PROCESSCONTEXT_PERFORM_BKUSELECTION = "performBKUSelection"; + public static final String PROCESSCONTEXT_ISLEGACYREQUEST = "isLegacyRequest"; + + //General protocol-request data-store keys + public static final String AUTHPROCESS_DATA_TARGET = "authProces_Target"; + public static final String AUTHPROCESS_DATA_TARGETFRIENDLYNAME = "authProces_TargetFriendlyName"; + public static final String AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE = "authProces_SecurityLayerTemplate"; + + //General MOASession data-store keys + public static final String MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE = "holderofkey_cert"; + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java index a28fe6a7b..6726aacb5 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java @@ -63,6 +63,7 @@ public class MOAIDConstants { public static final List<String> ALLOWED_STORKATTRIBUTEPROVIDERS; public static final List<String> JDBC_DRIVER_NEEDS_WORKAROUND; + public static final String UNIQUESESSIONIDENTIFIER = "uniqueSessionIdentifier"; static { Hashtable<String, String> tmp = new Hashtable<String, String>(); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java new file mode 100644 index 000000000..fa08dcab6 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java @@ -0,0 +1,162 @@ +package at.gv.egovernment.moa.id.commons.api; + +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import at.gv.egovernment.moa.id.commons.api.data.ProtocolAllowed; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.util.config.EgovUtilPropertiesConfiguration; + +public interface AuthConfiguration extends ConfigurationProvider{ + + public static final String DEFAULT_X509_CHAININGMODE = "pkix"; + + public Properties getGeneralPVP2ProperiesConfig(); + + public Properties getGeneralOAuth20ProperiesConfig(); + + public ProtocolAllowed getAllowedProtocols(); + + public Map<String, String> getConfigurationWithPrefix(final String Prefix); + + public String getConfigurationWithKey(final String key); + + /** + * Get a configuration value from basic file based MOA-ID configuration + * + * @param key configuration key + * @return configuration value + */ + public String getBasicMOAIDConfiguration(final String key); + + public int getTransactionTimeOut(); + public int getSSOCreatedTimeOut(); + public int getSSOUpdatedTimeOut(); + + public String getAlternativeSourceID() throws ConfigurationException; + + public List<String> getLegacyAllowedProtocols(); + + public IOAAuthParameters getOnlineApplicationParameter(String oaURL); + + public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException; + + public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException; + + public ConnectionParameterInterface getMoaSpConnectionParameter() throws ConfigurationException; + + public ConnectionParameterInterface getForeignIDConnectionParameter() throws ConfigurationException; + + public ConnectionParameterInterface getOnlineMandatesConnectionParameter() throws ConfigurationException; + + public String getMoaSpIdentityLinkTrustProfileID(boolean useTestTrustStore) throws ConfigurationException; + + public List<String> getTransformsInfos() throws ConfigurationException; + + public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException; + + public List<String> getSLRequestTemplates() throws ConfigurationException; + + public String getSLRequestTemplates(String type) throws ConfigurationException; + + public List<String> getDefaultBKUURLs() throws ConfigurationException; + + public String getDefaultBKUURL(String type) throws ConfigurationException; + + public String getSSOTagetIdentifier() throws ConfigurationException; + + public String getSSOFriendlyName(); + + public String getSSOSpecialText(); + + public String getMOASessionEncryptionKey(); + + public String getMOAConfigurationEncryptionKey(); + + public boolean isIdentityLinkResigning(); + + public String getIdentityLinkResigningKey(); + + public boolean isMonitoringActive(); + + public String getMonitoringTestIdentityLinkURL(); + + public String getMonitoringMessageSuccess(); + + public boolean isAdvancedLoggingActive(); + + /** + * Returns the PublicURLPrefix. + * + * @return the PublicURLPrefix (one or more) of this IDP instance. All publicURLPrefix URLs are ends without / + * @throws ConfigurationException if no PublicURLPrefix is found. + */ + public List<String> getPublicURLPrefix() throws ConfigurationException; + + public boolean isVirtualIDPsEnabled(); + + public boolean isPVP2AssertionEncryptionActive(); + + public boolean isCertifiacteQCActive(); + + public IStorkConfig getStorkConfig() throws ConfigurationException; + + public EgovUtilPropertiesConfiguration geteGovUtilsConfig(); + + public String getDocumentServiceUrl(); + + /** + * Notify, if the STORK fake IdentityLink functionality is active + * + * @return true/false + */ + public boolean isStorkFakeIdLActive(); + + /** + * Get a list of all STORK countries for which a faked IdentityLink should be created + * + * @return {List<String>} of country codes + */ + public List<String> getStorkFakeIdLCountries(); + + /** + * Get a list of all STORK countries for which no signature is required + * + * @return {List<String>} of country codes + */ + public List<String> getStorkNoSignatureCountries(); + + /** + * Get the MOA-SS key-group identifier for fake IdentityLink signing + * + * @return MOA-SS key-group identifier {String} + */ + public String getStorkFakeIdLResigningKey(); + + + /** + * Notify, if the PVP2x metadata schema validation is active + * + * @return true/false + */ + public boolean isPVPSchemaValidationActive(); + + /** + * Get all configuration values with prefix and wildcard + * + * @param key: Search key. * and % can be used as wildcards + * @return Key/Value pairs {Map<String, String>}, which key maps the search key + */ + Map<String, String> getConfigurationWithWildCard(String key); + + /** + * Get configured default revisions-log event codes which should be logged + * + * @return {List<Integer>} if event codes or null + */ + List<Integer> getDefaultRevisionsLogEventCodes(); + + @Deprecated + public boolean isHTTPAuthAllowed(); +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java new file mode 100644 index 000000000..ca0a56049 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java @@ -0,0 +1,66 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api; + +/** + * @author tlenz + * + */ +public interface ConfigurationProvider { + + /** + * The name of the system property which contains the file name of the + * configuration file. + */ + public static final String CONFIG_PROPERTY_NAME = + "moa.id.configuration"; + + /** + * The name of the system property which contains the file name of the + * configuration file. + */ + public static final String PROXY_CONFIG_PROPERTY_NAME = + "moa.id.proxy.configuration"; + + /** + * The name of the generic configuration property giving the certstore directory path. + */ + public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY = + "DirectoryCertStoreParameters.RootDir"; + + /** + * The name of the generic configuration property switching the ssl revocation checking on/off + */ + public static final String TRUST_MANAGER_REVOCATION_CHECKING = + "TrustManager.RevocationChecking"; + + public String getRootConfigFileDir(); + + public String getDefaultChainingMode(); + + public String getTrustedCACertificates(); + + public String getCertstoreDirectory(); + + public boolean isTrustmanagerrevoationchecking(); +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConnectionParameterInterface.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConnectionParameterInterface.java new file mode 100644 index 000000000..89a21661b --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConnectionParameterInterface.java @@ -0,0 +1,35 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.commons.api; + +public interface ConnectionParameterInterface { + + + public boolean isHTTPSURL(); + public String getUrl(); + public String getAcceptedServerCertificates(); + + public String getClientKeyStore(); + public String getClientKeyStorePassword(); + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java new file mode 100644 index 000000000..be6d34275 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java @@ -0,0 +1,222 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api; + +import java.security.PrivateKey; +import java.util.Collection; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.data.CPEPS; +import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin; + +/** + * @author tlenz + * + */ +public interface IOAAuthParameters { + + public static final String ONLINEBKU = "online"; + public static final String HANDYBKU = "handy"; + public static final String LOCALBKU = "local"; + public static final String INDERFEDERATEDIDP = "interfederated"; + + /** + * Get the full key/value configuration for this online application + * + * @return an unmodifiable map of key/value pairs + */ + public Map<String, String> getFullConfiguration(); + + /** + * Get a configuration value from online application key/value configuration + * + * @param key: The key identifier of a configuration value * + * @return The configuration value {String} or null if the key does not exist + */ + public String getConfigurationValue(String key); + + public String getFriendlyName(); + + public String getPublicURLPrefix(); + + public String getOaType(); + + public boolean getBusinessService(); + + /** + * Get target of a public service-provider + * + * @return target identifier without prefix + */ + public String getTarget(); + + public String getTargetFriendlyName(); + + public boolean isInderfederationIDP(); + + public boolean isSTORKPVPGateway(); + + public boolean isRemovePBKFromAuthBlock(); + + /** + * Return the private-service domain-identifier with PreFix + * + * @return the identityLinkDomainIdentifier + */ + public String getIdentityLinkDomainIdentifier(); + + /** + * @return the keyBoxIdentifier + */ + public String getKeyBoxIdentifier(); + + public SAML1ConfigurationParameters getSAML1Parameter(); + + /** + * Get a list of online application specific trusted security layer templates + * + * @return a {List<String>} with template URLs, maybe empty but never null + */ + public List<String> getTemplateURL(); + + + /** + * Return the additional AuthBlock text for this online application + * + * @return authblock text {String} or null if no text is configured + */ + public String getAditionalAuthBlockText(); + + /** + * Return an online application specific BKU URL for a requested BKU type + * + * @param bkutype: defines the type of BKU + * @return BKU URL {String} or null if no BKU URL is configured + */ + public String getBKUURL(String bkutype); + + /** + * Return a list of all configured BKU URLs for this online application + * + * @return List<String> of BKU URLs or an empty list if no BKU is configured + */ + public List<String> getBKUURL(); + + public boolean useSSO(); + + public boolean useSSOQuestion(); + + /** + * Return all mandate-profile types configured for this online application + * + * @return the mandateProfiles {List<String>} or null if no profile is defined + */ + public List<String> getMandateProfiles(); + + /** + * @return the identityLinkDomainIdentifierType + */ + public String getIdentityLinkDomainIdentifierType(); + + public boolean isShowMandateCheckBox(); + + public boolean isOnlyMandateAllowed(); + + /** + * Shall we show the stork login in the bku selection frontend? + * + * @return true, if is we should show stork login + */ + public boolean isShowStorkLogin(); + + public Integer getQaaLevel(); + + public boolean isRequireConsentForStorkAttributes(); + + /** + * Return a {Collection} of requested STORK attributes + * + * @return {Collection<StorkAttribute>} maybe empty but never null + */ + public Collection<StorkAttribute> getRequestedSTORKAttributes(); + + public byte[] getBKUSelectionTemplate(); + + public byte[] getSendAssertionTemplate(); + + /** + * Return a {Collection} of configured STORK CPEPS + * + * @return {Collection<CPEPS>} maybe empty but never null + */ + public Collection<CPEPS> getPepsList(); + + public String getIDPAttributQueryServiceURL(); + + /** + * @return + */ + boolean isInboundSSOInterfederationAllowed(); + + /** + * @return + */ + boolean isInterfederationSSOStorageAllowed(); + + /** + * @return + */ + boolean isOutboundSSOInterfederationAllowed(); + + boolean isTestCredentialEnabled(); + + List<String> getTestCredentialOIDs(); + + boolean isUseIDLTestTrustStore(); + boolean isUseAuthBlockTestTestStore(); + + PrivateKey getBPKDecBpkDecryptionKey(); + + /** + * @return + */ + boolean isPassivRequestUsedForInterfederation(); + + /** + * @return + */ + boolean isPerformLocalAuthenticationOnInterfederationError(); + + /** + * Get a {Collection} of configured STORK attribute provider plug-ins + * + * @return {Collection<StorkAttributeProviderPlugins>} maybe empty but never null + */ + public Collection<StorkAttributeProviderPlugin> getStorkAPs(); + + public List<Integer> getReversionsLoggingEventCodes(); + +}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java new file mode 100644 index 000000000..b23b4474b --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java @@ -0,0 +1,201 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.commons.api; + +import java.util.Collection; + +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; + +public interface IRequest { + + /** + * Indicates the module, which implements this authentication protocol. + * The class, which is referenced, had to implement the 'IModulInfo' interface. + * + * @return Full-qualified name of the class which implements this protocol + */ + public String requestedModule(); + + /** + * Indicates the protocol specific action, which should executed if the request is processed. + * The class, which is referenced, had to implement the 'IAction' interface. + * + * @return Full-qualified name of the class which implements the action + */ + public String requestedAction(); + + /** + * Unique identifier, which indicates the service provider. + * In case of SAML1 protocol, it is the OA http-GET parameter + * + * @return Unique identifier for the service provider + */ + public String getOAURL(); + + /** + * Indicates the passive flag in authentication requests. + * If the passive flag is set, the identification and authentication process + * failed if no active SSO session is found. + * + * @return true, if the is passive flag is set in authentication request, otherwise false + */ + public boolean isPassiv(); + + /** + * Indicates the force authentication flag in authentication request + * If this flag is set, a new identification and authentication process + * is carried out in any case. + * + * @return true, if the force authentication flag is set, otherwise false + */ + public boolean forceAuth(); + + + /** + * Returns a generic request-data object with is stored with a specific identifier + * + * @param key The specific identifier of the request-data object + * @return The request-data object or null if no data is found with this key + */ + public Object getGenericData(String key); + + /** + * Returns a generic request-data object with is stored with a specific identifier + * + * @param key The specific identifier of the request-data object + * @param clazz The class type which is stored with this key + * @return The request-data object or null if no data is found with this key + */ + public <T> T getGenericData(String key, final Class<T> clazz); + + /** + * Store a generic data-object to request with a specific identifier + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface + * @throws SessionDataStorageException Error message if the data-object can not stored to generic request-data storage + */ + public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException; + + /** + * Hold the identifier of this request object. + * This identifier can be used to load the request from request storage + * + * @return Request identifier + */ + public String getRequestID(); + + + /** + * Hold the identifier of the MOASession which is associated with this request + * + * @return MOASession identifier if a associated session exists, otherwise null + */ + public String getMOASessionIdentifier(); + + + /** + * Holds a unique transaction identifier, which could be used for looging + * This transaction identifier is unique for a single identification and authentication process + * + * @return Unique transaction identifier. + */ + public String getUniqueTransactionIdentifier(); + + /** + * Holds a unique session identifier, which could be used for logging + * This session identifier is unique for the full Single Sign-On session time + * + * @return Unique session identifier + */ + public String getUniqueSessionIdentifier(); + + + /** + * Hold the identifier if the process instance, which is associated with this request + * + * @return ProcessInstanceID if this request is associated with a authentication process, otherwise null + */ + public String getProcessInstanceId(); + + + /** + * get the IDP URL PreFix, which was used for authentication request + * + * @return IDP URL PreFix <String>. The URL prefix always ends without / + */ + public String getAuthURL(); + public String getAuthURLWithOutSlash(); + + /** + * Indicates if this pending request needs authentication + * + * @return true if this request needs authentication, otherwise false + */ + public boolean isNeedAuthentication(); + + /** + * Indicates, if this pending request needs Single Sign-On (SSO) functionality + * + * @return true if this request needs SSO, otherwise false + */ + public boolean needSingleSignOnFunctionality(); + public void setNeedSingleSignOnFunctionality(boolean needSSO); + + /** + * Indicates, if this pending request is already authenticated + * + * @return true if this request is already authenticated, otherwise false + */ + public boolean isAuthenticated(); + public void setAuthenticated(boolean isAuthenticated); + + /** + * Get get Service-Provider configuration which is associated with this request. + * + * @return Service-Provider configuration + */ + public IOAAuthParameters getOnlineApplicationConfiguration(); + + /** + * Indicates, if this pending-request is aborted by the user + * + * @return true, if it is aborted, otherwise false + */ + public boolean isAbortedByUser(); + + /** + * Set the 'isAboredByUser' flag of this pending-request + * + * @param b true, if the user has abort the authentication process, otherwise false + */ + public void setAbortedByUser(boolean isAborted); + + /** + * This method get a Set of PVP 2.1 attribute, which are request by this pending-request. + * + * @return A set of PVP attribute names or null if no attributes are requested + * or the Service Provider, which sends this request needs no attributes + */ + public Collection<String> getRequestedAttributes(); +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IStorkConfig.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IStorkConfig.java new file mode 100644 index 000000000..b2d90aed4 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IStorkConfig.java @@ -0,0 +1,51 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api; + +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.data.CPEPS; +import at.gv.egovernment.moa.id.commons.api.data.SignatureCreationParameter; +import at.gv.egovernment.moa.id.commons.api.data.SignatureVerificationParameter; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; + +/** + * @author tlenz + * + */ +public interface IStorkConfig { + + SignatureCreationParameter getSignatureCreationParameter(); + + SignatureVerificationParameter getSignatureVerificationParameter(); + + Map<String, CPEPS> getCpepsMap(); + + boolean isSTORKAuthentication(String ccc); + + CPEPS getCPEPS(String ccc); + + List<StorkAttribute> getStorkAttributes(); + +}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java new file mode 100644 index 000000000..cb81fe79e --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java @@ -0,0 +1,135 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.Serializable; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.UnrecoverableKeyException; + +import org.apache.commons.lang3.SerializationUtils; + +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.KeyStoreUtils; + + +/** + * @author tlenz + * + */ +public class BPKDecryptionParameters implements Serializable{ + + private static final long serialVersionUID = 1L; + + private byte[] keyStore = null; + private String keyStorePassword = null; + private String keyAlias = null; + private String keyPassword = null; + + /** + * @return + * @throws IOException + */ + public PrivateKey getPrivateKey() { + InputStream in = null; + try { + in = new ByteArrayInputStream(keyStore); + KeyStore store = KeyStoreUtils.loadKeyStore(in , keyStorePassword); + + char[] chPassword = " ".toCharArray(); + if (keyPassword != null) + chPassword = keyPassword.toCharArray(); + +// Certificate test = store.getCertificate(keyAlias); +// Base64Utils.encode(test.getPublicKey().getEncoded()); + + return (PrivateKey) store.getKey(keyAlias, chPassword); + + + } catch (KeyStoreException e) { + Logger.error("Can not load private key from keystore.", e); + + } catch (IOException e) { + Logger.error("Can not load private key from keystore.", e); + + } catch (UnrecoverableKeyException e) { + Logger.error("Can not load private key from keystore.", e); + + } catch (NoSuchAlgorithmException e) { + Logger.error("Can not load private key from keystore.", e); + + } finally { + if (in != null) { + try { + in.close(); + } catch (IOException e) { + Logger.warn("Close InputStream failed." , e); + } + } + } + + return null; + } + + public byte[] serialize() { + return SerializationUtils.serialize(this); + + } + + /** + * @param keyStore the keyStore to set + */ + public void setKeyStore(byte[] keyStore) { + this.keyStore = keyStore; + } + + /** + * @param keyStorePassword the keyStorePassword to set + */ + public void setKeyStorePassword(String keyStorePassword) { + this.keyStorePassword = keyStorePassword; + } + + /** + * @param keyAlias the keyAlias to set + */ + public void setKeyAlias(String keyAlias) { + this.keyAlias = keyAlias; + } + + /** + * @param keyPassword the keyPassword to set + */ + public void setKeyPassword(String keyPassword) { + this.keyPassword = keyPassword; + } + + + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/CPEPS.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/CPEPS.java new file mode 100644 index 000000000..a88aa2171 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/CPEPS.java @@ -0,0 +1,138 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+/**
+ *
+ */
+package at.gv.egovernment.moa.id.commons.api.data;
+
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.opensaml.saml2.metadata.RequestedAttribute;
+
+/**
+ * Encpasulates C-PEPS information according MOA configuration
+ *
+ * @author bzwattendorfer
+ *
+ */
+public class CPEPS {
+
+ /** Country Code of C-PEPS */
+ private String countryCode;
+
+ /** URL of C-PEPS */
+ private URL pepsURL;
+
+ private Boolean isXMLSignatureSupported;
+
+ /** Specific attributes to be requested for this C-PEPS */
+ private List<RequestedAttribute> countrySpecificRequestedAttributes = new ArrayList<RequestedAttribute>();
+
+ /**
+ * Constructs a C-PEPS
+ * @param countryCode ISO Country Code of C-PEPS
+ * @param pepsURL URL of C-PEPS
+ */
+ public CPEPS(String countryCode, URL pepsURL, Boolean isXMLSignatureSupported) {
+ super();
+ this.countryCode = countryCode;
+ this.pepsURL = pepsURL;
+ this.isXMLSignatureSupported = isXMLSignatureSupported;
+ }
+
+ /**
+ * Gets the country code of this C-PEPS
+ * @return ISO country code
+ */
+ public String getCountryCode() {
+ return countryCode;
+ }
+
+ /**
+ * Sets the country code of this C-PEPS
+ * @param countryCode ISO country code
+ */
+ public void setCountryCode(String countryCode) {
+ this.countryCode = countryCode;
+ }
+
+ /**
+ * Gets the URL of this C-PEPS
+ * @return C-PEPS URL
+ */
+ public URL getPepsURL() {
+ return pepsURL;
+ }
+
+ /**
+ * Sets the C-PEPS URL
+ * @param pepsURL C-PEPS URL
+ */
+ public void setPepsURL(URL pepsURL) {
+ this.pepsURL = pepsURL;
+ }
+
+ /**
+ * Returns weather the C-PEPS supports XMl Signatures or not (important for ERnB)
+ */
+ public Boolean isXMLSignatureSupported() {
+ return isXMLSignatureSupported;
+ }
+
+ /**
+ * Sets weather the C-PEPS supports XMl Signatures or not (important for ERnB)
+ * @param isXMLSignatureSupported C-PEPS XML Signature support
+ */
+ public void setXMLSignatureSupported(boolean isXMLSignatureSupported) {
+ this.isXMLSignatureSupported = isXMLSignatureSupported;
+ }
+
+ /**
+ * Gets the country specific attributes of this C-PEPS
+ * @return List of country specific attributes
+ */
+ public List<RequestedAttribute> getCountrySpecificRequestedAttributes() {
+ return countrySpecificRequestedAttributes;
+ }
+
+ /**
+ * Sets the country specific attributes
+ * @param countrySpecificRequestedAttributes List of country specific requested attributes
+ */
+ public void setCountrySpecificRequestedAttributes(
+ List<RequestedAttribute> countrySpecificRequestedAttributes) {
+ this.countrySpecificRequestedAttributes = countrySpecificRequestedAttributes;
+ }
+
+ /**
+ * Adds a Requested attribute to the country specific attribute List
+ * @param countrySpecificRequestedAttribute Additional country specific requested attribute to add
+ */
+ public void addCountrySpecificRequestedAttribute(RequestedAttribute countrySpecificRequestedAttribute) {
+ this.countrySpecificRequestedAttributes.add(countrySpecificRequestedAttribute);
+ }
+
+
+}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/ProtocolAllowed.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/ProtocolAllowed.java new file mode 100644 index 000000000..4f63dca54 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/ProtocolAllowed.java @@ -0,0 +1,91 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +/** + * @author tlenz + * + */ +public class ProtocolAllowed { + + private boolean isSAML1Active = false; + private boolean isPVP21Active = true; + private boolean isOAUTHActive = true; + + /** + * + */ + public ProtocolAllowed() { + + } + + /** + * + */ + public ProtocolAllowed(boolean saml1, boolean pvp21, boolean oauth) { + this.isOAUTHActive = oauth; + this.isPVP21Active = pvp21; + this.isSAML1Active = saml1; + + } + + /** + * @return the isSAML1Active + */ + public boolean isSAML1Active() { + return isSAML1Active; + } + /** + * @param isSAML1Active the isSAML1Active to set + */ + public void setSAML1Active(boolean isSAML1Active) { + this.isSAML1Active = isSAML1Active; + } + /** + * @return the isPVP21Active + */ + public boolean isPVP21Active() { + return isPVP21Active; + } + /** + * @param isPVP21Active the isPVP21Active to set + */ + public void setPVP21Active(boolean isPVP21Active) { + this.isPVP21Active = isPVP21Active; + } + /** + * @return the isOAUTHActive + */ + public boolean isOAUTHActive() { + return isOAUTHActive; + } + /** + * @param isOAUTHActive the isOAUTHActive to set + */ + public void setOAUTHActive(boolean isOAUTHActive) { + this.isOAUTHActive = isOAUTHActive; + } + + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SAML1ConfigurationParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SAML1ConfigurationParameters.java new file mode 100644 index 000000000..eb709a6f1 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SAML1ConfigurationParameters.java @@ -0,0 +1,276 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +/** + * @author tlenz + * + */ +public class SAML1ConfigurationParameters { + + private boolean isActive = false; + private boolean provideBaseId = false; + private boolean provideAuthBlock = false; + private boolean provideIdl = false; + private boolean provideCertificate = false; + private boolean provideMandate = false; + private boolean provideAllErrors = true; + private boolean useCondition = false; + private String sourceID = null; + private String condition = new String(); + + + /** + * + */ + public SAML1ConfigurationParameters(boolean isActive, + boolean provideBaseId, boolean provideAuthBlock, + boolean provideIdl, boolean provideCertificate, + boolean provideMandate, boolean provideAllErrors, + boolean useCondition, String condition, + String sourceID) { + this.condition = condition; + this.isActive = isActive; + this.provideAllErrors = provideAllErrors; + this.provideAuthBlock = provideAuthBlock; + this.provideBaseId = provideBaseId; + this.provideCertificate = provideCertificate; + this.provideIdl = provideIdl; + this.provideMandate = provideMandate; + this.useCondition = useCondition; + this.sourceID = sourceID; + + } + + + /** + * + */ + public SAML1ConfigurationParameters() { + + } + + + /** + * Gets the value of the isActive property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isIsActive() { + return this.isActive; + } + + /** + * @param isActive the isActive to set + */ + public void setActive(boolean isActive) { + this.isActive = isActive; + } + + + /** + * @param provideBaseId the provideBaseId to set + */ + public void setProvideBaseId(boolean provideBaseId) { + this.provideBaseId = provideBaseId; + } + + + /** + * @param provideAuthBlock the provideAuthBlock to set + */ + public void setProvideAuthBlock(boolean provideAuthBlock) { + this.provideAuthBlock = provideAuthBlock; + } + + + /** + * @param provideIdl the provideIdl to set + */ + public void setProvideIdl(boolean provideIdl) { + this.provideIdl = provideIdl; + } + + + /** + * @param provideCertificate the provideCertificate to set + */ + public void setProvideCertificate(boolean provideCertificate) { + this.provideCertificate = provideCertificate; + } + + + /** + * @param provideMandate the provideMandate to set + */ + public void setProvideMandate(boolean provideMandate) { + this.provideMandate = provideMandate; + } + + + /** + * @param provideAllErrors the provideAllErrors to set + */ + public void setProvideAllErrors(boolean provideAllErrors) { + this.provideAllErrors = provideAllErrors; + } + + + /** + * @param useCondition the useCondition to set + */ + public void setUseCondition(boolean useCondition) { + this.useCondition = useCondition; + } + + + /** + * @param sourceID the sourceID to set + */ + public void setSourceID(String sourceID) { + this.sourceID = sourceID; + } + + + /** + * @param condition the condition to set + */ + public void setCondition(String condition) { + this.condition = condition; + } + + + /** + * Gets the value of the provideStammzahl property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideStammzahl() { + return this.provideBaseId; + } + + /** + * Gets the value of the provideAUTHBlock property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideAUTHBlock() { + return this.provideAuthBlock; + } + + /** + * Gets the value of the provideIdentityLink property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideIdentityLink() { + return this.provideIdl; + } + + /** + * Gets the value of the provideCertificate property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideCertificate() { + return this.provideCertificate; + } + + /** + * Gets the value of the provideFullMandatorData property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideFullMandatorData() { + return this.provideMandate; + } + + /** + * Gets the value of the useCondition property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isUseCondition() { + return this.useCondition; + } + + /** + * Gets the value of the conditionLength property. + * + * @return + * possible object is + * {@link BigInteger } + * + */ + + public int getConditionLength() { + return condition.length(); + } + + /** + * Gets the value of the sourceID property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getSourceID() { + return this.sourceID; + } + + /** + * Gets the value of the provideAllErrors property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideAllErrors() { + return this.provideAllErrors; + } + +} + diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SignatureCreationParameter.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SignatureCreationParameter.java new file mode 100644 index 000000000..9bfd93977 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SignatureCreationParameter.java @@ -0,0 +1,103 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.id.commons.api.data;
+
+import java.util.Properties;
+
+/**
+ * Encapsulates signature creation parameters according MOA configuration
+ *
+ * @author bzwattendorfer
+ *
+ */
+public class SignatureCreationParameter {
+
+ private static final String PROPS_PREFIX = "stork.samlsigningparameter.signaturecreation.";
+ private static final String PROPS_KEYSTORE_FILE = "keystore.file";
+ private static final String PROPS_KEYSTORE_PASS = "keystore.password";
+ private static final String PROPS_KEYNAME_NAME = "keyname.name";
+ private static final String PROPS_KEYNAME_PASS = "keyname.password";
+
+ private Properties props;
+ private String basedirectory;
+
+ public SignatureCreationParameter(Properties props, String basedirectory) {
+ this.props = props;
+ this.basedirectory = basedirectory;
+ }
+
+ /**
+ * Gets the KeyStore Path
+ * @return File Path to KeyStore
+ */
+ public String getKeyStorePath() {
+ return basedirectory + props.getProperty(PROPS_PREFIX+PROPS_KEYSTORE_FILE);
+ }
+
+ /**
+ * Gets the KeyStore Password
+ * @return Password to KeyStore
+ */
+ public String getKeyStorePassword() {
+ return props.getProperty(PROPS_PREFIX+PROPS_KEYSTORE_PASS);
+ }
+
+ /**
+ * Gets the Signing Key Name
+ * @return Siging Key Name
+ */
+ public String getKeyName() {
+ return props.getProperty(PROPS_PREFIX+PROPS_KEYNAME_NAME);
+ }
+
+ /**
+ * Gets the Signing Key Password
+ * @return Signing Key Password
+ */
+ public String getKeyPassword() {
+ return props.getProperty(PROPS_PREFIX+PROPS_KEYNAME_PASS);
+ }
+}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SignatureVerificationParameter.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SignatureVerificationParameter.java new file mode 100644 index 000000000..f408ea7fe --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/SignatureVerificationParameter.java @@ -0,0 +1,53 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+/**
+ *
+ */
+package at.gv.egovernment.moa.id.commons.api.data;
+
+/**
+ * Encapsulates Signature Verification data for STORK according MOA configuration
+ *
+ * @author bzwattendorfer
+ *
+ */
+public class SignatureVerificationParameter {
+
+ /** ID of the MOA-SP TrustProfile to be used for STORK SAML signature verification */
+ private String trustProfileID;
+
+ public SignatureVerificationParameter(String trustProfileID2) {
+ this.trustProfileID = trustProfileID2;
+ }
+
+ /**
+ * Gets the MOA-SP TrustProfileID
+ * @return TrustProfileID of MOA-SP for STORK signature verification
+ */
+ public String getTrustProfileID() {
+ return trustProfileID;
+ }
+
+
+
+}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/StorkAttribute.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/StorkAttribute.java new file mode 100644 index 000000000..1bbb7d3fe --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/StorkAttribute.java @@ -0,0 +1,27 @@ +package at.gv.egovernment.moa.id.commons.api.data; + +public class StorkAttribute { + + protected Boolean mandatory; + protected String name; + + public StorkAttribute(String name, boolean mandatory) { + this.name = name; + this.mandatory = mandatory; + } + + public Boolean getMandatory() { + return mandatory; + } + public void setMandatory(Boolean mandatory) { + this.mandatory = mandatory; + } + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/StorkAttributeProviderPlugin.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/StorkAttributeProviderPlugin.java new file mode 100644 index 000000000..070d304a6 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/StorkAttributeProviderPlugin.java @@ -0,0 +1,81 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.data; + +/** + * @author tlenz + * + */ +public class StorkAttributeProviderPlugin { + private String name = null; + private String url = null; + private String attributes = null; + + /** + * + */ + public StorkAttributeProviderPlugin(String name, String url, String attributes) { + this.name = name; + this.url = url; + this.attributes = attributes; + } + + /** + * @return the name + */ + public String getName() { + return name; + } + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + /** + * @return the url + */ + public String getUrl() { + return url; + } + /** + * @param url the url to set + */ + public void setUrl(String url) { + this.url = url; + } + /** + * @return the attributes + */ + public String getAttributes() { + return attributes; + } + /** + * @param attributes the attributes to set + */ + public void setAttributes(String attributes) { + this.attributes = attributes; + } + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/ConfigurationException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/ConfigurationException.java new file mode 100644 index 000000000..e8f6da323 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/ConfigurationException.java @@ -0,0 +1,78 @@ +package at.gv.egovernment.moa.id.commons.api.exceptions; +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +/** + * Exception signalling an error in the configuration. + * + * @author Patrick Peck + * @version $Id$ + */ +public class ConfigurationException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = -7199539463319751278L; + +/** + * Create a <code>MOAConfigurationException</code>. + */ + public ConfigurationException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + /** + * Create a <code>MOAConfigurationException</code>. + */ + public ConfigurationException( + String messageId, + Object[] parameters, + Throwable wrapped) { + + super(messageId, parameters, wrapped); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java new file mode 100644 index 000000000..6841be92b --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java @@ -0,0 +1,170 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.commons.api.exceptions; + +import java.io.PrintStream; +import java.io.PrintWriter; + +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; + +/** + * Base class of technical MOA exceptions. + * + * Technical exceptions are exceptions that originate from system failure (e.g., + * a database connection fails, a component is not available, etc.) + * + * @author Patrick Peck, Ivancsics Paul + * @version $Id$ + */ +public class MOAIDException extends Exception { + /** + * + */ + private static final long serialVersionUID = -1507246171708083912L; +/** message ID */ + private String messageId; + /** wrapped exception */ + private Throwable wrapped; + + private Object[] parameters; + + /** + * Create a new <code>MOAIDException</code>. + * + * @param messageId The identifier of the message associated with this + * exception. + * @param parameters Additional message parameters. + */ + public MOAIDException(String messageId, Object[] parameters) { + super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); + this.messageId = messageId; + this.parameters = parameters; + } + + /** + * Create a new <code>MOAIDException</code>. + * + * @param messageId The identifier of the message associated with this + * <code>MOAIDException</code>. + * @param parameters Additional message parameters. + * @param wrapped The exception wrapped by this + * <code>MOAIDException</code>. + */ + public MOAIDException( + String messageId, + Object[] parameters, + Throwable wrapped) { + + super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); + this.messageId = messageId; + this.wrapped = wrapped; + this.parameters = parameters; + } + + /** + * Print a stack trace of this exception to <code>System.err</code>. + * + * @see java.lang.Throwable#printStackTrace() + */ + public void printStackTrace() { + printStackTrace(System.err); + } + + /** + * Print a stack trace of this exception, including the wrapped exception. + * + * @param s The stream to write the stack trace to. + * @see java.lang.Throwable#printStackTrace(java.io.PrintStream) + */ + public void printStackTrace(PrintStream s) { + if (getWrapped() == null) + super.printStackTrace(s); + else { + s.print("Root exception: "); + getWrapped().printStackTrace(s); + } + } + + /** + * Print a stack trace of this exception, including the wrapped exception. + * + * @param s The stream to write the stacktrace to. + * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter) + */ + public void printStackTrace(PrintWriter s) { + if (getWrapped() == null) + super.printStackTrace(s); + else { + s.print("Root exception: "); + getWrapped().printStackTrace(s); + } + } + + /** + * @return message ID + */ + public String getMessageId() { + return messageId; + } + + /** + * @return wrapped exception + */ + public Throwable getWrapped() { + return wrapped; + } + + + + /** + * @return the parameters + */ +public Object[] getParameters() { + return parameters; +} + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java new file mode 100644 index 000000000..9414556a2 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/SessionDataStorageException.java @@ -0,0 +1,45 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons.api.exceptions; + +/** + * @author tlenz + * + */ +public class SessionDataStorageException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 5743057708136365929L; + + /** + * @param messageId + * @param parameters + */ + public SessionDataStorageException(String messageId, Object[] parameters) { + super(messageId, parameters); + + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java index 28c705c71..e2f793edf 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java @@ -248,30 +248,49 @@ public class NewConfigurationDBRead { * @param id * @return */ - public OnlineApplication getOnlineApplication(String id) { + public List<OnlineApplication> getOnlineApplications(String id) { Logger.trace("Getting OnlineApplication with ID " + id + " from database."); // select onlineapplication from OnlineApplication onlineapplication // where onlineapplication.publicURLPrefix = SUBSTRING(:id, 1, LENGTH(onlineapplication.publicURLPrefix)) - OnlineApplication result = null; + List<OnlineApplication> result = new ArrayList<OnlineApplication>(); List<OnlineApplication> allOAs = getAllOnlineApplications(); for (OnlineApplication oa : nullGuard(allOAs)) { - String publicUrlPrefix = oa.getPublicURLPrefix(); - if (publicUrlPrefix != null && publicUrlPrefix.length() <= id.length()) { - if (id.substring(0, publicUrlPrefix.length()).equals(publicUrlPrefix)) { - if (result != null) { - Logger.warn("OAIdentifier match to more then one DB-entry!"); - return null; - } else { - result = oa; - } - } + String publicUrlPrefix = oa.getPublicURLPrefix(); + if (publicUrlPrefix != null && publicUrlPrefix.length() <= id.length()) { + if (id.substring(0, publicUrlPrefix.length()).equals(publicUrlPrefix)) + result.add(oa); + } } return result; } + + /** + * + * @param id + * @return + */ + public OnlineApplication getOnlineApplication(String id) { + Logger.trace("Getting OnlineApplication with ID " + id + " from database."); + + // select onlineapplication from OnlineApplication onlineapplication + // where onlineapplication.publicURLPrefix = SUBSTRING(:id, 1, LENGTH(onlineapplication.publicURLPrefix)) + List<OnlineApplication> result = getOnlineApplications(id); + + if (result != null && result.size() == 1) + return result.get(0); + + else if (result != null && result.size() > 1) + Logger.warn("OAIdentifier match to more then one DB-entry!"); + + else + Logger.warn("no OA with OAIdentifier: "+ id); + + return null; + } /** * diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java index a49142d87..c2f5ec962 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AssertionStore.java @@ -27,8 +27,6 @@ import java.util.Date; import javax.persistence.Column; import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Lob; import javax.persistence.NamedQueries; @@ -52,7 +50,7 @@ public class AssertionStore implements Serializable{ private static final long serialVersionUID = 1L; @Id - @GeneratedValue(strategy = GenerationType.AUTO) + //@GeneratedValue(strategy = GenerationType.AUTO) @Column(name = "id", unique=true, nullable=false) private long id; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java index af5950c98..6333451b9 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/AuthenticatedSessionStore.java @@ -31,14 +31,11 @@ import javax.persistence.CascadeType; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Lob; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.OneToMany; -import javax.persistence.PrePersist; import javax.persistence.PreUpdate; import javax.persistence.Table; import javax.persistence.Temporal; @@ -68,7 +65,7 @@ public class AuthenticatedSessionStore implements Serializable{ private static final long serialVersionUID = 1L; @Id - @GeneratedValue(strategy = GenerationType.AUTO) + //@GeneratedValue(strategy = GenerationType.AUTO) @Column(name = "id", unique=true, nullable=false) private long id; @@ -130,46 +127,115 @@ public class AuthenticatedSessionStore implements Serializable{ this.id = id; } + /** + * Get the internal ID of this MOASession + * + * @return moaSessionID, but never null + */ public String getSessionid() { return sessionid; + } + /** + * Set the internal ID of this MOASession. + * + * @param sessionid The internal ID of this MOASession, but never null + **/ public void setSessionid(String sessionid) { this.sessionid = sessionid; } + /** + * Get the Single Sign-On SessionID of this MOASession + * + * @return SSO SessionID + */ public String getSSOsessionid() { return SSOsessionid; } + /** + * Set the Single Sign-On SessionID for this MOASession + * + * @param sSOsessionid SSO SessionID + */ public void setSSOsessionid(String sSOsessionid) { SSOsessionid = sSOsessionid; } + /** + * Get the serialized (and encrypted) AuthenticatedData DAO, which contains the user + * identification and authentication information. + * + * @return serialized (and encryped) authenticationData, but never null + */ public byte[] getSession() { return authSession; } + /** + * Set the AuthenticationData DAO, as serialized (and encrypted) blob.<br><br> + * + * <strong>This method should only be used, since MOASesion is not authenticated + * <code>this.isAuthenticated() == false</code>. If the MOASession is already authenticated, + * the corresponding user authentication data should not be changed any more.</strong> + * + * @param session the serialized (and encryped) authenticationData + */ public void setSession(byte[] session) { this.authSession = session; } + /** + * Indicates this MOASession is already authenticated. <br><br> + * + * A authenticated MOASession contains all information, which are + * needed build protocol specific authentication information. + * Therefore, a user has already performed a full identification and + * authentication process. + * + * @return true, if this MOASession is authenticated, otherwise false + */ public boolean isAuthenticated() { return isAuthenticated; } + /** + * Mark a MOASession as authenticated. <br><br> + * + * A MOASession had to be marked as authenticated, if the user + * identification and authentication process is completed. + * + * @param isAuthenticated + */ public void setAuthenticated(boolean isAuthenticated) { this.isAuthenticated = isAuthenticated; } + /** + * Indicates this MOASession as a Single Sign-On session + * + * @return true if it is a SSO session, otherwise false + */ public boolean isSSOSession() { return isSSOSession; } + /** + * Mark this MOASession as a Single Sign-On session + * + * @param isSSOSession true, if this MOASession is a SSO session, otherwise false + */ public void setSSOSession(boolean isSSOSession) { this.isSSOSession = isSSOSession; } + /** + * Get a timestamp when this MOASession was created + * + * @return timestamp + */ public Date getCreated() { return created; } @@ -178,6 +244,11 @@ public class AuthenticatedSessionStore implements Serializable{ this.created = created; } + /** + * Get a timestamp, when this MOASession was updated last time + * + * @return timestamp + */ public Date getUpdated() { return updated; } @@ -186,6 +257,12 @@ public class AuthenticatedSessionStore implements Serializable{ this.updated = updated; } + /** + * Get a List of Service Providers, which has received a authentication information by using + * Single Sign-On + * + * @return + */ public List<OASessionStore> getActiveOAsessions() { return activeOAsessions; } @@ -198,6 +275,12 @@ public class AuthenticatedSessionStore implements Serializable{ this.activeOAsessions = activeOAsessions; } + /** + * Get a List of old Single Sign-On SessionIDs, which are already used for this MOASession. + * Every SSO SessionID can only be used once. + * + * @return + */ public List<OldSSOSessionIDStore> getOldssosessionids() { return oldssosessionids; } @@ -207,6 +290,8 @@ public class AuthenticatedSessionStore implements Serializable{ } /** + * Get a List of federated IDPs which are already used in this Session + * * @return the inderfederation */ public List<InterfederationSessionStore> getInderfederation() { @@ -221,20 +306,8 @@ public class AuthenticatedSessionStore implements Serializable{ } /** - * @return the pendingRequestID - */ - public String getPendingRequestID() { - return pendingRequestID; - } - - /** - * @param pendingRequestID the pendingRequestID to set - */ - public void setPendingRequestID(String pendingRequestID) { - this.pendingRequestID = pendingRequestID; - } - - /** + * Get the initial vector for AuthenticationData encryption + * * @return the iv */ public byte[] getIv() { @@ -242,6 +315,8 @@ public class AuthenticatedSessionStore implements Serializable{ } /** + * Set the inital vector for AuthenticationData encryption + * * @param iv the iv to set */ public void setIv(byte[] iv) { @@ -249,14 +324,18 @@ public class AuthenticatedSessionStore implements Serializable{ } /** - * @return the isInterfederatedSSOSession + * Indicates this MOASession as an federated session + * + * @return true if it is a federated session, otherwise false */ public boolean isInterfederatedSSOSession() { return isInterfederatedSSOSession; } /** - * @param isInterfederatedSSOSession the isInterfederatedSSOSession to set + * Mark this MOASession as an federated session + * + * @param isInterfederatedSSOSession true, if this MOASession is a federated session */ public void setInterfederatedSSOSession(boolean isInterfederatedSSOSession) { this.isInterfederatedSSOSession = isInterfederatedSSOSession; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/ExceptionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/ExceptionStore.java deleted file mode 100644 index 0d56896ff..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/ExceptionStore.java +++ /dev/null @@ -1,125 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.commons.db.dao.session; - -import java.io.Serializable; -import java.util.Date; - -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Lob; -import javax.persistence.NamedQueries; -import javax.persistence.NamedQuery; -import javax.persistence.Table; - -import org.hibernate.annotations.DynamicUpdate; - - - -@Entity -@DynamicUpdate(value=true) -@Table(name = "exceptionstore") -@NamedQueries({ - @NamedQuery(name="getExceptionWithID", query = "select exceptionstore from ExceptionStore exceptionstore where exceptionstore.exid = :id"), - @NamedQuery(name="getExceptionWithTimeOut", query = "select exceptionstore from ExceptionStore exceptionstore where exceptionstore.timestamp < :timeout") -}) - -public class ExceptionStore implements Serializable{ - - private static final long serialVersionUID = 1L; - - @Id - @GeneratedValue(strategy = GenerationType.AUTO) - @Column(name = "id", unique=true, nullable=false) - private long id; - - @Column(name = "exid", unique=true, nullable=false) - private String exid; - - @Column(name = "exception", nullable=false) - @Lob private byte [] exception; - - @Column(name = "timestamp", nullable=false) - private Date timestamp; - - /** - * @return the id - */ - public long getId() { - return id; - } - - /** - * @param id the id to set - */ - public void setId(long id) { - this.id = id; - } - - /** - * @return the exid - */ - public String getExid() { - return exid; - } - - /** - * @param exid the exid to set - */ - public void setExid(String exid) { - this.exid = exid; - } - - /** - * @return the exception - */ - public byte[] getException() { - return exception; - } - - /** - * @param exception the exception to set - */ - public void setException(byte[] exception) { - this.exception = exception; - } - - /** - * @return the timestamp - */ - public Date getTimestamp() { - return timestamp; - } - - /** - * @param timestamp the timestamp to set - */ - public void setTimestamp(Date timestamp) { - this.timestamp = timestamp; - } - - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java index 54216edc4..c62e8be32 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/InterfederationSessionStore.java @@ -28,8 +28,6 @@ import java.util.Date; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; @@ -46,7 +44,7 @@ public class InterfederationSessionStore implements Serializable{ private static final long serialVersionUID = 1L; @Id - @GeneratedValue(strategy = GenerationType.AUTO) + //@GeneratedValue(strategy = GenerationType.AUTO) @Column(name = "id", unique=true, nullable=false) private long id; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OASessionStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OASessionStore.java index 8b720e901..a11d94af4 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OASessionStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OASessionStore.java @@ -28,8 +28,6 @@ import java.util.Date; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; @@ -46,7 +44,7 @@ public class OASessionStore implements Serializable{ private static final long serialVersionUID = 1L; @Id - @GeneratedValue(strategy = GenerationType.AUTO) + //@GeneratedValue(strategy = GenerationType.AUTO) @Column(name = "idOASession", unique=true, nullable=false) private long idOASession; @@ -70,7 +68,7 @@ public class OASessionStore implements Serializable{ @Column(name = "attributequeryused", unique=false, nullable=false) private boolean attributeQueryUsed = false; - + @Column(name = "created", updatable=false, nullable=false) // @Temporal(TemporalType.TIMESTAMP) private Date created; @@ -200,9 +198,5 @@ public class OASessionStore implements Serializable{ this.authURL = authURL; } - - - - } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OldSSOSessionIDStore.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OldSSOSessionIDStore.java index a85bdf2ca..195406a37 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OldSSOSessionIDStore.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/session/OldSSOSessionIDStore.java @@ -27,8 +27,6 @@ import java.io.Serializable; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; @@ -51,7 +49,7 @@ public class OldSSOSessionIDStore implements Serializable{ private static final long serialVersionUID = 1L; @Id - @GeneratedValue(strategy = GenerationType.AUTO) + //@GeneratedValue(strategy = GenerationType.AUTO) @Column(name = "idOldSSOSession", unique=true, nullable=false) private long idOldSSOSession; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java index 97f26812f..6040d9870 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/statistic/StatisticLog.java @@ -27,8 +27,6 @@ import java.util.Date; import javax.persistence.Column; import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; @@ -50,7 +48,7 @@ public class StatisticLog implements Serializable{ private static final long serialVersionUID = 1L; @Id - @GeneratedValue(strategy = GenerationType.AUTO) + //@GeneratedValue(strategy = GenerationType.AUTO) @Column(name = "id", unique=true, nullable=false) private long id; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java index cbdd13d0e..add929e1d 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java @@ -31,8 +31,6 @@ import java.util.Map; import java.util.Map.Entry; import java.util.Set; -import org.apache.commons.lang3.StringUtils; - import at.gv.egovernment.moa.util.MiscUtil; /** @@ -283,6 +281,27 @@ public class KeyValueUtils { return false; } + /** + * Convert a CSV list to a List of CSV values + * <br><br> + * This method removes all whitespace at the begin or the + * end of CSV values and remove newLine signs at the end of value. + * The ',' is used as list delimiter + * + * @param csv CSV encoded input data + * @return List of CSV normalized values, but never null + */ + public static List<String> getListOfCSVValues(String csv) { + List<String> list = new ArrayList<String>(); + if (MiscUtil.isNotEmpty(csv)) { + String[] values = csv.split(CSV_DELIMITER); + for (String el: values) + list.add(el.trim()); + + } + + return list; + } /** * This method remove all newline delimiter (\n or \r\n) from input data diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java new file mode 100644 index 000000000..4d8a07a55 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java @@ -0,0 +1,104 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.commons.utils; + +import java.util.Locale; + +import at.gv.egovernment.moa.util.Messages; + +/** + * A singleton wrapper around a <code>Message</code> object, providing the messages used in MOA-ID. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class MOAIDMessageProvider { + + /** DEFAULT_MESSAGE_RESOURCES are resources/properties/id_messages */ + private static final String[] DEFAULT_MESSAGE_RESOURCES = + { "resources/properties/id_messages" }; + /** DEFAULT_MESSAGE_LOCALES are "de", "AT" */ + private static final Locale[] DEFAULT_MESSAGE_LOCALES = + new Locale[] { new Locale("de", "AT") }; + /** The instance for our singleton */ + private static MOAIDMessageProvider instance; + /** The Messages */ + private Messages messages; + + /** + * Returns the single instance of <code>MOAIDMessageProvider</code>. + * + * @return the single instance of <code>MOAIDMessageProvider</code> + */ + public static MOAIDMessageProvider getInstance() { + if (instance == null) + instance = new MOAIDMessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); + return instance; + } + + /** + * Create a <code>MOAIDMessageProvider</code>. + * + * @param resourceNames The names of the resources containing the messages. + * @param locales The corresponding locales. + */ + protected MOAIDMessageProvider(String[] resourceNames, Locale[] locales) { + this.messages = new Messages(resourceNames, locales); + } + + /** + * Get the message corresponding to a given message ID. + * + * @param messageId The ID of the message. + * @param parameters The parameters to fill in into the message arguments. + * @return The formatted message. + */ + public String getMessage(String messageId, Object[] parameters) { + return messages.getMessage(messageId, parameters); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java new file mode 100644 index 000000000..51667f010 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LogMsg.java @@ -0,0 +1,67 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.logging; + +/** + * A unified message type to log messages from inside the MOA subsystem. + * + * @author Patrick Peck + * @version $Id$ + */ +public class LogMsg { + /** The message to log. */ + private Object message; + + /** + * Create a <code>LogMsg</code> object. + * + * @param message The actual message to log. May be <code>null</code>. + */ + public LogMsg(Object message) { + this.message = message; + } + + /** + * Convert this log message to a <code>String</code>. + * + * @return The <code>String</code> representation of this log message. + */ + public String toString() { + StringBuffer msg = new StringBuffer(); + LoggingContext ctx = + LoggingContextManager.getInstance().getLoggingContext(); + String tid = ctx != null ? ctx.getTransactionID() : null; + String nodeId = ctx != null ? ctx.getNodeID() : null; + + msg.append("TID="); + msg.append(tid != null ? tid : "<null>"); + msg.append(" NID="); + msg.append(nodeId != null ? nodeId : "<null>"); + msg.append(" MSG="); + msg.append(message != null ? message.toString() : "<null>"); + + return msg.toString(); + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/Logger.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/Logger.java new file mode 100644 index 000000000..3730b36ce --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/Logger.java @@ -0,0 +1,252 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.logging; + +import java.util.HashMap; +import java.util.Map; + +/** + * A utility class acting as a facade to the logging subsystem. + * + * Configure the logging defaultHierarchy that the <code>Logger</code> uses by + * calling <code>setHierarchy</code> once before calling any of the logging + * output functions. + * + * @author Patrick Peck + * @version $Id$ + */ +public class Logger { + + /** + * Set the default hierarchy to which the <code>Logger</code> should send its + * logging output. + * @param hierarchy The logging defaultHierarchy. + */ + public static void setHierarchy(String hierarchy) { + // there is no need for that anymore + } + + + /** The Constant instances. */ + private static final Map<String, org.slf4j.Logger> instances = new HashMap<String, org.slf4j.Logger>(); + + /** + * Gets the logger. + * + * @return the logger + */ + private static synchronized org.slf4j.Logger getLogger() { + StackTraceElement[] stacktrace = Thread.currentThread().getStackTrace(); + + int i; + for(i = 2; i < stacktrace.length; i++) + if(!stacktrace[i].getClassName().equals(Logger.class.getName())) + break; + + String className = stacktrace[i].getClassName(); + + org.slf4j.Logger logger = instances.get(className); + if (logger != null) { + return logger; + } + + logger = org.slf4j.LoggerFactory.getLogger(className); + instances.put(className, logger); + + return logger; + } + + /** + * Prepare the message for printing it as string. + * <p>Mainly introduce because the <code>message</code> might be <code>null</code>. + * + * @param message the message + * @return the string + */ + private static String prepareMessage(Object message) { + if(null == message) + return "no message given"; + return message.toString(); + } + + /** + * Test, if the trace log level is enabled. + * + * @return boolean <code>true</code>, if tracing output is enabled + * <code>false</code> otherwise. + */ + public static boolean isTraceEnabled() { + org.slf4j.Logger logger = getLogger(); + return logger.isTraceEnabled(); + } + + /** + * Test, if the trace log level is enabled for a given hierarchy. + * + * @param hierarchy requested log hierarchy + * @return boolean <code>true</code>, if tracing output is enabled + * <code>false</code> otherwise. + */ + public static boolean isTraceEnabled(String hierarchy) { + org.slf4j.Logger logger = getLogger(); + return logger.isTraceEnabled(); + } + + /** + * Trace a message. + * + * @param message The message to trace. + */ + public static void trace(Object message) { + org.slf4j.Logger logger = getLogger(); + logger.trace(prepareMessage(message)); + } + + /** + * Test, if the debug log level is enabled. + * + * @return boolean <code>true</code>, if debug output is enabled + * <code>false</code> otherwise. + */ + public static boolean isDebugEnabled() { + org.slf4j.Logger logger = getLogger(); + return logger.isDebugEnabled(); + } + + /** + * Test, if the debug log level is enabled for a given hierarchy. + * + * @param hierarchy requested log hierarchy + * @return boolean <code>true</code>, if debug output is enabled + * <code>false</code> otherwise. + */ + public static boolean isDebugEnabled(String hierarchy) { + org.slf4j.Logger logger = getLogger(); + return logger.isDebugEnabled(); + } + + /** + * Log a debug message. + * + * @param message The message to log. + */ + public static void debug(Object message) { + org.slf4j.Logger logger = getLogger(); + logger.debug(prepareMessage(message)); + } + +/** + * Log an info message. + * + * @param message The message to log. + */ + public static void info(Object message) { + org.slf4j.Logger logger = getLogger(); + logger.info(prepareMessage(message)); + } + + /** + * Info. + * + * @param string the string + * @param args the objects + */ + public static void info(String message, Object[] args) { + org.slf4j.Logger logger = getLogger(); + logger.info(prepareMessage(message), args); + } + + /** + * Log a warning message. + * + * @param message The message to log. + */ + public static void warn(Object message) { + org.slf4j.Logger logger = getLogger(); + logger.warn(prepareMessage(message)); + } + + /** + * Log a warning message. + * + * @param message The message to log. + * @param t An exception that may be the cause of the warning. + */ + public static void warn(Object message, Throwable t) { + org.slf4j.Logger logger = getLogger(); + logger.warn(prepareMessage(message), t); + } + + /** + * Log an error message. + * + * @param message The message to log. + */ + public static void error(Object message) { + org.slf4j.Logger logger = getLogger(); + logger.error(prepareMessage(message)); + } + + /** + * Log an error message. + * + * @param message The message to log. + * @param t An exception that may be the cause of the error. + */ + public static void error(Object message, Throwable t) { + org.slf4j.Logger logger = getLogger(); + logger.error(prepareMessage(message), t); + } + + /** + * Log an error message with additional information. + * + * @param message The message to log. + * @param variables The values to substitute {} of the logmessage with. + */ + public static void error(Object message, Object[] variables) { + org.slf4j.Logger logger = getLogger(); + logger.error(prepareMessage(message), variables); + } + + /** + * Log a fatal error message. + * + * @param message The message to log. + */ + public static void fatal(Object message) { + error(message); + } + + /** + * Log a fatal error message. + * + * @param message The message to log. + * @param t An exception that may be the cause of the error. + */ + public static void fatal(Object message, Throwable t) { + error(message, t); + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java new file mode 100644 index 000000000..db4b93a0b --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContext.java @@ -0,0 +1,70 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.logging; + +/** + * Encapsulates contextual information (i.e. per request information) for + * logging purposes. + * + * @author Patrick Peck + * @version $Id$ + */ +public class LoggingContext { + /** The name of the node ID system property. */ + public static final String NODE_ID_PROPERTY = "moa.node-id"; + + /** The current transaction ID. */ + private String transactionID; + /** The node ID. */ + private String nodeID; + + /** + * Create a new <code>LoggingContext</code>. + * + * @param transactionID The transaction ID. May be <code>null</code>. + */ + public LoggingContext(String transactionID) { + this.transactionID = transactionID; + this.nodeID = System.getProperty(NODE_ID_PROPERTY); + } + + /** + * Return the transaction ID. + * + * @return The transaction ID. + */ + public String getTransactionID() { + return transactionID; + } + + /** + * Return the node ID. + * + * @return The node ID. + */ + public String getNodeID() { + return nodeID; + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java new file mode 100644 index 000000000..f0d7b4c07 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/logging/LoggingContextManager.java @@ -0,0 +1,80 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.logging; + +/** + * Provides each thread with a single instance of <code>LoggingContext</code>. + * + * @author Patrick Peck + * @version $Id$ + */ +public class LoggingContextManager { + /** The single instance of this class. */ + private static LoggingContextManager instance = null; + + /** The <code>LoggingContext</code> for each thread. */ + private ThreadLocal context; + + /** + * Get the single instance of the <code>LoggingContextManager</code> class. + * + * @return LoggingContextManager The single instance. + */ + public static synchronized LoggingContextManager getInstance() { + if (instance == null) { + instance = new LoggingContextManager(); + } + return instance; + } + + /** + * Creates a new <code>LoggingContextManager</code>. + * + * Protected to disallow direct instantiation. + */ + protected LoggingContextManager() { + context = new ThreadLocal(); + } + + /** + * Set the <code>LoggingContext</code> context for the current thread. + * + * @param ctx The <code>LoggingContext</code> for the current thread. + */ + public void setLoggingContext(LoggingContext ctx) { + context.set(ctx); + } + + /** + * Return the <code>LoggingContext</code> for the current thread. + * + * @return LoggingContext The <code>LoggingContext</code> for the current + * thread, or <code>null</code> if none has been set. + */ + public LoggingContext getLoggingContext() { + return (LoggingContext) context.get(); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java new file mode 100644 index 000000000..66bf50316 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Base64Utils.java @@ -0,0 +1,153 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; + +import iaik.utils.Base64InputStream; +import iaik.utils.Base64OutputStream; + +/** + * Utitility functions for encoding/decoding Base64 strings. + * + * @author Patrick Peck + * @version $Id$ + */ +public class Base64Utils { + + /** + * Read the bytes encoded in a Base64 encoded <code>String</code>. + * + * @param base64String The <code>String</code> containing the Base64 encoded + * bytes. + * @param ignoreInvalidChars Whether to ignore invalid Base64 characters. + * @return byte[] The raw bytes contained in the <code>base64String</code>. + * @throws IOException Failed to read the Base64 data. + */ + public static byte[] decode(String base64String, boolean ignoreInvalidChars, String encoding) + throws IOException { + + Base64InputStream in = + new Base64InputStream( + new ByteArrayInputStream(base64String.getBytes(encoding)), + ignoreInvalidChars); + ByteArrayOutputStream out = new ByteArrayOutputStream(); + byte[] bytes = new byte[256]; + int bytesRead; + + while ((bytesRead = in.read(bytes)) > 0) { + out.write(bytes, 0, bytesRead); + } + in.close(); + + return out.toByteArray(); + } + + public static byte[] decode(String base64String, boolean ignoreInvalidChars) throws IOException { + return decode(base64String, ignoreInvalidChars, "UTF-8"); + } + + /** + * Read the bytes encoded in a Base64 encoded <code>String</code> and provide + * them via an <code>InputStream</code>. + * + * @param base64String The <code>String</code> containing the Base64 encoded + * bytes. + * @param ignoreInvalidChars Whether to ignore invalid Base64 characters. + * @return The <code>InputStream</code> from which the binary content of the + * <code>base64String</code> can be read. + */ + public static InputStream decodeToStream( + String base64String, + boolean ignoreInvalidChars, + String encoding) { + + try { + ByteArrayInputStream bin = + new ByteArrayInputStream(base64String.getBytes(encoding)); + Base64InputStream in = new Base64InputStream(bin, ignoreInvalidChars); + + return in; + } catch (UnsupportedEncodingException e) { + // cannot occur, since UTF-8 is required to be supported by every JRE + return null; + } + } + + public static InputStream decodeToStream( + String base64String, + boolean ignoreInvalidChars) { + return decodeToStream(base64String, ignoreInvalidChars, "UTF-8"); + + } + + /** + * Convert a byte array to a Base64 encoded <code>String</code>. + * + * @param bytes The bytes to encode. + * @return String The Base64 encoded representation of the <code>bytes</code>. + * @throws IOException Failed to write the bytes as Base64 data. + */ + public static String encode(byte[] bytes) throws IOException { + return encode(new ByteArrayInputStream(bytes), "UTF-8"); + } + + public static String encode(byte[] bytes, String encoding) throws IOException { + return encode(new ByteArrayInputStream(bytes), encoding); + } + + public static String encode(InputStream inputStream) throws IOException { + return encode(inputStream, "UTF-8"); + } + /** + * Convert the data contained in the given stream to a Base64 encoded + * <code>String</code>. + * + * @param inputStream The stream containing the data to encode. + * @return The Base64 encoded data of <code>inputStream</code>, as a + * <code>String</code>. + * @throws IOException Failed to convert the data in the stream. + */ + public static String encode(InputStream inputStream, String encoding) throws IOException { + ByteArrayOutputStream byteStream = new ByteArrayOutputStream(); + Base64OutputStream base64Stream = new Base64OutputStream(byteStream, "\n".getBytes()); + byte[] bytes = new byte[256]; + int bytesRead; + + while ((bytesRead = inputStream.read(bytes)) > 0) { + base64Stream.write(bytes, 0, bytesRead); + } + base64Stream.flush(); + base64Stream.close(); + inputStream.close(); + + return byteStream.toString(encoding); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java new file mode 100644 index 000000000..492aca994 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/BoolUtils.java @@ -0,0 +1,48 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +/** + * Utility class for parsing XML schema boolean values. + * + * @author Patrick Peck + * @version $Id$ + */ +public class BoolUtils { + + /** + * Return the boolean value of an <code>xsd:boolean</code> type of DOM + * element/attribute. + * + * @param boolStr The value of the <code>xsd:boolean</code> element/attribute. + * @return <code>true</code>, if <code>boolStr</code> equals + * <code>"true"</code> or <code>"1;"</code>. Otherwise, + * <code>false</code> is returned. + */ + public static boolean valueOf(String boolStr) { + return "true".equals(boolStr) || "1".equals(boolStr); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java new file mode 100644 index 000000000..8597e1eec --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/CollectionUtils.java @@ -0,0 +1,60 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.Iterator; +import java.util.List; + +/** + * Various utility methods for dealing with <code>java.util.Collection</code> + * classes. + * + * @author Patrick Peck + * @version $Id$ + */ +public class CollectionUtils { + + /** + * Convert a <code>List</code> of <code>Number</code> objects to an + * <code>int</code> array. + * + * @param nums The <code>List</code> containing the numbers whose integer + * value to put into the result. + * @return The <code>int</code> values of the <code>Number</code>s contained + * in <code>nums</code>. + */ + public static int[] toIntArray(List nums) { + int[] result = new int[nums.size()]; + Iterator iter; + int i; + + for (i = 0, iter = nums.iterator(); iter.hasNext(); i++) { + Number num = (Number) iter.next(); + result[i] = num.intValue(); + } + + return result; + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java new file mode 100644 index 000000000..5a5f4edac --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java @@ -0,0 +1,514 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.HashMap; + +/** + * Contains various constants used throughout the system. + * + * @author Patrick Peck + * @version $Id$ + */ +public interface Constants { + /** Root location of the schema files. */ + public static final String SCHEMA_ROOT = "/resources/schemas/"; + + /** URI of the Widerrufregister XML namespace. */ + public static final String WRR_NS_URI = + "http://reference.e-government.gv.at/namespace/moavv/20041223"; + + /** Prefix used for the Widerrufregister XML namespace */ + public static final String WRR_PREFIX = "wrr"; + + /** URI of the StandardTextBlock XML namespace. */ + public static final String STB_NS_URI = + "http://reference.e-government.gv.at/namespace/standardtextblock/20041105#"; + + /** Prefix used for the standard text block XML namespace */ + public static final String STB_PREFIX = "stb"; + + /** URI of the MOA XML namespace. */ + public static final String MOA_NS_URI = + "http://reference.e-government.gv.at/namespace/moa/20020822#"; + + /** Name of the mandates infobox */ + public static final String INFOBOXIDENTIFIER_MANDATES = "Mandates"; + + /** Prefix used for the Mandate XML namespace */ + public static final String MD_PREFIX = "md"; + + /** URI of the Mandate XML namespace. */ + public static final String MD_NS_URI = + "http://reference.e-government.gv.at/namespace/mandates/20040701#"; + + /** Prefix used for the Mandate XML namespace */ + public static final String MVV_PREFIX = "mvv"; + + /** URI of the Mandate XML namespace. */ + public static final String MVV_NS_URI = + "http://reference.e-government.gv.at/namespace/moavv/app2mvv/20041125"; + + /** Prefix used for the MandateCheckProfile XML namespace */ + public static final String MDP_PREFIX = "mdp"; + + /** URI of the Mandate XML namespace. */ + public static final String MDP_NS_URI = + "http://reference.e-government.gv.at/namespace/mandateprofile/20041105#"; + + /** Prefix used for the MOA XML namespace */ + public static final String MOA_PREFIX = "moa"; + + /** Local location of the MOA XML schema definition. */ + public static final String MOA_SCHEMA_LOCATION = + SCHEMA_ROOT + "MOA-SPSS-2.0.0.xsd"; + + /** URI of the MOA configuration XML namespace. */ + public static final String MOA_CONFIG_NS_URI = + "http://reference.e-government.gv.at/namespace/moaconfig/20021122#"; + + /** URI of the MOA ID configuration XML namespace. */ + public static final String MOA_ID_CONFIG_NS_URI = + "http://www.buergerkarte.at/namespaces/moaconfig#"; + + /** Prefix used for the MOA configuration XML namespace */ + public static final String MOA_CONFIG_PREFIX = "conf"; + + /** Prefix used for the MOA configuration XML namespace */ + public static final String MOA_ID_CONFIG_PREFIX = "confID"; + + /** Local location of the MOA configuration XML schema definition. */ + public static final String MOA_CONFIG_SCHEMA_LOCATION = + SCHEMA_ROOT + "MOA-SPSS-config-2.0.0.xsd"; + + /** Local location of the MOA ID configuration XML schema definition. */ + public static final String MOA_ID_CONFIG_SCHEMA_LOCATION = + SCHEMA_ROOT + "MOA-ID-Configuration-1.5.2.xsd"; + + /** URI of the Security Layer 1.0 namespace. */ + public static final String SL10_NS_URI = + "http://www.buergerkarte.at/namespaces/securitylayer/20020225#"; + + /** Prefix used for the Security Layer 1.0 XML namespace */ + public static final String SL10_PREFIX = "sl10"; + + /** Local location of the Security Layer 1.0 XML schema definition */ + public static final String SL10_SCHEMA_LOCATION = + SCHEMA_ROOT + "Core.20020225.xsd"; + + /** URI of the Security Layer 1.1 XML namespace */ + public static final String SL11_NS_URI = + "http://www.buergerkarte.at/namespaces/securitylayer/20020831#"; + + /** Prefix used for the Security Layer 1.1 XML namespace */ + public static final String SL11_PREFIX = "sl11"; + + /** Local location of the Security Layer 1.1 XML schema definition */ + public static final String SL11_SCHEMA_LOCATION = + SCHEMA_ROOT + "Core.20020831.xsd"; + + /** URI of the Security Layer 1.2 XML namespace */ + public static final String SL12_NS_URI = + "http://www.buergerkarte.at/namespaces/securitylayer/1.2#"; + + /** Prefix used for the Security Layer 1.2 XML namespace */ + public static final String SL12_PREFIX = "sl"; + + /** Local location of the Security Layer 1.2 XML schema definition */ + public static final String SL12_SCHEMA_LOCATION = + SCHEMA_ROOT + "Core-1.2.xsd"; + + /** URI of the ECDSA XML namespace */ + public static final String ECDSA_NS_URI = + "http://www.w3.org/2001/04/xmldsig-more#"; + + /** Prefix used for ECDSA namespace */ + public static final String ECDSA_PREFIX = "ecdsa"; + + /** Local location of ECDSA XML schema definition */ + public static final String ECDSA_SCHEMA_LOCATION = + SCHEMA_ROOT + "ECDSAKeyValue.xsd"; + + /** URI of the PersonData XML namespace. */ + public static final String PD_NS_URI = + "http://reference.e-government.gv.at/namespace/persondata/20020228#"; + + /** Prefix used for the PersonData XML namespace */ + public static final String PD_PREFIX = "pr"; + +// /** Local location of the PersonData XML schema definition */ +// public static final String PD_SCHEMA_LOCATION = +// SCHEMA_ROOT + "PersonData.xsd"; + + /** Local location of the PersonData XML schema definition */ + public static final String PD_SCHEMA_LOCATION = + SCHEMA_ROOT + "PersonData_20_en_moaWID.xsd"; + + /** URI of the SAML namespace. */ + public static final String SAML_NS_URI = + "urn:oasis:names:tc:SAML:1.0:assertion"; + + /** Prefix used for the SAML XML namespace */ + public static final String SAML_PREFIX = "saml"; + + /** Local location of the SAML XML schema definition. */ + public static final String SAML_SCHEMA_LOCATION = + SCHEMA_ROOT + "cs-sstc-schema-assertion-01.xsd"; + + /** URI of the SAML request-response protocol namespace. */ + public static final String SAMLP_NS_URI = + "urn:oasis:names:tc:SAML:1.0:protocol"; + + /** Prefix used for the SAML request-response protocol namespace */ + public static final String SAMLP_PREFIX = "samlp"; + + /** Local location of the SAML request-response protocol schema definition. */ + public static final String SAMLP_SCHEMA_LOCATION = + SCHEMA_ROOT + "cs-sstc-schema-protocol-01.xsd"; + + /** URI of the XML namespace. */ + public static final String XML_NS_URI = + "http://www.w3.org/XML/1998/namespace"; + + /** Prefix used for the XML namespace */ + public static final String XML_PREFIX = "xml"; + + /** Local location of the XML schema definition. */ + public static final String XML_SCHEMA_LOCATION = SCHEMA_ROOT + "xml.xsd"; + + /** URI of the XMLNS namespace */ + public static final String XMLNS_NS_URI = "http://www.w3.org/2000/xmlns/"; + + /** Prefix used for the XSI namespace */ + public static final String XSI_PREFIX = "xsi"; + + /** Local location of the XSI schema definition. */ + public static final String XSI_SCHEMA_LOCATION = + SCHEMA_ROOT + "XMLSchema-instance.xsd"; + + /** URI of the XSI XMLNS namespace */ + public static final String XSI_NS_URI = + "http://www.w3.org/2001/XMLSchema-instance"; + + /** URI of the XSLT XML namespace */ + public static final String XSLT_NS_URI = + "http://www.w3.org/1999/XSL/Transform"; + + /** Prefix used for the XSLT XML namespace */ + public static final String XSLT_PREFIX = "xsl"; + + /** URI of the XMLDSig XML namespace. */ + public static final String DSIG_NS_URI = "http://www.w3.org/2000/09/xmldsig#"; + + /** Prefix used for the XMLDSig XML namespace */ + public static final String DSIG_PREFIX = "dsig"; + + /** Local location of the XMLDSig XML schema. */ + public static final String DSIG_SCHEMA_LOCATION = + SCHEMA_ROOT + "xmldsig-core-schema.xsd"; + + /** URI of the XMLDSig XPath Filter XML namespace. */ + public static final String DSIG_FILTER2_NS_URI = + "http://www.w3.org/2002/06/xmldsig-filter2"; + + /** Prefix used for the XMLDSig XPath Filter XML namespace */ + public static final String DSIG_FILTER2_PREFIX = "dsig-filter2"; + + /** Local location of the XMLDSig XPath Filter XML schema definition. */ + public static final String DSIG_FILTER2_SCHEMA_LOCATION = + SCHEMA_ROOT + "xmldsig-filter2.xsd"; + + /** URI of the Exclusive Canonicalization XML namespace */ + public static final String DSIG_EC_NS_URI = + "http://www.w3.org/2001/10/xml-exc-c14n#"; + + /** Prefix used for the Exclusive Canonicalization XML namespace */ + public static final String DSIG_EC_PREFIX = "ec"; + + /** Local location of the Exclusive Canonicalizaion XML schema definition */ + public static final String DSIG_EC_SCHEMA_LOCATION = + SCHEMA_ROOT + "exclusive-canonicalization.xsd"; + + /** URI of the XMLLoginParameterResolver Configuration XML namespace */ + public static final String XMLLPR_NS_URI="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814"; + + /** Local location of the XMLLoginParameterResolver Configuration XML schema definition */ + public static final String XMLLPR_SCHEMA_LOCATION = + SCHEMA_ROOT + "MOAIdentities.xsd"; + + /** Local location of the XAdES v1.1.1 schema definition */ + public static final String XADES_1_1_1_SCHEMA_LOCATION = + SCHEMA_ROOT + "XAdES-1.1.1.xsd"; + + /** URI of the XAdES v1.1.1 namespace */ + public static final String XADES_1_1_1_NS_URI = "http://uri.etsi.org/01903/v1.1.1#"; + + public static final String XADES_1_1_1_NS_PREFIX = "xades111"; + + /** Local location of the XAdES v1.2.2 schema definition */ + public static final String XADES_1_2_2_SCHEMA_LOCATION = + SCHEMA_ROOT + "XAdES-1.2.2.xsd"; + + /** URI of the XAdES v1.2.2 namespace */ + public static final String XADES_1_2_2_NS_URI = "http://uri.etsi.org/01903/v1.2.2#"; + + public static final String XADES_1_2_2_NS_PREFIX = "xades122"; + + /** Local location of the XAdES v1.1.1 schema definition */ + public static final String XADES_1_3_2_SCHEMA_LOCATION = + SCHEMA_ROOT + "XAdES-1.3.2.xsd"; + + /** URI of the XAdES v1.3.2 namespace */ + public static final String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#"; + + public static final String XADES_1_3_2_NS_PREFIX = "xades132"; + + /** Local location of the XAdES v1.4.1 schema definition */ + public static final String XADES_1_4_1_SCHEMA_LOCATION = + SCHEMA_ROOT + "XAdES-1.4.1.xsd"; + + /** URI of the XAdES v1.4.1 namespace */ + public static final String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#"; + + public static final String XADES_1_4_1_NS_PREFIX = "xades141"; + /** URI of the SAML 2.0 namespace. */ + public static final String SAML2_NS_URI = + "urn:oasis:names:tc:SAML:2.0:assertion"; + + /** Prefix used for the SAML 2.0 XML namespace */ + public static final String SAML2_PREFIX = "saml2"; + + /** Local location of the SAML 2.0 XML schema definition. */ + public static final String SAML2_SCHEMA_LOCATION = + SCHEMA_ROOT + "saml-schema-assertion-2.0.xsd"; + + /** URI of the SAML 2.0 protocol namespace. */ + public static final String SAML2P_NS_URI = + "urn:oasis:names:tc:SAML:2.0:protocol"; + + /** Prefix used for the SAML 2.0 protocol XML namespace */ + public static final String SAML2P_PREFIX = "saml2p"; + + /** Local location of the SAML 2.0 protocol XML schema definition. */ + public static final String SAML2P_SCHEMA_LOCATION = + SCHEMA_ROOT + "saml-schema-protocol-2.0.xsd"; + + /** URI of the STORK namespace. */ + public static final String STORK_NS_URI = + "urn:eu:stork:names:tc:STORK:1.0:assertion"; + + /** Prefix used for the STORK XML namespace */ + public static final String STORK_PREFIX = "stork"; + + /** Local location of the STORK XML schema definition. */ + public static final String STORK_SCHEMA_LOCATION = + SCHEMA_ROOT + "stork-schema-assertion-1.0.xsd"; + + /** URI of the STORK protocol namespace. */ + public static final String STORKP_NS_URI = + "urn:eu:stork:names:tc:STORK:1.0:protocol"; + + /** Prefix used for the STORK protocol XML namespace */ + public static final String STORKP_PREFIX = "storkp"; + + /** Local location of the STORK protocol XML schema definition. */ + public static final String STORKP_SCHEMA_LOCATION = + SCHEMA_ROOT + "stork-schema-protocol-1.0.xsd"; + + /** URI of the TSL namespace. */ + public static final String TSL_NS_URI = + "http://uri.etsi.org/02231/v2#"; + + /** Prefix used for the TSL namespace */ + public static final String TSL_PREFIX = "tsl1"; + + /** Local location of the TSL schema definition. */ + public static final String TSL_SCHEMA_LOCATION = + SCHEMA_ROOT + "ts_119612v010201_xsd.xsd"; + + /** URI of the TSL SIE namespace. */ + public static final String TSL_SIE_NS_URI = + "http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#"; + + /** Prefix used for the TSL SIE namespace */ + public static final String TSL_SIE_PREFIX = "tslsie"; + + /** Local location of the TSL SIE schema definition. */ + public static final String TSL_SIE_SCHEMA_LOCATION = + SCHEMA_ROOT + "ts_119612v010201_sie_xsd.xsd"; + + /** URI of the TSL additional types namespace. */ + public static final String TSL_ADDTYPES_NS_URI = + "http://uri.etsi.org/02231/v2/additionaltypes#"; + + /** Prefix used for the TSL additional types namespace */ + public static final String TSL_ADDTYPES_PREFIX = "tsltype"; + + /** Local location of the TSL additional types schema definition. */ + public static final String TSL_ADDTYPES_SCHEMA_LOCATION = + SCHEMA_ROOT + "ts_ts_119612v010201_additionaltypes_xsd.xsd"; + + /** URI of the XML Encryption namespace. */ + public static final String XENC_NS_URI = + "http://www.w3.org/2001/04/xmlenc#"; + + /** Prefix used for the XML Encryption XML namespace */ + public static final String XENC_PREFIX = "xenc"; + + /** Local location of the XML Encryption XML schema definition. */ + public static final String XENC_SCHEMA_LOCATION = + SCHEMA_ROOT + "xenc-schema.xsd"; + + /** Prefix used for the XML Encryption XML namespace */ + public static final String SAML2_METADATA_PREFIX = "md"; + + /** Prefix used for the XML Encryption XML namespace */ + public static final String SAML2_METADATA_URI = "urn:oasis:names:tc:SAML:2.0:metadata"; + + /** Local location of the XML Encryption XML schema definition. */ + public static final String SAML2_METADATA_SCHEMA_LOCATION = + SCHEMA_ROOT + "saml-schema-metadata-2.0.xsd"; + + /** + * Contains all namespaces and local schema locations for XML schema + * definitions relevant for MOA. For use in validating XML parsers. + */ + public static final String ALL_SCHEMA_LOCATIONS = + (MOA_NS_URI + " " + MOA_SCHEMA_LOCATION + " ") + + (MOA_CONFIG_NS_URI + " " + MOA_CONFIG_SCHEMA_LOCATION + " ") + + (MOA_ID_CONFIG_NS_URI + " " + MOA_ID_CONFIG_SCHEMA_LOCATION + " ") + + (SL10_NS_URI + " " + SL10_SCHEMA_LOCATION + " ") + + (SL11_NS_URI + " " + SL11_SCHEMA_LOCATION + " ") + + (SL12_NS_URI + " " + SL12_SCHEMA_LOCATION + " ") + + (ECDSA_NS_URI + " " + ECDSA_SCHEMA_LOCATION + " ") + + (PD_NS_URI + " " + PD_SCHEMA_LOCATION + " ") + + (SAML_NS_URI + " " + SAML_SCHEMA_LOCATION + " ") + + (SAMLP_NS_URI + " " + SAMLP_SCHEMA_LOCATION + " ") + + (XML_NS_URI + " " + XML_SCHEMA_LOCATION + " ") + + (XSI_NS_URI + " " + XSI_SCHEMA_LOCATION + " ") + + (DSIG_NS_URI + " " + DSIG_SCHEMA_LOCATION + " ") + + (DSIG_FILTER2_NS_URI + " " + DSIG_FILTER2_SCHEMA_LOCATION + " ") + + (DSIG_EC_NS_URI + " " + DSIG_EC_SCHEMA_LOCATION + " ") + + (XMLLPR_NS_URI + " " + XMLLPR_SCHEMA_LOCATION + " ") + + (XADES_1_1_1_NS_URI + " " + XADES_1_1_1_SCHEMA_LOCATION + " ") + + (XADES_1_2_2_NS_URI + " " + XADES_1_2_2_SCHEMA_LOCATION + " ") + + (XADES_1_3_2_NS_URI + " " + XADES_1_3_2_SCHEMA_LOCATION + " ") + + (XADES_1_4_1_NS_URI + " " + XADES_1_4_1_SCHEMA_LOCATION + " ") + + (TSL_NS_URI + " " + TSL_SCHEMA_LOCATION + " ") + + (TSL_SIE_NS_URI + " " + TSL_SIE_SCHEMA_LOCATION + " ") + + (TSL_ADDTYPES_NS_URI + " " + TSL_ADDTYPES_SCHEMA_LOCATION + " ") + + (SAML2_NS_URI + " " + SAML2_SCHEMA_LOCATION + " ") + + (SAML2P_NS_URI + " " + SAML2P_SCHEMA_LOCATION + " ") + + (STORK_NS_URI + " " + STORK_SCHEMA_LOCATION + " ") + + (STORKP_NS_URI + " " + STORKP_SCHEMA_LOCATION + " ") + + (SAML2_METADATA_URI + " " + SAML2_METADATA_SCHEMA_LOCATION + " ") + + (XENC_NS_URI + " " + XENC_SCHEMA_LOCATION); + + /** URN prefix for bPK and wbPK. */ + public static final String URN_PREFIX = "urn:publicid:gv.at"; + + /** URN prefix for context dependent id. */ + public static final String URN_PREFIX_CDID = URN_PREFIX + ":cdid"; + + /** URN prefix for context dependent id (bPK). */ + public static final String URN_PREFIX_BPK = URN_PREFIX_CDID + "+bpk"; + + /** URN prefix for context dependent id (HPI). */ + public static final String URN_PREFIX_HPI = URN_PREFIX_CDID + "+EHSP"; + + /** URN prefix for context dependent id (wbPK). */ + public static final String URN_PREFIX_WBPK = URN_PREFIX + ":wbpk"; + + /** URN prefix for context dependent id (stork). */ + public static final String URN_PREFIX_STORK = URN_PREFIX + ":storkid"; + + //TODO: update to eIDAS prefix + /** URN prefix for context dependent id (eIDAS). */ + public static final String URN_PREFIX_EIDAS = URN_PREFIX + ":storkid"; + + /** URN prefix for context dependent id. */ + public static final String URN_PREFIX_BASEID = URN_PREFIX + ":baseid"; + + /** Security Layer manifest type URI. */ + public static final String SL_MANIFEST_TYPE_URI = + "http://www.buergerkarte.at/specifications/Security-Layer/20020225#SignatureManifest"; + + /** URI of the SHA1 digest algorithm */ + public static final String SHA1_URI = + "http://www.w3.org/2000/09/xmldsig#sha1"; + + /** URI of the SHA1 digest algorithm */ + public static final String SHA256_URI = + "http://www.w3.org/2000/09/xmldsig#sha256"; + + /** URI of the SHA1 digest algorithm */ + public static final String SHA384_URI = + "http://www.w3.org/2000/09/xmldsig#sha384"; + + /** URI of the SHA1 digest algorithm */ + public static final String SHA512_URI = + "http://www.w3.org/2000/09/xmldsig#sha512"; + + /** URI of the Canonical XML algorithm */ + public static final String C14N_URI = + "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; + + /** URI of the Canoncial XML with comments algorithm */ + public static final String C14N_WITH_COMMENTS_URI = + "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; + + /** URI of the Exclusive Canonical XML algorithm */ + public static final String EXC_C14N_URI = + "http://www.w3.org/2001/10/xml-exc-c14n#"; + + /** URI of the Exclusive Canonical XML with commments algorithm */ + public static final String EXC_C14N_WITH_COMMENTS_URI = + "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"; + + // + // Local names for elements of the MOA SPSS schema + // + + /** + * Local name of request for creating an XML signature. + */ + public static final String MOA_SPSS_CREATE_XML_REQUEST = "CreateXMLSignatureRequest"; + + /** + * Local name of request for creating a CMS signature. + */ + public static final String MOA_SPSS_CREATE_CMS_REQUEST = "CreateCMSSignatureRequest"; + + /** + * Local name of request for verifying an XML signature. + */ + public static final String MOA_SPSS_VERIFY_XML_REQUEST = "VerifiyXMLSignatureRequest"; + + /** + * A map used to map namespace prefixes to namespace URIs + */ + public static HashMap<String, String> nSMap = new HashMap<String, String>(5); + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java new file mode 100644 index 000000000..95cd63643 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java @@ -0,0 +1,1253 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Set; +import java.util.Vector; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Result; +import javax.xml.transform.Source; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.xerces.parsers.DOMParser; +import org.apache.xerces.parsers.SAXParser; +import org.apache.xerces.parsers.XMLGrammarPreparser; +import org.apache.xerces.util.SymbolTable; +import org.apache.xerces.util.XMLGrammarPoolImpl; +import org.apache.xerces.xni.grammars.XMLGrammarDescription; +import org.apache.xerces.xni.grammars.XMLGrammarPool; +import org.apache.xerces.xni.parser.XMLInputSource; +import org.w3c.dom.Attr; +import org.w3c.dom.Document; +import org.w3c.dom.DocumentFragment; +import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.xml.sax.EntityResolver; +import org.xml.sax.ErrorHandler; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * Various utility functions for handling XML DOM trees. + * + * The parsing methods in this class make use of some features internal to the + * Xerces DOM parser, mainly for performance reasons. As soon as JAXP + * (currently at version 1.2) is better at schema handling, it should be used as + * the parser interface. + * + * @author Patrick Peck + * @version $Id$ + */ +public class DOMUtils { + + /** Feature URI for namespace aware parsing. */ + private static final String NAMESPACES_FEATURE = + "http://xml.org/sax/features/namespaces"; + /** Feature URI for validating parsing. */ + private static final String VALIDATION_FEATURE = + "http://xml.org/sax/features/validation"; + /** Feature URI for schema validating parsing. */ + private static final String SCHEMA_VALIDATION_FEATURE = + "http://apache.org/xml/features/validation/schema"; + /** Feature URI for normalization of element/attribute values. */ + private static final String NORMALIZED_VALUE_FEATURE = + "http://apache.org/xml/features/validation/schema/normalized-value"; + /** Feature URI for parsing ignorable whitespace. */ + private static final String INCLUDE_IGNORABLE_WHITESPACE_FEATURE = + "http://apache.org/xml/features/dom/include-ignorable-whitespace"; + /** Feature URI for creating EntityReference nodes in the DOM tree. */ + private static final String CREATE_ENTITY_REF_NODES_FEATURE = + "http://apache.org/xml/features/dom/create-entity-ref-nodes"; + /** Property URI for providing external schema locations. */ + private static final String EXTERNAL_SCHEMA_LOCATION_PROPERTY = + "http://apache.org/xml/properties/schema/external-schemaLocation"; + /** Property URI for providing the external schema location for elements + * without a namespace. */ + private static final String EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY = + "http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation"; + + private static final String EXTERNAL_GENERAL_ENTITIES_FEATURE = + "http://xml.org/sax/features/external-general-entities"; + + private static final String EXTERNAL_PARAMETER_ENTITIES_FEATURE = + "http://xml.org/sax/features/external-parameter-entities"; + + public static final String DISALLOW_DOCTYPE_FEATURE = + "http://apache.org/xml/features/disallow-doctype-decl"; + + + + /** Property URI for the Xerces grammar pool. */ + private static final String GRAMMAR_POOL = + org.apache.xerces.impl.Constants.XERCES_PROPERTY_PREFIX + + org.apache.xerces.impl.Constants.XMLGRAMMAR_POOL_PROPERTY; + /** A prime number for initializing the symbol table. */ + private static final int BIG_PRIME = 2039; + /** Symbol table for the grammar pool. */ + private static SymbolTable symbolTable = new SymbolTable(BIG_PRIME); + /** Xerces schema grammar pool. */ + private static XMLGrammarPool grammarPool = new XMLGrammarPoolImpl(); + /** Set holding the NamespaceURIs of the grammarPool, to prevent multiple + * entries of same grammars to the pool */ + private static Set grammarNamespaces; + + static { + grammarPool.lockPool(); + grammarNamespaces = new HashSet(); + } + + /** + * Preparse a schema and add it to the schema pool. + * The method only adds the schema to the pool if a schema having the same + * <code>systemId</code> (namespace URI) is not already present in the pool. + * + * @param inputStream An <code>InputStream</code> providing the contents of + * the schema. + * @param systemId The systemId (namespace URI) to use for the schema. + * @throws IOException An error occurred reading the schema. + */ + public static void addSchemaToPool(InputStream inputStream, String systemId) + throws IOException { + XMLGrammarPreparser preparser; + + if (!grammarNamespaces.contains(systemId)) { + + grammarNamespaces.add(systemId); + + // unlock the pool so that we can add another grammar + grammarPool.unlockPool(); + + // prepare the preparser + preparser = new XMLGrammarPreparser(symbolTable); + preparser.registerPreparser(XMLGrammarDescription.XML_SCHEMA, null); + preparser.setProperty(GRAMMAR_POOL, grammarPool); + preparser.setFeature(NAMESPACES_FEATURE, true); + preparser.setFeature(VALIDATION_FEATURE, true); + + // add the grammar to the pool + preparser.preparseGrammar( + XMLGrammarDescription.XML_SCHEMA, + new XMLInputSource(null, systemId, null, inputStream, null)); + + // lock the pool again so that schemas are not added automatically + grammarPool.lockPool(); + } + } + + /** + * Parse an XML document from an <code>InputStream</code>. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @param entityResolver An <code>EntityResolver</code> to resolve external + * entities (schemas and DTDs). If <code>null</code>, it will not be set. + * @param errorHandler An <code>ErrorHandler</code> to decide what to do + * with parsing errors. If <code>null</code>, it will not be set. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + InputStream inputStream, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation, + EntityResolver entityResolver, + ErrorHandler errorHandler, + Map<String, Object> parserFeatures) + throws SAXException, IOException, ParserConfigurationException { + + DOMParser parser; + +// class MyEntityResolver implements EntityResolver { +// +// public InputSource resolveEntity(String publicId, String systemId) +// throws SAXException, IOException { +// return new InputSource(new ByteArrayInputStream(new byte[0])); +// } +// } + + + //if Debug is enabled make a copy of inputStream to enable debug output in case of SAXException + byte buffer [] = null; + ByteArrayInputStream baStream = null; + if(true == Logger.isDebugEnabled()) { + int len = inputStream.available(); + buffer = new byte[len]; + inputStream.read(buffer); + baStream = new ByteArrayInputStream(buffer); + } + + // create the DOM parser + if (symbolTable != null) { + parser = new DOMParser(symbolTable, grammarPool); + } else { + parser = new DOMParser(); + } + + // set parser features and properties + try { + parser.setFeature(NAMESPACES_FEATURE, true); + parser.setFeature(VALIDATION_FEATURE, validating); + parser.setFeature(SCHEMA_VALIDATION_FEATURE, validating); + parser.setFeature(NORMALIZED_VALUE_FEATURE, false); + parser.setFeature(INCLUDE_IGNORABLE_WHITESPACE_FEATURE, true); + parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false); + parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false); + parser.setFeature(EXTERNAL_PARAMETER_ENTITIES_FEATURE, false); + + //set external added parser features + if (parserFeatures != null) { + for (Entry<String, Object> el : parserFeatures.entrySet()) { + String key = el.getKey(); + if (MiscUtil.isNotEmpty(key)) { + Object value = el.getValue(); + if (value != null && value instanceof Boolean) + parser.setFeature(key, (boolean)value); + + else + Logger.warn("This XML parser only allows features with 'boolean' values"); + + } else + Logger.warn("Can not set 'null' feature to XML parser"); + } + } + + //fix XXE problem + //parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + + + if (validating) { + if (externalSchemaLocations != null) { + parser.setProperty( + EXTERNAL_SCHEMA_LOCATION_PROPERTY, + externalSchemaLocations); + } + if (externalNoNamespaceSchemaLocation != null) { + parser.setProperty( + EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, + externalNoNamespaceSchemaLocation); + } + } + + // set entity resolver and error handler + if (entityResolver != null) { + parser.setEntityResolver(entityResolver); + } + if (errorHandler != null) { + parser.setErrorHandler(errorHandler); + } + + // parse the document and return it + // if debug is enabled: use copy of strem (baStream) else use orig stream + if(null != baStream) + parser.parse(new InputSource(baStream)); + else + parser.parse(new InputSource(inputStream)); + } catch(SAXException e) { + if(true == Logger.isDebugEnabled() && null != buffer) { + String xmlContent = new String(buffer); + Logger.debug("SAXException in:\n" + xmlContent); + } + throw(e); + } + + return parser.getDocument(); + } + + /** + * Parse an XML document from an <code>InputStream</code>. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @param entityResolver An <code>EntityResolver</code> to resolve external + * entities (schemas and DTDs). If <code>null</code>, it will not be set. + * @param errorHandler An <code>ErrorHandler</code> to decide what to do + * with parsing errors. If <code>null</code>, it will not be set. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocumentSimple(InputStream inputStream) + throws SAXException, IOException, ParserConfigurationException { + + DOMParser parser; + + parser = new DOMParser(); + // set parser features and properties + parser.setFeature(NAMESPACES_FEATURE, true); + parser.setFeature(VALIDATION_FEATURE, false); + parser.setFeature(SCHEMA_VALIDATION_FEATURE, false); + parser.setFeature(NORMALIZED_VALUE_FEATURE, false); + parser.setFeature(INCLUDE_IGNORABLE_WHITESPACE_FEATURE, true); + parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false); + + parser.parse(new InputSource(inputStream)); + + return parser.getDocument(); + } + + + /** + * Parse an XML document from an <code>InputStream</code>. + * + * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> + * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @param parserFeatures + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + InputStream inputStream, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation, Map<String, Object> parserFeatures) + throws SAXException, IOException, ParserConfigurationException { + + + + return parseDocument( + inputStream, + validating, + externalSchemaLocations, + externalNoNamespaceSchemaLocation, + new MOAEntityResolver(), + new MOAErrorHandler(), + parserFeatures); + } + + /** + * Parse an XML document from a <code>String</code>. + * + * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> + * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. + * + * @param xmlString The <code>String</code> containing the XML document. + * @param encoding The encoding of the XML document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + String xmlString, + String encoding, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation, + Map<String, Object> parserFeatures) + throws SAXException, IOException, ParserConfigurationException { + + InputStream in = new ByteArrayInputStream(xmlString.getBytes(encoding)); + return parseDocument( + in, + validating, + externalSchemaLocations, + externalNoNamespaceSchemaLocation, + parserFeatures); + } + + + /** + * Parse an XML document from a <code>String</code>. + * + * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code> + * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>. + * + * @param xmlString The <code>String</code> containing the XML document. + * @param encoding The encoding of the XML document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + String xmlString, + String encoding, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation) + throws SAXException, IOException, ParserConfigurationException { + + InputStream in = new ByteArrayInputStream(xmlString.getBytes(encoding)); + return parseDocument( + in, + validating, + externalSchemaLocations, + externalNoNamespaceSchemaLocation, + null); + } + + /** + * Parse an UTF-8 encoded XML document from a <code>String</code>. + * + * @param xmlString The <code>String</code> containing the XML document. + * @param validating If <code>true</code>, parse validating. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return The parsed XML document as a DOM tree. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Document parseDocument( + String xmlString, + boolean validating, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation) + throws SAXException, IOException, ParserConfigurationException { + + return parseDocument( + xmlString, + "UTF-8", + validating, + externalSchemaLocations, + externalNoNamespaceSchemaLocation); + } + + /** + * A convenience method to parse an XML document validating. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @return The root element of the parsed XML document. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Element parseXmlValidating(InputStream inputStream) + throws ParserConfigurationException, SAXException, IOException { + return DOMUtils + .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null, null) + .getDocumentElement(); + } + + /** + * A convenience method to parse an XML document validating. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @param parserFeatures Set additional features to XML parser + * @return The root element of the parsed XML document. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Element parseXmlValidating(InputStream inputStream, Map<String, Object> parserFeatures) + throws ParserConfigurationException, SAXException, IOException { + return DOMUtils + .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null, parserFeatures) + .getDocumentElement(); + } + + /** + * A convenience method to parse an XML document non validating. + * + * @param inputStream The <code>InputStream</code> containing the XML + * document. + * @return The root element of the parsed XML document. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document. + * @throws ParserConfigurationException An error occurred configuring the XML + * parser. + */ + public static Element parseXmlNonValidating(InputStream inputStream) + throws ParserConfigurationException, SAXException, IOException { + return DOMUtils + .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null, null) + .getDocumentElement(); + } + + /** + * Schema validate a given DOM element. + * + * @param element The element to validate. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return <code>true</code>, if the <code>element</code> validates against + * the schemas declared in it. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document from its + * serialized representation. + * @throws ParserConfigurationException An error occurred configuring the XML + * @throws TransformerException An error occurred serializing the element. + */ + public static boolean validateElement( + Element element, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation) + throws + ParserConfigurationException, + IOException, + SAXException, + TransformerException { + + byte[] docBytes; + SAXParser parser; + + // create the SAX parser + if (symbolTable != null) { + parser = new SAXParser(symbolTable, grammarPool); + } else { + parser = new SAXParser(); + } + + // serialize the document + docBytes = serializeNode(element, "UTF-8"); + + // set up parser features and attributes + parser.setFeature(NAMESPACES_FEATURE, true); + parser.setFeature(VALIDATION_FEATURE, true); + parser.setFeature(SCHEMA_VALIDATION_FEATURE, true); + parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false); + parser.setFeature(DISALLOW_DOCTYPE_FEATURE, true); + + + if (externalSchemaLocations != null) { + parser.setProperty( + EXTERNAL_SCHEMA_LOCATION_PROPERTY, + externalSchemaLocations); + } + if (externalNoNamespaceSchemaLocation != null) { + parser.setProperty( + EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, + "externalNoNamespaceSchemaLocation"); + } + + // set up entity resolver and error handler + parser.setEntityResolver(new MOAEntityResolver()); + parser.setErrorHandler(new MOAErrorHandler()); + + // parse validating + parser.parse(new InputSource(new ByteArrayInputStream(docBytes))); + return true; + } + + + /** + * Schema validate a given DOM element. + * + * @param element The element to validate. + * @param externalSchemaLocations A <code>String</code> containing namespace + * URI to schema location pairs, the same way it is accepted by the <code>xsi: + * schemaLocation</code> attribute. + * @param externalNoNamespaceSchemaLocation The schema location of the + * schema for elements without a namespace, the same way it is accepted by the + * <code>xsi:noNamespaceSchemaLocation</code> attribute. + * @return <code>true</code>, if the <code>element</code> validates against + * the schemas declared in it. + * @throws SAXException An error occurred parsing the document. + * @throws IOException An error occurred reading the document from its + * serialized representation. + * @throws ParserConfigurationException An error occurred configuring the XML + * @throws TransformerException An error occurred serializing the element. + */ + public static boolean validateElement( + Element element, + String externalSchemaLocations, + String externalNoNamespaceSchemaLocation, + EntityResolver entityResolver) + throws + ParserConfigurationException, + IOException, + SAXException, + TransformerException { + + byte[] docBytes; + SAXParser parser; + + // create the SAX parser + if (symbolTable != null) { + parser = new SAXParser(symbolTable, grammarPool); + } else { + parser = new SAXParser(); + } + + // serialize the document + docBytes = serializeNode(element, "UTF-8"); + + // set up parser features and attributes + parser.setFeature(NAMESPACES_FEATURE, true); + parser.setFeature(VALIDATION_FEATURE, true); + parser.setFeature(SCHEMA_VALIDATION_FEATURE, true); + + if (externalSchemaLocations != null) { + parser.setProperty( + EXTERNAL_SCHEMA_LOCATION_PROPERTY, + externalSchemaLocations); + } + if (externalNoNamespaceSchemaLocation != null) { + parser.setProperty( + EXTERNAL_NO_NAMESPACE_SCHEMA_LOCATION_PROPERTY, + "externalNoNamespaceSchemaLocation"); + } + + // set up entity resolver and error handler + parser.setEntityResolver(entityResolver); + parser.setErrorHandler(new MOAErrorHandler()); + + // parse validating + parser.parse(new InputSource(new ByteArrayInputStream(docBytes))); + return true; + } + + /** + * Serialize the given DOM node. + * + * The node will be serialized using the UTF-8 encoding. + * + * @param node The node to serialize. + * @return String The <code>String</code> representation of the given DOM + * node. + * @throws TransformerException An error occurred transforming the + * node to a <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static String serializeNode(Node node) + throws TransformerException, IOException { + return new String(serializeNode(node, "UTF-8", false), "UTF-8"); + } + + + /** + * Serialize the given DOM node. + * + * The node will be serialized using the UTF-8 encoding. + * + * @param node The node to serialize. + * @param omitXmlDeclaration The boolean value for omitting the XML Declaration. + * @return String The <code>String</code> representation of the given DOM + * node. + * @throws TransformerException An error occurred transforming the + * node to a <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static String serializeNode(Node node, boolean omitXmlDeclaration) + throws TransformerException, IOException { + return new String(serializeNode(node, "UTF-8", omitXmlDeclaration), "UTF-8"); + } + + /** + * Serialize the given DOM node. + * + * The node will be serialized using the UTF-8 encoding. + * + * @param node The node to serialize. + * @param omitXmlDeclaration The boolean value for omitting the XML Declaration. + * @param lineSeperator Sets the line seperator String of the parser + * @return String The <code>String</code> representation of the given DOM + * node. + * @throws TransformerException An error occurred transforming the + * node to a <code>String</code>. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static String serializeNode(Node node, boolean omitXmlDeclaration, String lineSeperator) + throws TransformerException, IOException { + return new String(serializeNode(node, "UTF-8", omitXmlDeclaration, lineSeperator), "UTF-8"); + } + + /** + * Serialize the given DOM node to a byte array. + * + * @param node The node to serialize. + * @param xmlEncoding The XML encoding to use. + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static byte[] serializeNode(Node node, String xmlEncoding) + throws TransformerException, IOException { + return serializeNode(node, xmlEncoding, false); + } + + /** + * Serialize the given DOM node to a byte array. + * + * @param node The node to serialize. + * @param xmlEncoding The XML encoding to use. + * @param omitDeclaration The boolean value for omitting the XML Declaration. + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static byte[] serializeNode(Node node, String xmlEncoding, boolean omitDeclaration) + throws TransformerException, IOException { + return serializeNode(node, xmlEncoding, omitDeclaration, null); + } + + + /** + * Serialize the given DOM node to a byte array. + * + * @param node The node to serialize. + * @param xmlEncoding The XML encoding to use. + * @param omitDeclaration The boolean value for omitting the XML Declaration. + * @param lineSeperator Sets the line seperator String of the parser + * @return The serialized node, as a byte array. Using a compatible encoding + * this can easily be converted into a <code>String</code>. + * @throws TransformerException An error occurred transforming the node to a + * byte array. + * @throws IOException An IO error occurred writing the node to a byte array. + */ + public static byte[] serializeNode(Node node, String xmlEncoding, boolean omitDeclaration, String lineSeperator) + throws TransformerException, IOException { + + TransformerFactory transformerFactory = TransformerFactory.newInstance(); + Transformer transformer = transformerFactory.newTransformer(); + ByteArrayOutputStream bos = new ByteArrayOutputStream(16384); + + transformer.setOutputProperty(OutputKeys.METHOD, "xml"); + transformer.setOutputProperty(OutputKeys.ENCODING, xmlEncoding); + String omit = omitDeclaration ? "yes" : "no"; + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, omit); + if (null!=lineSeperator) { + transformer.setOutputProperty("{http://xml.apache.org/xalan}line-separator", lineSeperator);//does not work for xalan <= 2.5.1 + } + transformer.transform(new DOMSource(node), new StreamResult(bos)); + + bos.flush(); + bos.close(); + + return bos.toByteArray(); + } + + /** + * Return the text that a node contains. + * + * This routine: + * <ul> + * <li>Ignores comments and processing instructions.</li> + * <li>Concatenates TEXT nodes, CDATA nodes, and the results recursively + * processing EntityRef nodes.</li> + * <li>Ignores any element nodes in the sublist. (Other possible options are + * to recurse into element sublists or throw an exception.)</li> + * </ul> + * + * @param node A DOM node from which to extract text. + * @return A String representing its contents. + */ + public static String getText(Node node) { + if (!node.hasChildNodes()) { + return ""; + } + + StringBuffer result = new StringBuffer(); + NodeList list = node.getChildNodes(); + + for (int i = 0; i < list.getLength(); i++) { + Node subnode = list.item(i); + if (subnode.getNodeType() == Node.TEXT_NODE) { + result.append(subnode.getNodeValue()); + } else if (subnode.getNodeType() == Node.CDATA_SECTION_NODE) { + result.append(subnode.getNodeValue()); + } else if (subnode.getNodeType() == Node.ENTITY_REFERENCE_NODE) { + // Recurse into the subtree for text + // (and ignore comments) + result.append(getText(subnode)); + } + } + return result.toString(); + } + + /** + * Build the namespace prefix to namespace URL mapping in effect for a given + * node. + * + * @param node The context node for which build the map. + * @return The namespace prefix to namespace URL mapping ( + * a <code>String</code> value to <code>String</code> value mapping). + */ + public static Map getNamespaceDeclarations(Node node) { + Map nsDecls = new HashMap(); + int i; + + do { + if (node.hasAttributes()) { + NamedNodeMap attrs = node.getAttributes(); + + for (i = 0; i < attrs.getLength(); i++) { + Attr attr = (Attr) attrs.item(i); + + // add prefix mapping if none exists + if ("xmlns".equals(attr.getPrefix()) + || "xmlns".equals(attr.getName())) { + + String nsPrefix = + attr.getPrefix() != null ? attr.getLocalName() : ""; + + if (nsDecls.get(nsPrefix) == null) { + nsDecls.put(nsPrefix, attr.getValue()); + } + } + } + } + } while ((node = node.getParentNode()) != null); + + return nsDecls; + } + + /** + * Add all namespace declarations declared in the parent(s) of a given + * element and used in the subtree of the given element to the given element. + * + * @param context The element to which to add the namespaces. + */ + public static void localizeNamespaceDeclarations(Element context) { + Node parent = context.getParentNode(); + + if (parent != null) { + Map namespaces = getNamespaceDeclarations(context.getParentNode()); + Set nsUris = collectNamespaceURIs(context); + Iterator iter; + + for (iter = namespaces.entrySet().iterator(); iter.hasNext();) { + Map.Entry e = (Map.Entry) iter.next(); + + if (nsUris.contains(e.getValue())) { + String prefix = (String) e.getKey(); + String nsUri = (String) e.getValue(); + String nsAttrName = "".equals(prefix) ? "xmlns" : "xmlns:" + prefix; + + context.setAttributeNS(Constants.XMLNS_NS_URI, nsAttrName, nsUri); + } + } + } + } + + /** + * Collect all the namespace URIs used in the subtree of a given element. + * + * @param context The element that should be searched for namespace URIs. + * @return All namespace URIs used in the subtree of <code>context</code>, + * including the ones used in <code>context</code> itself. + */ + public static Set collectNamespaceURIs(Element context) { + Set result = new HashSet(); + + collectNamespaceURIsImpl(context, result); + return result; + } + + /** + * A recursive method to do the work of <code>collectNamespaceURIs</code>. + * + * @param context The context element to evaluate. + * @param result The result, passed as a parameter to avoid unnecessary + * instantiations of <code>Set</code>. + */ + private static void collectNamespaceURIsImpl(Element context, Set result) { + NamedNodeMap attrs = context.getAttributes(); + NodeList childNodes = context.getChildNodes(); + String nsUri; + int i; + + // add the namespace of the context element + nsUri = context.getNamespaceURI(); + if (nsUri != null && nsUri != Constants.XMLNS_NS_URI) { + result.add(nsUri); + } + + // add all namespace URIs from attributes + for (i = 0; i < attrs.getLength(); i++) { + nsUri = attrs.item(i).getNamespaceURI(); + if (nsUri != null && nsUri != Constants.XMLNS_NS_URI) { + result.add(nsUri); + } + } + + // add all namespaces from subelements + for (i = 0; i < childNodes.getLength(); i++) { + Node node = childNodes.item(i); + + if (node.getNodeType() == Node.ELEMENT_NODE) { + collectNamespaceURIsImpl((Element) node, result); + } + } + } + + /** + * Check, that each attribute node in the given <code>NodeList</code> has its + * parent in the <code>NodeList</code> as well. + * + * @param nodes The <code>NodeList</code> to check. + * @return <code>true</code>, if each attribute node in <code>nodes</code> + * has its parent in <code>nodes</code> as well. + */ + public static boolean checkAttributeParentsInNodeList(NodeList nodes) { + Set nodeSet = new HashSet(); + int i; + + // put the nodes into the nodeSet + for (i = 0; i < nodes.getLength(); i++) { + nodeSet.add(nodes.item(i)); + } + + // check that each attribute node's parent is in the node list + for (i = 0; i < nodes.getLength(); i++) { + Node n = nodes.item(i); + + if (n.getNodeType() == Node.ATTRIBUTE_NODE) { + Attr attr = (Attr) n; + Element owner = attr.getOwnerElement(); + + if (owner == null) { + if (!isNamespaceDeclaration(attr)) { + return false; + } + } + + if (!nodeSet.contains(owner) && !isNamespaceDeclaration(attr)) { + return false; + } + } + } + + return true; + } + + /** + * Convert an unstructured <code>NodeList</code> into a + * <code>DocumentFragment</code>. + * + * @param nodeList Contains the node list to be converted into a DOM + * DocumentFragment. + * @return the resulting DocumentFragment. The DocumentFragment will be + * backed by a new DOM Document, i.e. all noded of the node list will be + * cloned. + * @throws ParserConfigurationException An error occurred creating the + * DocumentFragment. + * @precondition The nodes in the node list appear in document order + * @precondition for each Attr node in the node list, the owning Element is + * in the node list as well. + * @precondition each Element or Attr node in the node list is namespace + * aware. + */ + public static DocumentFragment nodeList2DocumentFragment(NodeList nodeList) + throws ParserConfigurationException { + + DocumentBuilder builder = + DocumentBuilderFactory.newInstance().newDocumentBuilder(); + Document doc = builder.newDocument(); + DocumentFragment result = doc.createDocumentFragment(); + + if (null == nodeList || nodeList.getLength() == 0) { + return result; + } + + int currPos = 0; + currPos = + nodeList2DocumentFragment(nodeList, currPos, result, null, null) + 1; + + while (currPos < nodeList.getLength()) { + currPos = + nodeList2DocumentFragment(nodeList, currPos, result, null, null) + 1; + } + return result; + } + + /** + * Helper method for the <code>nodeList2DocumentFragment</code>. + * + * @param nodeList The <code>NodeList</code> to convert. + * @param currPos The current position in the <code>nodeList</code>. + * @param result The resulting <code>DocumentFragment</code>. + * @param currOrgElem The current original element. + * @param currClonedElem The current cloned element. + * @return The current position. + */ + private static int nodeList2DocumentFragment( + NodeList nodeList, + int currPos, + DocumentFragment result, + Element currOrgElem, + Element currClonedElem) { + + while (currPos < nodeList.getLength()) { + Node currentNode = nodeList.item(currPos); + switch (currentNode.getNodeType()) { + case Node.COMMENT_NODE : + case Node.PROCESSING_INSTRUCTION_NODE : + case Node.TEXT_NODE : + { + // Append current node either to resulting DocumentFragment or to + // current cloned Element + if (null == currClonedElem) { + result.appendChild( + result.getOwnerDocument().importNode(currentNode, false)); + } else { + // Stop processing if current Node is not a descendant of + // current Element + if (!isAncestor(currOrgElem, currentNode)) { + return --currPos; + } + + currClonedElem.appendChild( + result.getOwnerDocument().importNode(currentNode, false)); + } + break; + } + + case Node.ELEMENT_NODE : + { + Element nextCurrOrgElem = (Element) currentNode; + Element nextCurrClonedElem = + result.getOwnerDocument().createElementNS( + nextCurrOrgElem.getNamespaceURI(), + nextCurrOrgElem.getNodeName()); + + // Append current Node either to resulting DocumentFragment or to + // current cloned Element + if (null == currClonedElem) { + result.appendChild(nextCurrClonedElem); + currOrgElem = nextCurrOrgElem; + currClonedElem = nextCurrClonedElem; + } else { + // Stop processing if current Node is not a descendant of + // current Element + if (!isAncestor(currOrgElem, currentNode)) { + return --currPos; + } + + currClonedElem.appendChild(nextCurrClonedElem); + } + + // Process current Node (of type Element) recursively + currPos = + nodeList2DocumentFragment( + nodeList, + ++currPos, + result, + nextCurrOrgElem, + nextCurrClonedElem); + + break; + } + + case Node.ATTRIBUTE_NODE : + { + Attr currAttr = (Attr) currentNode; + + // GK 20030411: Hack to overcome problems with IAIK IXSIL + if (currAttr.getOwnerElement() == null) + break; + if (currClonedElem == null) + break; + + // currClonedElem must be the owner Element of currAttr if + // preconditions are met + currClonedElem.setAttributeNS( + currAttr.getNamespaceURI(), + currAttr.getNodeName(), + currAttr.getValue()); + break; + } + + default : + { + // All other nodes will be ignored + } + } + + currPos++; + } + + return currPos; + } + + /** + * Check, if the given attribute is a namespace declaration. + * + * @param attr The attribute to check. + * @return <code>true</code>, if the attribute is a namespace declaration, + * <code>false</code> otherwise. + */ + private static boolean isNamespaceDeclaration(Attr attr) { + return Constants.XMLNS_NS_URI.equals(attr.getNamespaceURI()); + } + + /** + * Check, if a given DOM element is an ancestor of a given node. + * + * @param candAnc The DOM element to check for being the ancestor. + * @param cand The node to check for being the child. + * @return <code>true</code>, if <code>candAnc</code> is an (indirect) + * ancestor of <code>cand</code>; <code>false</code> otherwise. + */ + public static boolean isAncestor(Element candAnc, Node cand) { + Node currPar = cand.getParentNode(); + + while (currPar != null) { + if (candAnc == currPar) + return true; + currPar = currPar.getParentNode(); + } + return false; + } + + /** + * Selects the (first) element from a node list and returns it. + * + * @param nl The NodeList to get the element from. + * @return The (first) element included in the node list or <code>null</code> + * if the node list is <code>null</code> or empty or no element is + * included in the list. + */ + public static Element getElementFromNodeList (NodeList nl) { + if ((nl == null) || (nl.getLength() == 0)) { + return null; + } + for (int i=0; i<nl.getLength(); i++) { + Node node = nl.item(i); + if (node.getNodeType() == Node.ELEMENT_NODE) { + return (Element)node; + } + } + return null; + } + + /** + * Returns all child elements of the given element. + * + * @param parent The element to get the child elements from. + * + * @return A list including all child elements of the given element. + * Maybe empty if the parent element has no child elements. + */ + public static List getChildElements (Element parent) { + Vector v = new Vector(); + NodeList nl = parent.getChildNodes(); + int length = nl.getLength(); + for (int i=0; i < length; i++) { + Node node = nl.item(i); + if (node.getNodeType() == Node.ELEMENT_NODE) { + v.add((Element)node); + } + } + return v; + } + + /** + * Returns a byte array from given node. + * @param node + * @return + * @throws TransformerException + */ + public static byte[] nodeToByteArray(Node node) throws TransformerException { + Source source = new DOMSource(node); + ByteArrayOutputStream out = new ByteArrayOutputStream(); + //StringWriter stringWriter = new StringWriter(); + Result result = new StreamResult(out); + TransformerFactory factory = TransformerFactory.newInstance(); + Transformer transformer = factory.newTransformer(); + transformer.transform(source, result); + return out.toByteArray(); + } + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java new file mode 100644 index 000000000..a2e0965d4 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DateTimeUtils.java @@ -0,0 +1,515 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.StringWriter; +import java.text.DateFormat; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.TimeZone; + +import org.joda.time.DateTime; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + +/** + * Utility for parsing and building XML type <code>dateTime</code>, + * according to ISO 8601. + * + * @author Patrick Peck + * @version $Id$ + * @see <code>http://www.w3.org/2001/XMLSchema-datatypes"</code> + */ +public class DateTimeUtils { + /** Error messages. */ + private static MessageProvider msg = MessageProvider.getInstance(); + +// /** +// * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. +// * @param cal the <code>Calendar</code> value +// * @return the <code>dateTime</code> value +// */ +// public static String buildDateTime(Calendar cal, boolean useUTC) { +// +// if (useUTC) +// return buildDateTimeUTC(cal); +// else { +// StringWriter out = new StringWriter(); +// out.write("" + cal.get(Calendar.YEAR)); +// out.write("-"); +// out.write(to2DigitString(cal.get(Calendar.MONTH) + 1)); +// out.write("-"); +// out.write(to2DigitString(cal.get(Calendar.DAY_OF_MONTH))); +// out.write("T"); +// out.write(to2DigitString(cal.get(Calendar.HOUR_OF_DAY))); +// out.write(":"); +// out.write(to2DigitString(cal.get(Calendar.MINUTE))); +// out.write(":"); +// out.write(to2DigitString(cal.get(Calendar.SECOND))); +// int tzOffsetMilliseconds = +// cal.get(Calendar.ZONE_OFFSET) + cal.get(Calendar.DST_OFFSET); +// if (tzOffsetMilliseconds != 0) { +// int tzOffsetMinutes = tzOffsetMilliseconds / (1000 * 60); +// int tzOffsetHours = tzOffsetMinutes / 60; +// tzOffsetMinutes -= tzOffsetHours * 60; +// if (tzOffsetMilliseconds > 0) { +// out.write("+"); +// out.write(to2DigitString(tzOffsetHours)); +// out.write(":"); +// out.write(to2DigitString(tzOffsetMinutes)); +// } else { +// out.write("-"); +// out.write(to2DigitString(-tzOffsetHours)); +// out.write(":"); +// out.write(to2DigitString(-tzOffsetMinutes)); +// } +// } +// return out.toString(); +// } +// } + + /** + * Builds a <code>dateTime</code> value in UTC from a <code>Calendar</code> value. + * @param cal the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildDateTimeUTC(Calendar cal) { + + SimpleDateFormat f = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); + f.setTimeZone(TimeZone.getTimeZone("UTC")); + + return f.format(cal.getTime()); + } + + /** + * Builds a <code>dateTime</code> value in UTC from a <code>Calendar</code> value. + * @param cal the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildDateTimeUTC(Date cal) { + + SimpleDateFormat f = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); + f.setTimeZone(TimeZone.getTimeZone("UTC")); + + return f.format(cal); + + } + + /** + * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. + * @param cal the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildDate(Calendar cal) { + StringWriter out = new StringWriter(); + out.write("" + cal.get(Calendar.YEAR)); + out.write("-"); + out.write(to2DigitString(cal.get(Calendar.MONTH) + 1)); + out.write("-"); + out.write(to2DigitString(cal.get(Calendar.DAY_OF_MONTH))); + return out.toString(); + } + + /** + * Builds a <code>dateTime</code> value from a <code>Calendar</code> value. + * @param cal the <code>Calendar</code> value + * @return the <code>dateTime</code> value + */ + public static String buildTime(Calendar cal) { + StringWriter out = new StringWriter(); + out.write(to2DigitString(cal.get(Calendar.HOUR_OF_DAY))); + out.write(":"); + out.write(to2DigitString(cal.get(Calendar.MINUTE))); + out.write(":"); + out.write(to2DigitString(cal.get(Calendar.SECOND))); + + return out.toString(); + } + + /** + * Converts month, day, hour, minute, or second value + * to a 2 digit String. + * @param number the month, day, hour, minute, or second value + * @return 2 digit String + */ + private static String to2DigitString(int number) { + if (number < 10) + return "0" + number; + else + return "" + number; + } + + /** + * Parse a <code>String</code> containing a date and time instant, given in + * ISO 8601 format. + * + * @param dateTime The <code>String</code> to parse. + * @return The <code>Date</code> representation of the contents of + * <code>dateTime</code>. + * @throws ParseException Parsing the <code>dateTime</code> failed. + */ + public static Date parseDateTime(String dateTime) throws ParseException { + GregorianCalendar calendar; + long time; + int yearSign = 1, year, month, day; + int hour, minute, second; + double fraction = 0.0; + int tzSign = 1, tzHour = 0, tzMinute = 0; + int curPos = 0; + String fractStr; + boolean localTime = false; + char c; + + // parse year sign + ensureChars(dateTime, curPos, 1); + c = dateTime.charAt(curPos); + if (c == '+' || c == '-') { + yearSign = c == '+' ? 1 : -1; + curPos++; + } + + // parse year + year = parseInt(dateTime, curPos, 4); + curPos += 4; + + // parse '-' + ensureChar(dateTime, curPos, '-'); + curPos++; + + // parse month + month = parseInt(dateTime, curPos, 2); + ensureValue(month, 1, 12, curPos); + curPos += 2; + + // parse '-' + ensureChar(dateTime, curPos, '-'); + curPos++; + + // parse day + day = parseInt(dateTime, curPos, 2); + ensureValue(day, 1, 31, curPos); + curPos += 2; + + // parse 'T' + ensureChar(dateTime, curPos, 'T'); + curPos++; + + // parse hour + hour = parseInt(dateTime, curPos, 2); + ensureValue(hour, 0, 23, curPos); + curPos += 2; + + // parse ':' + ensureChar(dateTime, curPos, ':'); + curPos++; + + // parse minute + minute = parseInt(dateTime, curPos, 2); + ensureValue(minute, 0, 59, curPos); + curPos += 2; + + // parse ':' + ensureChar(dateTime, curPos, ':'); + curPos++; + + // parse second + second = parseInt(dateTime, curPos, 2); + ensureValue(second, 0, 59, curPos); + curPos += 2; + + // parse a fraction + if (dateTime.length() > curPos && dateTime.charAt(curPos) == '.') { + curPos++; + ensureDigits(dateTime, curPos, 1); + fractStr = "0."; + fractStr + += dateTime.substring(curPos, curPos + countDigits(dateTime, curPos)); + fraction = Double.parseDouble(fractStr); + curPos += countDigits(dateTime, curPos); + } + + // parse a time zone + if (dateTime.length() > curPos) { + c = dateTime.charAt(curPos); + if (c == 'Z') { + curPos++; + } else if (c == '+' || c == '-') { + // parse time zone sign + tzSign = c == '+' ? 1 : -1; + curPos++; + + // parse time zone hour + tzHour = parseInt(dateTime, curPos, 2); + ensureValue(tzHour, 0, 14, curPos); + curPos += 2; + + // parse ':' + ensureChar(dateTime, curPos, ':'); + curPos++; + + // parse time zone minute + tzMinute = parseInt(dateTime, curPos, 2); + ensureValue(tzMinute, 0, 59, curPos); + curPos += 2; + } + } else { + localTime = true; + } + + // if we have characters left, it's an error + if (dateTime.length() != curPos) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + + // build the Date object + year = year * yearSign; + try { + calendar = new GregorianCalendar(TimeZone.getTimeZone("GMT")); + calendar.set(year, month - 1, day, hour, minute, second); + calendar.set(Calendar.MILLISECOND, 0); + time = calendar.getTime().getTime(); + time += (long) (fraction * 1000.0); + time -= tzSign * ((tzHour * 60) + tzMinute) * 60 * 1000; + if (localTime) { + time -= TimeZone.getDefault().getRawOffset(); + } + return new Date(time); + } catch (IllegalArgumentException e) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + + } + + /** + * Parse an integer value. + * + * @param str The <code>String</code> containing the digits. + * @param curPos The starting position. + * @param digits The number of digist making up the integer value. + * @return int The integer representation of the digits contained in + * <code>str</code>. + * @throws ParseException Parsing the integer value failed. + */ + private static int parseInt(String str, int curPos, int digits) + throws ParseException { + + ensureDigits(str, curPos, digits); + return Integer.parseInt(str.substring(curPos, curPos + digits)); + } + + /** + * Count the number of digits following <code>curPos</code>. + * + * @param str The <code>String</code> in which to count digits. + * @param curPos The starting position. + * @return int The number of digits. + */ + private static int countDigits(String str, int curPos) { + int i; + + for (i = curPos; i < str.length() && Character.isDigit(str.charAt(i)); i++); + return i - curPos; + } + + /** + * Ensure that a value falls in a given min/max range. + * + * @param value The value to check. + * @param min The minimum allowed value. + * @param max The maximum allowed value. + * @param curPos To indicate the parsing position in the + * <code>ParseException</code>. + * @throws ParseException Thrown, if <code>value < min || value > + * max</code> + */ + private static void ensureValue(int value, int min, int max, int curPos) + throws ParseException { + + if (value < min || value > max) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + } + + /** + * Ensure that the given <code>String</code> has a number of characters left. + * + * @param str The <code>String</code> to check for its length. + * @param curPos The starting position. + * @param count The minimum number of characters that <code>str</code> must + * contain, starting at from <code>curPos</code>. + * @throws ParseException Thrown, if + * <code>curPos + count > str.length()</code>. + */ + private static void ensureChars(String str, int curPos, int count) + throws ParseException { + if (curPos + count > str.length()) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + } + + /** + * Ensure that a given <code>String</code> contains a certain character at a + * certain position. + * + * @param str The <code>String</code> in which to look up the character. + * @param curPos The position in <code>str</code> that must contain the + * character. + * @param c The character value that must be contained at position + * <code>curPos</code>. + * @throws ParseException Thrown, if the characters do not match or + * <code>curPos</code> is out of range. + */ + private static void ensureChar(String str, int curPos, char c) + throws ParseException { + + ensureChars(str, curPos, 1); + if (str.charAt(curPos) != c) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + } + + /** + * Ensure that a given <code>String</code> contains a number of digits, + * starting at a given position. + * + * @param str The <code>String</code> to scan for digits. + * @param curPos The starting postion. + * @param count The number of digits that must be contained in + * <code>str</code>, starting at <code>curPos</code>. + * @throws ParseException Thrown, if <code>str</code> is not long enough, or + * one of the characters following <code>curPos</code> in <code>str</code> is + * not a digit. + */ + private static void ensureDigits(String str, int curPos, int count) + throws ParseException { + + ensureChars(str, curPos, count); + for (int i = curPos; i < curPos + count; i++) { + if (!Character.isDigit(str.charAt(i))) { + throw new ParseException(msg.getMessage("datetime.00", null), curPos); + } + } + } + + /** + * Calculates the age if date of birth is given (for a calendar time stamp) + * @param dateOfBirth Date of Birth + * @param now Calendar time stamp at which the age needs to be calculated for + * @return Age of a person + */ + public static int calcAge(Calendar dateOfBirth, Calendar now) { + int age = now.get(Calendar.YEAR) - dateOfBirth.get(Calendar.YEAR); + + int nowM = now.get(Calendar.MONTH); + int dobM = dateOfBirth.get(Calendar.MONTH); + int nowDOM = now.get(Calendar.DAY_OF_MONTH); + int dobDOM = dateOfBirth.get(Calendar.DAY_OF_MONTH); + + if ((nowM < dobM) || ((nowM == dobM) && (nowDOM < dobDOM))) { + age--; + } + + if (age < 0) { + throw new IllegalArgumentException("Calculated age results in negative value."); + } + return age; + } + + /** + * Calculates the age if date of birth is given as Calendar object + * @param dateOfBirth Date of Birth as Calendar object + * @return Age of a person + */ + public static int calcAge(Calendar dateOfBirth) { + return calcAge(dateOfBirth, Calendar.getInstance()); + } + + /** + * Calculates the age if date of birth is given (for a date time stamp) + * @param dateOfBirth Date of Birth + * @param now Date time stamp at which the age needs to be calculated for + * @return Age of a person + */ + public static int calcAge(Date dateOfBirth, Date now) { + Calendar dob = Calendar.getInstance(); + dob.setTime(dateOfBirth); + Calendar nowCal = Calendar.getInstance(); + nowCal.setTime(now); + return calcAge(dob, nowCal); + } + + /** + * Calculates the age if date of birth is given as Date object + * @param dateOfBirth Date of Birth as Date object + * @return Age of a person + */ + public static int calcAge(Date dateOfBirth) { + return calcAge(dateOfBirth, new Date()); + } + + public static String formatPEPSDateToMOADate(String pepsDate) { + + if (StringUtils.isEmpty(pepsDate)) { + return null; + } + + DateTimeFormatter fmt = null; + + switch (pepsDate.length()) { + case 4: + fmt = DateTimeFormat.forPattern("yyyy"); + break; + case 6: + fmt = DateTimeFormat.forPattern("yyyyMM"); + break; + case 8: + fmt = DateTimeFormat.forPattern("yyyyMMdd"); + break; + default: + fmt = DateTimeFormat.forPattern("yyyy-MM-dd"); + break; + } + + DateTime dt = fmt.parseDateTime(pepsDate); + DateTimeFormatter fmt2 = DateTimeFormat.forPattern("yyyy-MM-dd"); + return fmt2.print(dt); + + } + + /** + * Returns a date as String using a provided format + * @param format Format the date/time should be returned + * @return Date/Time as String formatted according the provided format + */ + public static String getDateTimeWithFormat(String format) { + DateFormat dateFormat = new SimpleDateFormat(format); + Date date = new Date(); + return dateFormat.format(date); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Empty.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Empty.java new file mode 100644 index 000000000..533b39b6b --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Empty.java @@ -0,0 +1,31 @@ +/* + * Copyright 2011 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egovernment.moa.util; + +/** + * @author <a href="mailto:thomas.knall@iaik.tugraz.at">Thomas Knall</a> + */ +public interface Empty { + + /** + * Returns {@code true} if underlying object is empty. + * + * @return {@code true} if empty, {@code false} if not empty. + */ + boolean isEmpty(); + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java new file mode 100644 index 000000000..7213d036b --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/EntityResolverChain.java @@ -0,0 +1,76 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import org.xml.sax.EntityResolver; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; + +/** + * Implementation of the <code>org.xml.sax.EntityResolver</code>, + * for use by a <code>org.apache.xerces.parsers.DOMParser</code>. + * + * @author Patrick Peck + * @version $Id$ + */ +public class EntityResolverChain implements EntityResolver { + /** The <code>EntityResolver</code>s in the chain. */ + private List resolvers = new ArrayList(); + + /** + * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) + */ + public InputSource resolveEntity(String publicId, String systemId) + throws SAXException, IOException { + + Iterator iter; + + for (iter = resolvers.iterator(); iter.hasNext(); ) { + EntityResolver resolver = (EntityResolver) iter.next(); + InputSource is = resolver.resolveEntity(publicId, systemId); + + if (is != null) { + return is; + } + } + + return null; + } + + /** + * Add an <code>EntityResolver</code> to the chain. + * + * @param entityResolver The <code>EntityResolver</code> to add. + */ + public void addEntityResolver(EntityResolver entityResolver) { + resolvers.add(entityResolver); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java new file mode 100644 index 000000000..a70d62e1e --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/FileUtils.java @@ -0,0 +1,179 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.URL; + +/** + * Utility for accessing files on the file system, and for reading from input streams. + * @author Paul Ivancsics + * @version $Id$ + */ +public class FileUtils { + + /** + * Reads a file, given by URL, into a byte array. + * @param urlString file URL + * @return file content + * @throws IOException on any exception thrown + */ + public static byte[] readURL(String urlString) throws IOException { + URL url = new URL(urlString); + InputStream in = new BufferedInputStream(url.openStream()); + byte[] content = StreamUtils.readStream(in); + in.close(); + return content; + } + /** + * Reads a file, given by URL, into a String. + * @param urlString file URL + * @param encoding character encoding + * @return file content + * @throws IOException on any exception thrown + */ + public static String readURL(String urlString, String encoding) throws IOException { + byte[] content = readURL(urlString); + return new String(content, encoding); + } + /** + * Reads a file, given by filename, into a byte array. + * @param filename filename + * @return file content + * @throws IOException on any exception thrown + */ + public static byte[] readFile(String filename) throws IOException { + BufferedInputStream in = new BufferedInputStream(new FileInputStream(filename)); + byte[] content = StreamUtils.readStream(in); + in.close(); + return content; + } + /** + * Reads a file, given by filename, into a String. + * @param filename filename + * @param encoding character encoding + * @return file content + * @throws IOException on any exception thrown + */ + public static String readFile(String filename, String encoding) throws IOException { + byte[] content = readFile(filename); + return new String(content, encoding); + } + /** + * Reads a file from a resource. + * @param name resource name + * @return file content as a byte array + * @throws IOException on any exception thrown + */ + public static byte[] readResource(String name) throws IOException { + ClassLoader cl = FileUtils.class.getClassLoader(); + BufferedInputStream in = new BufferedInputStream(cl.getResourceAsStream(name)); + byte[] content = StreamUtils.readStream(in); + in.close(); + return content; + } + /** + * Reads a file from a resource. + * @param name filename + * @param encoding character encoding + * @return file content + * @throws IOException on any exception thrown + */ + public static String readResource(String name, String encoding) throws IOException { + byte[] content = readResource(name); + return new String(content, encoding); + } + + /** + * Returns the absolute URL of a given url which is relative to the parameter root + * @param url + * @param root + * @return String + */ + public static String makeAbsoluteURL(String url, String root) { + //if url is relative to rootConfigFileDirName make it absolute + + File keyFile; + String newURL = url; + + if(null == url) return null; + + if (url.startsWith("http:/") || url.startsWith("https:/") || url.startsWith("file:/") || url.startsWith("ftp:/")) { + return url; + } else { + // check if absolute - if not make it absolute + keyFile = new File(url); + if (!keyFile.isAbsolute()) { + keyFile = new File(root, url); + + if (keyFile.toString().startsWith("file:")) + newURL = keyFile.toString(); + + else + newURL = keyFile.toURI().toString(); + + } + return newURL; + } + } + + + private static void copy( InputStream fis, OutputStream fos ) + { + try + { + byte[] buffer = new byte[ 0xFFFF ]; + for ( int len; (len = fis.read(buffer)) != -1; ) + fos.write( buffer, 0, len ); + } + catch( IOException e ) { + System.err.println( e ); + } + finally { + if ( fis != null ) + try { fis.close(); } catch ( IOException e ) { e.printStackTrace(); } + if ( fos != null ) + try { fos.close(); } catch ( IOException e ) { e.printStackTrace(); } + } + } + + public static void copyFile(File src, File dest) + { + try + { + copy( new FileInputStream( src ), new FileOutputStream( dest ) ); + } + catch( IOException e ) { + e.printStackTrace(); + } + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java new file mode 100644 index 000000000..3d28f4f2b --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/KeyStoreUtils.java @@ -0,0 +1,223 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import iaik.x509.X509Certificate; + +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.InputStream; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.cert.Certificate; + +/** + * Utility for creating and loading key stores. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class KeyStoreUtils { + + /** + * JAVA KeyStore + */ + private static final String KEYSTORE_TYPE_JKS = "JKS"; + + /** + * PKCS12 KeyStore + */ + private static final String KEYSTORE_TYPE_PKCS12 = "PKCS12"; + + + + /** + * Loads a key store from file. + * + * @param keystoreType key store type + * @param urlString URL of key store + * @param password password protecting the key store + * @return key store loaded + * @throws IOException thrown while reading the key store from file + * @throws GeneralSecurityException thrown while creating the key store + */ + public static KeyStore loadKeyStore( + String keystoreType, + String urlString, + String password) + throws IOException, GeneralSecurityException { + + URL keystoreURL = new URL(urlString); + InputStream in = keystoreURL.openStream(); + return loadKeyStore(keystoreType, in, password); + } + /** + * Loads a key store from an <code>InputStream</code>, and + * closes the <code>InputStream</code>. + * + * @param keystoreType key store type + * @param in input stream + * @param password password protecting the key store + * @return key store loaded + * @throws IOException thrown while reading the key store from the stream + * @throws GeneralSecurityException thrown while creating the key store + */ + public static KeyStore loadKeyStore( + String keystoreType, + InputStream in, + String password) + throws IOException, GeneralSecurityException { + + char[] chPassword = null; + if (password != null) + chPassword = password.toCharArray(); + KeyStore ks = KeyStore.getInstance(keystoreType); + ks.load(in, chPassword); + in.close(); + return ks; + } + /** + * Creates a key store from X509 certificate files, aliasing them with + * the index in the <code>String[]</code>, starting with <code>"0"</code>. + * + * @param keyStoreType key store type + * @param certFilenames certificate filenames + * @return key store created + * @throws IOException thrown while reading the certificates from file + * @throws GeneralSecurityException thrown while creating the key store + */ + public static KeyStore createKeyStore( + String keyStoreType, + String[] certFilenames) + throws IOException, GeneralSecurityException { + + KeyStore ks = KeyStore.getInstance(keyStoreType); + ks.load(null, null); + for (int i = 0; i < certFilenames.length; i++) { + Certificate cert = loadCertificate(certFilenames[i]); + ks.setCertificateEntry("" + i, cert); + } + return ks; + } + /** + * Creates a key store from a directory containg X509 certificate files, + * aliasing them with the index in the <code>String[]</code>, starting with <code>"0"</code>. + * All the files in the directory are considered to be certificates. + * + * @param keyStoreType key store type + * @param certDirURLString file URL of directory containing certificate filenames + * @return key store created + * @throws IOException thrown while reading the certificates from file + * @throws GeneralSecurityException thrown while creating the key store + */ + public static KeyStore createKeyStoreFromCertificateDirectory( + String keyStoreType, + String certDirURLString) + throws IOException, GeneralSecurityException { + + URL certDirURL = new URL(certDirURLString); + String certDirname = certDirURL.getFile(); + File certDir = new File(certDirname); + String[] certFilenames = certDir.list(); + String separator = + (certDirname.endsWith(File.separator) ? "" : File.separator); + for (int i = 0; i < certFilenames.length; i++) { + certFilenames[i] = certDirname + separator + certFilenames[i]; + } + return createKeyStore(keyStoreType, certFilenames); + } + + /** + * Loads an X509 certificate from file. + * @param certFilename filename + * @return the certificate loaded + * @throws IOException thrown while reading the certificate from file + * @throws GeneralSecurityException thrown while creating the certificate + */ + private static Certificate loadCertificate(String certFilename) + throws IOException, GeneralSecurityException { + + FileInputStream in = new FileInputStream(certFilename); + Certificate cert = new X509Certificate(in); + in.close(); + return cert; + } + + + /** + * Loads a keyStore without knowing the keyStore type + * @param keyStorePath URL to the keyStore + * @param password Password protecting the keyStore + * @return keyStore loaded + * @throws KeyStoreException thrown if keyStore cannot be loaded + * @throws FileNotFoundException + * @throws IOException + */ + public static KeyStore loadKeyStore(String keyStorePath, String password) throws KeyStoreException, IOException{ + + //InputStream is = new FileInputStream(keyStorePath); + URL keystoreURL = new URL(keyStorePath); + InputStream in = keystoreURL.openStream(); + InputStream isBuffered = new BufferedInputStream(in); + return loadKeyStore(isBuffered, password); + + } + + /** + * Loads a keyStore without knowing the keyStore type + * @param in input stream + * @param password Password protecting the keyStore + * @return keyStore loaded + * @throws KeyStoreException thrown if keyStore cannot be loaded + * @throws FileNotFoundException + * @throws IOException + */ +public static KeyStore loadKeyStore(InputStream is, String password) throws KeyStoreException, IOException{ + is.mark(1024*1024); + KeyStore ks = null; + try { + try { + ks = loadKeyStore(KEYSTORE_TYPE_PKCS12, is, password); + } catch (IOException e2) { + is.reset(); + ks = loadKeyStore(KEYSTORE_TYPE_JKS, is, password); + } + } catch(Exception e) { + e.printStackTrace(); + //throw new KeyStoreException(e); + } + return ks; + + } + + + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java new file mode 100644 index 000000000..7a79bd9e5 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOADefaultHandler.java @@ -0,0 +1,106 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.IOException; + +import org.xml.sax.EntityResolver; +import org.xml.sax.ErrorHandler; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; +import org.xml.sax.helpers.DefaultHandler; + +/** + * A <code>DefaultHandler</code> that uses a <code>MOAEntityResolver</code> and + * a <code>MOAErrorHandler</code>. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOADefaultHandler extends DefaultHandler { + /** The <code>EntityResolver</code> to use. */ + private EntityResolver entityResolver; + /** The <code>ErrorHandler</code> to use. */ + private ErrorHandler errorHandler; + + /** + * Create a new <code>MOADefaultHandler</code>. + */ + public MOADefaultHandler() { + entityResolver = new MOAEntityResolver(); + errorHandler = new MOAErrorHandler(); + } + + /** + * Create a new <code>MOADefaultHandler</code>. + * + * @param entityResolver The <code>EntityResolver</code> to use for resolving + * external entities. + * @param errorHandler The <code>ErrorHandler</code> to use for reporting + * parsing errors. + */ + public MOADefaultHandler( + EntityResolver entityResolver, + ErrorHandler errorHandler) { + + this.entityResolver = entityResolver; + this.errorHandler = errorHandler; + } + + /** + * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) + */ + public InputSource resolveEntity(String publicId, String systemId) + throws SAXException { + try { + return entityResolver.resolveEntity(publicId, systemId); + } catch (IOException e) { + return null; + } + } + + /** + * @see org.xml.sax.ErrorHandler#warning(org.xml.sax.SAXParseException) + */ + public void warning(SAXParseException exception) throws SAXException { + errorHandler.warning(exception); + } + + /** + * @see org.xml.sax.ErrorHandler#error(org.xml.sax.SAXParseException) + */ + public void error(SAXParseException exception) throws SAXException { + errorHandler.error(exception); + } + + /** + * @see org.xml.sax.ErrorHandler#fatalError(org.xml.sax.SAXParseException) + */ + public void fatalError(SAXParseException exception) throws SAXException { + errorHandler.fatalError(exception); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java new file mode 100644 index 000000000..8f3ffd4c6 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAEntityResolver.java @@ -0,0 +1,129 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.InputStream; + +import org.apache.xerces.util.URI; +import org.apache.xerces.util.URI.MalformedURIException; +import org.xml.sax.EntityResolver; +import org.xml.sax.InputSource; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; + +/** + * An <code>EntityResolver</code> that looks up entities stored as + * local resources. + * + * <p>The following DTDs are mapped to local resources: + * <ul> + * <li>The XMLSchema.dtd</li> + * <li>The datatypes.dtd</li> + * </ul> + * </p> + * <p>For all other resources, an attempt is made to resolve them as resources, + * either absolute or relative to <code>Constants.SCHEMA_ROOT</code>. + * + * @author Patrick Peck + * @author Sven Aigner + */ +public class MOAEntityResolver implements EntityResolver { + + /** + * Resolve an entity. + * + * The <code>systemId</code> parameter is used to perform the lookup of the + * entity as a resource, either by interpreting the <code>systemId</code> as + * an absolute resource path, or by appending the last path component of + * <code>systemId</code> to <code>Constants.SCHEMA_ROOT</code>. + * + * @param publicId The public ID of the resource. + * @param systemId The system ID of the resource. + * @return An <code>InputSource</code> from which the entity can be read, or + * <code>null</code>, if the entity could not be found. + * @see org.xml.sax.EntityResolver#resolveEntity(java.lang.String, java.lang.String) + */ + public InputSource resolveEntity(String publicId, String systemId) { + InputStream stream; + int slashPos; + + if (Logger.isDebugEnabled()) { + Logger.debug( + new LogMsg("resolveEntity: p=" + publicId + " s=" + systemId)); + } + + if (publicId != null) { + // check if we can resolve some standard dtd's + if (publicId.equalsIgnoreCase("-//W3C//DTD XMLSchema 200102//EN")) { + return new InputSource( + getClass().getResourceAsStream( + Constants.SCHEMA_ROOT + "XMLSchema.dtd")); + } else if (publicId.equalsIgnoreCase("datatypes")) { + return new InputSource( + getClass().getResourceAsStream( + Constants.SCHEMA_ROOT + "datatypes.dtd")); + } + } else if (systemId != null) { + // get the URI path + try { + URI uri = new URI(systemId); + systemId = uri.getPath(); + + if (!"file".equals(uri.getScheme()) || "".equals(systemId.trim())) { + return null; + } + + } catch (MalformedURIException e) { + return null; + } + + // try to get the resource from the full path + stream = getClass().getResourceAsStream(systemId); + if (stream != null) { + InputSource source = new InputSource(stream); + + source.setSystemId(systemId); + return source; + } + + // try to get the resource from the last path component + slashPos = systemId.lastIndexOf('/'); + if (slashPos >= 0 && systemId.length() > slashPos) { + systemId = systemId.substring(slashPos + 1, systemId.length()); + stream = + getClass().getResourceAsStream(Constants.SCHEMA_ROOT + systemId); + if (stream != null) { + InputSource source = new InputSource(stream); + + source.setSystemId(systemId); + return source; + } + } + } + + return null; // nothing found - let the parser handle the entity + } +}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java new file mode 100644 index 000000000..3769b264d --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOAErrorHandler.java @@ -0,0 +1,115 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import org.apache.xml.utils.DefaultErrorHandler; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; + +/** + * An <code>ErrorHandler</code> that logs a message and throws a + * <code>SAXException</code> upon <code>error</code> and <code>fatal</code> + * parsing errors. + * + * @author Patrick Peck + * @author Sven Aigner + */ +public class MOAErrorHandler extends DefaultErrorHandler { + + + /** + * Logs a warning message. + * + * @see org.xml.sax.ErrorHandler#warning(SAXParseException) + */ + public void warning(SAXParseException exception) throws SAXException { + warn("parser.00", messageParams(exception), null); + } + + /** + * Logs a warning and rethrows the <code>exception</code>. + * + * @see org.xml.sax.ErrorHandler#error(SAXParseException) + */ + public void error(SAXParseException exception) throws SAXException { + warn("parser.01", messageParams(exception), null); + + // if Target attribute is missing in QualifyingProperties - don't throw exception (bug fix for old MOCCA signatures) + if (exception.getMessage().startsWith("cvc-complex-type.4: Attribute 'Target' must appear on element")) + warn("parser.04", new Object[] {"Attribute 'Target' must appear on element 'QualifyingProperties' - ignored for compatibility reasons."}, null); + else + throw exception; + } + + /** + * Logs a warning and rethrows the <code>exception</code>. + * + * @see org.xml.sax.ErrorHandler#fatalError(SAXParseException) + */ + public void fatalError(SAXParseException exception) throws SAXException { + warn("parser.02", messageParams(exception), null); + throw exception; + } + + /** + * Log a warning message. + * + * @param messageId The message ID to log. + * @param parameters Additional message parameters. + * @param t The <code>Throwable</code> to log; usually the cause of this + * warning. + */ + private static void warn( + String messageId, + Object[] parameters, + Throwable t) { + + MessageProvider msg = MessageProvider.getInstance(); + Logger.warn(new LogMsg(msg.getMessage(messageId, parameters)), t); + } + + /** + * Put the system id, line and column number information from the exception + * into an <code>Object</code> array, to provide it as a + * <code>MessageFormat</code> parameter. + * + * @param e The <code>SAXParseException</code> containing the + * source system id and line/column numbers. + * @return An array containing the system id (a <code>String</code>) as well + * as line/column numbers (2 <code>Integer</code> objects) from the + * <code>SAXParseException</code>. + */ + private static Object[] messageParams(SAXParseException e) { + return new Object[] { + e.getMessage(), + e.getSystemId(), + new Integer(e.getLineNumber()), + new Integer(e.getColumnNumber())}; + } + +}
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOATimer.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOATimer.java new file mode 100644 index 000000000..acc380d1d --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MOATimer.java @@ -0,0 +1,134 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.Map; +import java.util.WeakHashMap; + +/** + * A timer utility for named timers. + * + * @author Sven Aigner + */ +public class MOATimer { + + /** The single instance of this class. */ + private static MOATimer instance = null; + /** The starting points of single timings. */ + private static Map timemapstart = new WeakHashMap(); + /** The end points of single timings. */ + private static Map timemapend = new WeakHashMap(); + + /** + * Return the single instance of this class. + * + * @return The single instance of this class. + */ + public static MOATimer getInstance() { + if (instance == null) { + instance = new MOATimer(); + } + return instance; + } + + /** + * Create a new <code>MOATimer</code>. + * + * Protected to disallow multiple instances. + */ + protected MOATimer() { + super(); + } + + /** + * Start timing a certain action. + * + * The timing belonging to the action ID is garbage collected as soon as there + * exists no other reference to the action ID. + * + * @param id The action ID. + */ + public void startTiming(Object id) { + timemapstart.put(id, new Long(System.currentTimeMillis())); + } + + /** + * Stop timing an action. + * + * @param id The action ID. + */ + public void stopTiming(Object id) { + timemapend.put(id, new Long(System.currentTimeMillis())); + } + + /** + * Get the duration of an action. + * + * @param id The action ID for which to compute the duration. + * @return long The duration in milliseconds between calls to + * <code>startTiming()</code> and <code>stopTiming()</code>. If + * only <code>startTiming()</code> has been called for the action, then + * current difference to the system time is returned. If no timing exists for + * the action, <code>- 1</code> is returned. + */ + public long duration(Object id) { + if (timemapstart.containsKey(id)) { + long start = ((Long) timemapstart.get(id)).longValue(); + if (timemapend.containsKey(id)) { + long end = ((Long) timemapend.get(id)).longValue(); + return end - start; + } else { + return System.currentTimeMillis() - start; + } + } else + return -1; + } + + /** + * Get the duration of an action, as a nicely formatted <code>String</code>. + * + * @param id The action ID. + * @return String The <code>duration()</code> as a <code>String</code>. + */ + public String durationAsString(Object id) { + long dur = duration(id); + long second = dur / 1000; + long mil = (dur) - (second * 1000); + return "Duration: " + second + "." + mil + " seconds"; + } + + /** + * Remove a timing. + * + * @param id The action ID. + */ + public void clearTiming(String id) { + if (timemapstart.containsKey(id)) + timemapstart.remove(id); + if (timemapend.containsKey(id)) + timemapend.remove(id); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java new file mode 100644 index 000000000..1623ff1b3 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MessageProvider.java @@ -0,0 +1,87 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.Locale; + +/** + * A singleton wrapper around a <code>Message</code> object. + * + * Provides the messages used in the common project. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MessageProvider { + /** The location of the default message resources. */ + private static final String[] DEFAULT_MESSAGE_RESOURCES = + { "resources/properties/common_messages" }; + /** The locale of the default message resources. */ + private static final Locale[] DEFAULT_MESSAGE_LOCALES = + new Locale[] { new Locale("de", "AT") }; + /** The single instance of this class. */ + private static MessageProvider instance; + + /** The messages provided by this <code>MessageProvider</code>. */ + private Messages messages; + + /** + * Return the single instance of the <code>MessageProvider</code>. + * + * Intialilizes the <code>MessageProvider</code> with the default message + * locations: <code>/resources/properties/common_messages</code>. + * + * @return The single <code>MessageProvider</code>. + */ + public static synchronized MessageProvider getInstance() { + if (instance == null) { + instance = + new MessageProvider(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); + } + return instance; + } + + /** + * Create a <code>MessageProvider</code>. + * + * @param resourceNames The names of the resources containing the messages. + * @param locales The corresponding locales. + */ + protected MessageProvider(String[] resourceNames, Locale[] locales) { + this.messages = new Messages(resourceNames, locales); + } + + /** + * Get the message corresponding to a given message ID. + * + * @param messageId The ID of the message. + * @param parameters The parameters to fill in into the message arguments. + * @return The formatted message. + */ + public String getMessage(String messageId, Object[] parameters) { + return messages.getMessage(messageId, parameters); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Messages.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Messages.java new file mode 100644 index 000000000..20de46b43 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Messages.java @@ -0,0 +1,141 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.text.MessageFormat; +import java.util.Locale; +import java.util.MissingResourceException; +import java.util.PropertyResourceBundle; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * Provides access to the system messages resource used for exception handling + * and logging messages. + * + * Messages must be provided as a resource bundle at the path. + * + * @author Patrick Peck + * @version $Id$ + */ +public class Messages { + /** Error message indicating that no messages are avaiable. */ + private static final String ERROR_MESSAGES_UNAVAILABLE = + "Fehler in der Server-Konfiguration. " + + "Die Fehlertexte konnten nicht geladen werden."; + /** Error message indicating that the message is not available. */ + private static final String ERROR_NO_MESSAGE = + "No errormesseage for error with number.={0}"; + + /** The names of the resources containing the messages. */ + private String[] resourceNames; + /** The corresponding <code>Locale</code>s of the resources. */ + private Locale[] locales; + /** The <code>ResourceBundle</code>s containing the messages. */ + private ResourceBundleChain messages; + + /** + * Create a new <code>Message</code> object containing the messages + * in the given resources. + * + * @param resourceNames The names of the resources containing the messages. + * @param locales The corresponding locales. + */ + public Messages(String[] resourceNames, Locale[] locales) { + this.resourceNames = resourceNames; + this.locales = locales; + this.messages = null; + } + + /** + * Get the message corresponding to a given message ID. + * + * @param messageId The ID of the message. + * @param parameters The parameters to fill in into the message arguments. + * @return The formatted message. + */ + public String getMessage(String messageId, Object[] parameters) { + // initialize messages + if (messages == null) { + initMessages(); + } + + // create the message + if (messages == null) { + return ERROR_MESSAGES_UNAVAILABLE; + } else { + try { + String rawMessage = messages.getString(messageId); + return MessageFormat.format(rawMessage, parameters); + } catch (MissingResourceException e2) { + // couldn't find any message -> set to default error message + return MessageFormat.format( + ERROR_NO_MESSAGE, + new Object[] { messageId }); + } + } + } + + /** + * Return the names of the resources containing the messages. + * + * @return String[] The names of the resource bundles containing the messages. + */ + private String[] getResourceNames() { + return resourceNames; + } + + /** + * Return the <code>Locale</code>s of the resources containing the messages. + * + * @return Locale[] The <code>Locale</code>s of the resource bundles + * containing the messages. + */ + private Locale[] getLocales() { + return locales; + } + + /** + * Initialize the <code>messages</code> <code>ResourceBundle</code> containing + * the MOA error messages. + */ + private void initMessages() { + messages = new ResourceBundleChain(); + int i; + + // initialize the message resources + for (i = 0; i < resourceNames.length; i++) { + try { + messages.addResourceBundle( + PropertyResourceBundle.getBundle( + getResourceNames()[i], + getLocales()[i])); + } catch (MissingResourceException e) { + Logger.error(ERROR_MESSAGES_UNAVAILABLE, e); + } + } + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MiscUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MiscUtil.java new file mode 100644 index 000000000..246b0eb31 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/MiscUtil.java @@ -0,0 +1,315 @@ +/* + * Copyright 2011 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egovernment.moa.util; + +import iaik.logging.Log; +import iaik.logging.LogFactory; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.lang.reflect.InvocationTargetException; +import java.nio.channels.Channels; +import java.nio.channels.ReadableByteChannel; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.Collection; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.Iterator; +import java.util.Properties; + +import javax.xml.datatype.DatatypeConfigurationException; +import javax.xml.datatype.DatatypeFactory; +import javax.xml.datatype.XMLGregorianCalendar; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Source; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.stream.StreamResult; + +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.ex.EgovUtilException; + + + +/** + * Class providing several utility methods. + * + * @author <a href="mailto:Arne.Tauber@egiz.gv.at">Arne Tauber</a> + * + */ +public class MiscUtil { + + public static final String DEFAULT_SLASH = "/"; + + private static final int IO_BUFFER_SIZE = 4 * 1024; + + public static void copyStream(InputStream is, OutputStream os) throws IOException { + byte[] b = new byte[IO_BUFFER_SIZE]; + int read; + while ((read = is.read(b)) != -1) { + os.write(b, 0, read); + } + } + + public static void assertNotNull(Object param, String name) { + if (param == null) { + throw new NullPointerException(name + " must not be null."); + } + } + + public static boolean areAllNull(Object... objects) { + for (Object o : objects) { + if (o != null) { + return false; + } + } + return true; + } + + public static String extractContentType(String contentTypeString) { + if (contentTypeString == null) { + return ""; + } + if (contentTypeString.indexOf(";") != -1) { + return contentTypeString.substring(0, contentTypeString.indexOf(";")); + } + return contentTypeString; + } + + public static XMLGregorianCalendar getXMLGregorianCalendar(Date date) + throws DatatypeConfigurationException { + GregorianCalendar cal = (GregorianCalendar) GregorianCalendar.getInstance(); + cal.setTime(date); + return DatatypeFactory.newInstance().newXMLGregorianCalendar(cal); + } + + public static XMLGregorianCalendar getXMLGregorianCalendar(String str) + throws DatatypeConfigurationException { + return DatatypeFactory.newInstance().newXMLGregorianCalendar(str); + } + + public static X509Certificate readCertificate(InputStream certStream) + throws CertificateException { + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + return (X509Certificate) cf.generateCertificate(certStream); + } + + public static boolean isEmpty(String str) { + return str == null || "".equals(str); + } + + public static boolean isNotEmpty(String str) { + return str != null && !"".equals(str); + } + + public static byte[] sourceToByteArray(Source result) + throws TransformerException { + TransformerFactory factory = TransformerFactory.newInstance(); + Transformer transformer = factory.newTransformer(); + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + transformer.setOutputProperty(OutputKeys.METHOD, "xml"); + ByteArrayOutputStream out = new ByteArrayOutputStream(); + StreamResult streamResult = new StreamResult(); + streamResult.setOutputStream(out); + transformer.transform(result, streamResult); + return out.toByteArray(); + } + +// public static Document parseDocument(InputStream inputStream) +// throws IOException { +// try { +// DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory +// .newInstance(); +// docBuilderFactory.setNamespaceAware(true); +// DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder(); +// return docBuilder.parse(inputStream); +// } catch (ParserConfigurationException e) { +// throw new IOException(e); +// } catch (SAXException e) { +// throw new IOException(e); +// } +// } + + public static String removePrecedingSlash(String path, String slash) { + assertNotEmpty(slash, "Shash"); + if (!isEmpty(path)) { + while (path.startsWith(slash)) { + path = path.substring(slash.length(), path.length()); + } + } + return path; + } + + public static String removePrecedingSlash(String path) { + return removePrecedingSlash(path, DEFAULT_SLASH); + } + + public static void assertNotEmpty(String param, String name) { + if (param == null) { + throw new NullPointerException(name + " must not be null."); + } + if (param.length() == 0) { + throw new IllegalArgumentException(name + " must not be empty."); + } + } + + @SuppressWarnings("rawtypes") + public static boolean isEmpty(Properties props) { + if (props == null || props.isEmpty()) { + return true; + } + Iterator it = props.values().iterator(); + while (it.hasNext()) { + if (MiscUtil.isNotEmpty((String) it.next())) { + return false; + } + } + return true; + } + + public static boolean isEmpty(Empty empty) { + return empty == null || empty.isEmpty(); + } + + public static boolean isNotEmpty(Empty empty) { + return !isEmpty(empty); + } + + public static boolean isEmpty(byte[] data) { + return data == null || data.length == 0; + } + + public static boolean isNotEmpty(byte[] data) { + return !isEmpty(data); + } + + public static <T> boolean isEmpty(Collection<T> c) { + return c == null || c.isEmpty(); + } + + public static <T> boolean isNotEmpty(Collection<T> c) { + return !isEmpty(c); + } + + public static boolean areAllEmpty(String... strings) { + for (String s : strings) { + if (s != null && s.trim().length() != 0) { + return false; + } + } + return true; + } + + public static boolean areAllEmpty(Empty... empties) { + if (empties != null) { + for (Empty e : empties) { + if (e != null && !e.isEmpty()) { + return false; + } + } + } + return true; + } + + public static <T> void assertNotEmpty(T[] param, String name) { + if (param == null) { + throw new NullPointerException(name + " must not be null."); + } + if (param.length == 0) { + throw new IllegalArgumentException(name + " must not be empty."); + } + } + + public static void assertNotEmpty(Empty empty, String name) { + if (empty == null) { + throw new NullPointerException(name + " must not be null."); + } + if (empty.isEmpty()) { + throw new IllegalArgumentException(name + " must not be empty."); + } + } + + public static void assertNotEmpty(byte[] param, String name) { + if (param == null) { + throw new NullPointerException(name + " must not be null."); + } + if (param.length == 0) { + throw new IllegalArgumentException(name + " must not be empty."); + } + } + + public static Date parseXMLDate(String xmlDate) throws EgovUtilException { + if (xmlDate == null) { + return null; + } + SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); + try { + return sdf.parse(xmlDate); + } catch (ParseException e) { + throw new EgovUtilException(e); + } + } + + public static <T> boolean isEmpty(T[] array) { + return array == null || array.length == 0; + } + + public static <T> boolean isNotEmpty(T[] array) { + return !isEmpty(array); + } + + public static String convertDateFromStandardToXML(String dateString) { + MiscUtil.assertNotNull(dateString, "dateString"); + Date date = parseDate(dateString); + return formatDate(date, "yyyy-MM-dd"); + } + + public static Date parseDate(String dateString) { + return parseDate(dateString, "dd.MM.yyyy"); + } + + public static Date parseDate(String dateString, String pattern) { + MiscUtil.assertNotNull(dateString, "dateString"); + MiscUtil.assertNotNull(pattern, "pattern"); + SimpleDateFormat sdf = new SimpleDateFormat(pattern); + try { + return sdf.parse(dateString); + } catch (ParseException e) { + Logger.warn("Error parsing date.", e); + return null; + } + } + + public static String formatDate(Date date, String format) { + SimpleDateFormat sdf = new SimpleDateFormat(format); + return sdf.format(date); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java new file mode 100644 index 000000000..fdc823229 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/NodeIteratorAdapter.java @@ -0,0 +1,111 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.ListIterator; + +import org.w3c.dom.DOMException; +import org.w3c.dom.Node; +import org.w3c.dom.traversal.NodeFilter; +import org.w3c.dom.traversal.NodeIterator; + +/** + * A <code>NodeIterator</code> implementation based on a + * <code>ListIterator</code>. + * + * @see java.util.ListIterator + * @see org.w3c.dom.traversal.NodeIterator + * + * @author Patrick Peck + * @version $Id$ + */ +public class NodeIteratorAdapter implements NodeIterator { + + /** The <code>ListIterator</code> to wrap. */ + private ListIterator nodeIterator; + + /** + * Create a new <code>NodeIteratorAdapter</code>. + * @param nodeIterator The <code>ListIterator</code> to iterate over. + */ + public NodeIteratorAdapter(ListIterator nodeIterator) { + this.nodeIterator = nodeIterator; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#getRoot() + */ + public Node getRoot() { + return null; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#getWhatToShow() + */ + public int getWhatToShow() { + return NodeFilter.SHOW_ALL; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#getFilter() + */ + public NodeFilter getFilter() { + return null; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#getExpandEntityReferences() + */ + public boolean getExpandEntityReferences() { + return false; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#nextNode() + */ + public Node nextNode() throws DOMException { + if (nodeIterator.hasNext()) { + return (Node) nodeIterator.next(); + } + return null; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#previousNode() + */ + public Node previousNode() throws DOMException { + if (nodeIterator.hasPrevious()) { + return (Node) nodeIterator.previous(); + } + return null; + } + + /** + * @see org.w3c.dom.traversal.NodeIterator#detach() + */ + public void detach() { + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java new file mode 100644 index 000000000..e39cc0291 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/NodeListAdapter.java @@ -0,0 +1,68 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.List; + +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +/** + * A <code>NodeList</code> implementation based on a <code>List</code>. + * + * @see java.util.List + * @see org.w3c.dom.NodeList + * + * @author Patrick Peck + * @version $Id$ + */ +public class NodeListAdapter implements NodeList { + /** The <code>List</code> to wrap. */ + private List nodeList; + + /** + * Create a new <code>NodeListAdapter</code>. + * + * @param nodeList The <code>List</code> containing the nodes. + */ + public NodeListAdapter(List nodeList) { + this.nodeList = nodeList; + } + + /** + * @see org.w3c.dom.NodeList#item(int) + */ + public Node item(int index) { + return (Node) nodeList.get(index); + } + + /** + * @see org.w3c.dom.NodeList#getLength() + */ + public int getLength() { + return nodeList.size(); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java new file mode 100644 index 000000000..e3f8f75a1 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/OutputXML2File.java @@ -0,0 +1,102 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +/* + * Created on 26.04.2004 + * + * @author rschamberger + * $ID$ + */ +package at.gv.egovernment.moa.util; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.logging.Logger; + +/** + * utility functions to write XML data to files + * @author rschamberger + * @version $Id$ + */ +public class OutputXML2File { + + /** + * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8) + * + * @param filename file name + * @param rootElem root element in DOM tree + * @param hierarchy of the Logger + */ + public static void debugOutputXML2File(String filename, Element rootElem, String hierarchy) { + if (Logger.isDebugEnabled(hierarchy)) { + outputXML2File(filename, rootElem); + } + } + + /** + * writes an XML structure to file if debug is enabled in hierarchy (Encoding: UTF-8) + * + * @param filename file name + * @param xmlString XML string + * @param hierarchy of the Logger + */ + public static void debugOutputXML2File(String filename, String xmlString, String hierarchy) { + if (Logger.isDebugEnabled(hierarchy)) { + outputXML2File(filename, xmlString); + } + } + + /** + * writes an XML structure to file (Encoding: UTF-8) + * + * @param filename file name + * @param rootElem root element in DOM tree + */ + public static void outputXML2File(String filename, Element rootElem) { + try { + String xmlString = new String(DOMUtils.serializeNode(rootElem)); + outputXML2File(filename, xmlString); + } catch (Exception ex) { + ex.printStackTrace(); + } + } + + /** + * writes an XML structure to file (Encoding: UTF-8) + * + * @param filename file name + * @param xmlString XML string + */ + public static void outputXML2File(String filename, String xmlString) { + try { + java.io.OutputStream fout = new java.io.FileOutputStream(filename); + byte[] xmlData = xmlString.getBytes("UTF-8"); + fout.write(xmlData); + fout.close(); + } catch (Exception ex) { + ex.printStackTrace(); + } + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java new file mode 100644 index 000000000..234ed89df --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/ResourceBundleChain.java @@ -0,0 +1,90 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.MissingResourceException; +import java.util.ResourceBundle; + +/** + * A class to chain <code>ResourceBundle</code>s. + * + * @author Patrick Peck + * @version $Id$ + */ +public class ResourceBundleChain { + /** Error message indicating the resource is not available. */ + private static final String ERROR_MISSING_RESOURCE = "Missing resource"; + /** The <code>ResourceBundle</code>s contained in this chain. */ + private List resourceBundles = new ArrayList(); + + /** + * Add a <code>ResourceBundle</code> to the chain. + * + * @param resourceBundle The <code>ResourceBundle</code> to add. + */ + public void addResourceBundle(ResourceBundle resourceBundle) { + resourceBundles.add(resourceBundle); + } + + /** + * Return the value of the resource. + * + * @param key The key to access the <code>String</code> resource. + * @return The resource value. All the registered <code>ResourceBundle</code>s + * are searched in the order in which they have previously been added to this + * <code>ResourceBundleChain</code>. + * @throws MissingResourceException The resource coult not be found in any of + * the bundles. + */ + public String getString(String key) throws MissingResourceException { + MissingResourceException lastException = null; + Iterator iter; + + // handle case where no resource bundles have been added + if (resourceBundles.size() == 0) { + throw new MissingResourceException( + ERROR_MISSING_RESOURCE, + this.getClass().getName(), + key); + } + + // try to find the resource in one of the bundles; if it cannot be found, + // return the exception thrown by the last bundle in the list + for (iter = resourceBundles.iterator(); iter.hasNext();) { + ResourceBundle resourceBundle = (ResourceBundle) iter.next(); + try { + String value = resourceBundle.getString(key); + return value; + } catch (MissingResourceException e) { + lastException = e; + } + } + throw lastException; + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java new file mode 100644 index 000000000..c2c67ec58 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/SSLUtils.java @@ -0,0 +1,244 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.IOException; +import java.io.InputStream; +import java.security.GeneralSecurityException; +import java.security.KeyStore; + +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; + +/** + * Utility for connecting to server applications via SSL. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class SSLUtils { + + /** + * Creates an <code>SSLSocketFactory</code> which utilizes the given trust store. + * + * @param trustStoreType key store type of trust store + * @param trustStoreInputStream input stream for reading JKS trust store containing + * trusted server certificates; if <code>null</code>, the default + * trust store will be utilized + * @param trustStorePassword if provided, it will be used to check + * the integrity of the trust store; if omitted, it will not be checked + * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> + * @throws IOException thrown while reading from the input stream + * @throws GeneralSecurityException thrown while creating the socket factory + */ + public static SSLSocketFactory getSSLSocketFactory( + String trustStoreType, + InputStream trustStoreInputStream, + String trustStorePassword) + throws IOException, GeneralSecurityException { + + TrustManager[] tms = getTrustManagers(trustStoreType, trustStoreInputStream, trustStorePassword); + SSLContext ctx = SSLContext.getInstance("TLS"); + ctx.init(null, tms, null); + + SSLSocketFactory sf = ctx.getSocketFactory(); + return sf; + } + /** + * Creates an <code>SSLSocketFactory</code> which utilizes the + * given trust store and keystore. + * + * @param trustStore trust store containing trusted server certificates; + * if <code>null</code>, the default trust store will be utilized + * @param clientKeyStoreType key store type of <code>clientKeyStore</code> + * @param clientKeyStoreURL URL of key store containing keys to be used for + * client authentication; if <code>null</code>, the default key store will be utilized + * @param clientKeyStorePassword if provided, it will be used to check + * the integrity of the client key store; if omitted, it will not be checked + * @return <code>SSLSocketFactory</code> to be used by an <code>HttpsURLConnection</code> + * @throws IOException thrown while reading key store file + * @throws GeneralSecurityException thrown while creating the socket factory + */ + public static SSLSocketFactory getSSLSocketFactory( + KeyStore trustStore, + String clientKeyStoreType, + String clientKeyStoreURL, + String clientKeyStorePassword) + throws IOException, GeneralSecurityException { + + SSLContext ctx = getSSLContext( + trustStore, clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); + SSLSocketFactory sf = ctx.getSocketFactory(); + return sf; + } + /** + * Creates an <code>SSLContext</code> initialized for the + * given trust store and keystore. + * + * @param trustStore trust store containing trusted server certificates; + * if <code>null</code>, the default trust store will be utilized + * @param clientKeyStoreType key store type of <code>clientKeyStore</code> + * @param clientKeyStoreURL URL of key store containing keys to be used for + * client authentication; if <code>null</code>, the default key store will be utilized + * @param clientKeyStorePassword if provided, it will be used to check + * the integrity of the client key store; if omitted, it will not be checked + * @return <code>SSLContext</code> to be used for creating an <code>SSLSocketFactory</code> + * @throws IOException thrown while reading key store file + * @throws GeneralSecurityException thrown while creating the SSL context + */ + public static SSLContext getSSLContext( + KeyStore trustStore, + String clientKeyStoreType, + String clientKeyStoreURL, + String clientKeyStorePassword) + throws IOException, GeneralSecurityException { + + TrustManager[] tms = getTrustManagers(trustStore); + KeyManager[] kms = getKeyManagers(clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); + SSLContext ctx = SSLContext.getInstance("TLS"); + ctx.init(kms, tms, null); + return ctx; + } + /** + * Loads the trust store from an input stream and gets the + * <code>TrustManager</code>s from a default <code>TrustManagerFactory</code>, + * initialized from the given trust store. + * @param trustStoreType key store type of trust store + * @param trustStoreInputStream input stream for reading JKS trust store containing + * trusted server certificates; if <code>null</code>, the default + * trust store will be utilized + * @param trustStorePassword if provided, it will be used to check + * the integrity of the trust store; if omitted, it will not be checked + * @return <code>TrustManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given trust store + * @throws IOException thrown while reading from the input stream + * @throws GeneralSecurityException thrown while initializing the + * default <code>TrustManagerFactory</code> + */ + protected static TrustManager[] getTrustManagers( + String trustStoreType, + InputStream trustStoreInputStream, + String trustStorePassword) + throws IOException, GeneralSecurityException { + + if (trustStoreInputStream == null) + return null; + + // Set up the TrustStore to use. We need to load the file into + // a KeyStore instance. + KeyStore trustStore = KeyStoreUtils.loadKeyStore(trustStoreType, trustStoreInputStream, trustStorePassword); + return getTrustManagers(trustStore); + } + /** + * Gets the <code>TrustManager</code>s from a default <code>TrustManagerFactory</code>, + * initialized from the given trust store. + * + * @param trustStore the trust store to use + * @return <code>TrustManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given trust store + * @throws GeneralSecurityException thrown while initializing the + * default <code>TrustManagerFactory</code> + */ + protected static TrustManager[] getTrustManagers(KeyStore trustStore) + throws GeneralSecurityException { + + if (trustStore == null) + return null; + + // Initialize the default TrustManagerFactory with this KeyStore + String alg=TrustManagerFactory.getDefaultAlgorithm(); + TrustManagerFactory tmFact=TrustManagerFactory.getInstance(alg); + tmFact.init(trustStore); + + // And now get the TrustManagers + TrustManager[] tms=tmFact.getTrustManagers(); + return tms; + } + /** + * Loads the client key store from file and gets the + * <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, + * initialized from the given client key store. + * @param clientKeyStoreType key store type of <code>clientKeyStore</code> + * @param clientKeyStoreURL URL of key store containing keys to be used for + * client authentication; if <code>null</code>, the default key store will be utilized + * @param clientKeyStorePassword password used to check the integrity of the client key store; + * if <code>null</code>, it will not be checked + * @return <code>KeyManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given client key store + * @throws IOException thrown while reading from the key store file + * @throws GeneralSecurityException thrown while initializing the + * default <code>KeyManagerFactory</code> + */ + public static KeyManager[] getKeyManagers ( + String clientKeyStoreType, + String clientKeyStoreURL, + String clientKeyStorePassword) + throws IOException, GeneralSecurityException { + + if (clientKeyStoreURL == null) + return null; + + // Set up the KeyStore to use. We need to load the file into + // a KeyStore instance. + KeyStore clientKeyStore = KeyStoreUtils.loadKeyStore( + clientKeyStoreType, clientKeyStoreURL, clientKeyStorePassword); + return getKeyManagers(clientKeyStore, clientKeyStorePassword); + } + /** + * Gets the <code>KeyManager</code>s from a default <code>KeyManagerFactory</code>, + * initialized from the given client key store. + * @param clientKeyStore client key store + * @param clientKeyStorePassword if provided, it will be used to check + * the integrity of the client key store; if omitted, it will not be checked + * @return <code>KeyManager</code>s to be used for creating an + * <code>SSLSocketFactory</code> utilizing the given client key store + * @throws GeneralSecurityException thrown while initializing the + * default <code>KeyManagerFactory</code> + */ + public static KeyManager[] getKeyManagers ( + KeyStore clientKeyStore, + String clientKeyStorePassword) + throws GeneralSecurityException { + + if (clientKeyStore == null) + return null; + + // Now we initialize the default KeyManagerFactory with this KeyStore + String alg=KeyManagerFactory.getDefaultAlgorithm(); + KeyManagerFactory kmFact=KeyManagerFactory.getInstance(alg); + char[] password = null; + if (clientKeyStorePassword != null) + password = clientKeyStorePassword.toCharArray(); + kmFact.init(clientKeyStore, password); + + // And now get the KeyManagers + KeyManager[] kms=kmFact.getKeyManagers(); + return kms; + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java new file mode 100644 index 000000000..b3bc8ae47 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamEntityResolver.java @@ -0,0 +1,88 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.IOException; +import java.io.InputStream; +import java.util.Map; + +import org.xml.sax.EntityResolver; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; + +/** + * An <code>EntityResolver</code> that maps system IDs to + * <code>InputStream</code>s. + * + * @author Patrick Peck + * @version $Id$ + */ +public class StreamEntityResolver implements EntityResolver { + + /** A mapping from Public ID or System ID to an <code>InputStream</code> + * containing the entity. */ + private Map mappedEntities; + + /** + * Create a <code>StreamEntityResolver</code>. + * + * @param mappedEntities A mapping from public or system IDs + * (<code>String</code> objects) to <code>InputStream</code>s. + */ + public StreamEntityResolver(Map mappedEntities) { + this.mappedEntities = mappedEntities; + } + + /** + * Resolve an entity by looking it up in the mapped entities. + * + * First, the public ID is looked up in the mapping, then the system ID. + * + * @param publicId The public ID of the entity. + * @param systemId The system ID of the entity. + * @return An <code>InputStream</code> containing the entity or + * <code>null</code> if no entity could be found. + * @throws SAXException Signalling a parsing exception. + * @throws IOException Error reading the entity. + */ + public InputSource resolveEntity(String publicId, String systemId) + throws SAXException, IOException { + + InputSource src = null; + + if (publicId != null && mappedEntities.get(publicId) != null) { + src = new InputSource((InputStream) mappedEntities.get(publicId)); + } else if (systemId != null && mappedEntities.get(systemId) != null) { + src = new InputSource((InputStream) mappedEntities.get(systemId)); + } + + if (src != null) { + src.setPublicId(publicId); + src.setSystemId(systemId); + } + + return src; + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java new file mode 100644 index 000000000..e4ccd127f --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StreamUtils.java @@ -0,0 +1,197 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.io.PrintStream; + +/** + * Utility methods for streams. + * + * @author Patrick Peck + * @version $Id$ + */ +public class StreamUtils { + + /** + * Compare the contents of two <code>InputStream</code>s. + * + * @param is1 The 1st <code>InputStream</code> to compare. + * @param is2 The 2nd <code>InputStream</code> to compare. + * @return boolean <code>true</code>, if both streams contain the exactly the + * same content, <code>false</code> otherwise. + * @throws IOException An error occurred reading one of the streams. + */ + public static boolean compareStreams(InputStream is1, InputStream is2) + throws IOException { + + byte[] buf1 = new byte[256]; + byte[] buf2 = new byte[256]; + int length1; + int length2; + + try { + while (true) { + length1 = is1.read(buf1); + length2 = is2.read(buf2); + + if (length1 != length2) { + return false; + } + if (length1 <= 0) { + return true; + } + if (!compareBytes(buf1, buf2, length1)) { + return false; + } + } + } catch (IOException e) { + throw e; + } finally { + // close both streams + try { + is1.close(); + is2.close(); + } catch (IOException e) { + // ignore this + } + } + } + + /** + * Compare two byte arrays, up to a given maximum length. + * + * @param b1 1st byte array to compare. + * @param b2 2nd byte array to compare. + * @param length The maximum number of bytes to compare. + * @return <code>true</code>, if the byte arrays are equal, <code>false</code> + * otherwise. + */ + private static boolean compareBytes(byte[] b1, byte[] b2, int length) { + if (b1.length != b2.length) { + return false; + } + + for (int i = 0; i < b1.length && i < length; i++) { + if (b1[i] != b2[i]) { + return false; + } + } + + return true; + } + + /** + * Reads a byte array from a stream. + * @param in The <code>InputStream</code> to read. + * @return The bytes contained in the given <code>InputStream</code>. + * @throws IOException on any exception thrown + */ + public static byte[] readStream(InputStream in) throws IOException { + + ByteArrayOutputStream out = new ByteArrayOutputStream(); + copyStream(in, out, null); + + /* + ByteArrayOutputStream out = new ByteArrayOutputStream(); + int b; + while ((b = in.read()) >= 0) + out.write(b); + + */ + in.close(); + return out.toByteArray(); + } + + /** + * Reads a <code>String</code> from a stream, using given encoding. + * @param in The <code>InputStream</code> to read. + * @param encoding The character encoding to use for converting the bytes + * of the <code>InputStream</code> into a <code>String</code>. + * @return The content of the given <code>InputStream</code> converted into + * a <code>String</code>. + * @throws IOException on any exception thrown + */ + public static String readStream(InputStream in, String encoding) throws IOException { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + copyStream(in, out, null); + + /* + ByteArrayOutputStream out = new ByteArrayOutputStream(); + int b; + while ((b = in.read()) >= 0) + out.write(b); + */ + in.close(); + return out.toString(encoding); + } + + /** + * Reads all data (until EOF is reached) from the given source to the + * destination stream. If the destination stream is null, all data is dropped. + * It uses the given buffer to read data and forward it. If the buffer is + * null, this method allocates a buffer. + * + * @param source The stream providing the data. + * @param destination The stream that takes the data. If this is null, all + * data from source will be read and discarded. + * @param buffer The buffer to use for forwarding. If it is null, the method + * allocates a buffer. + * @exception IOException If reading from the source or writing to the + * destination fails. + */ + private static void copyStream(InputStream source, OutputStream destination, byte[] buffer) throws IOException { + if (source == null) { + throw new NullPointerException("Argument \"source\" must not be null."); + } + if (buffer == null) { + buffer = new byte[8192]; + } + + if (destination != null) { + int bytesRead; + while ((bytesRead = source.read(buffer)) >= 0) { + destination.write(buffer, 0, bytesRead); + } + } else { + while (source.read(buffer) >= 0); + } + } + + /** + * Gets the stack trace of the <code>Throwable</code> passed in as a string. + * @param t The <code>Throwable</code>. + * @return a String representing the stack trace of the <code>Throwable</code>. + */ + public static String getStackTraceAsString(Throwable t) + { + ByteArrayOutputStream stackTraceBIS = new ByteArrayOutputStream(); + t.printStackTrace(new PrintStream(stackTraceBIS)); + return new String(stackTraceBIS.toByteArray()); + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StringUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StringUtils.java new file mode 100644 index 000000000..ad879d2b6 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/StringUtils.java @@ -0,0 +1,178 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.StringTokenizer; + +/** + * Utitility functions for string manipulations. + * + * @author Harald Bratko + */ +public class StringUtils { + + /** + * Removes all blanks and tabs from the given string. + * + * @param s The string to remove all blanks and tabs from. + * @return The input string with all blanks and tabs removed from. + */ + public static String removeBlanks(String s) { + StringTokenizer st = new StringTokenizer(s); + StringBuffer sb = new StringBuffer(s.length()); + while (st.hasMoreTokens()) { + sb.append(st.nextToken()); + } + return sb.toString(); + } + + /** + * Removes all occurences of the specified token from the the given string. + * + * @param s The string to remove all occurences of the specified token from. + * @return The input string with all occurences of the specified token removed from. + */ + public static String removeToken(String s, String token) { + StringTokenizer st = new StringTokenizer(s, token); + StringBuffer sb = new StringBuffer(s.length()); + while (st.hasMoreTokens()) { + sb.append(st.nextToken()); + } + return sb.toString(); + } + + /** + * Removes all leading zeros from the input string. + * + * @param s The string remove the leading zeros from. + * @return The input string with the leading zeros removed from. + */ + public static String deleteLeadingZeros(String s) { + StringBuffer sb = new StringBuffer(s); + int l = sb.length(); + int j = 0; + for (int i=0; i<l; i++) { + if (sb.charAt(i) == '0') { + j++; + } else { + break; + } + } + return sb.substring(j, l); + } + + /** + * Replaces each substring of string <code>s</code> that matches the given + * <code>search</code> string by the given <code>replace</code> string. + * + * @param s The string where the replacement should take place. + * @param search The pattern that should be replaced. + * @param replace The string that should replace all each <code>search</code> + * string within <code>s</code>. + * @return A string where all occurrence of <code>search</code> are + * replaced with <code>replace</code>. + */ + public static String replaceAll (String s, String search, String replace) + { + StringBuffer sb = new StringBuffer(); + int i = 0, j = 0; + int len = search.length(); + while (j > -1) + { + j = s.indexOf(search, i); + + if (j > -1) + { + sb.append(s.substring(i,j)); + sb.append(replace); + i = j + len; + } + } + + sb.append(s.substring(i, s.length())); + + return sb.toString(); + } + + /** + * Changes the SecurityLayer version in the given string. + * This method usually takes as input an XML structure represented in a string + * format and changes the SecurityLayer namespaces prefixes and URIs from + * one SecurityLayer version to another. + * e.g.: code>sl10</code> to <code>sl</code> and + * <code>http://www.buergerkarte.at/namespaces/securitylayer/20020225#</code> + * to + * <code>http://www.buergerkarte.at/namespaces/securitylayer/1.2#</code> + * + * @param s The string (usally an XML structure) where the + * SecurityLayer version should be changed. + * @param slPrefixOld The SecurityLayer namespace prefix that should be + * replaced by the new one. + * @param slPrefixNew The new SecurityLayer namespace prefix that should + * replace the old one. + * @param slNSUriOld The SecurityLayer namespace URI that should be + * replaced by the new one. + * @param slNSUriNew The new SecurityLayer namespace URI that should + * replace the old one. + * @return A string where the SecurityLayer namespace prefixes + * and URIs are replaced by new ones. + */ + public static String changeSLVersion(String s, String slPrefixOld, String slPrefixNew, String slNSUriOld, String slNSUriNew) { + String retString = replaceAll(s, slPrefixOld, slPrefixNew); + retString = replaceAll(retString, slNSUriOld, slNSUriNew); + return retString ; + } + + /** + * Removes the XML declaration from an XML expression. + * + * @param xmlString XML expression as String + * + * @return XML expression, XML declaration removed + */ + public static String removeXMLDeclaration(String xmlString) { + if (xmlString!=null && xmlString.startsWith("<?xml")) { + int firstElement = xmlString.indexOf("<", 1); + return xmlString.substring(firstElement); + } else { + return xmlString; + } + } + + /** + * Checks if String is empty + * @param s String to be checked if empty + * @return True if String is empty, false otherwise + */ + public static boolean isEmpty(String s) { + if (s == null || s.length() == 0) + return true; + else + return false; + + } + + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java new file mode 100644 index 000000000..66739a7a4 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/URLDecoder.java @@ -0,0 +1,84 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.StringReader; +import java.io.UnsupportedEncodingException; + +/** + * Decodes an URL encoded String using a specified character encoding. + * Provides a function missing in JDK 1.3. + * @author Paul Ivancsics + * @version $Id$ + */ +public class URLDecoder { + + /** + * Decodes an <code>application/x-www-form-urlencoded</code> string using a specific encoding scheme. + * @param s the string to decode + * @param encoding name of character encoding + * @return the newly decoded string + * @throws UnsupportedEncodingException if the encoding is not supported + */ + public static String decode(String s, String encoding) throws UnsupportedEncodingException { + StringReader in = new StringReader(s); + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + for (int b = read(in); b >= 0; b = read(in)) + bout.write(b); + return bout.toString(encoding); + } + /** + * Decodes the next byte from the string reader. + * @param in string reader + * @return the next byte decoded; + * -1 upon end of string, on erroneous data, and on any exception caught + * @todo syntax check on string + */ + private static int read(StringReader in) { + try { + int b = in.read(); + if (b == '+') + return ' '; + if (b == '%') { + char[] hex = new char[2]; + if (in.read(hex, 0, 2) >= 0) { + String hexString = new String(hex); + return Integer.valueOf(hexString, 16).intValue(); + } + else + return -1; + } + return b; + } + catch (IOException ex) { + return -1; + } + catch (NumberFormatException ex) { + return -1; + } + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java new file mode 100644 index 000000000..e6df1fd33 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/URLEncoder.java @@ -0,0 +1,89 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.ByteArrayInputStream; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; + +/** + * Translates a string into mime format "x-www-form-urlencoded". + * Provides a function missing in JDK 1.3. + * @author Paul Ivancsics + * @version $Id$ + */ +public class URLEncoder { + + /** + * Translates a string into x-www-form-urlencoded format. + * @param s the string to be translated + * @param encoding the encoding to use + * @return the translated string + * @throws UnsupportedEncodingException when the desired encoding is not supported + */ + public static String encode(String s, String encoding) throws UnsupportedEncodingException { +// if (MiscUtil.isEmpty(s)) +// return null; + byte[] barr = s.getBytes(encoding); + ByteArrayInputStream bin = new ByteArrayInputStream(barr); + StringWriter out = new StringWriter(); + for (int b = bin.read(); b >= 0; b = bin.read()) + encode(b, out); + return out.toString(); + } + + /** + * Encode a character. + * @param ch The character to encode. + * @param out The <code>StringWriter</code> containing the result. + */ + private static void encode(int ch, StringWriter out) { + if ((ch >= 'a' && ch <= 'z') + || (ch >= 'A' && ch <= 'Z') + || (ch >= '0' && ch <= '9') + || ch == '.' || ch == '-' || ch == '*' || ch == '_') + out.write(ch); + else if (ch == ' ') + out.write('+'); + else + encodeHex(ch, out); + } + + /** + * Encode a character as an escaped hex value. + * @param ch The character to encode. + * @param out The <code>StringWriter</code> containing the result. + */ + private static void encodeHex(int ch, StringWriter out) { + out.write('%'); + String hex = Integer.toHexString(ch).toUpperCase(); + if (hex.length() < 2) + out.write('0'); + else + out.write(hex.charAt(hex.length() - 2)); + out.write(hex.charAt(hex.length() - 1)); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/XPathException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/XPathException.java new file mode 100644 index 000000000..206245a68 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/XPathException.java @@ -0,0 +1,86 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.io.PrintStream; +import java.io.PrintWriter; + +/** + * An exception occurred evaluating an XPath. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XPathException extends RuntimeException { + /** + * + */ + private static final long serialVersionUID = 1736311265333034392L; +/** The wrapped exception. */ + private Throwable wrapped; + + /** + * Create a <code>XPathException</code>. + * + * @param message The exception message. + * @param wrapped The exception being the likely cause of this exception. + */ + public XPathException(String message, Throwable wrapped) { + super(message); + this.wrapped = wrapped; + } + + /** + * Return the wrapped exception. + * + * @return The wrapped exception being the likely cause of this exception. + */ + public Throwable getWrapped() { + return wrapped; + } + + /** + * @see java.lang.Throwable#printStackTrace(java.io.PrintStream) + */ + public void printStackTrace(PrintStream s) { + super.printStackTrace(s); + if (getWrapped() != null) { + s.print("Caused by: "); + getWrapped().printStackTrace(s); + } + } + + /** + * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter) + */ + public void printStackTrace(PrintWriter s) { + super.printStackTrace(s); + if (getWrapped() != null) { + s.print("Caused by: "); + getWrapped().printStackTrace(s); + } + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java new file mode 100644 index 000000000..89aeaf3d1 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/XPathUtils.java @@ -0,0 +1,557 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.util; + +import java.util.List; +import java.util.Map; + +import org.w3c.dom.Attr; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.traversal.NodeIterator; + +import org.jaxen.JaxenException; +import org.jaxen.NamespaceContext; +import org.jaxen.Navigator; +import org.jaxen.SimpleNamespaceContext; +import org.jaxen.dom.DOMXPath; +import org.jaxen.dom.DocumentNavigator; + +/** + * Utility methods to evaluate XPath expressions on DOM nodes. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XPathUtils { + + /** + * The XPath expression selecting all nodes under a given root (including the + * root node itself). + */ + public static final String ALL_NODES_XPATH = + "(.//. | .//@* | .//namespace::*)"; + + /** The <code>DocumentNavigator</code> to use for navigating the document. */ + private static Navigator documentNavigator = + DocumentNavigator.getInstance(); + /** The default namespace prefix to namespace URI mappings. */ + private static NamespaceContext NS_CONTEXT; + + static { + SimpleNamespaceContext ctx = new SimpleNamespaceContext(); + ctx.addNamespace(Constants.MOA_PREFIX, Constants.MOA_NS_URI); + ctx.addNamespace(Constants.MOA_CONFIG_PREFIX, Constants.MOA_CONFIG_NS_URI); + ctx.addNamespace(Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); + ctx.addNamespace(Constants.SL10_PREFIX, Constants.SL10_NS_URI); + ctx.addNamespace(Constants.SL11_PREFIX, Constants.SL11_NS_URI); + ctx.addNamespace(Constants.SL12_PREFIX, Constants.SL12_NS_URI); + ctx.addNamespace(Constants.ECDSA_PREFIX, Constants.ECDSA_NS_URI); + ctx.addNamespace(Constants.PD_PREFIX, Constants.PD_NS_URI); + ctx.addNamespace(Constants.SAML_PREFIX, Constants.SAML_NS_URI); + ctx.addNamespace(Constants.SAMLP_PREFIX, Constants.SAMLP_NS_URI); + ctx.addNamespace(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); + ctx.addNamespace(Constants.XSLT_PREFIX, Constants.XSLT_NS_URI); + ctx.addNamespace(Constants.XSI_PREFIX, Constants.XSI_NS_URI); + ctx.addNamespace(Constants.DSIG_FILTER2_PREFIX, Constants.DSIG_FILTER2_NS_URI); + ctx.addNamespace(Constants.DSIG_EC_PREFIX, Constants.DSIG_EC_NS_URI); + ctx.addNamespace(Constants.MD_PREFIX, Constants.MD_NS_URI); + ctx.addNamespace(Constants.MDP_PREFIX, Constants.MDP_NS_URI); + ctx.addNamespace(Constants.MVV_PREFIX, Constants.MVV_NS_URI); + ctx.addNamespace(Constants.STB_PREFIX, Constants.STB_NS_URI); + ctx.addNamespace(Constants.WRR_PREFIX, Constants.WRR_NS_URI); + ctx.addNamespace(Constants.STORK_PREFIX, Constants.STORK_NS_URI); + ctx.addNamespace(Constants.STORKP_PREFIX, Constants.STORKP_NS_URI); + ctx.addNamespace(Constants.SAML2_PREFIX, Constants.SAML2_NS_URI); + ctx.addNamespace(Constants.SAML2P_PREFIX, Constants.SAML2P_NS_URI); + ctx.addNamespace(Constants.XENC_PREFIX, Constants.XENC_NS_URI); + ctx.addNamespace(Constants.XADES_1_1_1_NS_PREFIX, Constants.XADES_1_1_1_NS_URI); + NS_CONTEXT = ctx; + } + + /** + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. + * + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return An iterator over the resulting nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeIterator selectNodeIterator(Node contextNode, String exp) + throws XPathException { + + return selectNodeIterator(contextNode, NS_CONTEXT, exp); + } + + /** + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the + * namespace mapping for evaluating the XPath expression + * @param exp The XPath expression to evaluate. + * @return An iterator over the resulting nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeIterator selectNodeIterator( + Node contextNode, + Element namespaceElement, + String exp) + throws XPathException { + + try { + SimpleNamespaceContext ctx = new SimpleNamespaceContext(); + ctx.addElementNamespaces(documentNavigator, namespaceElement); + return selectNodeIterator(contextNode, ctx, exp); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return An iterator over the resulting nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeIterator selectNodeIterator( + Node contextNode, + Map namespaceMapping, + String exp) + throws XPathException { + + SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); + + return selectNodeIterator(contextNode, ctx, exp); + } + + /** + * Return a <code>NodeIterator</code> over the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath expression. + * @param exp The XPath expression to evaluate. + * @return An iterator over the resulting nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + private static NodeIterator selectNodeIterator( + Node contextNode, + NamespaceContext nsContext, + String exp) + throws XPathException { + + try { + DOMXPath xpath = new DOMXPath(exp); + List nodes; + + xpath.setNamespaceContext(nsContext); + nodes = xpath.selectNodes(contextNode); + return new NodeIteratorAdapter(nodes.listIterator()); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return A <code>NodeList</code> containing the matching nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeList selectNodeList(Node contextNode, String exp) + throws XPathException { + + return selectNodeList(contextNode, NS_CONTEXT, exp); + } + + /** + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the + * namespace mapping for evaluating the XPath expression + * @param exp The XPath expression to evaluate. + * @return A <code>NodeList</code> containing the matching nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeList selectNodeList( + Node contextNode, + Element namespaceElement, + String exp) + throws XPathException { + + try { + SimpleNamespaceContext ctx = new SimpleNamespaceContext(); + + ctx.addElementNamespaces(documentNavigator, namespaceElement); + return selectNodeList(contextNode, ctx, exp); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return A <code>NodeList</code> containing the matching nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static NodeList selectNodeList( + Node contextNode, + Map namespaceMapping, + String exp) + throws XPathException { + + SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); + + return selectNodeList(contextNode, ctx, exp); + } + + /** + * Return a <code>NodeList</code> of all the nodes matching the XPath + * expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath expression. + * @param exp The XPath expression to evaluate. + * @return A <code>NodeList</code> containing the matching nodes. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + private static NodeList selectNodeList( + Node contextNode, + NamespaceContext nsContext, + String exp) + throws XPathException { + + try { + DOMXPath xpath = new DOMXPath(exp); + List nodes; + + xpath.setNamespaceContext(nsContext); + nodes = xpath.selectNodes(contextNode); + return new NodeListAdapter(nodes); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Select the first node matching an XPath expression. + * + * All namespace URIs and prefixes declared in the <code>Constants</code> + * interface are used for resolving namespaces. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static Node selectSingleNode(Node contextNode, String exp) + throws XPathException { + + return selectSingleNode(contextNode, NS_CONTEXT, exp); + } + + /** + * Select the first node matching an XPath expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceElement An element from which to build the + * namespace mapping for evaluating the XPath expression + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static Node selectSingleNode( + Node contextNode, + Element namespaceElement, + String exp) + throws XPathException { + + try { + SimpleNamespaceContext ctx = new SimpleNamespaceContext(); + ctx.addElementNamespaces(documentNavigator, namespaceElement); + + return selectSingleNode(contextNode, ctx, exp); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Select the first node matching an XPath expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param namespaceMapping A namespace prefix to namespace URI mapping + * (<code>String</code> to <code>String</code>) for evaluating the XPath + * expression. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static Node selectSingleNode( + Node contextNode, + Map namespaceMapping, + String exp) + throws XPathException { + + SimpleNamespaceContext ctx = new SimpleNamespaceContext(namespaceMapping); + + return selectSingleNode(contextNode, ctx, exp); + } + + /** + * Select the first node matching an XPath expression. + * + * @param contextNode The root node from which to evaluate the XPath + * expression. + * @param nsContext The <code>NamespaceContext</code> for resolving namespace + * prefixes to namespace URIs for evaluating the XPath expression. + * @param exp The XPath expression to evaluate. + * @return Node The first node matching the XPath expression, or + * <code>null</code>, if no node matched. + * @throws XPathException An error occurred evaluating the XPath expression. + */ + public static Node selectSingleNode( + Node contextNode, + NamespaceContext nsContext, + String exp) + throws XPathException { + + try { + DOMXPath xpath = new DOMXPath(exp); + xpath.setNamespaceContext(nsContext); + return (Node) xpath.selectSingleNode(contextNode); + } catch (JaxenException e) { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { exp }); + throw new XPathException(message, e); + } + } + + /** + * Return the value of a DOM element whose location is given by an XPath + * expression. + * + * @param root The root element from which to evaluate the XPath. + * @param xpath The XPath expression pointing to the element whose value + * to return. + * @param def The default value to return, if no element can be found using + * the given <code>xpath</code>. + * @return The element value, if it can be located using the + * <code>xpath</code>. Otherwise, <code>def</code> is returned. + */ + public static String getElementValue( + Element root, + String xpath, + String def) { + + Element elem = (Element) XPathUtils.selectSingleNode(root, xpath); + return elem != null ? DOMUtils.getText(elem) : def; + } + + /** + * Return the value of a DOM attribute whose location is given by an XPath + * expression. + * + * @param root The root element from which to evaluate the XPath. + * @param xpath The XPath expression pointing to the attribute whose value to + * return. + * @param def The default value to return, if no attribute can be found using + * the given <code>xpath</code>. + * @return The element value, if it can be located using the + * <code>xpath</code>. Otherwise, <code>def</code> is returned. + */ + public static String getAttributeValue( + Element root, + String xpath, + String def) { + + Attr attr = (Attr) XPathUtils.selectSingleNode(root, xpath); + return attr != null ? attr.getValue() : def; + } + + /** + * Returns the namespace prefix used within <code>XPathUtils</code> for referring to + * the namespace of the specified (Security Layer command) element. + * + * This namespace prefix can be used in various XPath expression evaluation methods + * within <code> XPathUtils</code> without explicitely binding it to the particular + * namespace. + * + * @param contextElement The (Security Layer command) element. + * + * @return the namespace prefix used within <code>XPathUtils</code> for referring to + * the namespace of the specified (Security Layer command) element. + * + * throws XpathException If the specified element has a namespace other than the ones + * known by this implementation as valid Security Layer namespaces (cf. + * @link Constants#SL10_NS_URI, @link Constants#SL11_NS_URI, @link Constants#SL12_NS_URI). + */ + public static String getSlPrefix (Element contextElement) throws XPathException + { + String sLNamespace = contextElement.getNamespaceURI(); + String sLPrefix = null; + + if (sLNamespace.equals(Constants.SL10_NS_URI)) + { + sLPrefix = Constants.SL10_PREFIX; + } + else if (sLNamespace.equals(Constants.SL12_NS_URI)) + { + sLPrefix = Constants.SL12_PREFIX; + } + else if (sLNamespace.equals(Constants.SL11_NS_URI)) + { + sLPrefix = Constants.SL11_PREFIX; + } + else + { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { "Ung�ltiger Security Layer Namespace: \"" + sLNamespace + "\"."}); + throw new XPathException(message, null); + } + + return sLPrefix; + } + + + /** + * Return the SecurityLayer namespace prefix of the context element. + * If the context element is not the element that lies within the + * SecurityLayer namespace. The Securitylayer namespace is derived from + * the <code>xmlns:sl10</code>, <code>sl11</code> or <code>sl</code> + * attribute of the context element. + * + * The returned prefix is needed for evaluating XPATH expressions. + * + * @param contextElement The element to get a prefix for the Securitylayer namespace, + * that is used within the corresponding document. + * + * @return The string <code>sl10</code>, <code>sl11</code> or <code>sl</code>, + * depending on the SecurityLayer namespace of the contextElement. + * + * throws XPathException If no (vlalid) SecurityLayer namespace prefix or namespace + * is defined. + */ + public static String getSlPrefixFromNoRoot (Element contextElement) throws XPathException { + + String slPrefix = checkSLnsDeclaration(contextElement, Constants.SL10_PREFIX, Constants.SL10_NS_URI); + if (slPrefix == null) { + slPrefix = checkSLnsDeclaration(contextElement, Constants.SL11_PREFIX, Constants.SL11_NS_URI); + } + if (slPrefix == null) { + slPrefix = checkSLnsDeclaration(contextElement, Constants.SL12_PREFIX, Constants.SL12_NS_URI); + } + + return slPrefix; + + } + + /** + * Checks if the context element has an attribute <code>xmlns:slPrefix</code> and + * if the prefix of that attribute corresponds with a valid SecurityLayer namespace. + * + * @param contextElement The element to be checked. + * @param slPrefix The prefix which should be checked. Must be a valid SecurityLayer + * namespace prefix. + * @param slNameSpace The SecurityLayer namespace that corresponds to the specified prefix. + * + * @return The valid SecurityLayer prefix or <code>null</code> if this prefix is + * not used. + * @throws XPathException + */ + private static String checkSLnsDeclaration(Element contextElement, String slPrefix, String slNameSpace) + throws XPathException + { + String nsAtt = "xmlns:" + slPrefix; + String nameSpace = contextElement.getAttribute(nsAtt); + if (nameSpace == "") { + return null; + } else { + // check if namespace is correct + if (nameSpace.equals(slNameSpace)) { + return slPrefix; + } else { + MessageProvider msg = MessageProvider.getInstance(); + String message = msg.getMessage("xpath.00", new Object[] { "Ung�ltiger SecurityLayer Namespace: \"" + nameSpace + "\"."}); + throw new XPathException(message, null); + } + } + } + +} diff --git a/common/src/main/java/at/gv/egovernment/moa/util/ex/EgovUtilException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/ex/EgovUtilException.java index 733a2a845..733a2a845 100644 --- a/common/src/main/java/at/gv/egovernment/moa/util/ex/EgovUtilException.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/ex/EgovUtilException.java diff --git a/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml b/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml index c758e230e..fd16e8f96 100644 --- a/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml +++ b/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml @@ -15,7 +15,7 @@ <context:property-placeholder location="${moa.id.webconfig}"/> - <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" lazy-init="true" destroy-method="close"> + <bean id="dataSource" class="org.apache.commons.dbcp2.BasicDataSource" lazy-init="true" destroy-method="close"> <aop:scoped-proxy/> <property name="driverClassName" value="${hibernate.connection.driver_class}" /> <property name="url" value="${hibernate.connection.url}"/> @@ -24,10 +24,10 @@ <property name="connectionProperties" value="${dbcp.connectionProperties}" /> <property name="initialSize" value="${dbcp.initialSize}" /> - <property name="maxActive" value="${dbcp.maxActive}" /> + <property name="maxTotal" value="${dbcp.maxActive}" /> <property name="maxIdle" value="${dbcp.maxIdle}" /> <property name="minIdle" value="${dbcp.minIdle}" /> - <property name="maxWait" value="${dbcp.maxWaitMillis}" /> + <!-- property name="maxWait" value="${dbcp.maxWaitMillis}" /--> <property name="testOnBorrow" value="${dbcp.testOnBorrow}" /> <property name="testOnReturn" value="${dbcp.testOnReturn}" /> <property name="testWhileIdle" value="${dbcp.testWhileIdle}" /> diff --git a/id/server/moa-id-commons/src/main/resources/resources/properties/common_messages_de.properties b/id/server/moa-id-commons/src/main/resources/resources/properties/common_messages_de.properties new file mode 100644 index 000000000..a58d07625 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/properties/common_messages_de.properties @@ -0,0 +1,17 @@ +# This file contains exception messages in the standard Java properties +# format. The messages may contain formatting patterns as definied in the +# java.text.MessageFormat class. + + +# +# Messages private to the MOA common subsystem +# + +parser.00=Leichter Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} +parser.01=Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} +parser.02=Schwerer Fehler beim Parsen: {0}, SystemID={1}, Zeile={2}, Spalte={3} +parser.04=Fehler beim Parsen: {0} + +xpath.00=Fehler beim Auswerten des XPath-Ausdruckes: {0} + +datetime.00=Fehler beim Parsen der DateTime
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/Core-1.2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/Core-1.2.xsd new file mode 100644 index 000000000..864fee6d5 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/Core-1.2.xsd @@ -0,0 +1,881 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- Securitylayer, Schnittstellenspezifikation --> + +<!-- XML-Schema fuer Schnittstellenspezifikation Version 1.2.2 --> + +<!-- 01. 03. 2005, Bundeskanzleramt, Stabsstelle IKT-Strategie, Technik und Standards --> + +<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2.1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/1.2#"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <!--###################################################################### --> + <!--# Create CMS Signature # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Create CMS Signature Request = --> + <!--====================================================================== --> + <xsd:element name="CreateCMSSignatureRequest" type="CreateCMSSignatureRequestType"/> + <xsd:complexType name="CreateCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="DataObject" type="CMSDataObjectRequiredMetaType"/> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectRequiredMetaType"> + <xsd:complexContent> + <xsd:restriction base="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="Base64OptRefContentType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="Base64OptRefContentType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Create CMS Siganture Response = --> + <!--====================================================================== --> + <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/> + <xsd:complexType name="CreateCMSSignatureResponseType"> + <xsd:sequence> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Create XML Signature # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Create XML Signature Request = --> + <!--====================================================================== --> + <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="DataObjectInfo" type="DataObjectInfoType" maxOccurs="unbounded"/> + <xsd:element name="SignatureInfo" type="SignatureInfoCreationType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SignatureInfoCreationType"> + <xsd:sequence> + <xsd:element name="SignatureEnvironment" type="Base64XMLOptRefContentType"/> + <xsd:element name="SignatureLocation"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:nonNegativeInteger" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType"/> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject" type="Base64XMLLocRefOptRefContentType"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="FinalDataMetaInfo" type="MetaInfoType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Create XML Signature Response = --> + <!--====================================================================== --> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Verify CMS Signature # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Verify CMS Signature Request = --> + <!--====================================================================== --> + <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger"/> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + </xsd:restriction> + </xsd:simpleType> + <!--====================================================================== --> + <!--= Verify CMS Signature Response = --> + <!--====================================================================== --> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="QualifiedCertificate"/> + <!--###################################################################### --> + <!--# Verify XML Signature # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Verify XML Signature Request = --> + <!--====================================================================== --> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="SignatureInfo" type="SignatureInfoVerificationType"/> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SignatureInfoVerificationType"> + <xsd:sequence> + <xsd:element name="SignatureEnvironment" type="Base64XMLOptRefContentType"/> + <xsd:element name="SignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Verify XML Signature Response = --> + <!--====================================================================== --> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> + <xsd:sequence> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> + <xsd:sequence> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="AnyMixedChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Encrypt a CMS message # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Encrypt a CMS message: Request = --> + <!--====================================================================== --> + <xsd:element name="EncryptCMSRequest" type="EncryptCMSRequestType"/> + <xsd:complexType name="EncryptCMSRequestType"> + <xsd:sequence> + <xsd:element name="RecipientPublicKey" type="CMSRecipientPublicKeyType" maxOccurs="unbounded"/> + <xsd:element name="ToBeEncrypted" type="CMSToBeEncryptedType"/> + </xsd:sequence> + <xsd:attribute name="ReturnBinaryResult" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="CMSToBeEncryptedType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="Base64OptRefContentType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSRecipientPublicKeyType"> + <xsd:choice> + <xsd:element name="X509Certificate" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:complexType> + <!--====================================================================== --> + <!--= Encrypt a CMS message: Response = --> + <!--====================================================================== --> + <xsd:element name="EncryptCMSResponse" type="EncryptCMSResponseType"/> + <xsd:complexType name="EncryptCMSResponseType"> + <xsd:sequence> + <xsd:element name="CMSMessage" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Decrypt a CMS message # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Decrypt a CMS message: Request = --> + <!--====================================================================== --> + <xsd:element name="DecryptCMSRequest" type="DecryptCMSRequestType"/> + <xsd:complexType name="DecryptCMSRequestType"> + <xsd:sequence> + <xsd:element name="CMSMessage" type="xsd:base64Binary"/> + <xsd:element name="EncryptedContent" type="CMSEncryptedContentType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="ReturnResult" type="ReturnResultType" use="optional" default="xml"/> + </xsd:complexType> + <xsd:complexType name="CMSEncryptedContentType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="Base64OptRefContentType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ReturnResultType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="binary"/> + <xsd:enumeration value="xml"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + <!--====================================================================== --> + <!--= Decrypt a CMS message: Response = --> + <!--====================================================================== --> + <xsd:element name="DecryptCMSResponse" type="DecryptCMSResponseType"/> + <xsd:complexType name="DecryptCMSResponseType"> + <xsd:sequence> + <xsd:element name="DecryptedData" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Encrypt an XML document # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Encrypt an XML document: Request = --> + <!--====================================================================== --> + <xsd:element name="EncryptXMLRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="EncryptXMLRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="EncryptXMLRequestType"> + <xsd:sequence> + <xsd:element name="RecipientPublicKey" type="XMLRecipientPublicKeyType" maxOccurs="unbounded"/> + <xsd:element name="ToBeEncrypted" type="ToBeEncryptedType" maxOccurs="unbounded"/> + <xsd:element name="EncryptionInfo" type="EncryptionInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ToBeEncryptedType"> + <xsd:choice> + <xsd:element name="Element"> + <xsd:complexType> + <xsd:attribute name="Selector" type="xsd:token" use="required"/> + <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ElementContent"> + <xsd:complexType> + <xsd:attribute name="Selector" type="xsd:token" use="required"/> + <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="New" type="XMLToBeEncryptedNewType"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="XMLToBeEncryptedNewType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="XMLToBeEncryptedNewContentType"/> + </xsd:sequence> + <xsd:attribute name="ParentSelector" type="xsd:token" use="required"/> + <xsd:attribute name="NodeCount" type="xsd:nonNegativeInteger" use="required"/> + </xsd:complexType> + <xsd:complexType name="XMLToBeEncryptedNewContentType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLLocRefContentType"> + <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="XMLRecipientPublicKeyType"> + <xsd:choice> + <xsd:element ref="dsig:KeyValue"/> + <xsd:element name="X509Certificate" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="EncryptionInfoType"> + <xsd:sequence> + <xsd:element name="EncryptionEnvironment" type="Base64XMLOptRefContentType"/> + <xsd:element name="EncryptedKeyLocation" minOccurs="0"> + <xsd:complexType> + <xsd:attribute name="ParentSelector" type="xsd:token" use="required"/> + <xsd:attribute name="NodeCount" type="xsd:nonNegativeInteger" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Encrypt an XML document: Response = --> + <!--====================================================================== --> + <xsd:element name="EncryptXMLResponse" type="EncryptXMLResponseType"/> + <xsd:complexType name="EncryptXMLResponseType"> + <xsd:sequence> + <xsd:element name="EncryptionEnvironment"> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="EncryptedData" type="EncryptedDataType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="EncryptedDataType"> + <xsd:simpleContent> + <xsd:extension base="xsd:base64Binary"> + <xsd:attribute name="EncDataReference" type="xsd:anyURI" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!--###################################################################### --> + <!--# Decrypt an XML document # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Decrypt an XML document: Request = --> + <!--====================================================================== --> + <xsd:element name="DecryptXMLRequest" type="DecryptXMLRequestType"/> + <xsd:complexType name="DecryptXMLRequestType"> + <xsd:sequence> + <xsd:element name="EncryptedContent" type="Base64XMLOptRefContentType"/> + <xsd:element name="EncrElemsSelector" type="xsd:string"/> + <xsd:element name="Supplement" type="DataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="ReturnResult" type="ReturnResultType" use="optional" default="xml"/> + </xsd:complexType> + <!--====================================================================== --> + <!--= Decrypt an XML document: Response = --> + <!--====================================================================== --> + <xsd:element name="DecryptXMLResponse" type="DecryptXMLResponseType"/> + <xsd:complexType name="DecryptXMLResponseType"> + <xsd:sequence minOccurs="0"> + <xsd:element name="CandidateDocument" type="XMLContentType"/> + <xsd:element name="DecryptedBinaryData" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:base64Binary"> + <xsd:attribute name="EncrElemSelector" type="xsd:string" use="required"/> + <xsd:attribute name="MimeType" type="xsd:string" use="optional"/> + <xsd:attribute name="Encoding" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Hashing # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Hash Computation Request = --> + <!--====================================================================== --> + <xsd:element name="CreateHashRequest" type="CreateHashRequestType"/> + <xsd:complexType name="CreateHashRequestType"> + <xsd:sequence> + <xsd:element name="HashInfo" type="CreateHashInfoRequestType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CreateHashInfoRequestType"> + <xsd:sequence> + <xsd:element name="HashData" type="HashDataType"/> + <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="RespondHashData" type="xsd:boolean" use="required"/> + </xsd:complexType> + <xsd:complexType name="HashDataType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="Base64XMLOptRefContentType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Hash Computation Response = --> + <!--====================================================================== --> + <xsd:element name="CreateHashResponse" type="CreateHashResponseType"/> + <xsd:complexType name="CreateHashResponseType"> + <xsd:sequence> + <xsd:element name="HashInfo" type="CreateHashInfoResponseType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CreateHashInfoResponseType"> + <xsd:sequence> + <xsd:element name="HashData" type="HashDataType" minOccurs="0"/> + <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> + <xsd:element name="HashValue" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Hash Verification Request = --> + <!--====================================================================== --> + <xsd:element name="VerifyHashRequest" type="VerifyHashRequestType"/> + <xsd:complexType name="VerifyHashRequestType"> + <xsd:sequence> + <xsd:element name="HashInfo" type="VerifyHashInfoRequestType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="VerifyHashInfoRequestType"> + <xsd:sequence> + <xsd:element name="HashData" type="HashDataType"/> + <xsd:element name="HashAlgorithm" type="xsd:anyURI"/> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> + <xsd:element name="HashValue" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Hash Verification Response = --> + <!--====================================================================== --> + <xsd:element name="VerifyHashResponse" type="VerifyHashResponseType"/> + <xsd:complexType name="VerifyHashResponseType"> + <xsd:sequence> + <xsd:element name="VerificationResult" type="VerificationResultType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="VerificationResultType"> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"/> + <xsd:element name="Result" type="xsd:boolean"/> + </xsd:sequence> + </xsd:complexType> + <!--###################################################################### --> + <!--# Infobox Commands # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Check Available Infoboxes Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxAvailableRequest" type="InfoboxAvailableRequestType"/> + <xsd:complexType name="InfoboxAvailableRequestType"/> + <!--====================================================================== --> + <!--= Check Available Infoboxes Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxAvailableResponse" type="InfoboxAvailableResponseType"/> + <xsd:complexType name="InfoboxAvailableResponseType"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Create Infobox Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxCreateRequest" type="InfoboxCreateRequestType"/> + <xsd:complexType name="InfoboxCreateRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="InfoboxType" type="InfoboxTypeType"/> + <xsd:element name="Creator" type="xsd:string"/> + <xsd:element name="Purpose" type="xsd:string"/> + <xsd:element name="ReadAccessAuthorization" type="AccessAuthorizationType" minOccurs="0"/> + <xsd:element name="UpdateAccessAuthorization" type="AccessAuthorizationType" minOccurs="0"/> + <xsd:element name="ReadUserConfirmation" type="UserConfirmationType" minOccurs="0"/> + <xsd:element name="UpdateUserConfirmation" type="UserConfirmationType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="InfoboxTypeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="BinaryFile"/> + <xsd:enumeration value="AssocArray"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="AccessAuthorizationType"> + <xsd:sequence> + <xsd:element name="RequesterID" type="RequesterIDType" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="UserMayChange" type="xsd:boolean" use="required"/> + </xsd:complexType> + <xsd:simpleType name="RequesterIDSimpleType"> + <xsd:restriction base="xsd:string"/> + </xsd:simpleType> + <xsd:complexType name="RequesterIDType"> + <xsd:simpleContent> + <xsd:extension base="RequesterIDSimpleType"> + <xsd:attribute name="AuthenticationClass" type="AuthenticationClassType" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="UserConfirmationType"> + <xsd:simpleContent> + <xsd:extension base="UserConfirmationSimpleType"> + <xsd:attribute name="UserMayChange" type="xsd:boolean" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:simpleType name="UserConfirmationSimpleType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="none"/> + <xsd:enumeration value="info"/> + <xsd:enumeration value="confirm"/> + <xsd:enumeration value="confirmWithSecret"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="AuthenticationClassType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="anonym"/> + <xsd:enumeration value="pseudoanonym"/> + <xsd:enumeration value="certified"/> + <xsd:enumeration value="certifiedGovAgency"/> + </xsd:restriction> + </xsd:simpleType> + <!--====================================================================== --> + <!--= Create Infobox Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxCreateResponse" type="InfoboxCreateResponseType"/> + <xsd:complexType name="InfoboxCreateResponseType"/> + <!--====================================================================== --> + <!--= Delete Infobox Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxDeleteRequest" type="InfoboxDeleteRequestType"/> + <xsd:complexType name="InfoboxDeleteRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Delete Infobox Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxDeleteResponse" type="InfoboxDeleteResponseType"/> + <xsd:complexType name="InfoboxDeleteResponseType"/> + <!--====================================================================== --> + <!--= Read Infobox Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxReadRequest" type="InfoboxReadRequestType"/> + <xsd:complexType name="InfoboxReadRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + <xsd:choice> + <xsd:element name="BinaryFileParameters" type="InfoboxReadParamsBinaryFileType"/> + <xsd:element name="AssocArrayParameters" type="InfoboxReadParamsAssocArrayType"/> + </xsd:choice> + <xsd:element name="BoxSpecificParameters" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxReadParamsBinaryFileType"> + <xsd:attribute name="ContentIsXMLEntity" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="InfoboxReadParamsAssocArrayType"> + <xsd:choice> + <xsd:element name="ReadKeys"> + <xsd:complexType> + <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/> + <xsd:attribute name="UserMakesUnique" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReadPairs"> + <xsd:complexType> + <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/> + <xsd:attribute name="UserMakesUnique" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="ValuesAreXMLEntities" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReadValue"> + <xsd:complexType> + <xsd:attribute name="Key" type="BoxIdentifierType" use="required"/> + <xsd:attribute name="ValueIsXMLEntity" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <xsd:element name="IdentityLinkDomainIdentifier" type="xsd:anyURI"/> + <!--====================================================================== --> + <!--= Read Infobox Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxReadResponse" type="InfoboxReadResponseType"/> + <xsd:complexType name="InfoboxReadResponseType"> + <xsd:choice> + <xsd:element name="BinaryFileData" type="Base64XMLContentType"/> + <xsd:element name="AssocArrayData" type="InfoboxReadDataAssocArrayType"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="InfoboxReadDataAssocArrayType"> + <xsd:choice> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="Key" type="BoxIdentifierType"/> + </xsd:sequence> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="Pair" type="InfoboxAssocArrayPairType"/> + </xsd:sequence> + </xsd:choice> + </xsd:complexType> + <!--====================================================================== --> + <!--= Update Infobox Request = --> + <!--====================================================================== --> + <xsd:element name="InfoboxUpdateRequest" type="InfoboxUpdateRequestType"/> + <xsd:complexType name="InfoboxUpdateRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + <xsd:choice> + <xsd:element name="BinaryFileParameters" type="Base64XMLContentType"/> + <xsd:element name="AssocArrayParameters" type="InfoboxUpdateParamsAssocArrayType"/> + </xsd:choice> + <xsd:element name="BoxSpecificParameters" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxUpdateParamsAssocArrayType"> + <xsd:choice> + <xsd:element name="UpdateKey"> + <xsd:complexType> + <xsd:attribute name="Key" type="xsd:token" use="required"/> + <xsd:attribute name="NewKey" type="xsd:token" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="UpdateValue" type="InfoboxAssocArrayPairType"/> + <xsd:element name="DeletePair"> + <xsd:complexType> + <xsd:attribute name="Key" type="xsd:token" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <!--====================================================================== --> + <!--= Update Infobox Response = --> + <!--====================================================================== --> + <xsd:element name="InfoboxUpdateResponse" type="InfoboxUpdateResponseType"/> + <xsd:complexType name="InfoboxUpdateResponseType"/> + <!--###################################################################### --> + <!--# Null-Operation # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Null-Operation ReQuest = --> + <!--====================================================================== --> + <xsd:element name="NullOperationRequest" type="NullOperationRequestType"/> + <xsd:complexType name="NullOperationRequestType"/> + <!--====================================================================== --> + <!--= Null-Operation Response = --> + <!--====================================================================== --> + <xsd:element name="NullOperationResponse" type="NullOperationResponseType"/> + <xsd:complexType name="NullOperationResponseType"/> + <!--###################################################################### --> + <!--# Get Properties # --> + <!--###################################################################### --> + <xsd:element name="GetPropertiesRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="GetPropertiesRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="GetPropertiesRequestType"/> + <!--====================================================================== --> + <!--= Get Properties Response = --> + <!--====================================================================== --> + <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/> + <xsd:complexType name="GetPropertiesResponseType"> + <xsd:sequence> + <xsd:element name="ViewerMediaType" type="MimeTypeType" maxOccurs="unbounded"/> + <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" maxOccurs="unbounded"/> + <xsd:element name="KeyboxIdentifier" type="QualifiedBoxIdentifierType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="Binding" type="BindingType" maxOccurs="unbounded"/> + <xsd:element name="ProtocolVersion" type="xsd:token" maxOccurs="unbounded"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="BindingType"> + <xsd:complexContent> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute name="Identifier" type="xsd:token" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="QualifiedBoxIdentifierType"> + <xsd:simpleContent> + <xsd:extension base="BoxIdentifierType"> + <xsd:attribute name="Signature" type="xsd:boolean" use="required"/> + <xsd:attribute name="Encryption" type="xsd:boolean" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!--###################################################################### --> + <!--# Get Token Status # --> + <!--###################################################################### --> + <!--====================================================================== --> + <!--= Get Token Status Request = --> + <!--====================================================================== --> + <xsd:element name="GetStatusRequest" type="GetStatusRequestType"/> + <xsd:complexType name="GetStatusRequestType"> + <xsd:sequence minOccurs="0"> + <xsd:element name="TokenStatus" type="TokenStatusType"/> + <xsd:element name="MaxDelay" type="xsd:nonNegativeInteger"/> + </xsd:sequence> + </xsd:complexType> + <!--====================================================================== --> + <!--= Get Token Status Response = --> + <!--====================================================================== --> + <xsd:element name="GetStatusResponse" type="GetStatusResponseType"/> + <xsd:complexType name="GetStatusResponseType"> + <xsd:sequence> + <xsd:element name="TokenStatus" type="TokenStatusType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="TokenStatusType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="ready"/> + <xsd:enumeration value="removed"/> + </xsd:restriction> + </xsd:simpleType> + <!--###################################################################### --> + <!--# Error Response # --> + <!--###################################################################### --> + <xsd:element name="ErrorResponse" type="ErrorResponseType"/> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="ErrorCodeType"/> + <xsd:element name="Info" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ErrorCodeType"> + <xsd:restriction base="xsd:integer"> + <xsd:minInclusive value="1000"/> + <xsd:maxInclusive value="99999"/> + </xsd:restriction> + </xsd:simpleType> + <!--###################################################################### --> + <!--# Auxiliary Types # --> + <!--###################################################################### --> + <xsd:simpleType name="BoxIdentifierType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:simpleType name="WildCardSearchStringType"> + <xsd:restriction base="xsd:string"> + <xsd:pattern value="[^\*/]*(\*[^\*/]*)?(/[^\*/]*(\*[^\*/]*)?)*"/> + <xsd:pattern value="\*\*"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="InfoboxAssocArrayPairType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLContentType"> + <xsd:attribute name="Key" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="AnyChildrenType" mixed="false"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="AnyMixedChildrenType" mixed="true"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any namespace="##any" processContents="skip"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="AnyMixedChildrenType"> + <xsd:attribute ref="xml:space" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64XMLLocRefOptRefContentType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLLocRefContentType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64XMLLocRefReqRefContentType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLLocRefContentType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64XMLOptRefContentType"> + <xsd:complexContent> + <xsd:extension base="Base64XMLContentType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64OptRefContentType"> + <xsd:complexContent> + <xsd:extension base="Base64ContentType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="Base64ContentType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="Base64XMLContentType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="Base64XMLLocRefContentType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="DataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="Base64XMLLocRefReqRefContentType"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/Core.20020225.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/Core.20020225.xsd new file mode 100644 index 000000000..00b508dd7 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/Core.20020225.xsd @@ -0,0 +1,399 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Securitylayer, Schnittstellenspezifikation --> +<!-- XML-Schema für Schnittstellenspezifikation Version 1.1.0, Protokollelemente im datierten Namespace 20020225 --> +<!-- 31. 08. 2002, Operative Unit, CIO, BMOeLS --> +<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <!--########### Create CMS Signature ###--> + <!--### Create CMS Signature Request ###--> + <xsd:element name="CreateCMSSignatureRequest" type="CreateCMSSignatureRequestType"/> + <xsd:complexType name="CreateCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="DataObject" type="CMSDataObjectRequiredMetaType"/> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectRequiredMetaType"> + <xsd:complexContent> + <xsd:restriction base="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSContentBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!--### Create CMS Siganture Response ###--> + <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/> + <xsd:complexType name="CreateCMSSignatureResponseType"> + <xsd:sequence> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Create XML Signature ###--> + <!--### Create XML Signature Request ###--> + <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="DataObjectInfo" type="DataObjectInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType"/> + <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject" type="ContentOptionalRefType"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="FinalDataMetaInfo" type="MetaInfoType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLDataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="ContentRequiredRefType"/> + </xsd:sequence> + </xsd:complexType> + <!--### Create XML Signature Response ###--> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element ref="dsig:Signature"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify CMS Signature ###--> + <!--### Verifiy CMS Signature Request ###--> + <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!--### Verify CMS Signature Response ###--> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify XML Signature ###--> + <!--### Verify XML Signature Request ###--> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="SignatureInfo"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="SignatureEnvironment"> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="skip"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="SignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--### Verify XML Signature Response ###--> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Infobox Commands ###--> + <!--### Check Available Infoboxes Request ###--> + <xsd:element name="InfoboxAvailableRequest" type="InfoboxAvailableRequestType"/> + <xsd:complexType name="InfoboxAvailableRequestType"/> + <!--### Check Available Infoboxes Response ###--> + <xsd:element name="InfoboxAvailableResponse" type="InfoboxAvailableResponseType"/> + <xsd:complexType name="InfoboxAvailableResponseType"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <!--### Read Infobox Request ###--> + <xsd:element name="InfoboxReadRequest" type="InfoboxReadRequestType"/> + <xsd:complexType name="InfoboxReadRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + <xsd:choice> + <xsd:element name="BinaryFileParameters" type="InfoboxReadParamsBinaryFileType"/> + <xsd:element name="AssocArrayParameters" type="InfoboxReadParamsAssocArrayType"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxReadParamsBinaryFileType"> + <xsd:attribute name="ContentIsXMLEntity" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="InfoboxReadParamsAssocArrayType"> + <xsd:choice> + <xsd:element name="ReadKeys"> + <xsd:complexType> + <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReadPairs"> + <xsd:complexType> + <xsd:attribute name="SearchString" type="WildCardSearchStringType" use="required"/> + <xsd:attribute name="ValuesAreXMLEntities" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReadValue"> + <xsd:complexType> + <xsd:attribute name="Key" type="BoxIdentifierType" use="required"/> + <xsd:attribute name="ValueIsXMLEntity" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <!--### Read Infobox Response ###--> + <xsd:element name="InfoboxReadResponse" type="InfoboxReadResponseType"/> + <xsd:complexType name="InfoboxReadResponseType"> + <xsd:choice> + <xsd:element name="BinaryFileData" type="ContentBaseType"/> + <xsd:element name="AssocArrayData" type="InfoboxReadDataAssocArrayType"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="InfoboxReadDataAssocArrayType"> + <xsd:choice> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="Key" type="BoxIdentifierType"/> + </xsd:sequence> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="Pair" type="InfoboxAssocArrayPairType"/> + </xsd:sequence> + </xsd:choice> + </xsd:complexType> + <!--### Update Infobox Request ###--> + <xsd:element name="InfoboxUpdateRequest" type="InfoboxUpdateRequestType"/> + <xsd:complexType name="InfoboxUpdateRequestType"> + <xsd:sequence> + <xsd:element name="InfoboxIdentifier" type="BoxIdentifierType"/> + <xsd:choice> + <xsd:element name="BinaryFileParameters" type="ContentBaseType"/> + <xsd:element name="AssocArrayParameters" type="InfoboxUpdateParamsAssocArrayType"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxUpdateParamsAssocArrayType"> + <xsd:choice> + <xsd:element name="UpdateKey"> + <xsd:complexType> + <xsd:attribute name="Key" type="xsd:token" use="required"/> + <xsd:attribute name="NewKey" type="xsd:token" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="UpdateValue" type="InfoboxAssocArrayPairType"/> + <xsd:element name="DeletePair"> + <xsd:complexType> + <xsd:attribute name="Key" type="xsd:token" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <!--### Update Infobox Response ###--> + <xsd:element name="InfoboxUpdateResponse" type="InfoboxUpdateResponseType"/> + <xsd:complexType name="InfoboxUpdateResponseType"/> + <!--########## Create Session Certificate ###--> + <!--### Create Session Certificate Request ###--> + <xsd:element name="CreateSessionKeyRequest" type="CreateSessionKeyRequestType"/> + <xsd:complexType name="CreateSessionKeyRequestType"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> + <xsd:element name="Password" type="xsd:string"/> + <xsd:element name="Minutes" type="xsd:positiveInteger"/> + </xsd:sequence> + </xsd:complexType> + <!--### Create Session Certificate Response ###--> + <xsd:element name="CreateSessionKeyResponse" type="CreateSessionKeyResponseType"/> + <xsd:complexType name="CreateSessionKeyResponseType"> + <xsd:sequence> + <xsd:element name="PKCS12Object" type="xsd:base64Binary"/> + <xsd:element name="Certificate" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Create Symmetric Key ###--> + <!--### Create SymmetricKey Request ###--> + <xsd:element name="CreateSymmetricSecretRequest" type="CreateSymmetricSecretRequestType"/> + <xsd:complexType name="CreateSymmetricSecretRequestType" mixed="false"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType"/> + <xsd:element ref="dsig:KeyInfo"/> + </xsd:sequence> + </xsd:complexType> + <!--### Create SymmetricKey Response ###--> + <xsd:element name="CreateSymmetricSecretResponse" type="CreateSymmetricSecretResponseType"/> + <xsd:complexType name="CreateSymmetricSecretResponseType" mixed="false"> + <xsd:sequence> + <xsd:element name="SymmetricSecretValue" type="xsd:base64Binary"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Get Properties ###--> + <!--### Get Properties Request ###--> + <xsd:element name="GetPropertiesRequest" type="GetPropertiesRequestType"/> + <xsd:complexType name="GetPropertiesRequestType"/> + <!--### Get Properties Response ###--> + <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/> + <xsd:complexType name="GetPropertiesResponseType"> + <xsd:sequence> + <xsd:element name="ViewerMediaType" type="MimeTypeType" maxOccurs="unbounded"/> + <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" minOccurs="5" maxOccurs="unbounded"/> + <xsd:element name="KeyboxIdentifier" type="BoxIdentifierType" minOccurs="2" maxOccurs="unbounded"/> + <xsd:element name="Binding" type="BindingType" minOccurs="2" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="BindingType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute name="Identifier" type="xsd:token" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <!--########### Get Token Status ###--> + <!--### Get Token Status Reqeust ###--> + <xsd:element name="GetStatusRequest" type="GetStatusRequestType"/> + <xsd:complexType name="GetStatusRequestType"> + <xsd:sequence minOccurs="0"> + <xsd:element name="TokenStatus" type="TokenStatusType"/> + <xsd:element name="MaxDelay" type="xsd:nonNegativeInteger"/> + </xsd:sequence> + </xsd:complexType> + <!--### Get Token Status Response ###--> + <xsd:element name="GetStatusResponse" type="GetStatusResponseType"/> + <xsd:complexType name="GetStatusResponseType"> + <xsd:sequence> + <xsd:element name="TokenStatus" type="TokenStatusType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="TokenStatusType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="ready"/> + <xsd:enumeration value="removed"/> + </xsd:restriction> + </xsd:simpleType> + <!--########## Error Response ###--> + <xsd:element name="ErrorResponse" type="ErrorResponseType"/> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="xsd:integer"/> + <xsd:element name="Info" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Auxiliary Types ###--> + <xsd:simpleType name="BoxIdentifierType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:simpleType name="WildCardSearchStringType"> + <xsd:restriction base="xsd:string"> + <xsd:pattern value="[^\*/]*(\*[^\*/]*)?(/[^\*/]*(\*[^\*/]*)?)*"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="AnyChildrenType" mixed="true"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any namespace="##any" processContents="skip"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute ref="xml:space" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="ContentOptionalRefType"> + <xsd:complexContent> + <xsd:extension base="ContentBaseType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentRequiredRefType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="InfoboxAssocArrayPairType"> + <xsd:complexContent> + <xsd:extension base="ContentBaseType"> + <xsd:attribute name="Key" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/Core.20020831.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/Core.20020831.xsd new file mode 100644 index 000000000..a533bf221 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/Core.20020831.xsd @@ -0,0 +1,153 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Securitylayer, Schnittstellenspezifikation --> +<!-- XML-Schema für Schnittstellenspezifikation Version 1.1.0, Protokollelemente im datierten Namespace 20020831 --> +<!-- 31. 08. 2002, Operative Unit, CIO, BMOeLS --> +<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/securitylayer/20020831#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.0"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="Core.20020225.xsd"/> + <!--########## Create XML Signature ###--> + <!--### Create XML Signature Request ###--> + <xsd:element name="CreateXMLSignatureRequest" type="CreateXMLSignatureRequestType"/> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyboxIdentifier" type="sl10:BoxIdentifierType"/> + <xsd:element name="DataObjectInfo" type="sl10:DataObjectInfoType" maxOccurs="unbounded"/> + <xsd:element name="SignatureInfo" type="SignatureInfoCreationType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SignatureInfoCreationType"> + <xsd:sequence> + <xsd:element name="SignatureEnvironment" type="sl10:ContentOptionalRefType"/> + <xsd:element name="SignatureLocation"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:nonNegativeInteger" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="sl10:XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--### Create XML Signature Response ###--> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify CMS Signature ###--> + <!--### Verifiy CMS Signature Request ###--> + <xsd:element name="VerifyCMSSignatureRequest" type="VerifyCMSSignatureRequestType"/> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="sl10:CMSDataObjectOptionalMetaType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger"/> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + </xsd:restriction> + </xsd:simpleType> + <!--### Verify CMS Signature Response ###--> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> + <xsd:element name="SignatureCheck" type="sl10:CheckResultType"/> + <xsd:element name="CertificateCheck" type="sl10:CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="QualifiedCertificate"/> + <!--########## Verify XML Signature ###--> + <!--### Verify XML Signature Request ###--> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="SignatureInfo" type="SignatureInfoVerificationType"/> + <xsd:element name="Supplement" type="sl10:XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SignatureInfoVerificationType"> + <xsd:sequence> + <xsd:element name="SignatureEnvironment" type="sl10:ContentOptionalRefType"/> + <xsd:element name="SignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + <!--### Verify XML Signature Response ###--> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="sl10:CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="sl10:CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="sl10:AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="sl10:CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="ReferencesCheckResultInfoType"> + <xsd:sequence> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <!--########## Get Properties ###--> + <!--### Get Properties Response ###--> + <xsd:element name="GetPropertiesResponse" type="GetPropertiesResponseType"/> + <xsd:complexType name="GetPropertiesResponseType"> + <xsd:sequence> + <xsd:element name="ViewerMediaType" type="sl10:MimeTypeType" maxOccurs="unbounded"/> + <xsd:element name="XMLSignatureTransform" type="xsd:anyURI" maxOccurs="unbounded"/> + <xsd:element name="KeyboxIdentifier" type="sl10:BoxIdentifierType" maxOccurs="unbounded"/> + <xsd:element name="Binding" type="sl10:BindingType" maxOccurs="unbounded"/> + <xsd:element name="ProtocolVersion" type="xsd:anyURI" maxOccurs="unbounded"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd new file mode 100644 index 000000000..833d327f2 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.ancient.xsd @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema targetNamespace="http://www.buergerkarte.at/namespaces/ecdsa/200206030#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.buergerkarte.at/namespaces/ecdsa/200206030#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> + <!--ECDSA key value root element--> + <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> + <xs:complexType name="ECDSAKeyValueType"> + <xs:sequence> + <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> + <xs:element name="PublicKey" type="ecdsa:ECPointType"/> + </xs:sequence> + </xs:complexType> + <!--EC domain parameters--> + <xs:complexType name="DomainParamsType"> + <xs:choice> + <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> + <xs:element name="NamedCurve"> + <xs:complexType> + <xs:attribute name="URN" type="xs:anyURI" use="required"/> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + <xs:complexType name="FieldParamsType" abstract="true"/> + <xs:complexType name="PrimeFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="P" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldParamsType" abstract="true"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + <xs:element name="W" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="TnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="PnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K1" type="xs:positiveInteger"/> + <xs:element name="K2" type="xs:positiveInteger"/> + <xs:element name="K3" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="ExplicitParamsType"> + <xs:sequence> + <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> + <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> + <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="CurveParamsType"> + <xs:sequence> + <xs:element name="A" type="ecdsa:FieldElemType"/> + <xs:element name="B" type="ecdsa:FieldElemType"/> + <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="BasePointParamsType"> + <xs:sequence> + <xs:element name="BasePoint" type="ecdsa:ECPointType"/> + <xs:element name="Order" type="xs:positiveInteger"/> + <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <!--EC point--> + <xs:complexType name="ECPointType"> + <xs:sequence minOccurs="0"> + <xs:element name="X" type="ecdsa:FieldElemType"/> + <xs:element name="Y" type="ecdsa:FieldElemType"/> + </xs:sequence> + </xs:complexType> + <!--Field element--> + <xs:complexType name="FieldElemType" abstract="true"/> + <xs:complexType name="PrimeFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:hexBinary" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd new file mode 100644 index 000000000..db83c9df5 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.wrong.xsd @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema targetNamespace="http://www.w3.org/2004/01/xmldsig-more#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.w3.org/2004/01/xmldsig-more#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> + <!--ECDSA key value root element--> + <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> + <xs:complexType name="ECDSAKeyValueType"> + <xs:sequence> + <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> + <xs:element name="PublicKey" type="ecdsa:ECPointType"/> + </xs:sequence> + </xs:complexType> + <!--EC domain parameters--> + <xs:complexType name="DomainParamsType"> + <xs:choice> + <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> + <xs:element name="NamedCurve"> + <xs:complexType> + <xs:attribute name="URN" type="xs:anyURI" use="required"/> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + <xs:complexType name="FieldParamsType" abstract="true"/> + <xs:complexType name="PrimeFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="P" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldParamsType" abstract="true"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + <xs:element name="W" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="TnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="PnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K1" type="xs:positiveInteger"/> + <xs:element name="K2" type="xs:positiveInteger"/> + <xs:element name="K3" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="ExplicitParamsType"> + <xs:sequence> + <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> + <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> + <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="CurveParamsType"> + <xs:sequence> + <xs:element name="A" type="ecdsa:FieldElemType"/> + <xs:element name="B" type="ecdsa:FieldElemType"/> + <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="BasePointParamsType"> + <xs:sequence> + <xs:element name="BasePoint" type="ecdsa:ECPointType"/> + <xs:element name="Order" type="xs:positiveInteger"/> + <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <!--EC point--> + <xs:complexType name="ECPointType"> + <xs:sequence minOccurs="0"> + <xs:element name="X" type="ecdsa:FieldElemType"/> + <xs:element name="Y" type="ecdsa:FieldElemType"/> + </xs:sequence> + </xs:complexType> + <!--Field element--> + <xs:complexType name="FieldElemType" abstract="true"/> + <xs:complexType name="PrimeFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:hexBinary" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.xsd new file mode 100644 index 000000000..7a01b23d1 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ECDSAKeyValue.xsd @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema targetNamespace="http://www.w3.org/2001/04/xmldsig-more#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="0.3"> + <!--ECDSA key value root element--> + <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType"/> + <xs:complexType name="ECDSAKeyValueType"> + <xs:sequence> + <xs:element name="DomainParameters" type="ecdsa:DomainParamsType" minOccurs="0"/> + <xs:element name="PublicKey" type="ecdsa:ECPointType"/> + </xs:sequence> + </xs:complexType> + <!--EC domain parameters--> + <xs:complexType name="DomainParamsType"> + <xs:choice> + <xs:element name="ExplicitParams" type="ecdsa:ExplicitParamsType"/> + <xs:element name="NamedCurve"> + <xs:complexType> + <xs:attribute name="URN" type="xs:anyURI" use="required"/> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + <xs:complexType name="FieldParamsType" abstract="true"/> + <xs:complexType name="PrimeFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="P" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldParamsType" abstract="true"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldParamsType"> + <xs:sequence> + <xs:element name="M" type="xs:positiveInteger"/> + <xs:element name="W" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="TnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="PnBFieldParamsType"> + <xs:complexContent> + <xs:extension base="ecdsa:CharTwoFieldParamsType"> + <xs:sequence> + <xs:element name="K1" type="xs:positiveInteger"/> + <xs:element name="K2" type="xs:positiveInteger"/> + <xs:element name="K3" type="xs:positiveInteger"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="ExplicitParamsType"> + <xs:sequence> + <xs:element name="FieldParams" type="ecdsa:FieldParamsType"/> + <xs:element name="CurveParams" type="ecdsa:CurveParamsType"/> + <xs:element name="BasePointParams" type="ecdsa:BasePointParamsType"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="CurveParamsType"> + <xs:sequence> + <xs:element name="A" type="ecdsa:FieldElemType"/> + <xs:element name="B" type="ecdsa:FieldElemType"/> + <xs:element name="Seed" type="xs:hexBinary" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="BasePointParamsType"> + <xs:sequence> + <xs:element name="BasePoint" type="ecdsa:ECPointType"/> + <xs:element name="Order" type="xs:positiveInteger"/> + <xs:element name="Cofactor" type="xs:positiveInteger" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + <!--EC point--> + <xs:complexType name="ECPointType"> + <xs:sequence minOccurs="0"> + <xs:element name="X" type="ecdsa:FieldElemType"/> + <xs:element name="Y" type="ecdsa:FieldElemType"/> + </xs:sequence> + </xs:complexType> + <!--Field element--> + <xs:complexType name="FieldElemType" abstract="true"/> + <xs:complexType name="PrimeFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CharTwoFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:hexBinary" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="OddCharExtensionFieldElemType"> + <xs:complexContent> + <xs:extension base="ecdsa:FieldElemType"> + <xs:attribute name="Value" type="xs:nonNegativeInteger" use="required"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd new file mode 100644 index 000000000..43741d84a --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.2.xsd @@ -0,0 +1,350 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) --> +<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="http://www.buergerkarte.at/konzept/securitylayer/spezifikation/20020831/core/Core.20020225.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0" maxOccurs="1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der + Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der + Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. + Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der + Proxy-Komponente zur Auth-Komponente (vgl. + AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die + Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann + für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA + (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" type="xsd:string" use="required"/> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem + Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem + Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo + werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks + inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA + SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der + AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; + wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; + wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben + werden; wird das Element nicht verwendet dann wird MOA-SP über das API + aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der + Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des + AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des + IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per + X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die + Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente + betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente + betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der + TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für + die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd new file mode 100644 index 000000000..02f750e3e --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.3.xsd @@ -0,0 +1,424 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) --> +<xsd:schema targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" schemaLocation="http://www.buergerkarte.at/konzept/securitylayer/spezifikation/20020831/core/Core.20020225.xsd"/> + <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAWBPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der + Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der + Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. + Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der + Proxy-Komponente zur Auth-Komponente (vgl. + AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + <xsd:attribute name="type" use="optional" default="publicService"> + <xsd:simpleType> + <xsd:restriction base="xsd:NMTOKEN"> + <xsd:enumeration value="businessService"/> + <xsd:enumeration value="publicService"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die + Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann + für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA + (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/> + <xsd:enumeration value="AuthenticationSession.TimeOut"/> + <xsd:enumeration value="AuthenticationData.TimeOut"/> + <xsd:enumeration value="TrustManager.RevocationChecking"/> + <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/> + <xsd:enumeration value="FrontendServlets.DataURLPrefix"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0" maxOccurs="1" /> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem + Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA + SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der + AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; + wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; + wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben + werden; wird das Element nicht verwendet dann wird MOA-SP über das API + aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der + Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des + AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des + IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per + X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem + Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo + werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks + inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="TemplatesType"> + <xsd:sequence> + <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0" maxOccurs="1"/> + <xsd:element name="Template" type="TemplateType" minOccurs="0" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TemplateType"> + <xsd:annotation> + <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die + Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <!--xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="pr:AbstractSimpleIdentification"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element--> + <xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:choice> + <xsd:element ref="pr:Firmenbuchnummer"/> + <xsd:element ref="pr:ZMRzahl"/> + <xsd:element ref="pr:Vereinsnummer"/> + <xsd:element ref="pr:ERJPZahl"/> + <xsd:element name="AnyNumber"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0" maxOccurs="1" /> + <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="slVersion" use="optional" default="1.1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.1"/> + <xsd:enumeration value="1.2"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/> + <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/--> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente + betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente + betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/--> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der + TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für + die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd new file mode 100644 index 000000000..f80d6ef80 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.2.xsd @@ -0,0 +1,616 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.2"> + <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd --> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAWBPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + <xsd:attribute name="type" use="optional" default="publicService"> + <xsd:simpleType> + <xsd:restriction base="xsd:NMTOKEN"> + <xsd:enumeration value="businessService"/> + <xsd:enumeration value="publicService"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/> + <xsd:enumeration value="AuthenticationSession.TimeOut"/> + <xsd:enumeration value="AuthenticationData.TimeOut"/> + <xsd:enumeration value="TrustManager.RevocationChecking"/> + <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/> + <xsd:enumeration value="FrontendServlets.DataURLPrefix"/> + <xsd:enumeration value="AuthenticationServer.KeepAssertion"/> + <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Defaultparameter für die Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="TemplatesType"> + <xsd:sequence> + <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/> + <xsd:element name="Template" type="TemplateType" minOccurs="0"/> + <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TemplateType"> + <xsd:annotation> + <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="VerifyInfoboxesType"> + <xsd:annotation> + <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="DefaultTrustProfile" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionales DefaultTrustprofil für die Ãœberprüfung aller weiteren Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Parameter für Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxType"> + <xsd:annotation> + <xsd:documentation>Parameter zur Ãœberprüfung einzelner Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>TrustProfil, das für die Ãœberprüfung der Infobox verwendet werden soll</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/> + <xsd:element name="ApplicationSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="ParepSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="CompatibilityMode" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Legt fest ob Machtgeber und Machtnehmer in den Anmeldedaten ausgetauscht werden sollen. Lediglich die übermittelte Vollmacht gibt dann Aufschluss darüber, dass eine Vertretung vorliegt. Ziel dieses Schalters ist, dass bisherige Applikationen mit Vollmachten und beruflicher Parteienvertretung nachgerüstet werden können, ohne der Erfordernis Änderungen durchführen zu müssen.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="EnableInfoboxValidator" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentation" type="PartyRepresentationType"> + <xsd:annotation> + <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="SchemaLocationType"> + <xsd:annotation> + <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="Schema" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/> + <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <!--xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="pr:AbstractSimpleIdentification"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element--> + <xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:choice> + <xsd:element ref="pr:Firmenbuchnummer"/> + <xsd:element ref="pr:ZMRzahl"/> + <xsd:element ref="pr:Vereinsnummer"/> + <xsd:element ref="pr:ERJPZahl"/> + <xsd:element name="AnyNumber"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="slVersion" use="optional" default="1.1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.1"/> + <xsd:enumeration value="1.2"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/> + <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/--> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/--> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="CompatibilityMode" default="false"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="EnableInfoboxValidator" default="true"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="AlwaysShowForm" default="false"> + <xsd:annotation> + <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:complexType name="InputProcessorType"> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="template" type="xsd:anyURI" use="optional"> + <xsd:annotation> + <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="PartyRepresentationType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="PartyRepresentativeType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"/> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="oid" use="required"> + <xsd:annotation> + <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.2.40.0.10.3.1"/> + <xsd:enumeration value="1.2.40.0.10.3.2"/> + <xsd:enumeration value="1.2.40.0.10.3.3"/> + <xsd:enumeration value="1.2.40.0.10.3.10"/> + <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + <xsd:attribute name="representPhysicalParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representCorporateParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representationText" use="optional"> + <xsd:annotation> + <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/> + <xsd:enumeration value="Organwalter"/> + <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd new file mode 100644 index 000000000..03f3a24a4 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.3.xsd @@ -0,0 +1,612 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3"> + <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd --> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAWBPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + <xsd:attribute name="type" use="optional" default="publicService"> + <xsd:simpleType> + <xsd:restriction base="xsd:NMTOKEN"> + <xsd:enumeration value="businessService"/> + <xsd:enumeration value="publicService"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/> + <xsd:enumeration value="AuthenticationSession.TimeOut"/> + <xsd:enumeration value="AuthenticationData.TimeOut"/> + <xsd:enumeration value="TrustManager.RevocationChecking"/> + <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/> + <xsd:enumeration value="FrontendServlets.DataURLPrefix"/> + <xsd:enumeration value="AuthenticationServer.KeepAssertion"/> + <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/> + <xsd:enumeration value="AuthenticationServer.SourceID"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Defaultparameter für die Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="TemplatesType"> + <xsd:sequence> + <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/> + <xsd:element name="Template" type="TemplateType" minOccurs="0"/> + <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TemplateType"> + <xsd:annotation> + <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="VerifyInfoboxesType"> + <xsd:annotation> + <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="DefaultTrustProfile" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionales DefaultTrustprofil für die Ãœberprüfung aller weiteren Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Parameter für Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxType"> + <xsd:annotation> + <xsd:documentation>Parameter zur Ãœberprüfung einzelner Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>TrustProfil, das für die Ãœberprüfung der Infobox verwendet werden soll</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/> + <xsd:element name="ApplicationSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="ParepSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="EnableInfoboxValidator" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentation" type="PartyRepresentationType"> + <xsd:annotation> + <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="SchemaLocationType"> + <xsd:annotation> + <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="Schema" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/> + <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <!--xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="pr:AbstractSimpleIdentification"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element--> + <xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:choice> + <xsd:element ref="pr:Firmenbuchnummer"/> + <xsd:element ref="pr:ZMRzahl"/> + <xsd:element ref="pr:Vereinsnummer"/> + <xsd:element ref="pr:ERJPZahl"/> + <xsd:element name="AnyNumber"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="slVersion" use="optional" default="1.1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.1"/> + <xsd:enumeration value="1.2"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/> + <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/--> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/--> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="CompatibilityMode" default="false"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="EnableInfoboxValidator" default="true"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="AlwaysShowForm" default="false"> + <xsd:annotation> + <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:complexType name="InputProcessorType"> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="template" type="xsd:anyURI" use="optional"> + <xsd:annotation> + <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="PartyRepresentationType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="PartyRepresentativeType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"/> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="oid" use="required"> + <xsd:annotation> + <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.2.40.0.10.3.1"/> + <xsd:enumeration value="1.2.40.0.10.3.2"/> + <xsd:enumeration value="1.2.40.0.10.3.3"/> + <xsd:enumeration value="1.2.40.0.10.3.10"/> + <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + <xsd:attribute name="representPhysicalParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representCorporateParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representationText" use="optional"> + <xsd:annotation> + <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/> + <xsd:enumeration value="Organwalter"/> + <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd new file mode 100644 index 000000000..d2af3b932 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.7.xsd @@ -0,0 +1,625 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSpy v2010 (http://www.altova.com) by ks (ks) --> +<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3"> + <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd --> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAWBPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + <xsd:attribute name="type" use="optional" default="publicService"> + <xsd:simpleType> + <xsd:restriction base="xsd:NMTOKEN"> + <xsd:enumeration value="businessService"/> + <xsd:enumeration value="publicService"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/> + <xsd:enumeration value="AuthenticationSession.TimeOut"/> + <xsd:enumeration value="AuthenticationData.TimeOut"/> + <xsd:enumeration value="TrustManager.RevocationChecking"/> + <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/> + <xsd:enumeration value="FrontendServlets.DataURLPrefix"/> + <xsd:enumeration value="AuthenticationServer.KeepAssertion"/> + <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/> + <xsd:enumeration value="AuthenticationServer.SourceID"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Defaultparameter für die Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ForeignIdentities" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="TemplatesType"> + <xsd:sequence> + <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/> + <xsd:element name="Template" type="TemplateType" minOccurs="0"/> + <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TemplateType"> + <xsd:annotation> + <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="VerifyInfoboxesType"> + <xsd:annotation> + <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="DefaultTrustProfile" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionales DefaultTrustprofil für die Ãœberprüfung aller weiteren Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Parameter für Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxType"> + <xsd:annotation> + <xsd:documentation>Parameter zur Ãœberprüfung einzelner Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>TrustProfil, das für die Ãœberprüfung der Infobox verwendet werden soll</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/> + <xsd:element name="ApplicationSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="ParepSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="EnableInfoboxValidator" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentation" type="PartyRepresentationType"> + <xsd:annotation> + <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="SchemaLocationType"> + <xsd:annotation> + <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="Schema" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/> + <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <!--xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="pr:AbstractSimpleIdentification"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element--> + <xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:choice> + <xsd:element ref="pr:Firmenbuchnummer"/> + <xsd:element ref="pr:ZMRzahl"/> + <xsd:element ref="pr:Vereinsnummer"/> + <xsd:element ref="pr:ERJPZahl"/> + <xsd:element name="AnyNumber"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="slVersion" use="optional" default="1.1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.1"/> + <xsd:enumeration value="1.2"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/> + <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/--> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/--> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="CompatibilityMode" default="false"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="EnableInfoboxValidator" default="true"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="AlwaysShowForm" default="false"> + <xsd:annotation> + <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:complexType name="InputProcessorType"> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="template" type="xsd:anyURI" use="optional"> + <xsd:annotation> + <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="PartyRepresentationType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="PartyRepresentativeType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"/> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="oid" use="required"> + <xsd:annotation> + <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.2.40.0.10.3.1"/> + <xsd:enumeration value="1.2.40.0.10.3.2"/> + <xsd:enumeration value="1.2.40.0.10.3.3"/> + <xsd:enumeration value="1.2.40.0.10.3.10"/> + <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + <xsd:attribute name="representPhysicalParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representCorporateParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representationText" use="optional"> + <xsd:annotation> + <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/> + <xsd:enumeration value="Organwalter"/> + <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd new file mode 100644 index 000000000..899f237ce --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.4.xsd @@ -0,0 +1,505 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) --> +<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.1.1"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAWBPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der + Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der + Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. + Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der + Proxy-Komponente zur Auth-Komponente (vgl. + AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + <xsd:attribute name="type" use="optional" default="publicService"> + <xsd:simpleType> + <xsd:restriction base="xsd:NMTOKEN"> + <xsd:enumeration value="businessService"/> + <xsd:enumeration value="publicService"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die + Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann + für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA + (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/> + <xsd:enumeration value="AuthenticationSession.TimeOut"/> + <xsd:enumeration value="AuthenticationData.TimeOut"/> + <xsd:enumeration value="TrustManager.RevocationChecking"/> + <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/> + <xsd:enumeration value="FrontendServlets.DataURLPrefix"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem + Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA + SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der + AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; + wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; + wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben + werden; wird das Element nicht verwendet dann wird MOA-SP über das API + aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der + Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des + AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des + IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per + X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Defaultparameter für die Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem + Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo + werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks + inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="TemplatesType"> + <xsd:sequence> + <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/> + <xsd:element name="Template" type="TemplateType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TemplateType"> + <xsd:annotation> + <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="VerifyInfoboxesType"> + <xsd:annotation> + <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="DefaultTrustProfile" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionales DefaultTrustprofil für die Ãœberprüfung aller weiteren Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Infobox" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Parameter für Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; + z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird + das Identifier-Attribut verwendet</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>TrustProfil, das für die Ãœberprüfung der Infobox + verwendet werden soll</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox + verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname + vom Default Package- und Klassennamen abweichen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/> + <xsd:element name="ApplicationSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation + übergeben werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SchemaLocationType"> + <xsd:annotation> + <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="Schema" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/> + <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die + Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <!--xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="pr:AbstractSimpleIdentification"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element--> + <xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:choice> + <xsd:element ref="pr:Firmenbuchnummer"/> + <xsd:element ref="pr:ZMRzahl"/> + <xsd:element ref="pr:Vereinsnummer"/> + <xsd:element ref="pr:ERJPZahl"/> + <xsd:element name="AnyNumber"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="slVersion" use="optional" default="1.1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.1"/> + <xsd:enumeration value="1.2"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/> + <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/--> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente + betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente + betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/--> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der + TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für + die TLS-Client-Authentisierung verwendetwird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd new file mode 100644 index 000000000..f5daf09b9 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.0.xsd @@ -0,0 +1,665 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSpy v2006 sp2 U (http://www.altova.com) by Klaus Stranacher (Technische Universität Graz) --> +<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3"> + <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd --> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAWBPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" type="AuthComponentType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + <xsd:attribute name="type" use="optional" default="publicService"> + <xsd:simpleType> + <xsd:restriction base="xsd:NMTOKEN"> + <xsd:enumeration value="businessService"/> + <xsd:enumeration value="publicService"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/> + <xsd:enumeration value="AuthenticationSession.TimeOut"/> + <xsd:enumeration value="AuthenticationData.TimeOut"/> + <xsd:enumeration value="TrustManager.RevocationChecking"/> + <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/> + <xsd:enumeration value="FrontendServlets.DataURLPrefix"/> + <xsd:enumeration value="AuthenticationServer.KeepAssertion"/> + <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/> + <xsd:enumeration value="AuthenticationServer.SourceID"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedBKUs" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="BKUURL" type="xsd:anyURI" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Defaultparameter für die Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ForeignIdentities" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineMandates" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>Verbindungsparameter zum Online-Vollmachten-Service</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="TemplatesType"> + <xsd:sequence> + <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/> + <xsd:element name="Template" type="TemplateType" minOccurs="0"/> + <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/> + <xsd:element name="OnlineMandates" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="BKU" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="MOA-ID-Template" type="TemplateType"/> + <xsd:element name="MandateTemplate" type="TemplateType"/> + </xsd:sequence> + <xsd:attribute name="URL" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TemplateType"> + <xsd:annotation> + <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="VerifyInfoboxesType"> + <xsd:annotation> + <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="DefaultTrustProfile" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionales DefaultTrustprofil für die Ãœberprüfung aller weiteren Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Parameter für Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxType"> + <xsd:annotation> + <xsd:documentation>Parameter zur Ãœberprüfung einzelner Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>TrustProfil, das für die Ãœberprüfung der Infobox verwendet werden soll</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/> + <xsd:element name="ApplicationSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="ParepSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="EnableInfoboxValidator" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentation" type="PartyRepresentationType"> + <xsd:annotation> + <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="SchemaLocationType"> + <xsd:annotation> + <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="Schema" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/> + <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <!--xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="pr:AbstractSimpleIdentification"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element--> + <xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:choice> + <xsd:element ref="pr:Firmenbuchnummer"/> + <xsd:element ref="pr:ZMRzahl"/> + <xsd:element ref="pr:Vereinsnummer"/> + <xsd:element ref="pr:ERJPZahl"/> + <xsd:element name="AnyNumber"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/> + <xsd:element name="Mandates" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="Profiles" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="slVersion" use="optional" default="1.1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.1"/> + <xsd:enumeration value="1.2"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/> + <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/--> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/--> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="CompatibilityMode" default="false"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="EnableInfoboxValidator" default="true"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="AlwaysShowForm" default="false"> + <xsd:annotation> + <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:complexType name="InputProcessorType"> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="template" type="xsd:anyURI" use="optional"> + <xsd:annotation> + <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="PartyRepresentationType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="PartyRepresentativeType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"/> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="oid" use="required"> + <xsd:annotation> + <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.2.40.0.10.3.1"/> + <xsd:enumeration value="1.2.40.0.10.3.2"/> + <xsd:enumeration value="1.2.40.0.10.3.3"/> + <xsd:enumeration value="1.2.40.0.10.3.10"/> + <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + <xsd:attribute name="representPhysicalParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representCorporateParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representationText" use="optional"> + <xsd:annotation> + <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/> + <xsd:enumeration value="Organwalter"/> + <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd new file mode 100644 index 000000000..fec3b6d0d --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.1.xsd @@ -0,0 +1,659 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3"> + <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd --> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAWBPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="AuthComponentType"> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + <xsd:attribute name="type" use="optional" default="publicService"> + <xsd:simpleType> + <xsd:restriction base="xsd:NMTOKEN"> + <xsd:enumeration value="businessService"/> + <xsd:enumeration value="publicService"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/> + <xsd:attribute name="target" type="xsd:string" use="optional"/> + <xsd:attribute name="targetFriendlyName" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/> + <xsd:enumeration value="AuthenticationSession.TimeOut"/> + <xsd:enumeration value="AuthenticationData.TimeOut"/> + <xsd:enumeration value="TrustManager.RevocationChecking"/> + <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/> + <xsd:enumeration value="FrontendServlets.DataURLPrefix"/> + <xsd:enumeration value="AuthenticationServer.KeepAssertion"/> + <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/> + <xsd:enumeration value="AuthenticationServer.SourceID"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedBKUs" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="BKUURL" type="xsd:anyURI" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Defaultparameter für die Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ForeignIdentities" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineMandates" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>Verbindungsparameter zum Online-Vollmachten-Service</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="TemplatesType"> + <xsd:sequence> + <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/> + <xsd:element name="Template" type="TemplateType" minOccurs="0"/> + <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TemplateType"> + <xsd:annotation> + <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="VerifyInfoboxesType"> + <xsd:annotation> + <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="DefaultTrustProfile" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionales DefaultTrustprofil für die Ãœberprüfung aller weiteren Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Parameter für Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxType"> + <xsd:annotation> + <xsd:documentation>Parameter zur Ãœberprüfung einzelner Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>TrustProfil, das für die Ãœberprüfung der Infobox verwendet werden soll</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/> + <xsd:element name="ApplicationSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="ParepSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="EnableInfoboxValidator" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentation" type="PartyRepresentationType"> + <xsd:annotation> + <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="SchemaLocationType"> + <xsd:annotation> + <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="Schema" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/> + <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <!--xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="pr:AbstractSimpleIdentification"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element--> + <xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:choice> + <xsd:element ref="pr:Firmenbuchnummer"/> + <xsd:element ref="pr:ZMRzahl"/> + <xsd:element ref="pr:Vereinsnummer"/> + <xsd:element ref="pr:ERJPZahl"/> + <xsd:element name="AnyNumber"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/> + <xsd:element name="Mandates" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="Profiles" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="slVersion" use="optional" default="1.1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.1"/> + <xsd:enumeration value="1.2"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideFullMandatorData" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="useUTC" type="xsd:boolean" use="optional" default="false"/> + <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/--> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/--> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="CompatibilityMode" default="false"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="EnableInfoboxValidator" default="true"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="AlwaysShowForm" default="false"> + <xsd:annotation> + <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:complexType name="InputProcessorType"> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="template" type="xsd:anyURI" use="optional"> + <xsd:annotation> + <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="PartyRepresentationType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="PartyRepresentativeType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"/> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="oid" use="required"> + <xsd:annotation> + <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.2.40.0.10.3.1"/> + <xsd:enumeration value="1.2.40.0.10.3.2"/> + <xsd:enumeration value="1.2.40.0.10.3.3"/> + <xsd:enumeration value="1.2.40.0.10.3.10"/> + <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + <xsd:attribute name="representPhysicalParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representCorporateParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representationText" use="optional"> + <xsd:annotation> + <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/> + <xsd:enumeration value="Organwalter"/> + <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.2.xsd new file mode 100644 index 000000000..933399225 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-ID-Configuration-1.5.2.xsd @@ -0,0 +1,757 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.buergerkarte.at/namespaces/moaconfig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.4.3"> + <!-- es werden lokale Schemas referenziert für real aufgelöste Schemas bitte ersetzen: http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd --> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="PersonData_20_en_moaWID.xsd"/> + <xsd:import namespace="urn:eu:stork:names:tc:STORK:1.0:assertion" schemaLocation="stork-schema-assertion-1.0.xsd"/> + <xsd:import namespace="urn:eu:stork:names:tc:STORK:1.0:protocol" schemaLocation="stork-schema-protocol-1.0.xsd"/> + <xsd:element name="Configuration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="LoginType" type="LoginType" default="stateful"/> + <xsd:element name="Binding" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="full"/> + <xsd:enumeration value="userName"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:choice> + <xsd:element ref="ParamAuth"/> + <xsd:element ref="BasicAuth"/> + <xsd:element ref="HeaderAuth"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="LoginType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="stateless"/> + <xsd:enumeration value="stateful"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="ParamAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Parameter" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Parameter"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="BasicAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="UserID" type="MOAAuthDataType"/> + <xsd:element name="Password" type="MOAAuthDataType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="HeaderAuth"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="Header" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Header"> + <xsd:complexType> + <xsd:attribute name="Name" type="xsd:token" use="required"/> + <xsd:attribute name="Value" type="MOAAuthDataType" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:simpleType name="MOAAuthDataType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="MOAGivenName"/> + <xsd:enumeration value="MOAFamilyName"/> + <xsd:enumeration value="MOADateOfBirth"/> + <xsd:enumeration value="MOABPK"/> + <xsd:enumeration value="MOAWBPK"/> + <xsd:enumeration value="MOAPublicAuthority"/> + <xsd:enumeration value="MOABKZ"/> + <xsd:enumeration value="MOAQualifiedCertificate"/> + <xsd:enumeration value="MOAStammzahl"/> + <xsd:enumeration value="MOAIdentificationValueType"/> + <xsd:enumeration value="MOAIPAddress"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MOAKeyBoxSelector"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SecureSignatureKeypair"/> + <xsd:enumeration value="CertifiedKeypair"/> + </xsd:restriction> + </xsd:simpleType> + <!--Konfiguration für Authentisierungs- und Proxy-Komponente und Online-Applikation--> + <xsd:element name="MOA-IDConfiguration"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter der Authentisierungs-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="AuthComponentType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Konfigurationsparameter der Proxy-Komponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AuthComponent"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation zw. Proxykomponente und Authenttisierungskomponente</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der Proxy-Komponente zur Auth-Komponente (vgl. AuthComponent/MOA-SP/ConnectionParameter)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineApplication" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die OA</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="OnlineApplicationType"> + <xsd:attribute name="publicURLPrefix" type="xsd:anyURI" use="required"/> + <xsd:attribute name="keyBoxIdentifier" type="MOAKeyBoxSelector" use="optional" default="SecureSignatureKeypair"/> + <xsd:attribute name="type" use="optional" default="publicService"> + <xsd:simpleType> + <xsd:restriction base="xsd:NMTOKEN"> + <xsd:enumeration value="businessService"/> + <xsd:enumeration value="publicService"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="calculateHPI" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="friendlyName" type="xsd:string" use="optional"/> + <xsd:attribute name="target" type="xsd:string" use="optional"/> + <xsd:attribute name="targetFriendlyName" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="ChainingModes" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>spezifiziert den Algorithmus ("pkix" oder "chaining") für die Zertifikatspfadvalidierung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="TrustAnchor"> + <xsd:annotation> + <xsd:documentation>ein vom SystemDefaultMode abweichender ChiningMode kann für jeden TrustAnchor gesetzt werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="dsig:X509IssuerSerialType"> + <xsd:attribute name="mode" type="ChainingModeType" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="systemDefaultMode" type="ChainingModeType" use="optional" default="pkix"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedCACertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>verweist auf ein Verzeichnis, das vertrauenswürdige CA (Zwischen-CA, Wurzel-CA) Zertifikate enthält.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="GenericConfiguration" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="name" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="DirectoryCertStoreParameters.RootDir"/> + <xsd:enumeration value="AuthenticationSession.TimeOut"/> + <xsd:enumeration value="AuthenticationData.TimeOut"/> + <xsd:enumeration value="TrustManager.RevocationChecking"/> + <xsd:enumeration value="FrontendServlets.EnableHTTPConnection"/> + <xsd:enumeration value="FrontendServlets.DataURLPrefix"/> + <xsd:enumeration value="AuthenticationServer.KeepAssertion"/> + <xsd:enumeration value="AuthenticationServer.WriteAssertionToFile"/> + <xsd:enumeration value="AuthenticationServer.SourceID"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="value" type="xsd:string" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedBKUs" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="BKUURL" type="xsd:anyURI" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="TrustedTemplateURLs" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TemplateURL" type="xsd:anyURI" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="AuthComponentType"> + <xsd:sequence> + <xsd:element name="BKUSelection" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterServerAuthType"/> + </xsd:sequence> + <xsd:attribute name="BKUSelectionAlternative" type="BKUSelectionType" use="optional" default="HTMLComplete"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="SecurityLayer"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Kommunikation mit dem Security-Layer</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="TransformsInfo" type="TransformsInfoType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="MOA-SP"> + <xsd:annotation> + <xsd:documentation>enthält Konfiguratiosnparameter für die Kommunikation mit dem MOA SP Modul</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die SOAP-Verbindung von der AUTH-Komponente zu MOA-SP; das Attribut URL enthält den Endpunkt des Server; wird das Schema "https" verwendet müssen die Kind-Elemente angegeben werden; wird das Schema "http" verwendet dürfen keine Kind-Elemente angegeben werden; wird das Element nicht verwendet dann wird MOA-SP über das API aufgerufen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="VerifyIdentityLink"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung der Personenbindung</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyAuthBlock"> + <xsd:annotation> + <xsd:documentation>enthält Parameter für die Ãœberprüfung des AUTH-Blocks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="IdentityLinkSigners" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Informationen über akzeptierte Signers des IdentityLinks</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="X509SubjectName" type="xsd:string" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>akzeptierte Signer des IdentityLinks werden per X509SubjectName (Kodierung nach RFC 2253) identifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Defaultparameter für die Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ForeignIdentities" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>Verbindungsparameter zum SZR-Gateway (GetIdentityLink)</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="STORK" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Verbindungsparameter zu den Country-PEPS (C-PEPS)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="OnlineMandates" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>Verbindungsparameter zum Online-Vollmachten-Service</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:annotation> + <xsd:documentation>das Attribut filename verweist auf eine Datei mit globalem Element TransformsInfo vom Typ sl10:TransformsInfo; diese TransformsInfo werden in den CreateXMLSignatureRequest für die Signatur des AUTH-Blocks inkludiert</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="filename" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="TemplatesType"> + <xsd:sequence> + <xsd:element name="BKUSelectionTemplate" type="TemplateType" minOccurs="0"/> + <xsd:element name="Template" type="TemplateType" minOccurs="0"/> + <xsd:element name="InputProcessorSignTemplate" type="TemplateType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="TemplateType"> + <xsd:annotation> + <xsd:documentation>das Attribut URL spezifiziert die Lage des Templates</xsd:documentation> + </xsd:annotation> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="VerifyInfoboxesType"> + <xsd:annotation> + <xsd:documentation>Verifikation zusätzlicher Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="DefaultTrustProfile" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionales DefaultTrustprofil für die Ãœberprüfung aller weiteren Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Infobox" type="InfoboxType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Parameter für Ãœberprüfung weiterer Infoboxen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="InfoboxType"> + <xsd:annotation> + <xsd:documentation>Parameter zur Ãœberprüfung einzelner Infoboxen</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="FriendlyName" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>optionalervName, der für Fehlermeldungen verwendet werden soll; z.B.: "Stellvertretungen" für "Mandates"; fehlt dieser Parameter, dann wird das Identifier-Attribut verwendet</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="TrustProfileID" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>TrustProfil, das für die Ãœberprüfung der Infobox verwendet werden soll</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ValidatorClass" type="xsd:string" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Validatorklasse, die für die Prüfung der Infobox verwendet werden soll; muss gesetzt werden, wenn Package- und Klassenname vom Default Package- und Klassennamen abweichen</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SchemaLocations" type="SchemaLocationType" minOccurs="0"/> + <xsd:element name="ApplicationSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der jeweiligen Prüfapplikation übergeben werden</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="skip" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="ParepSpecificParameters" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Infobox spezifische Parameter, die der Prüfapplikation für berufliche Parteienvertretung übergeben werden. Dies ist logisch Teil der ApplicationSpecificParameters, kann jedoch aufgrund der Strukturierung validierend geparst werden und dadurch wird eine funktionierende Konfiguration bei Programmstart garantiert.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="EnableInfoboxValidator" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Falls Infoboxinhalte für die berufliche Parteienvertretung in der Vollmachten Infobox "mandates" abgelegt werden und Vertretung für berufliche Parteienvertreter aktiviert ist, so kann mit diesem Schalter die Vollmachtsprüfung für normale Vollmachten deaktiviert werden. Damit wird erreicht, dass mittels der Vollmachten Infobox ausschließlich berufliche Parteienvertretung aktiviert ist. Dieser Schalter ist nur für die Vollmachten Infobox "mandates" relevant.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentation" type="PartyRepresentationType"> + <xsd:annotation> + <xsd:documentation>Eigentlicher Konfigurationsteil für berufliche Parteienvertretung</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + <xsd:attribute name="required" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + </xsd:complexType> + <xsd:complexType name="SchemaLocationType"> + <xsd:annotation> + <xsd:documentation>Spezifiziert die Lage von XML Schemas</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="Schema" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:attribute name="namespace" type="xsd:anyURI" use="required"/> + <xsd:attribute name="schemaLocation" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ProxyComponentType"/> + <xsd:complexType name="OnlineApplicationType"> + <xsd:sequence> + <xsd:element name="AuthComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Authentisierungs-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <!--xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="pr:AbstractSimpleIdentification"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element--> + <xsd:element name="IdentificationNumber" minOccurs="0"> + <xsd:complexType> + <xsd:choice> + <xsd:element ref="pr:Firmenbuchnummer"/> + <xsd:element ref="pr:ZMRzahl"/> + <xsd:element ref="pr:Vereinsnummer"/> + <xsd:element ref="pr:ERJPZahl"/> + <xsd:element name="AnyNumber"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="Identifier" type="xsd:string" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:choice> + </xsd:complexType> + </xsd:element> + <xsd:element name="Templates" type="TemplatesType" minOccurs="0"/> + <xsd:element name="TransformsInfo" type="TransformsInfoType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="VerifyInfoboxes" type="VerifyInfoboxesType" minOccurs="0"/> + <xsd:element name="Mandates" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="Profiles" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element ref="STORK" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="slVersion" use="optional" default="1.1"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.1"/> + <xsd:enumeration value="1.2"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="provideStammzahl" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideAUTHBlock" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideIdentityLink" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideCertificate" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="provideFullMandatorData" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="useUTC" type="xsd:boolean" use="optional" default="false"/> + <xsd:attribute name="useCondition" type="xsd:boolean" default="false"/> + <xsd:attribute name="conditionLength" type="xsd:integer"/> + <!--xsd:element ref="pr:AbstractSimpleIdentification" minOccurs="0" maxOccurs="1"/--> + </xsd:complexType> + </xsd:element> + <xsd:element name="ProxyComponent" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType"> + <xsd:annotation> + <xsd:documentation>enthält Parameter über die OA, die die Proxy-Komponente betreffen</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="configFileURL" type="xsd:anyURI" use="optional"/> + <xsd:attribute name="sessionTimeOut" type="xsd:int" use="optional"/> + <xsd:attribute name="loginParameterResolverImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="loginParameterResolverConfiguration" type="xsd:string" use="optional"/> + <xsd:attribute name="connectionBuilderImpl" type="xsd:string" use="optional"/> + <xsd:attribute name="errorRedirectURL" type="xsd:string" use="optional"/> + </xsd:complexType> + </xsd:element> + <!--xsd:element ref="pr:CorporateBody" minOccurs="0" maxOccurs="1"/--> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="AcceptedServerCertificates" type="xsd:anyURI" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem Verzeichnis, das akzeptierte Server-Zertifikate der TLS-Verbindung enthält (keine CA-Zertifikate)</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:complexType name="ConnectionParameterClientAuthType"> + <xsd:complexContent> + <xsd:extension base="ConnectionParameterServerAuthType"> + <xsd:sequence> + <xsd:element name="ClientKeyStore" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel, der für die TLS-Client-Authentisierung verwendet wird, enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:element name="TrustProfileID" type="xsd:string"/> + <xsd:simpleType name="ChainingModeType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="chaining"/> + <xsd:enumeration value="pkix"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="BKUSelectionType"> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="HTMLComplete"/> + <xsd:enumeration value="HTMLSelect"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:element name="CompatibilityMode" default="false"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="EnableInfoboxValidator" default="true"> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:element name="AlwaysShowForm" default="false"> + <xsd:annotation> + <xsd:documentation>Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:element> + <xsd:complexType name="InputProcessorType"> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="template" type="xsd:anyURI" use="optional"> + <xsd:annotation> + <xsd:documentation>Das Attribut spezifiziert die Lage des Templates, welches der InputProcessor zur Darstellung des Eingabeformulars nutzen soll</xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="PartyRepresentationType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default InputProcessor. Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Wert für Formularanzeige. Soll nicht nur bei leerer oder standardisierter Vollmacht mit unvollständigen Daten, sondern beispielsweise zu Kontrollzwecken das Eingabeformular zur vervollständigung der Vertretenendaten immer angezeigt werden, wenn ein Einschreiten durch berufliche Parteienvertretung geschieht so kann dies mittels dieses Schalters veranlasst werden</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Default Verbindungsparameter zum SZR-Gateway (für den EGIZ-Demonstrator im internen Netzwerk: https://129.27.142.5:8443/szr-gateway/services/MandateCreation)</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="PartyRepresentative" type="PartyRepresentativeType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Falls keine speziellen beruflichen ParteienvertreterInnen definiert sind (Element kommt nicht vor), werden ausschließlich standardisierte Vollmachten mit einer MandateID="*" akzeptiert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="PartyRepresentativeType"> + <xsd:sequence> + <xsd:element name="InputProcessor" type="InputProcessorType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Konfiguration eines vom Standardprozess abweichenden Verarbeitungsvorgangs bei der beruflichen Parteienvertretung. Der Wert dieses Elements ist der vollständige Klassenname des InputProzessors</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="AlwaysShowForm" minOccurs="0"/> + <xsd:element name="ConnectionParameter" type="ConnectionParameterClientAuthType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Optionale Verbindungsparameter zu speziellem (SZR-)Gateway</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="oid" use="required"> + <xsd:annotation> + <xsd:documentation>OID der Parteienvertretung lt. "Object Identifier der öffentlichen Verwaltung" - Konvention, Empfehlung. Diese ID muss mit der MandateID der übermittelten standardisierten Vollmacht übereinstimmen. Eine Parteienvertretung für standardisierte Vollmachten mit der MandateID "*" muss nicht definiert werden und erlaubt eine allgemeine berufliche Parteienvertretung mit Standardtexten. In anderen Fällen ist eine erlaubte OID mitttels dieses Attributs zu definieren</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="1.2.40.0.10.3.1"/> + <xsd:enumeration value="1.2.40.0.10.3.2"/> + <xsd:enumeration value="1.2.40.0.10.3.3"/> + <xsd:enumeration value="1.2.40.0.10.3.10"/> + <xsd:enumeration value="1.2.40.0.10.3.10.IdentifiedVoiceChannel"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + <xsd:attribute name="representPhysicalParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für natürliche Personen erlaubt ist</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representCorporateParty" use="optional" default="false"> + <xsd:annotation> + <xsd:documentation>Legt fest, ob berufliche Parteienvertretung für juristische Personen erlaubt ist (welche z.B. ein Organwalter nicht vertreten darf und dieser Wert aus diesem Grund dort false sein muss)</xsd:documentation> + </xsd:annotation> + <xsd:simpleType> + <xsd:restriction base="xsd:boolean"/> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="representationText" use="optional"> + <xsd:annotation> + <xsd:documentation>Beschreibender Text, der an Stelle des Standardtexts bei der Signatur der Anmeldedaten im Falle einer vorliegenden beruflichen Parteienvertretung zur Signatur vorgelegt wird</xsd:documentation> + </xsd:annotation> + <!--xsd:simpleType> + <xsd:restriction/> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Notariatseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Rechtsanwaltseigenschaft"/> + <xsd:enumeration value="berufsmäßige(r) Parteienvertreter(in) mit Ziviltechnikerinneneigenschaft)"/> + <xsd:enumeration value="Organwalter"/> + <xsd:enumeration value="Parteienvertreter(in) über einen identifizierten Sprachkanal"/> + </xsd:restriction> + </xsd:simpleType--> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="SignatureCreationParameterType"> + <xsd:annotation> + <xsd:documentation>Enthält Informationen zu einem KeyStore bzw. Key zur STORK SAML AuthnRequest Signaturerstellung</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element ref="KeyStore"/> + <xsd:element ref="KeyName"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SignatureVerificationParameterType"> + <xsd:annotation> + <xsd:documentation>Enthält Informationen zur Verfikation von Signaturen einer STORK SAML Response</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element ref="TrustProfileID"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="SAMLSigningParameter"> + <xsd:annotation> + <xsd:documentation>Enthält Informationen zur Erstellung und Verifikation von STORK SAML Messages</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="SignatureCreationParameter" type="SignatureCreationParameterType"/> + <xsd:element name="SignatureVerificationParameter" type="SignatureVerificationParameterType"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="KeyStore"> + <xsd:annotation> + <xsd:documentation>URL zu einem KeyStore, der den privaten Schlüssel zum Erstellen einer Signatur enthält</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="KeyName"> + <xsd:annotation> + <xsd:documentation>Name zum Key eines KeyStores, der den privaten Schlüssel zum Erstellen einer Signatur darstellt</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="password" type="xsd:string" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="C-PEPS"> + <xsd:annotation> + <xsd:documentation>Enthält Informationen zu einem Citizen Country PEPS (C-PEPS)</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="stork:RequestedAttribute" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="countryCode" type="stork:CountryCodeType" use="required"/> + <xsd:attribute name="URL" type="xsd:anyURI" use="required"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="STORK"> + <xsd:annotation> + <xsd:documentation>Contains STORK related information</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:choice> + <xsd:sequence> + <xsd:element ref="C-PEPS" maxOccurs="unbounded"/> + <xsd:element ref="SAMLSigningParameter"/> + </xsd:sequence> + <xsd:sequence> + <xsd:element ref="stork:QualityAuthenticationAssuranceLevel" minOccurs="0"/> + <xsd:element ref="storkp:RequestedAttributes"/> + </xsd:sequence> + </xsd:choice> + </xsd:complexType> + </xsd:element> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd new file mode 100644 index 000000000..5a58e4f87 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-1.3.xsd @@ -0,0 +1,469 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 1.3 Schema +--> +<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <!--########## Create XML Signature ###--> + <!--### Create XML Signature Request ###--> + <xsd:element name="CreateXMLSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreateXMLSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="DataObjectInfo" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="DataObjectInfoType"> + <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="CreateSignatureInfo" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateSignatureEnvironmentProfile"/> + <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create XML Signature Response ###--> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation> + </xsd:annotation> + <xsd:element name="SignatureEnvironment"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element ref="ErrorResponse"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <!--########## Verify CMS Signature ###--> + <!--### Verifiy CMS Signature Request ###--> + <xsd:element name="VerifyCMSSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="VerifyCMSSignatureRequestType"> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify CMS Signature Response ###--> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify XML Signature ###--> + <!--### Verify XML Signature Request ###--> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="VerifySignatureInfo"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:element name="VerifySignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element ref="SupplementProfile"/> + <xsd:element name="SupplementProfileID" type="xsd:string"/> + </xsd:choice> + <xsd:element name="SignatureManifestCheckParams" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReturnHashInputData" minOccurs="0"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify XML Signature Response ###--> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ProfileIdentifierType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="InputDataType"> + <xsd:complexContent> + <xsd:extension base="ContentExLocRefBaseType"> + <xsd:attribute name="PartOf" use="optional" default="SignedInfo"> + <xsd:simpleType> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SignedInfo"/> + <xsd:enumeration value="XMLDSIGManifest"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType"/> + <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="FinalDataMetaInfoType"> + <xsd:complexContent> + <xsd:extension base="MetaInfoType"> + <xsd:sequence> + <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="ContentOptionalRefType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateTransformsInfoProfile"/> + <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLDataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="ContentRequiredRefType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSContentBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!--########## Error Response ###--> + <xsd:element name="ErrorResponse" type="ErrorResponseType"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="xsd:integer"/> + <xsd:element name="Info" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Auxiliary Types ###--> + <xsd:simpleType name="KeyIdentifierType"> + <xsd:restriction base="xsd:string"/> + </xsd:simpleType> + <xsd:simpleType name="KeyStorageType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="Software"/> + <xsd:enumeration value="Hardware"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="AnyChildrenType" mixed="true"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute ref="xml:space" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="ContentExLocRefBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentOptionalRefType"> + <xsd:complexContent> + <xsd:extension base="ContentBaseType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentRequiredRefType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="VerifyTransformsDataType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation> + </xsd:annotation> + <xsd:element ref="VerifyTransformsInfoProfile"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string"> + <xsd:annotation> + <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <xsd:element name="QualifiedCertificate"/> + <xsd:element name="PublicAuthority" type="PublicAuthorityType"/> + <xsd:complexType name="PublicAuthorityType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger"/> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="CreateSignatureLocationType"> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:integer" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="TransformParameterType"> + <xsd:choice minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation> + </xsd:annotation> + <xsd:element name="Base64Content" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="Hash"> + <xsd:annotation> + <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:DigestMethod"/> + <xsd:element ref="dsig:DigestValue"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:choice> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:element name="CreateSignatureEnvironmentProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyTransformsInfoProfile"> + <xsd:annotation> + <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/> + <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/> + <xsd:element name="CreateTransformsInfoProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/> + <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd new file mode 100644 index 000000000..32b4d68ef --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-1.4.7.xsd @@ -0,0 +1,471 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v2004 rel. 4 U (http://www.xmlspy.com) by Klaus Stranacher (ORiON) --> +<!-- + MOA SP/SS 1.3 Schema +--> +<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <!--########## Create XML Signature ###--> + <!--### Create XML Signature Request ###--> + <xsd:element name="CreateXMLSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreateXMLSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="DataObjectInfo" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="DataObjectInfoType"> + <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="CreateSignatureInfo" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateSignatureEnvironmentProfile"/> + <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create XML Signature Response ###--> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation> + </xsd:annotation> + <xsd:element name="SignatureEnvironment"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element ref="ErrorResponse"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <!--########## Verify CMS Signature ###--> + <!--### Verifiy CMS Signature Request ###--> + <xsd:element name="VerifyCMSSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="VerifyCMSSignatureRequestType"> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify CMS Signature Response ###--> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify XML Signature ###--> + <!--### Verify XML Signature Request ###--> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="VerifySignatureInfo"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:element name="VerifySignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element ref="SupplementProfile"/> + <xsd:element name="SupplementProfileID" type="xsd:string"/> + </xsd:choice> + <xsd:element name="SignatureManifestCheckParams" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReturnHashInputData" minOccurs="0"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify XML Signature Response ###--> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ProfileIdentifierType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="InputDataType"> + <xsd:complexContent> + <xsd:extension base="ContentExLocRefBaseType"> + <xsd:attribute name="PartOf" use="optional" default="SignedInfo"> + <xsd:simpleType> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SignedInfo"/> + <xsd:enumeration value="XMLDSIGManifest"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType"/> + <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="FinalDataMetaInfoType"> + <xsd:complexContent> + <xsd:extension base="MetaInfoType"> + <xsd:sequence> + <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="ContentOptionalRefType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateTransformsInfoProfile"/> + <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLDataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="ContentRequiredRefType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSContentBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!--########## Error Response ###--> + <xsd:element name="ErrorResponse" type="ErrorResponseType"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="xsd:integer"/> + <xsd:element name="Info" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Auxiliary Types ###--> + <xsd:simpleType name="KeyIdentifierType"> + <xsd:restriction base="xsd:string"/> + </xsd:simpleType> + <xsd:simpleType name="KeyStorageType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="Software"/> + <xsd:enumeration value="Hardware"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="AnyChildrenType" mixed="true"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute ref="xml:space" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="ContentExLocRefBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentOptionalRefType"> + <xsd:complexContent> + <xsd:extension base="ContentBaseType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentRequiredRefType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="VerifyTransformsDataType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation> + </xsd:annotation> + <xsd:element ref="VerifyTransformsInfoProfile"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string"> + <xsd:annotation> + <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <xsd:element name="QualifiedCertificate"/> + <xsd:element name="SecureSignatureCreationDevice"/> + <xsd:element name="PublicAuthority" type="PublicAuthorityType"/> + <xsd:complexType name="PublicAuthorityType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger"/> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="CreateSignatureLocationType"> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:integer" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="TransformParameterType"> + <xsd:choice minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation> + </xsd:annotation> + <xsd:element name="Base64Content" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="Hash"> + <xsd:annotation> + <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:DigestMethod"/> + <xsd:element ref="dsig:DigestValue"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:choice> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:element name="CreateSignatureEnvironmentProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyTransformsInfoProfile"> + <xsd:annotation> + <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/> + <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/> + <xsd:element name="CreateTransformsInfoProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/> + <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.xsd new file mode 100644 index 000000000..73d145ecf --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.xsd @@ -0,0 +1,572 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 2.0.0 Schema +--> +<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <!--########## Create CMS Signature ###--> + <!--### Create CMS Signature Request ###--> + <xsd:element name="CreateCMSSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreateCMSSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreateCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="DataObjectInfo"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CMSDataObjectInfoType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create CMS Signature Response ###--> + <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/> + <xsd:complexType name="CreateCMSSignatureResponseType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation> + </xsd:annotation> + <xsd:element name="CMSSignature" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="ErrorResponse"/> + </xsd:choice> + </xsd:complexType> + <!--########## Create XML Signature ###--> + <!--### Create XML Signature Request ###--> + <xsd:element name="CreateXMLSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreateXMLSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="DataObjectInfo" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="DataObjectInfoType"> + <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="CreateSignatureInfo" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateSignatureEnvironmentProfile"/> + <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create XML Signature Response ###--> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation> + </xsd:annotation> + <xsd:element name="SignatureEnvironment"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element ref="ErrorResponse"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <!--########## Verify CMS Signature ###--> + <!--### Verifiy CMS Signature Request ###--> + <xsd:element name="VerifyCMSSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="VerifyCMSSignatureRequestType"> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify CMS Signature Response ###--> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify XML Signature ###--> + <!--### Verify XML Signature Request ###--> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="VerifySignatureInfo"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:element name="VerifySignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element ref="SupplementProfile"/> + <xsd:element name="SupplementProfileID" type="xsd:string"/> + </xsd:choice> + <xsd:element name="SignatureManifestCheckParams" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReturnHashInputData" minOccurs="0"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify XML Signature Response ###--> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ProfileIdentifierType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="InputDataType"> + <xsd:complexContent> + <xsd:extension base="ContentExLocRefBaseType"> + <xsd:attribute name="PartOf" use="optional" default="SignedInfo"> + <xsd:simpleType> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SignedInfo"/> + <xsd:enumeration value="XMLDSIGManifest"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType"/> + <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="FinalDataMetaInfoType"> + <xsd:complexContent> + <xsd:extension base="MetaInfoType"> + <xsd:sequence> + <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="ContentOptionalRefType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateTransformsInfoProfile"/> + <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CMSDataObjectRequiredMetaType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLDataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="ContentRequiredRefType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + <xsd:element name="ExcludedByteRange" type="ExcludedByteRangeType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectRequiredMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + <xsd:element name="ExcludedByteRange" type="ExcludedByteRangeType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ExcludedByteRangeType"> + <xsd:sequence> + <xsd:element name="From" type="xsd:unsignedLong"/> + <xsd:element name="To" type="xsd:unsignedLong"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSContentBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> + <xsd:complexContent> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> + <xsd:complexContent> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!--########## Error Response ###--> + <xsd:element name="ErrorResponse" type="ErrorResponseType"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="xsd:integer"/> + <xsd:element name="Info" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Auxiliary Types ###--> + <xsd:simpleType name="KeyIdentifierType"> + <xsd:restriction base="xsd:string"/> + </xsd:simpleType> + <xsd:simpleType name="KeyStorageType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="Software"/> + <xsd:enumeration value="Hardware"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="AnyChildrenType" mixed="true"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute ref="xml:space" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="ContentExLocRefBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentOptionalRefType"> + <xsd:complexContent> + <xsd:extension base="ContentBaseType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentRequiredRefType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="VerifyTransformsDataType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation> + </xsd:annotation> + <xsd:element ref="VerifyTransformsInfoProfile"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string"> + <xsd:annotation> + <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <xsd:element name="QualifiedCertificate"> + <xsd:complexType> + <xsd:attribute name="source" use="optional"> + <xsd:simpleType> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="TSL"/> + <xsd:enumeration value="Certificate"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + </xsd:element> + <xsd:element name="SecureSignatureCreationDevice"> + <xsd:complexType> + <xsd:attribute name="source" use="optional"> + <xsd:simpleType> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="TSL"/> + <xsd:enumeration value="Certificate"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + </xsd:element> + <xsd:element name="IssuingCountry" type="xsd:token"/> + <xsd:element name="PublicAuthority" type="PublicAuthorityType"/> + <xsd:complexType name="PublicAuthorityType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger"/> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="CreateSignatureLocationType"> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:integer" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="TransformParameterType"> + <xsd:choice minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation> + </xsd:annotation> + <xsd:element name="Base64Content" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="Hash"> + <xsd:annotation> + <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:DigestMethod"/> + <xsd:element ref="dsig:DigestValue"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:choice> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:element name="CreateSignatureEnvironmentProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyTransformsInfoProfile"> + <xsd:annotation> + <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/> + <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/> + <xsd:element name="CreateTransformsInfoProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/> + <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd new file mode 100644 index 000000000..291e75a76 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.3.xsd @@ -0,0 +1,253 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 1.3 Configuration Schema +--> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xs:element name="MOAConfiguration"> + <xs:complexType> + <xs:sequence> + <xs:element name="Common" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureCreation" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModules"> + <xs:complexType> + <xs:choice maxOccurs="unbounded"> + <xs:element name="HardwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SoftwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="FileName" type="xs:string"/> + <xs:element name="Password" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroup" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="Key"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModuleId" type="xs:token"/> + <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroupMapping" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/> + <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="XMLDSig"> + <xs:complexType> + <xs:sequence> + <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/> + <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureVerification" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="CertificateValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="PathConstruction"> + <xs:complexType> + <xs:sequence> + <xs:element name="AutoAddCertificates" type="xs:boolean"/> + <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/> + <xs:element name="CertificateStore"> + <xs:complexType> + <xs:choice> + <xs:element name="DirectoryStore"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="PathValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="ChainingMode"> + <xs:complexType> + <xs:sequence> + <xs:element name="DefaultMode" type="config:ChainingModeType"/> + <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Identification" type="dsig:X509IssuerSerialType"/> + <xs:element name="Mode" type="config:ChainingModeType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="TrustProfile" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/> + <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="RevocationChecking"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableChecking" type="xs:boolean"/> + <xs:element name="MaxRevocationAge" type="xs:integer"/> + <xs:element name="ServiceOrder" minOccurs="0"> + <xs:complexType> + <xs:sequence minOccurs="2" maxOccurs="2"> + <xs:element name="Service"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="OCSP"/> + <xs:enumeration value="CRL"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="Archiving"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableArchiving" type="xs:boolean"/> + <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/> + <xs:element name="Archive" minOccurs="0"> + <xs:complexType> + <xs:choice> + <xs:element name="DatabaseArchive"> + <xs:complexType> + <xs:sequence> + <xs:element name="JDBCURL" type="xs:anyURI"/> + <xs:element name="JDBCDriverClassName" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CAIssuerDN" type="xs:token"/> + <xs:choice maxOccurs="unbounded"> + <xs:element name="CRLDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="unused"/> + <xs:enumeration value="keyCompromise"/> + <xs:enumeration value="cACompromise"/> + <xs:enumeration value="affiliationChanged"/> + <xs:enumeration value="superseded"/> + <xs:enumeration value="cessationOfOperation"/> + <xs:enumeration value="certificateHold"/> + <xs:enumeration value="privilegeWithdrawn"/> + <xs:enumeration value="aACompromise"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="OCSPDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:simpleType name="ChainingModeType"> + <xs:restriction base="xs:string"> + <xs:enumeration value="chaining"/> + <xs:enumeration value="pkix"/> + </xs:restriction> + </xs:simpleType> + <xs:complexType name="ProfileType"> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd new file mode 100644 index 000000000..884b20a9b --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.3.xsd @@ -0,0 +1,312 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 1.4.3 Configuration Schema +--> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xs:element name="MOAConfiguration"> + <xs:complexType> + <xs:sequence> + <xs:element name="Common" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureCreation" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModules"> + <xs:complexType> + <xs:choice maxOccurs="unbounded"> + <xs:element name="HardwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SoftwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="FileName" type="xs:string"/> + <xs:element name="Password" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroup" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="Key"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModuleId" type="xs:token"/> + <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroupMapping" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/> + <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="XMLDSig"> + <xs:complexType> + <xs:sequence> + <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/> + <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureVerification" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="CertificateValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="PathConstruction"> + <xs:complexType> + <xs:sequence> + <xs:element + name="AutoAddCertificates" type="xs:boolean" /> + <xs:element + name="UseAuthorityInformationAccess" + type="xs:boolean" /> + <xs:element + name="CertificateStore"> + <xs:complexType> + <xs:choice> + <xs:element + name="DirectoryStore"> + <xs:complexType> + <xs:sequence> + <xs:element + name="Location" type="xs:token" /> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="PathValidation"> + <xs:complexType> + <xs:sequence> + <xs:element + name="ChainingMode"> + <xs:complexType> + <xs:sequence> + <xs:element + name="DefaultMode" + type="config:ChainingModeType" /> + <xs:element + name="TrustAnchor" minOccurs="0" + maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element + name="Identification" + type="dsig:X509IssuerSerialType" /> + <xs:element + name="Mode" type="config:ChainingModeType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="TrustProfile" + maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element + name="Id" type="xs:token" /> + <xs:element + name="TrustAnchorsLocation" type="xs:anyURI" /> + <xs:element + name="SignerCertsLocation" type="xs:anyURI" + minOccurs="0" /> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="RevocationChecking"> + <xs:complexType> + <xs:sequence> + <xs:element + name="EnableChecking" type="xs:boolean" /> + <xs:element + name="MaxRevocationAge" type="xs:integer" /> + <xs:element name="ServiceOrder" + minOccurs="0"> + <xs:complexType> + <xs:sequence + minOccurs="2" maxOccurs="2"> + <xs:element + name="Service"> + <xs:simpleType> + <xs:restriction + base="xs:token"> + <xs:enumeration + value="OCSP" /> + <xs:enumeration + value="CRL" /> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="Archiving"> + <xs:complexType> + <xs:sequence> + <xs:element + name="EnableArchiving" type="xs:boolean" /> + <xs:element + name="ArchiveDuration" + type="xs:nonNegativeInteger" minOccurs="0" /> + <xs:element + name="Archive" minOccurs="0"> + <xs:complexType> + <xs:choice> + <xs:element + name="DatabaseArchive"> + <xs:complexType> + <xs:sequence> + <xs:element + name="JDBCURL" type="xs:anyURI" /> + <xs:element + name="JDBCDriverClassName" type="xs:token" /> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element + name="DistributionPoint" minOccurs="0" + maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element + name="CAIssuerDN" type="xs:token" /> + <xs:choice + maxOccurs="unbounded"> + <xs:element + name="CRLDP"> + <xs:complexType> + <xs:sequence> + <xs:element + name="Location" type="xs:anyURI" /> + <xs:element + name="ReasonCode" minOccurs="0" + maxOccurs="unbounded"> + <xs:simpleType> + <xs:restriction + base="xs:token"> + <xs:enumeration + value="unused" /> + <xs:enumeration + value="keyCompromise" /> + <xs:enumeration + value="cACompromise" /> + <xs:enumeration + value="affiliationChanged" /> + <xs:enumeration + value="superseded" /> + <xs:enumeration + value="cessationOfOperation" /> + <xs:enumeration + value="certificateHold" /> + <xs:enumeration + value="privilegeWithdrawn" /> + <xs:enumeration + value="aACompromise" /> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element + name="OCSPDP"> + <xs:complexType> + <xs:sequence> + <xs:element + name="Location" type="xs:anyURI" /> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="VerifyTransformsInfoProfile" + type="config:ProfileType" minOccurs="0" + maxOccurs="unbounded" /> + <xs:element name="SupplementProfile" + type="config:ProfileType" minOccurs="0" + maxOccurs="unbounded" /> + <xs:element name="PermitFileURIs" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:simpleType name="ChainingModeType"> + <xs:restriction base="xs:string"> + <xs:enumeration value="chaining"/> + <xs:enumeration value="pkix"/> + </xs:restriction> + </xs:simpleType> + <xs:complexType name="ProfileType"> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd new file mode 100644 index 000000000..7c3270fdd --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.5.xsd @@ -0,0 +1,268 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 1.4.5 Configuration Schema +--> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xs:element name="MOAConfiguration"> + <xs:complexType> + <xs:sequence> + <xs:element name="Common" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureCreation" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModules"> + <xs:complexType> + <xs:choice maxOccurs="unbounded"> + <xs:element name="HardwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SoftwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="FileName" type="xs:string"/> + <xs:element name="Password" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroup" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="Key"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModuleId" type="xs:token"/> + <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroupMapping" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/> + <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="XMLDSig"> + <xs:complexType> + <xs:sequence> + <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/> + <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureVerification" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="CertificateValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="PathConstruction"> + <xs:complexType> + <xs:sequence> + <xs:element name="AutoAddCertificates" type="xs:boolean"/> + <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/> + <xs:element name="CertificateStore"> + <xs:complexType> + <xs:choice> + <xs:element name="DirectoryStore"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="PathValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="ChainingMode"> + <xs:complexType> + <xs:sequence> + <xs:element name="DefaultMode" type="config:ChainingModeType"/> + <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Identification" type="dsig:X509IssuerSerialType"/> + <xs:element name="Mode" type="config:ChainingModeType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="TrustProfile" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/> + <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="RevocationChecking"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableChecking" type="xs:boolean"/> + <xs:element name="MaxRevocationAge" type="xs:integer"/> + <xs:element name="ServiceOrder" minOccurs="0"> + <xs:complexType> + <xs:sequence minOccurs="1" maxOccurs="2"> + <xs:element name="Service"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="OCSP"/> + <xs:enumeration value="CRL"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="Archiving"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableArchiving" type="xs:boolean"/> + <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/> + <xs:element name="Archive" minOccurs="0"> + <xs:complexType> + <xs:choice> + <xs:element name="DatabaseArchive"> + <xs:complexType> + <xs:sequence> + <xs:element name="JDBCURL" type="xs:anyURI"/> + <xs:element name="JDBCDriverClassName" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CAIssuerDN" type="xs:token"/> + <xs:choice maxOccurs="unbounded"> + <xs:element name="CRLDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="unused"/> + <xs:enumeration value="keyCompromise"/> + <xs:enumeration value="cACompromise"/> + <xs:enumeration value="affiliationChanged"/> + <xs:enumeration value="superseded"/> + <xs:enumeration value="cessationOfOperation"/> + <xs:enumeration value="certificateHold"/> + <xs:enumeration value="privilegeWithdrawn"/> + <xs:enumeration value="aACompromise"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="OCSPDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CrlRetentionIntervals" minOccurs="0"> + <xs:complexType> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="CA"> + <xs:complexType> + <xs:sequence> + <xs:element name="X509IssuerName" type="xs:string"/> + <xs:element name="Interval" type="xs:integer"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:simpleType name="ChainingModeType"> + <xs:restriction base="xs:string"> + <xs:enumeration value="chaining"/> + <xs:enumeration value="pkix"/> + </xs:restriction> + </xs:simpleType> + <xs:complexType name="ProfileType"> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd new file mode 100644 index 000000000..063f0e134 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.4.7.xsd @@ -0,0 +1,268 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 1.4.7 Configuration Schema +--> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified" xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xs:element name="MOAConfiguration"> + <xs:complexType> + <xs:sequence> + <xs:element name="Common" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureCreation" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModules"> + <xs:complexType> + <xs:choice maxOccurs="unbounded"> + <xs:element name="HardwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SoftwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="FileName" type="xs:string"/> + <xs:element name="Password" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroup" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="Key"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModuleId" type="xs:token"/> + <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroupMapping" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/> + <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="XMLDSig"> + <xs:complexType> + <xs:sequence> + <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/> + <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureVerification" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="CertificateValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="PathConstruction"> + <xs:complexType> + <xs:sequence> + <xs:element name="AutoAddCertificates" type="xs:boolean"/> + <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/> + <xs:element name="CertificateStore"> + <xs:complexType> + <xs:choice> + <xs:element name="DirectoryStore"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="PathValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="ChainingMode"> + <xs:complexType> + <xs:sequence> + <xs:element name="DefaultMode" type="config:ChainingModeType"/> + <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Identification" type="dsig:X509IssuerSerialType"/> + <xs:element name="Mode" type="config:ChainingModeType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="TrustProfile" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/> + <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="RevocationChecking"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableChecking" type="xs:boolean"/> + <xs:element name="MaxRevocationAge" type="xs:integer"/> + <xs:element name="ServiceOrder" minOccurs="0"> + <xs:complexType> + <xs:sequence minOccurs="1" maxOccurs="2"> + <xs:element name="Service"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="OCSP"/> + <xs:enumeration value="CRL"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="Archiving"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableArchiving" type="xs:boolean"/> + <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/> + <xs:element name="Archive" minOccurs="0"> + <xs:complexType> + <xs:choice> + <xs:element name="DatabaseArchive"> + <xs:complexType> + <xs:sequence> + <xs:element name="JDBCURL" type="xs:anyURI"/> + <xs:element name="JDBCDriverClassName" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CAIssuerDN" type="xs:token"/> + <xs:choice maxOccurs="unbounded"> + <xs:element name="CRLDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="unused"/> + <xs:enumeration value="keyCompromise"/> + <xs:enumeration value="cACompromise"/> + <xs:enumeration value="affiliationChanged"/> + <xs:enumeration value="superseded"/> + <xs:enumeration value="cessationOfOperation"/> + <xs:enumeration value="certificateHold"/> + <xs:enumeration value="privilegeWithdrawn"/> + <xs:enumeration value="aACompromise"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="OCSPDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CrlRetentionIntervals" minOccurs="0"> + <xs:complexType> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="CA"> + <xs:complexType> + <xs:sequence> + <xs:element name="X509IssuerName" type="xs:string"/> + <xs:element name="Interval" type="xs:integer"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:simpleType name="ChainingModeType"> + <xs:restriction base="xs:string"> + <xs:enumeration value="chaining"/> + <xs:enumeration value="pkix"/> + </xs:restriction> + </xs:simpleType> + <xs:complexType name="ProfileType"> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd new file mode 100644 index 000000000..bfa48e9d1 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.1.xsd @@ -0,0 +1,282 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 1.5.1 Configuration Schema +--> +<xs:schema xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xs:element name="MOAConfiguration"> + <xs:complexType> + <xs:sequence> + <xs:element name="Common" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="PermitExternalUris" minOccurs="0"> + <xs:complexType> + <xs:sequence minOccurs="0" maxOccurs="unbounded"> + <xs:element name="BlackListUri"> + <xs:complexType> + <xs:sequence> + <xs:element name="IP" type="xs:string"/> + <xs:element name="Port" type="xs:int" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureCreation" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModules"> + <xs:complexType> + <xs:choice maxOccurs="unbounded"> + <xs:element name="HardwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SoftwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="FileName" type="xs:string"/> + <xs:element name="Password" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroup" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="Key"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModuleId" type="xs:token"/> + <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroupMapping" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/> + <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="XMLDSig"> + <xs:complexType> + <xs:sequence> + <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/> + <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureVerification" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="CertificateValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="PathConstruction"> + <xs:complexType> + <xs:sequence> + <xs:element name="AutoAddCertificates" type="xs:boolean"/> + <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/> + <xs:element name="CertificateStore"> + <xs:complexType> + <xs:choice> + <xs:element name="DirectoryStore"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="PathValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="ChainingMode"> + <xs:complexType> + <xs:sequence> + <xs:element name="DefaultMode" type="config:ChainingModeType"/> + <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Identification" type="dsig:X509IssuerSerialType"/> + <xs:element name="Mode" type="config:ChainingModeType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="TrustProfile" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/> + <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="RevocationChecking"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableChecking" type="xs:boolean"/> + <xs:element name="MaxRevocationAge" type="xs:integer"/> + <xs:element name="ServiceOrder" minOccurs="0"> + <xs:complexType> + <xs:sequence maxOccurs="2"> + <xs:element name="Service"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="OCSP"/> + <xs:enumeration value="CRL"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="Archiving"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableArchiving" type="xs:boolean"/> + <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/> + <xs:element name="Archive" minOccurs="0"> + <xs:complexType> + <xs:choice> + <xs:element name="DatabaseArchive"> + <xs:complexType> + <xs:sequence> + <xs:element name="JDBCURL" type="xs:anyURI"/> + <xs:element name="JDBCDriverClassName" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CAIssuerDN" type="xs:token"/> + <xs:choice maxOccurs="unbounded"> + <xs:element name="CRLDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="unused"/> + <xs:enumeration value="keyCompromise"/> + <xs:enumeration value="cACompromise"/> + <xs:enumeration value="affiliationChanged"/> + <xs:enumeration value="superseded"/> + <xs:enumeration value="cessationOfOperation"/> + <xs:enumeration value="certificateHold"/> + <xs:enumeration value="privilegeWithdrawn"/> + <xs:enumeration value="aACompromise"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="OCSPDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CrlRetentionIntervals" minOccurs="0"> + <xs:complexType> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="CA"> + <xs:complexType> + <xs:sequence> + <xs:element name="X509IssuerName" type="xs:string"/> + <xs:element name="Interval" type="xs:integer"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:simpleType name="ChainingModeType"> + <xs:restriction base="xs:string"> + <xs:enumeration value="chaining"/> + <xs:enumeration value="pkix"/> + </xs:restriction> + </xs:simpleType> + <xs:complexType name="ProfileType"> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-2.0.0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-2.0.0.xsd new file mode 100644 index 000000000..7270d288a --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOA-SPSS-config-2.0.0.xsd @@ -0,0 +1,353 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + MOA SP/SS 1.5.1 Configuration Schema +--> +<xs:schema xmlns:config="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xs:element name="MOAConfiguration"> + <xs:complexType> + <xs:sequence> + <xs:element name="Common" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="HardwareCryptoModule" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:choice> + <xs:element name="PermitExternalUris" minOccurs="0"> + <xs:complexType> + <xs:sequence minOccurs="0"> + <xs:element name="BlackListUri" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="IP" type="xs:string"/> + <xs:element name="Port" type="xs:int" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="ForbidExternalUris" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="WhiteListUri" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="IP" type="xs:string"/> + <xs:element name="Port" type="xs:int" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureCreation" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModules"> + <xs:complexType> + <xs:choice maxOccurs="unbounded"> + <xs:element name="HardwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Name" type="xs:string"/> + <xs:element name="SlotId" type="xs:string" minOccurs="0"/> + <xs:element name="UserPIN" type="xs:string"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SoftwareKeyModule"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="FileName" type="xs:string"/> + <xs:element name="Password" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroup" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="Key"> + <xs:complexType> + <xs:sequence> + <xs:element name="KeyModuleId" type="xs:token"/> + <xs:element name="KeyCertIssuerSerial" type="dsig:X509IssuerSerialType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + <xs:element name="DigestMethodAlgorithm" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="KeyGroupMapping" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CustomerId" type="dsig:X509IssuerSerialType" minOccurs="0"/> + <xs:element name="KeyGroupId" type="xs:token" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="XMLDSig"> + <xs:complexType> + <xs:sequence> + <xs:element name="CanonicalizationAlgorithm" type="xs:anyURI" minOccurs="0"/> + <xs:element name="DigestMethodAlgorithm" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="XAdES" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="Version"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="1.4.2"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="SignatureVerification" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="CertificateValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="PathConstruction"> + <xs:complexType> + <xs:sequence> + <xs:element name="AutoAddCertificates" type="xs:boolean"/> + <xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/> + <xs:element name="CertificateStore"> + <xs:complexType> + <xs:choice> + <xs:element name="DirectoryStore"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="PathValidation"> + <xs:complexType> + <xs:sequence> + <xs:element name="ChainingMode"> + <xs:complexType> + <xs:sequence> + <xs:element name="DefaultMode" type="config:ChainingModeType"/> + <xs:element name="TrustAnchor" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Identification" type="dsig:X509IssuerSerialType"/> + <xs:element name="Mode" type="config:ChainingModeType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="TrustProfile" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/> + <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/> + <xs:element name="EUTSL" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="CountrySelection" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <!-- + <xs:element name="TSLTrustProfile"> + <xs:complexType> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="TrustAnchorsLocation" type="xs:anyURI"/> + <xs:element name="SignerCertsLocation" type="xs:anyURI" minOccurs="0"/> + <xs:element name="EUTSL" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="CountrySelection" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + --> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="RevocationChecking"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableChecking" type="xs:boolean"/> + <xs:element name="MaxRevocationAge" type="xs:integer"/> + <xs:element name="ServiceOrder" minOccurs="0"> + <xs:complexType> + <xs:sequence maxOccurs="2"> + <xs:element name="Service"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="OCSP"/> + <xs:enumeration value="CRL"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="Archiving"> + <xs:complexType> + <xs:sequence> + <xs:element name="EnableArchiving" type="xs:boolean"/> + <xs:element name="ArchiveDuration" type="xs:nonNegativeInteger" minOccurs="0"/> + <xs:element name="Archive" minOccurs="0"> + <xs:complexType> + <xs:choice> + <xs:element name="DatabaseArchive"> + <xs:complexType> + <xs:sequence> + <xs:element name="JDBCURL" type="xs:anyURI"/> + <xs:element name="JDBCDriverClassName" type="xs:token"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="DistributionPoint" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="CAIssuerDN" type="xs:token"/> + <xs:choice maxOccurs="unbounded"> + <xs:element name="CRLDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + <xs:element name="ReasonCode" minOccurs="0" maxOccurs="unbounded"> + <xs:simpleType> + <xs:restriction base="xs:token"> + <xs:enumeration value="unused"/> + <xs:enumeration value="keyCompromise"/> + <xs:enumeration value="cACompromise"/> + <xs:enumeration value="affiliationChanged"/> + <xs:enumeration value="superseded"/> + <xs:enumeration value="cessationOfOperation"/> + <xs:enumeration value="certificateHold"/> + <xs:enumeration value="privilegeWithdrawn"/> + <xs:enumeration value="aACompromise"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="OCSPDP"> + <xs:complexType> + <xs:sequence> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="CrlRetentionIntervals" minOccurs="0"> + <xs:complexType> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="CA"> + <xs:complexType> + <xs:sequence> + <xs:element name="X509IssuerName" type="xs:string"/> + <xs:element name="Interval" type="xs:integer"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="TSLConfiguration" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="EUTSLUrl" type="xs:anyURI" minOccurs="0"/> + <xs:element name="UpdateSchedule" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="StartTime" type="xs:time"/> + <xs:element name="Period" type="xs:unsignedLong"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="WorkingDirectory" type="xs:anyURI" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="VerifyTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="SupplementProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="PermitFileURIs" type="xs:boolean" default="false" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:simpleType name="ChainingModeType"> + <xs:restriction base="xs:string"> + <xs:enumeration value="chaining"/> + <xs:enumeration value="pkix"/> + </xs:restriction> + </xs:simpleType> + <xs:complexType name="ProfileType"> + <xs:sequence> + <xs:element name="Id" type="xs:token"/> + <xs:element name="Location" type="xs:anyURI"/> + </xs:sequence> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/MOAIdentities.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOAIdentities.xsd new file mode 100644 index 000000000..470295bec --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/MOAIdentities.xsd @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) --> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xs:element name="MOAIdentities"> + <xs:annotation> + <xs:documentation>MOAIdentities provides a mapping from identities to parameters used in the XMLLoginParameterResolver of MOA-ID</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="Mapping"> + <xs:complexType> + <xs:sequence> + <xs:element name="Identity"> + <xs:complexType> + <xs:choice> + <xs:element name="NamedIdentity" type="tns:NamedIdentityType"/> + <xs:element name="bPKIdentity" type="tns:bPKIdentitiyType"/> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="Parameters" type="tns:ParametersType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:complexType name="bPKIdentitiyType"> + <xs:simpleContent> + <xs:extension base="xs:boolean"> + <xs:attribute name="bPK" type="xs:string" use="required"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="NamedIdentityType"> + <xs:simpleContent> + <xs:extension base="xs:boolean"> + <xs:attribute name="SurName" type="xs:string" use="required"/> + <xs:attribute name="GivenName" type="xs:string" use="required"/> + <xs:attribute name="BirthDate" type="xs:string" use="optional"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="ParametersType"> + <xs:attribute name="UN" type="xs:string" use="optional"/> + <xs:attribute name="PW" type="xs:string" use="optional"/> + <xs:attribute name="Param1" type="xs:string" use="optional"/> + <xs:attribute name="Param2" type="xs:string" use="optional"/> + <xs:attribute name="Param3" type="xs:string" use="optional"/> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonData.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonData.xsd new file mode 100644 index 000000000..0e3bc6b3b --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonData.xsd @@ -0,0 +1,426 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- edited with XML Spy v4.1 U (http://www.xmlspy.com) by Peter Reichstädter (CIO) --> +<!--Generisches Schema zum Speichern und Austauschen von Personendaten + (c) 2001-2002 Chief Information Office Austria, Stabsstelle IKT-Strategie des Bundes, BMÖLS + Kontakt: Peter Reichstädter (peter.reichstaedter@cio.gv.at), Arno Hollosi (arno.hollosi@cio.gv.at) + Die freie Verwendung dieses Schemas in Applikationen (behördenintern, kommerziell, privat) ist erlaubt und erwünscht. +--> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0.0"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="W3C-XMLDSig.xsd"/> + <!-- ### include definitions from hr-xml schemas ###--> + <xs:include schemaLocation="PersonName-1_2.xsd"/> + <xs:include schemaLocation="PostalAddress-1_2.xsd"/> + <xs:include schemaLocation="TelcomNumber-1_0.xsd"/> + <!-- ### type definition of Unique Identifier Entities ### --> + <xs:complexType name="IdentificationType"> + <xs:annotation> + <xs:documentation>unique identifier</xs:documentation> + </xs:annotation> + <xs:sequence> + <xs:element name="Value"> + <xs:annotation> + <xs:documentation>actual value of the identifier.</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Type" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>type of value (eg 'ZMR', 'SV-Nummer', 'Martrikelnummer', database identification, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Authority" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>authority, which is reponsible for generation of the identifier (eg university in case of 'MatrikelNummer')</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <!-- ### base type for person data ### --> + <xs:element name="Person" type="AbstractPersonType"> + <xs:annotation> + <xs:documentation>element of person type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="AbstractPersonType" abstract="true"> + <xs:annotation> + <xs:documentation>main structure of person data</xs:documentation> + </xs:annotation> + <xs:sequence minOccurs="0"> + <xs:element name="Identification" type="IdentificationType" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>unique identification entities</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <!-- ### physical person and corporate body ### --> + <xs:element name="PhysicalPerson" type="PhysicalPersonType"> + <xs:annotation> + <xs:documentation>element of physical person type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="PhysicalPersonType"> + <xs:annotation> + <xs:documentation>physical person</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence minOccurs="0"> + <xs:element name="Name" type="PersonNameType" minOccurs="0"> + <xs:annotation> + <xs:documentation>data related to the person's name</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AlternativeName" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Former name, Artist name, changes of Given name ...</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:complexContent> + <xs:extension base="PersonNameType"> + <xs:attribute name="Type" type="AlternativeNameTypeType"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + </xs:element> + <xs:element name="MaritalStatus" type="MaritalStatusType" minOccurs="0"> + <xs:annotation> + <xs:documentation>status of a person in the cycle of life</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Sex" type="SexType" minOccurs="0"> + <xs:annotation> + <xs:documentation>gender</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="DateOfBirth" type="DateOfBirthType" minOccurs="0"> + <xs:annotation> + <xs:documentation>date of birth</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="PlaceOfBirth" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>place of birth</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CountryOfBirth" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>country of birth</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Nationality" type="xs:token" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>nationality of Person (Staatsbürgerschaft)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Confession" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>confession (religion) of Person</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="relatedPerson" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>relatives (parents, ...)</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence> + <xs:element name="TypeOfRelation" type="RelationType" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>type of the relationship</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element ref="Person"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:element name="CorporateBody" type="CorporateBodyType"> + <xs:annotation> + <xs:documentation>element of corporate body type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="CorporateBodyType"> + <xs:annotation> + <xs:documentation>juridical person, organisation</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>category (eg organisation, function, sector, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="FullName" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>name of corporate body (whole name)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AlternativeName" type="xs:token" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>alternative names of corporate body (abbreviations, short name, synonyms, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>type of company (eg AG, OHG, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Organisation" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) </xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <!-- ### signed structure of a person ### --> + <xs:element name="PersonData" type="PersonDataType"> + <xs:annotation> + <xs:documentation>element of signed person datastructure type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="PersonDataType"> + <xs:annotation> + <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence> + <xs:element ref="Person"/> + <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AdditionalData" minOccurs="0"> + <xs:complexType mixed="true"> + <xs:sequence minOccurs="0" maxOccurs="unbounded"> + <xs:any namespace="##any" processContents="lax"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <!-- ### auxiliary types ### --> + <xs:simpleType name="SexType"> + <xs:annotation> + <xs:documentation>simple type for sex (gender) of person</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:token"> + <xs:enumeration value="male"/> + <xs:enumeration value="female"/> + <xs:enumeration value="unknown"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="DateOfBirthType"> + <xs:annotation> + <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/> + </xs:simpleType> + <xs:simpleType name="MaritalStatusType"> + <xs:annotation> + <xs:documentation>simple type for marital status of a person</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:token"> + <xs:enumeration value="single"/> + <xs:enumeration value="married"/> + <xs:enumeration value="divorced"/> + <xs:enumeration value="widowed"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="xStringPatternExtensionType"> + <xs:annotation> + <xs:documentation>pattern type for enlargement of type definitions</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:pattern value="x:\S.*"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="DefinedRelationType"> + <xs:annotation> + <xs:documentation>known relations (family + functional)</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:enumeration value="family:Parent"/> + <xs:enumeration value="family:Child"/> + <xs:enumeration value="family:Sibling"/> + <xs:enumeration value="family:Grandparent"/> + <xs:enumeration value="family:Grandchild"/> + <xs:enumeration value="family:Spouse"/> + <xs:enumeration value="function:LegalGuardian"/> + <xs:enumeration value="function:IsGuardedBy"/> + <xs:enumeration value="function:Cohabitant"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="RelationType"> + <xs:annotation> + <xs:documentation>known + any other relation</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xStringPatternExtensionType DefinedRelationType"/> + </xs:simpleType> + <xs:simpleType name="DefinedAlternativeNameTypeType"> + <xs:annotation> + <xs:documentation>known types of alternative names</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:enumeration value="ArtistName"/> + <xs:enumeration value="NickName"/> + <xs:enumeration value="FormerName"/> + <xs:enumeration value="Alias"/> + <xs:enumeration value="MaidenName"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="AlternativeNameTypeType"> + <xs:annotation> + <xs:documentation>known + any other alternative name types</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xStringPatternExtensionType DefinedAlternativeNameTypeType"/> + </xs:simpleType> + <!-- ### adress data for various types of communications ### --> + <xs:element name="Address" type="AbstractAddressType"> + <xs:annotation> + <xs:documentation>element of address type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="AbstractAddressType" abstract="true"> + <xs:annotation> + <xs:documentation>main structure of address data</xs:documentation> + </xs:annotation> + <xs:sequence minOccurs="0"> + <xs:element name="Identification" type="IdentificationType" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>unique identification entities</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <xs:element name="TypedPostalAddress" type="TypedPostalAddressType"> + <xs:annotation> + <xs:documentation>element of postal address type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="TypedPostalAddressType"> + <xs:annotation> + <xs:documentation>postal address</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>type of address - category (eg 'Wohnsitz', 'Zentrale', ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element ref="PostalAddress"/> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:element name="TelephoneAddress" type="TelephoneAddressType"> + <xs:annotation> + <xs:documentation>element of telephone address type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="TelephoneAddressType"> + <xs:annotation> + <xs:documentation>phone numbers</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>type of phononumber - category (eg 'Festnetz', 'Mobile', 'fax', ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Number" type="TelcomNumberType"> + <xs:annotation> + <xs:documentation>phonenumber</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:element name="InternetAddress" type="InternetAddressType"> + <xs:annotation> + <xs:documentation>element of internet address type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:complexType name="InternetAddressType"> + <xs:annotation> + <xs:documentation>internet based communication</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element ref="dsig:KeyInfo" minOccurs="0"> + <xs:annotation> + <xs:documentation>certificate for secure communication</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Address" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>email-Address, Web, FTP, LDAP, ...</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd new file mode 100644 index 000000000..885c2b765 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonData_20_en_moaWID.xsd @@ -0,0 +1,1229 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- edited with XMLSPY v2004 rel. 3 U (http://www.xmlspy.com) by Larissa Naber (Bundeskanzleramt) --> +<!-- edited with XML Spy v4.1 U (http://www.xmlspy.com) by Peter Reichstädter (CIO) --> +<!--Generisches Schema zum Speichern und Austauschen von Personendaten + (c) 2001-2002 Chief Information Office Austria, Stabsstelle IKT-Strategie des Bundes, BMÖLS + Kontakt: Peter Reichstädter (peter.reichstaedter@cio.gv.at), Arno Hollosi (arno.hollosi@cio.gv.at) + Die freie Verwendung dieses Schemas in Applikationen (behördenintern, kommerziell, privat) ist erlaubt und erwünscht. +--> +<?xml-stylesheet type="text/xsl" href="getelementnames.xslt"?> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0.0"> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <xs:annotation> + <xs:documentation>This version of person deploys only global elements. All types derived from abstract types have been replaced by substitution groups</xs:documentation> + </xs:annotation> + <!-- ### signed structure of a person ### --> + <xs:element name="AbstractPersonData" type="AbstractPersonType"> + <xs:annotation> + <xs:documentation>dummy abstract Peson Data element needed for bi-lingual schema (substitution groups)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="PersonData" type="PersonDataType" substitutionGroup="AbstractPersonData"> + <xs:annotation> + <xs:documentation>element of signed person datastructure type</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CompactPersonData"> + <xs:annotation> + <xs:documentation>element of signed person datastructure type</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence> + <xs:choice> + <xs:element ref="CompactPhysicalPerson"/> + <xs:element ref="CompactCorporateBody"/> + </xs:choice> + <xs:choice minOccurs="0" maxOccurs="unbounded"> + <xs:element ref="InternetAddress"/> + <xs:element ref="TelephoneAddress"/> + <xs:element ref="CompactPostalAddress"/> + </xs:choice> + </xs:sequence> + </xs:complexType> + </xs:element> + <!-- ### base type for person data ### --> + <xs:element name="Person" type="AbstractPersonType"> + <xs:annotation> + <xs:documentation>element of person type, essential abstract, subsitute PhysicalPerson or CorporateBody instead or use with xsi:type="..."</xs:documentation> + </xs:annotation> + </xs:element> + <!-- ### physical person and corporate body ### --> + <xs:element name="PhysicalPerson" type="PhysicalPersonType" substitutionGroup="Person"> + <xs:annotation> + <xs:documentation>element of physical person type, dreived from Person (abstract)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CompactPhysicalPerson" type="CompactPhysicalPersonType" substitutionGroup="Person"> + <xs:annotation> + <xs:documentation>element of physical person type, dreived from Person (abstract)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CorporateBody" type="CorporateBodyType" substitutionGroup="Person"> + <xs:annotation> + <xs:documentation>element of corporate body type, derived from Person</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CompactCorporateBody" type="CompactCorporateBodyType" substitutionGroup="Person"> + <xs:annotation> + <xs:documentation>element of corporate body type, derived from Person</xs:documentation> + </xs:annotation> + </xs:element> + <!--### complex child elements of person, also available as standalone ###--> + <xs:element name="Name" type="PersonNameType"> + <xs:annotation> + <xs:documentation>data related to the person's name</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CompactName" type="CompactPersonNameType"> + <xs:annotation> + <xs:documentation>data related to the person's name</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AlternativeName"> + <xs:annotation> + <xs:documentation>Former name, Artist name, changes of Given name ..., compare AlternativName</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:complexContent> + <xs:extension base="PersonNameType"> + <xs:attribute name="Type" type="AlternativeNameTypeType"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + </xs:element> + <xs:element name="relatedPerson"> + <xs:annotation> + <xs:documentation>relatives (parents, ...), compare Verwandter</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence> + <xs:element name="TypeOfRelation" type="RelationType" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>type of the relationship, compare Verwandschftsgrad</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element ref="PhysicalPerson"/> + </xs:sequence> + </xs:complexType> + </xs:element> + <!-- ### adress data for various types of communications ### --> + <xs:element name="Address" type="AbstractAddressType"> + <xs:annotation> + <xs:documentation>element of address type, essentially abstract. Use InternetAddress, TelephoneAddress, PostalAddress, TypedPostalAddress instead, or use Address with xsi:type Attribute</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="PostalAddress" type="PostalAddressType" substitutionGroup="Address"> + <xs:annotation> + <xs:documentation>Postal or ZMR Address, compare PostAdresse</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CompactPostalAddress" type="CompactPostalAddressType" substitutionGroup="Address"> + <xs:annotation> + <xs:documentation>Postal or ZMR Address, compare PostAdresse</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="TypedPostalAddress" type="TypedPostalAddressType" substitutionGroup="Address"> + <xs:annotation> + <xs:documentation>Typed Postal or ZMR Address, compare TypisiertePostAdresse</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="InternetAddress" type="InternetAddressType" substitutionGroup="Address"> + <xs:annotation> + <xs:documentation>InternetAdress such as e-mail or website, compare InternetAdresse</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="TelephoneAddress" type="TelephoneAddressType" substitutionGroup="Address"> + <xs:annotation> + <xs:documentation>Typed TelephoneAddress, compare TelefonAdresse</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="BankConnection" type="BankConnectionType"> + <xs:annotation> + <xs:documentation>National or international bank connection, compare Bankverbindung</xs:documentation> + </xs:annotation> + </xs:element> + <!-- ### Identification elements ###--> + <xs:element name="AbstractSimpleIdentification" type="AbstractSimpleIdentificationType"> + <xs:annotation> + <xs:documentation>possibility to include common austrian primary keys in human readable way, english translation not available</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="ZMRzahl" substitutionGroup="AbstractSimpleIdentification"> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="AbstractSimpleIdentificationType"> + <xs:attribute name="Identifier" type="xs:string" fixed="ZMR"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Stammzahl" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/> + <xs:element name="Firmenbuchnummer" substitutionGroup="AbstractSimpleIdentification"> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="AbstractSimpleIdentificationType"> + <xs:attribute name="Identifier" type="xs:string" fixed="FN"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="ERJPZahl" substitutionGroup="AbstractSimpleIdentification"> + <xs:annotation> + <xs:documentation>Ergänzungsregister für nicht-natürliche Personen (CorporateBody)</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="AbstractSimpleIdentificationType"> + <xs:attribute name="Identifier" type="xs:string" fixed="ERJ"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Vereinsnummer" substitutionGroup="AbstractSimpleIdentification"> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="AbstractSimpleIdentificationType"> + <xs:attribute name="Identifier" type="xs:string" fixed="VR"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Sozialversicherungsnummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/> + <xs:element name="Steuernummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/> + <xs:element name="Matrikelnummer" type="AbstractSimpleIdentificationType" substitutionGroup="AbstractSimpleIdentification"/> + <!-- ### additional telecom elements - not used internally - german translation not available ###--> + <xs:element name="Telephone" type="TelcomNumberType"/> + <xs:element name="Mobile" type="MobileTelcomNumberType"/> + <xs:element name="Fax" type="TelcomNumberType"/> + <xs:element name="Pager" type="TelcomNumberType"/> + <xs:element name="TTYTDD" type="TelcomNumberType"> + <xs:annotation> + <xs:documentation>teletyper or telephone for the hearing impaired</xs:documentation> + </xs:annotation> + </xs:element> + <!--### elements of simple type ####--> + <xs:element name="MaritalStatus" type="MaritalStatusType"> + <xs:annotation> + <xs:documentation>status of a person in the cycle of life, compare Familienstand</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Sex" type="SexType"> + <xs:annotation> + <xs:documentation>gender, comapre Geschlecht</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="DateOfBirth" type="DateOfBirthType"> + <xs:annotation> + <xs:documentation>date of birth, compare Geburtsdatum</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="DateOfDeath" type="DateOfDeathType"> + <xs:annotation> + <xs:documentation>date of death, compare Sterbedatum</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="PlaceOfBirth" type="xs:token"> + <xs:annotation> + <xs:documentation>place of birth, compare Geburtsort</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="CountryOfBirth" type="xs:token"> + <xs:annotation> + <xs:documentation>country of birth, compare Geburtsland</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="StateOfBirth" type="xs:token"> + <xs:annotation> + <xs:documentation>state of birth, comapre Geburtsbundesland</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Nationality" type="NationalityType"> + <xs:annotation> + <xs:documentation>nationality of Person, compare Staatsangehoerigkeit. attention! New Fomrat is complex, string value accepted for compatibility only</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Confession" type="xs:token"> + <xs:annotation> + <xs:documentation>confession (religion) of Person - xs:token? gibt es wirklich keine Staaten mit Leerzeichen im Namen?</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Occupation" type="xs:string"> + <xs:annotation> + <xs:documentation>occupation, compare Beruf</xs:documentation> + </xs:annotation> + </xs:element> + <!--### complex telephone types ###--> + <xs:element name="InternationalCountryCode" type="xs:string"> + <xs:annotation> + <xs:documentation>compare InternationalerLaendercode</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="NationalNumber" type="xs:string"> + <xs:annotation> + <xs:documentation>compare NationalNummer</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AreaCityCode" type="xs:string"> + <xs:annotation> + <xs:documentation>compare Vorwahl</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="SubscriberNumber" type="xs:string"> + <xs:annotation> + <xs:documentation>compare Anschlussnummer</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="FormattedNumber" type="xs:string"> + <xs:annotation> + <xs:documentation>Complete number, ready formated - e.g. +43 1 5131345 4664 compare FormatierteNummer</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Extension" type="xs:string"> + <xs:annotation> + <xs:documentation>compare Klappe</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Identification" type ="IdentificationType"> + <xs:annotation> + <xs:documentation>unique identifier</xs:documentation> + </xs:annotation> + </xs:element> + <!--### complex types ###--> + <xs:complexType name="PersonDataType"> + <xs:annotation> + <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence> + <xs:element ref="Person"/> + <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AdditionalData" minOccurs="0"> + <xs:annotation> + <xs:documentation>container for your Information needs. Contained Elements must reside in a different Namespace</xs:documentation> + </xs:annotation> + <xs:complexType mixed="true"> + <xs:sequence minOccurs="0" maxOccurs="unbounded"> + <xs:any namespace="##any" processContents="lax"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CompactPersonDataType"> + <xs:annotation> + <xs:documentation>signed person datastructure. The first Identification elements (from the base type) denote the record as such (e.g. database key for this record) - not to be mistaken for identifiers of the person or of an address (they have their own Identification elements).</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence> + <xs:element ref="Person"/> + <xs:element ref="Address" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>one or more electronic signatures applied on fields above</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AdditionalData" minOccurs="0"> + <xs:annotation> + <xs:documentation>container for your Information needs. Contained Elements must reside in a different Namespace</xs:documentation> + </xs:annotation> + <xs:complexType mixed="true"> + <xs:sequence minOccurs="0" maxOccurs="unbounded"> + <xs:any namespace="##any" processContents="lax"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="AbstractSimpleIdentificationType"> + <xs:simpleContent> + <xs:extension base="xs:string"/> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="IdentificationType"> + <xs:annotation> + <xs:documentation>unique identifier</xs:documentation> + </xs:annotation> + <xs:sequence> + <xs:element name="Value"> + <xs:annotation> + <xs:documentation>actual value of the identifier.</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Type" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>type of value (eg 'ZMR', 'SV-Nummer', 'Martrikelnummer', database identification, ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Authority" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>authority, which is reponsible for generation of the identifier (eg university in case of 'MatrikelNummer')</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <xs:complexType name="AbstractPersonType"> + <xs:annotation> + <xs:documentation>main structure of person data</xs:documentation> + </xs:annotation> + <xs:choice minOccurs="0"> + <xs:element ref="Identification" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>unique identification entities</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element ref="AbstractSimpleIdentification" minOccurs="0" maxOccurs="unbounded"/> + </xs:choice> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <xs:complexType name="PhysicalPersonType"> + <xs:annotation> + <xs:documentation>physical person, compare NatuerlichePersonTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence minOccurs="0"> + <xs:element ref="Name" minOccurs="0"/> + <xs:element ref="AlternativeName" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="MaritalStatus" minOccurs="0"/> + <xs:element ref="Sex" minOccurs="0"/> + <xs:element ref="DateOfBirth" minOccurs="0"/> + <xs:element ref="PlaceOfBirth" minOccurs="0"/> + <xs:element ref="StateOfBirth" minOccurs="0"/> + <xs:element ref="CountryOfBirth" minOccurs="0"/> + <xs:element ref="DateOfDeath" minOccurs="0"/> + <xs:element ref="Nationality" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="Confession" minOccurs="0"/> + <xs:element ref="Occupation" minOccurs="0"/> + <xs:element ref="relatedPerson" minOccurs="0" maxOccurs="unbounded"/> + <xs:element ref="BankConnection" minOccurs="0" maxOccurs="unbounded"/> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CompactPhysicalPersonType"> + <xs:annotation> + <xs:documentation>physical person, compare NatuerlichePersonTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence minOccurs="0"> + <xs:element ref="CompactName"/> + <xs:element ref="MaritalStatus" minOccurs="0"/> + <xs:element ref="Sex" minOccurs="0"/> + <xs:element ref="DateOfBirth" minOccurs="0"/> + <xs:element ref="PlaceOfBirth" minOccurs="0"/> + <xs:element ref="Nationality" minOccurs="0" maxOccurs="unbounded"/> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CorporateBodyType"> + <xs:annotation> + <xs:documentation>juridical person, organisation, compare NichtNatuerlichePersonTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>URI pointing to a predefined Class of CorporateBodies, compare Typ</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="FullName" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>name of corporate body (whole name), compare VollerName</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AlternativeName" type="xs:token" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>alternative names of corporate body (abbreviations, short name, synonyms, ...), comapre AlternativName</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>type of company (eg AG, OHG, ...), URI pointing to predefined LegalForm, compare Rechtsform</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Organization" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) , compare Organisation</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element ref="BankConnection" minOccurs="0" maxOccurs="unbounded"/> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CompactCorporateBodyType"> + <xs:annotation> + <xs:documentation>juridical person, organisation, compare NichtNatuerlichePersonTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractPersonType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>URI pointing to a predefined Class of CorporateBodies, compare Typ</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="FullName" type="xs:token"> + <xs:annotation> + <xs:documentation>name of corporate body (whole name), compare VollerName</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="LegalForm" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>type of company (eg AG, OHG, ...), URI pointing to predefined LegalForm, compare Rechtsform</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Organization" type="xs:token" minOccurs="0"> + <xs:annotation> + <xs:documentation>part of an organisation, see also X.500 ou (eg departement, section, branch, ...) , compare Organisation</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="PersonNameType"> + <xs:annotation> + <xs:documentation>container for parts of a name, comapre PersonenNameTyp</xs:documentation> + </xs:annotation> + <xs:sequence> + <xs:element name="FormattedName" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Complete Name (including Affixes) of the Person, especially useful for names from different cultural environments</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="type" default="presentation"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="presentation"/> + <xs:enumeration value="legal"/> + <xs:enumeration value="sortOrder"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="LegalName" type="xs:string" minOccurs="0"/> + <xs:element name="GivenName" type="xs:string" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Every given name should be contained inside a GivenName Tag. If that is not possible due to dabase contraints, ... putting several given names inside one GivenName Element is acceptable</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="PreferredGivenName" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>A Person in possesion of more than one GivenName frequently preferrs the use of a Name other than the first GivenName</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="MiddleName" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>MiddleNames are not commonly found in central Europe. The field is mainly for compatibility reasons</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="FamilyName" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Every family name should be contained inside a FamilyName Tag. If that is not possible due to dabase contraints, ... putting several family names inside one FamilyName Element is acceptable</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="primary" default="undefined"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="true"/> + <xs:enumeration value="false"/> + <xs:enumeration value="undefined"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + <xs:attribute name="prefix" type="xs:string"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Affix" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Inlcudes all Information that is not exactly a name: academic or aristocratic titles, ... the new position attribute can contain a suffx or prefix value</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="type" use="optional"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="academicGrade"/> + <xs:enumeration value="aristocraticPrefix"/> + <xs:enumeration value="aristocraticTitle"/> + <xs:enumeration value="familyNamePrefix"/> + <xs:enumeration value="familyNameSuffix"/> + <xs:enumeration value="formOfAddress"/> + <xs:enumeration value="generation"/> + <xs:enumeration value="qualification"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + <xs:attribute name="position" use="optional"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="prefix"/> + <xs:enumeration value="suffix"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + <xs:complexType name="CompactPersonNameType"> + <xs:annotation> + <xs:documentation>container for parts of a name, comapre PersonenNameTyp</xs:documentation> + </xs:annotation> + <xs:sequence> + <xs:element name="GivenName" type="xs:string" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Every given name should be contained inside a GivenName Tag. If that is not possible due to dabase contraints, ... putting several given names inside one GivenName Element is acceptable</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="FamilyName" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Every family name should be contained inside a FamilyName Tag. If that is not possible due to dabase contraints, ... putting several family names inside one FamilyName Element is acceptable</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="primary" default="undefined"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="true"/> + <xs:enumeration value="false"/> + <xs:enumeration value="undefined"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + <xs:attribute name="prefix" type="xs:string"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + <xs:element name="Affix" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>Inlcudes all Information that is not exactly a name: academic or aristocratic titles, ... the new position attribute can contain a suffx or prefix value</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:simpleContent> + <xs:extension base="xs:string"> + <xs:attribute name="type" use="optional"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="academicGrade"/> + <xs:enumeration value="aristocraticPrefix"/> + <xs:enumeration value="aristocraticTitle"/> + <xs:enumeration value="familyNamePrefix"/> + <xs:enumeration value="familyNameSuffix"/> + <xs:enumeration value="formOfAddress"/> + <xs:enumeration value="generation"/> + <xs:enumeration value="qualification"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + <xs:attribute name="position" use="optional"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="prefix"/> + <xs:enumeration value="suffix"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + <xs:complexType name="NationalityType" mixed="true"> + <xs:annotation> + <xs:documentation>comapre, StaatsangehoerigkeitTyp</xs:documentation> + </xs:annotation> + <xs:sequence> + <xs:element name="ISOCode3" minOccurs="0"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:length value="3"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + <xs:element name="CountryNameDE" type="xs:string" minOccurs="0"/> + <xs:element name="CountryNameEN" type="xs:string" minOccurs="0"/> + <xs:element name="CountryNameFR" type="xs:string" minOccurs="0"/> + <xs:any namespace="##other" processContents="lax"/> + </xs:sequence> + </xs:complexType> + <xs:complexType name="BankConnectionType"> + <xs:annotation> + <xs:documentation>compare BankverbindungTyp</xs:documentation> + </xs:annotation> + <xs:sequence> + <xs:element name="Holder" type="xs:string"> + <xs:annotation> + <xs:documentation>Account holder, compare Inhaber</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="BankName" type="xs:string"> + <xs:annotation> + <xs:documentation>compare BankName</xs:documentation> + </xs:annotation> + </xs:element> + <xs:choice> + <xs:element name="NationalBankConnection"> + <xs:annotation> + <xs:documentation>compare NationaleBankverbindung</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence> + <xs:element name="AccountNumber" type="xs:integer"> + <xs:annotation> + <xs:documentation>compare Kontonummer</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="BankCode" type="xs:integer"> + <xs:annotation> + <xs:documentation>compare BLZ</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="InternationalBankConnection"> + <xs:annotation> + <xs:documentation>compare InternationaleBankverbindung</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence> + <xs:element name="IBAN" type="xs:string"> + <xs:annotation> + <xs:documentation>compare IBAN</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="BIC" type="xs:string"> + <xs:annotation> + <xs:documentation>comapre BIC</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:choice> + </xs:sequence> + </xs:complexType> + <xs:complexType name="AbstractAddressType"> + <xs:annotation> + <xs:documentation>main structure of address data</xs:documentation> + </xs:annotation> + <xs:sequence minOccurs="0"> + <xs:element ref="Identification" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>unique identification entities</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + <xs:attribute name="Id" type="xs:ID" use="optional"/> + <xs:anyAttribute namespace="##other"/> + </xs:complexType> + <xs:complexType name="TypedPostalAddressType"> + <xs:annotation> + <xs:documentation>postal address with type information, compare TypisiertePostAdresseTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0"> + <xs:annotation> + <xs:documentation>type of address - category (eg 'Wohnsitz', 'Zentrale', ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element ref="PostalAddress"/> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="PostalAddressType"> + <xs:annotation> + <xs:documentation>compare PostAdresseTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence> + <xs:element name="CountryCode" minOccurs="0"> + <xs:annotation> + <xs:documentation>Code for the country, use ISO or internatinal Postalstandard, compare Staatscode</xs:documentation> + </xs:annotation> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:pattern value="[A-Z]{2}"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + <xs:element name="CountryName" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>Name of the country, use ISO Name, or international Postal Standard, compare Staatsname</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="PostalCode" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>ZIP, compare Postleitzahl</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Region" type="xs:string" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>compare Region</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="State" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>compare Bundesland</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Municipality" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>compare Gemeinde</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="MunicipalityNumber" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>compare Gemeindekennzahl</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Hamlet" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>ZMR use, compare Ortschaft</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="HamletBilingual" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>ZMR use, comapre OrtschaftZweisprachig</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="DeliveryAddress" minOccurs="0"> + <xs:complexType> + <xs:sequence> + <xs:element name="AddressLine" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="StreetName" type="xs:string" minOccurs="0"/> + <xs:element name="BuildingNumber" type="xs:string" minOccurs="0"/> + <xs:element name="Unit" type="xs:string" minOccurs="0"/> + <xs:element name="DoorNumber" type="xs:string" minOccurs="0"/> + <xs:element name="PostOfficeBox" type="xs:string" minOccurs="0"/> + <xs:element name="LivingQuality" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>zmr use only</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="DropOffPoint" type="xs:boolean" minOccurs="0"> + <xs:annotation> + <xs:documentation>zmr use only</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="AreaNumber" type="xs:string" minOccurs="0"/> + <xs:element name="AddressRegisterEntry" minOccurs="0"> + <xs:annotation> + <xs:documentation>Addressregister database keys used to identify Addresses</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence> + <xs:element name="AddressCode" type="string7"/> + <xs:element name="SubCode" type="string3" minOccurs="0"/> + <xs:element name="ObjectNumber" type="string7" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="Recipient" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>If Addressis used outside of PersonData a recipient can be specified</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence> + <xs:element name="PersonName" type="PersonNameType" minOccurs="0"/> + <xs:element name="AdditionalText" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> + <xs:element name="Organization" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>rather OrganizationUnit e.G Sales Departement</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="OrganizationName" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>e.g. Smith Ltd</xs:documentation> + </xs:annotation> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + <xs:attribute name="type" default="undefined"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="postOfficeBoxAddress"/> + <xs:enumeration value="streetAddress"/> + <xs:enumeration value="militaryAddress"/> + <xs:enumeration value="undefined"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="CompactPostalAddressType"> + <xs:annotation> + <xs:documentation>compare PostAdresseTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence> + <xs:element name="CountryCode" minOccurs="0"> + <xs:annotation> + <xs:documentation>Code for the country, use ISO or internatinal Postalstandard, compare Staatscode</xs:documentation> + </xs:annotation> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:pattern value="[A-Z]{2}"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + <xs:element name="CountryName" type="xs:string" minOccurs="0"> + <xs:annotation> + <xs:documentation>Name of the country, use ISO Name, or international Postal Standard, compare Staatsname</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="PostalCode" type="xs:string"> + <xs:annotation> + <xs:documentation>ZIP, compare Postleitzahl</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Municipality" type="xs:string"> + <xs:annotation> + <xs:documentation>compare Gemeinde</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="DeliveryAddress"> + <xs:complexType> + <xs:sequence> + <xs:element name="StreetName" type="xs:string"> + <xs:annotation> + <xs:documentation>if streetname not available use name of Ortschaft</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="BuildingNumber" type="xs:string"/> + <xs:element name="Unit" type="xs:string" minOccurs="0"/> + <xs:element name="DoorNumber" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + <xs:attribute name="type" default="undefined"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="postOfficeBoxAddress"/> + <xs:enumeration value="streetAddress"/> + <xs:enumeration value="militaryAddress"/> + <xs:enumeration value="undefined"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="InternetAddressType"> + <xs:annotation> + <xs:documentation>e.g. e-mail, webiste, compare InternetAdresseTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element ref="dsig:KeyInfo" minOccurs="0"> + <xs:annotation> + <xs:documentation>certificate for secure communication</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Address" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>URI: email-Address, Web, FTP, LDAP, ..., comapre Adress</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="TelephoneAddressType"> + <xs:annotation> + <xs:documentation>phone numbers, conmpare TelephoneAdresseTyp</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="AbstractAddressType"> + <xs:sequence minOccurs="0"> + <xs:element name="Type" type="xs:anyURI" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>type of phononumber - category (eg 'Festnetz', 'Mobile', 'fax', ...)</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element name="Number" type="TelcomNumberType"> + <xs:annotation> + <xs:documentation>phonenumber</xs:documentation> + </xs:annotation> + </xs:element> + <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"> + <xs:annotation> + <xs:documentation>any additional properties</xs:documentation> + </xs:annotation> + </xs:any> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="MobileTelcomNumberType"> + <xs:annotation> + <xs:documentation>like TelephoneAddresseType but with additional smsEnabled attribute</xs:documentation> + </xs:annotation> + <xs:complexContent> + <xs:extension base="TelcomNumberType"> + <xs:attribute name="smsEnabled" type="xs:boolean" use="optional"/> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="TelcomNumberType"> + <xs:annotation> + <xs:documentation>formated number or set of telephone number parts</xs:documentation> + </xs:annotation> + <xs:choice> + <xs:element ref="FormattedNumber"/> + <xs:group ref="TelcomNumberGroup"/> + </xs:choice> + </xs:complexType> + <xs:group name="TelcomNumberGroup"> + <xs:annotation> + <xs:documentation>set of telephone number parts</xs:documentation> + </xs:annotation> + <xs:sequence> + <xs:element ref="InternationalCountryCode" minOccurs="0"/> + <xs:element ref="NationalNumber" minOccurs="0"/> + <xs:element ref="AreaCityCode" minOccurs="0"/> + <xs:element ref="SubscriberNumber"/> + <xs:element ref="Extension" minOccurs="0"/> + </xs:sequence> + </xs:group> + <!-- ### auxiliary types ### --> + <xs:simpleType name="SexType"> + <xs:annotation> + <xs:documentation>simple type for sex (gender) of person</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:token"> + <xs:enumeration value="male"/> + <xs:enumeration value="female"/> + <xs:enumeration value="unknown"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="DateOfBirthType"> + <xs:annotation> + <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/> + </xs:simpleType> + <xs:simpleType name="DateOfDeathType"> + <xs:annotation> + <xs:documentation>simple type for dates (union), which may omit day and/or month</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xs:date xs:gYearMonth xs:gYear"/> + </xs:simpleType> + <xs:simpleType name="MaritalStatusType"> + <xs:annotation> + <xs:documentation>simple type for marital status of a person</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:token"> + <xs:enumeration value="single"/> + <xs:enumeration value="married"/> + <xs:enumeration value="divorced"/> + <xs:enumeration value="widowed"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="xStringPatternExtensionType"> + <xs:annotation> + <xs:documentation>pattern type for enlargement of type definitions. Contents as follows +x:sometext or 12345 or _ or other symbols +</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:pattern value="x:\S.*"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="DefinedRelationType"> + <xs:annotation> + <xs:documentation>known relations (family + functional)</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:enumeration value="family:Parent"/> + <xs:enumeration value="family:Child"/> + <xs:enumeration value="family:Sibling"/> + <xs:enumeration value="family:Grandparent"/> + <xs:enumeration value="family:Grandchild"/> + <xs:enumeration value="family:Spouse"/> + <xs:enumeration value="function:LegalGuardian"/> + <xs:enumeration value="function:IsGuardedBy"/> + <xs:enumeration value="function:Cohabitant"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="RelationType"> + <xs:annotation> + <xs:documentation>known + any other relation</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xStringPatternExtensionType DefinedRelationType"/> + </xs:simpleType> + <xs:simpleType name="DefinedAlternativeNameTypeType"> + <xs:annotation> + <xs:documentation>known types of alternative names</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:enumeration value="ArtistName"/> + <xs:enumeration value="NickName"/> + <xs:enumeration value="FormerName"/> + <xs:enumeration value="Alias"/> + <xs:enumeration value="MaidenName"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="AlternativeNameTypeType"> + <xs:annotation> + <xs:documentation>known + any other alternative name types</xs:documentation> + </xs:annotation> + <xs:union memberTypes="xStringPatternExtensionType DefinedAlternativeNameTypeType"/> + </xs:simpleType> + <!-- ### additional data types for ZMR address #### --> + <xs:simpleType name="FederalStateType"> + <xs:annotation> + <xs:documentation>zmr use only</xs:documentation> + </xs:annotation> + <xs:restriction base="xs:string"> + <xs:enumeration value="Wien"/> + <xs:enumeration value="Niederösterreich"/> + <xs:enumeration value="Burgenland"/> + <xs:enumeration value="Oberösterreich"/> + <xs:enumeration value="Steiermark"/> + <xs:enumeration value="Salzburg"/> + <xs:enumeration value="Kärnten"/> + <xs:enumeration value="Tirol"/> + <xs:enumeration value="Vorarlberg"/> + </xs:restriction> + </xs:simpleType> + <!-- ### strings of defined maximum lenght for use with ZMR address ###--> + <xs:simpleType name="string3"> + <xs:restriction base="xs:string"> + <xs:maxLength value="3"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="string4"> + <xs:restriction base="xs:string"> + <xs:maxLength value="4"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="string7"> + <xs:restriction base="xs:string"> + <xs:maxLength value="7"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="string20"> + <xs:restriction base="xs:string"> + <xs:maxLength value="20"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="string30"> + <xs:restriction base="xs:string"> + <xs:maxLength value="30"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="string50"> + <xs:restriction base="xs:string"> + <xs:maxLength value="50"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="string100"> + <xs:restriction base="xs:string"> + <xs:maxLength value="100"/> + </xs:restriction> + </xs:simpleType> + <xs:simpleType name="integer5"> + <xs:restriction base="xs:integer"> + <xs:minInclusive value="10000"/> + <xs:maxInclusive value="99999"/> + </xs:restriction> + </xs:simpleType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonName-1_2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonName-1_2.xsd new file mode 100644 index 000000000..7a52b8582 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/PersonName-1_2.xsd @@ -0,0 +1,115 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- CHANGES from original HR-XML schema for use with PersonData.xsd: + * elementFormDefault set to "qualified" --> +<!-- +"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org" +Name: PersonName-1_2.xsd, Second Edition +Status: Recommendation +Date this version: 2001-12-17 +Date last version: 2001-09-05 +Purpose: Defines the schema for PersonName +Author(s): Paul Kiel, Kim Bartkus, CPO Workgroup + +Note: This Second Edition corrects an inconsistency between the schema in this xsd file and the schema in the pdf documentation. The documentation is correct. This schema was changed in syntax only, not functionality. When adding attributes to elements, "xsd:restriction" was used. This Second Edition correctly changes it to "xsd:extension". + +This HR-XML Consortium Work (including specifications, documents, +software, and related items) is provided by the copyright holders +under the following license. By obtaining, using and/or copying +this work, you (the licensee) agree that you have read, understood, +and will comply with the following terms and conditions. + +Permission to use, copy, modify, or redistribute this Work and +its documentation, with or without modification, for any purpose +and without fee or royalty is hereby granted, provided that you +include the following on ALL copies of the software and +documentation or portions thereof, including modifications, +that you make: + +1. This notice: "Copyright The HR-XML Consortium. All Rights + Reserved. http://www.hr-xml.org" +2. Notice of any changes or modifications to the The HR-XML + Consortium files. + +THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER +RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO +REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT +NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY +PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION +WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS +OR OTHER RIGHTS. + +COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, +SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE +SOFTWARE OR DOCUMENTATION. + +TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION +WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS. +--> +<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xsd:complexType name="PersonNameType"> + <xsd:sequence> + <xsd:element name="FormattedName" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="type" default="presentation"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="presentation"/> + <xsd:enumeration value="legal"/> + <xsd:enumeration value="sortOrder"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="LegalName" type="xsd:string" minOccurs="0"/> + <xsd:element name="GivenName" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="PreferredGivenName" type="xsd:string" minOccurs="0"/> + <xsd:element name="MiddleName" type="xsd:string" minOccurs="0"/> + <xsd:element name="FamilyName" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="primary" default="undefined"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="true"/> + <xsd:enumeration value="false"/> + <xsd:enumeration value="undefined"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="prefix" type="xsd:string"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="Affix" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:simpleContent> + <xsd:extension base="xsd:string"> + <xsd:attribute name="type" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="academicGrade"/> + <xsd:enumeration value="aristocraticPrefix"/> + <xsd:enumeration value="aristocraticTitle"/> + <xsd:enumeration value="familyNamePrefix"/> + <xsd:enumeration value="familyNameSuffix"/> + <xsd:enumeration value="formOfAddress"/> + <xsd:enumeration value="generation"/> + <xsd:enumeration value="qualification"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="PersonName" type="PersonNameType"/> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/PostalAddress-1_2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/PostalAddress-1_2.xsd new file mode 100644 index 000000000..2203ede4a --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/PostalAddress-1_2.xsd @@ -0,0 +1,95 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- CHANGES from original HR-XML schema for use with PersonData.xsd: + * elementFormDefault set to "qualified" + * CountryCode set to minOccurs="0" --> +<!-- +"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org" +Name: PostalAddress-1_2.xsd +Status: Recommendation +Date this version: 2001-08-20 +Date last version: 2001-07-20 +Purpose: Defines the schema for Postal Address +Author(s): Paul Kiel, Kim Bartkus, CPO Workgroup + +This HR-XML Consortium Work (including specifications, documents, +software, and related items) is provided by the copyright holders +under the following license. By obtaining, using and/or copying +this work, you (the licensee) agree that you have read, understood, +and will comply with the following terms and conditions. + +Permission to use, copy, modify, or redistribute this Work and +its documentation, with or without modification, for any purpose +and without fee or royalty is hereby granted, provided that you +include the following on ALL copies of the software and +documentation or portions thereof, including modifications, +that you make: + +1. This notice: "Copyright The HR-XML Consortium. All Rights + Reserved. http://www.hr-xml.org" +2. Notice of any changes or modifications to the The HR-XML + Consortium files. + +THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER +RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO +REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT +NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY +PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION +WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS +OR OTHER RIGHTS. + +COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, +SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE +SOFTWARE OR DOCUMENTATION. + +TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION +WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS. +--> +<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xsd:include schemaLocation="PersonName-1_2.xsd"/> + <xsd:complexType name="PostalAddressType"> + <xsd:sequence> + <xsd:element name="CountryCode" minOccurs="0"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:pattern value="[A-Z]{2}"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:element> + <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/> + <xsd:element name="Region" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="Municipality" type="xsd:string" minOccurs="0"/> + <xsd:element name="DeliveryAddress" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="AddressLine" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="StreetName" type="xsd:string" minOccurs="0"/> + <xsd:element name="BuildingNumber" type="xsd:string" minOccurs="0"/> + <xsd:element name="Unit" type="xsd:string" minOccurs="0"/> + <xsd:element name="PostOfficeBox" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Recipient" minOccurs="0" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="PersonName" type="PersonNameType" minOccurs="0"/> + <xsd:element name="AdditionalText" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="Organization" type="xsd:string" minOccurs="0"/> + <xsd:element name="OrganizationName" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="type" default="undefined"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="postOfficeBoxAddress"/> + <xsd:enumeration value="streetAddress"/> + <xsd:enumeration value="militaryAddress"/> + <xsd:enumeration value="undefined"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:element name="PostalAddress" type="PostalAddressType"/> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd new file mode 100644 index 000000000..8bc02d403 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/TelcomNumber-1_0.xsd @@ -0,0 +1,89 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- CHANGES from original HR-XML schema for use with PersonData.xsd: + * elementFormDefault set to "qualified" --> +<!-- +"Copyright The HR-XML Consortium. All Rights Reserved. http://www.hr-xml.org" +Name: TelcomNumber-1_0.xsd +Status:Recommendation +Date this version: 2002-01-31 +Date last version: 2001-12-20 +Purpose: Schema for Telecommunications data. +Author(s): Don Simonson, Robert Half Int'l., CPO Workgroup + +This HR-XML Consortium Work (including specifications, documents, +software, and related items) is provided by the copyright holders +under the following license. By obtaining, using and/or copying +this work, you (the licensee) agree that you have read, understood, +and will comply with the following terms and conditions. + +Permission to use, copy, modify, or redistribute this Work and +its documentation, with or without modification, for any purpose +and without fee or royalty is hereby granted, provided that you +include the following on ALL copies of the software and +documentation or portions thereof, including modifications, +that you make: + +1. This notice: "Copyright The HR-XML Consortium. All Rights + Reserved. http://www.hr-xml.org" +2. Notice of any changes or modifications to the The HR-XML + Consortium files. + +THIS WORK, INCLUDING SPECIFICATIONS, DOCUMENTS, SOFTWARE, OR OTHER +RELATED ITEMS, IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO +REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT +NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY +PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION +WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS +OR OTHER RIGHTS. + +COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, +SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE +SOFTWARE OR DOCUMENTATION. + +TITLE TO COPYRIGHT IN THIS WORK AND ANY ASSOCIATED DOCUMENTATION +WILL AT ALL TIMES REMAIN WITH COPYRIGHT HOLDERS. +--> +<xsd:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xsd:group name="TelcomNumberGroup"> + <xsd:sequence> + <xsd:element ref="InternationalCountryCode" minOccurs="0"/> + <xsd:element ref="NationalNumber" minOccurs="0"/> + <xsd:element ref="AreaCityCode" minOccurs="0"/> + <xsd:element ref="SubscriberNumber"/> + <xsd:element ref="Extension" minOccurs="0"/> + </xsd:sequence> + </xsd:group> + <xsd:element name="FormattedNumber" type="xsd:string"/> + <xsd:element name="InternationalCountryCode" type="xsd:string"/> + <xsd:element name="NationalNumber" type="xsd:string"/> + <xsd:element name="AreaCityCode" type="xsd:string"/> + <xsd:element name="SubscriberNumber" type="xsd:string"/> + <xsd:complexType name="TelcomNumberType"> + <xsd:choice> + <xsd:element ref="FormattedNumber"/> + <xsd:group ref="TelcomNumberGroup"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="Extension" type="xsd:string"/> + <xsd:element name="Telephone" type="TelcomNumberType"/> + <xsd:element name="Mobile" type="MobileTelcomNumberType"/> + <xsd:element name="Fax" type="TelcomNumberType"/> + <xsd:element name="Pager" type="TelcomNumberType"/> + <xsd:element name="TTYTDD" type="TelcomNumberType"/> + <xsd:complexType name="MobileTelcomNumberType"> + <xsd:complexContent> + <xsd:extension base="TelcomNumberType"> + <xsd:attribute name="smsEnabled" type="xsd:boolean" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="TelcomNumberListType"> + <xsd:sequence> + <xsd:element ref="Telephone" minOccurs="0"/> + <xsd:element ref="Mobile" minOccurs="0"/> + <xsd:element ref="Fax" minOccurs="0"/> + <xsd:element ref="Pager" minOccurs="0"/> + <xsd:element ref="TTYTDD" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.1.1.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.1.1.xsd new file mode 100644 index 000000000..c57f09de8 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.1.1.xsd @@ -0,0 +1,545 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.1.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.1.1#" +xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified"> + + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + +<!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType, +EncapsulatedPKIDataType and TimestampType--> + +<!-- Start AnyType --> + + <xsd:element name="Any" type="AnyType"/> + <xsd:complexType name="AnyType" mixed="true"> + <xsd:sequence> + <xsd:any namespace="##any"/> + </xsd:sequence> + <xsd:anyAttribute namespace="##any"/> + </xsd:complexType> + +<!-- End AnyType --> + +<!-- Start ObjectIdentifierType--> + + <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/> + <xsd:complexType name="ObjectIdentifierType"> + <xsd:sequence> + <xsd:element name="Identifier" type="IdentifierType"/> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="IdentifierType"> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:simpleType name="QualifierType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="OIDAsURI"/> + <xsd:enumeration value="OIDAsURN"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="DocumentationReferencesType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="DocumentationReference" type="xsd:anyURI"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End ObjectIdentifierType--> + +<!-- Start EncapsulatedPKIDataType--> + + <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/> + <xsd:complexType name="EncapsulatedPKIDataType"> + <xsd:simpleContent> + <xsd:extension base="xsd:base64Binary"> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + +<!-- End EncapsulatedPKIDataType --> + +<!-- Start TimeStampType --> + + <xsd:element name="TimeStamp" type="TimeStampType"/> + <xsd:complexType name="TimeStampType"> + <xsd:sequence> + <xsd:element name="HashDataInfo" type="HashDataInfoType" maxOccurs="unbounded"/> + <xsd:choice> + <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/> + <xsd:element name="XMLTimeStamp" type="AnyType"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="HashDataInfoType"> + <xsd:sequence> + <xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="uri" type="xsd:anyURI" use="required"/> + </xsd:complexType> + +<!-- End TimeStampType --> + +<!-- End auxiliary types definitions--> + +<!-- Start container types --> + +<!-- Start QualifyingProperties --> + + <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/> + + <xsd:complexType name="QualifyingPropertiesType"> + <xsd:sequence> + <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/> + <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Target" type="xsd:anyURI" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + +<!-- End QualifyingProperties --> + +<!-- Start SignedProperties--> + + <xsd:element name="SignedProperties" type="SignedPropertiesType"/> + + <xsd:complexType name="SignedPropertiesType"> + <xsd:sequence> + <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/> + <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + +<!-- End SignedProperties--> + +<!-- Start UnsignedProperties--> + +<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" /> + + <xsd:complexType name="UnsignedPropertiesType"> + <xsd:sequence> + <xsd:element name="UnsignedSignatureProperties" + type="UnsignedSignaturePropertiesType" minOccurs="0"/> + <xsd:element name="UnsignedDataObjectProperties" + type="UnsignedDataObjectPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + +<!-- End UnsignedProperties--> + +<!-- Start SignedSignatureProperties--> + +<xsd:element name="SignedSignatureProperties" + type="SignedSignaturePropertiesType" /> + +<xsd:complexType name="SignedSignaturePropertiesType"> + <xsd:sequence> + <xsd:element name="SigningTime" type="xsd:dateTime"/> + <xsd:element name="SigningCertificate" type="CertIDListType"/> + <xsd:element name="SignaturePolicyIdentifier" + type="SignaturePolicyIdentifierType"/> + <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" + minOccurs="0"/> + <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End SignedSignatureProperties--> + + +<!-- Start SignedDataObjectProperties--> + +<xsd:element name="SignedDataObjectProperties" + type="SignedDataObjectPropertiesType"/> + +<xsd:complexType name="SignedDataObjectPropertiesType"> + <xsd:sequence> + <xsd:element name="DataObjectFormat" type="DataObjectFormatType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CommitmentTypeIndication" + type="CommitmentTypeIndicationType" minOccurs="0" + maxOccurs="unbounded"/> + <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End SignedDataObjectProperties--> + + +<!-- Start UnsignedSignatureProperties--> + +<xsd:element name="UnsignedSignatureProperties" + type="UnsignedSignaturePropertiesType"/> + +<xsd:complexType name="UnsignedSignaturePropertiesType"> + <xsd:sequence> + <xsd:element name="CounterSignature" type="CounterSignatureType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="SignatureTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CompleteCertificateRefs" + type="CompleteCertificateRefsType" minOccurs="0"/> + <xsd:element name="CompleteRevocationRefs" + type="CompleteRevocationRefsType" minOccurs="0"/> + <xsd:choice> + <xsd:element name="SigAndRefsTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="RefsOnlyTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + </xsd:choice> + <xsd:element name="CertificateValues" type="CertificateValuesType" + minOccurs="0"/> + <xsd:element name="RevocationValues" type="RevocationValuesType" + minOccurs="0"/> + <xsd:element name="ArchiveTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + + +<!-- End UnsignedSignatureProperties--> + + +<!-- Start UnsignedDataObjectProperties--> + +<xsd:element name="UnsignedDataObjectProperties" + type="UnsignedDataObjectPropertiesType" /> + +<xsd:complexType name="UnsignedDataObjectPropertiesType"> + <xsd:sequence> + <xsd:element name="UnsignedDataObjectProperty" type="AnyType" + minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End UnsignedDataObjectProperties--> + +<!-- Start QualifyingPropertiesReference--> + +<xsd:element name="QualifyingPropertiesReference" + type="QualifyingPropertiesReferenceType"/> + +<xsd:complexType name="QualifyingPropertiesReferenceType"> + <xsd:sequence> + <xsd:element name="Transforms" type="ds:TransformsType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<!-- End QualifyingPropertiesReference--> + +<!-- End container types --> + + +<!-- Start SigningTime element --> + <xsd:element name="SigningTime" type="xsd:dateTime"/> + +<!-- End SigningTime element --> + +<!-- Start SigningCertificate --> + <xsd:element name="SigningCertificate" type="CertIDListType"/> + <xsd:complexType name="CertIDListType"> + <xsd:sequence> + <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CertIDType"> + <xsd:sequence> + <xsd:element name="CertDigest" type="DigestAlgAndValueType"/> + <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="DigestAlgAndValueType"> + <xsd:sequence> + <xsd:element name="DigestMethod" type="ds:DigestMethodType"/> + <xsd:element name="DigestValue" type="ds:DigestValueType"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End SigningCertificate --> + +<!-- Start SignaturePolicyIdentifier --> + + <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/> + <xsd:complexType name="SignaturePolicyIdentifierType"> + <xsd:choice> + <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/> + <xsd:element name="SignaturePolicyImplied"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="SignaturePolicyIdType"> + <xsd:sequence> + <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/> + <xsd:element ref="ds:Transforms" minOccurs="0"/> + <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/> + <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SigPolicyQualifiersListType"> + <xsd:sequence> + <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="SPURI" type="xsd:anyURI"/> + <xsd:element name="SPUserNotice" type="SPUserNoticeType"/> + <xsd:complexType name="SPUserNoticeType"> + <xsd:sequence> + <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/> + <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="NoticeReferenceType"> + <xsd:sequence> + <xsd:element name="Organization" type="xsd:string"/> + <xsd:element name="NoticeNumbers" type="IntegerListType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="IntegerListType"> + <xsd:sequence> + <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End SignaturePolicyIdentifier --> + + +<!-- Start CounterSignature --> + <xsd:element name="CounterSignature" type="CounterSignatureType"/> + <xsd:complexType name="CounterSignatureType"> + <xsd:sequence> + <xsd:element ref="ds:Signature"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End CounterSignature --> + +<!-- Start DataObjectFormat --> + + <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/> + <xsd:complexType name="DataObjectFormatType"> + <xsd:sequence> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/> + <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/> + <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/> + </xsd:complexType> + +<!-- End DataObjectFormat --> + +<!-- Start CommitmentTypeIndication --> + + <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/> + <xsd:complexType name="CommitmentTypeIndicationType"> + <xsd:sequence> + <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/> + <xsd:choice> + <xsd:element name="ObjectReference" type="xsd:anyURI" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="AllSignedDataObjects"/> + </xsd:choice> + <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CommitmentTypeQualifiersListType"> + <xsd:sequence> + <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End CommitmentTypeIndication --> + +<!-- Start SignatureProductionPlace --> + + <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/> + <xsd:complexType name="SignatureProductionPlaceType"> + <xsd:sequence> + <xsd:element name="City" type="xsd:string" minOccurs="0"/> + <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/> + <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/> + <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End SignatureProductionPlace --> + +<!-- Start SignerRole --> + +<xsd:element name="SignerRole" type="SignerRoleType"/> +<xsd:complexType name="SignerRoleType"> + <xsd:sequence> + <xsd:element name="ClaimedRoles" type="ClaimedRolesListType" + minOccurs="0"/> + <xsd:element name="CertifiedRoles" type="CertifiedRolesListType" + minOccurs="0"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="ClaimedRolesListType"> + <xsd:sequence> + <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="CertifiedRolesListType"> + <xsd:sequence> + <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType" + maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End SignerRole --> + + + <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"/> + + <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"/> + + <xsd:element name="SignatureTimeStamp" type="TimeStampType"/> + +<!-- Start CompleteCertificateRefs --> + +<xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/> + +<xsd:complexType name="CompleteCertificateRefsType"> + <xsd:sequence> + <xsd:element name="CertRefs" type="CertIDListType" /> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<!-- End CompleteCertificateRefs --> + + +<!-- Start CompleteRevocationRefs--> + +<xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/> + +<xsd:complexType name="CompleteRevocationRefsType"> + <xsd:sequence> + <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/> + <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/> + <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<xsd:complexType name="CRLRefsType"> + <xsd:sequence> + <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="CRLRefType"> + <xsd:sequence> + <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/> + <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="CRLIdentifierType"> + <xsd:sequence> + <xsd:element name="Issuer" type="xsd:string"/> + <xsd:element name="IssueTime" type="xsd:dateTime" /> + <xsd:element name="Number" type="xsd:integer" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> +</xsd:complexType> + +<xsd:complexType name="OCSPRefsType"> + <xsd:sequence> + <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="OCSPRefType"> + <xsd:sequence> + <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/> + <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType" + minOccurs="0"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="OCSPIdentifierType"> + <xsd:sequence> + <xsd:element name="ResponderID" type="xsd:string"/> + <xsd:element name="ProducedAt" type="xsd:dateTime"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> +</xsd:complexType> + +<xsd:complexType name="OtherCertStatusRefsType"> + <xsd:sequence> + <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End CompleteRevocationRefs--> + + +<xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"/> + +<xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"/> + +<!-- Start CertificateValues --> + +<xsd:element name="CertificateValues" type="CertificateValuesType"/> + +<xsd:complexType name="CertificateValuesType"> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/> + <xsd:element name="OtherCertificate" type="AnyType"/> + </xsd:choice> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<!-- End CertificateValues --> + +<!-- Start RevocationValues--> + +<xsd:element name="RevocationValues" type="RevocationValuesType"/> + +<xsd:complexType name="RevocationValuesType"> + <xsd:sequence> + <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/> + <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/> + <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<xsd:complexType name="CRLValuesType"> + <xsd:sequence> + <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType" + maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="OCSPValuesType"> + <xsd:sequence> + <xsd:element name="EncapsulatedOCSPValue" + type="EncapsulatedPKIDataType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> +<xsd:complexType name="OtherCertStatusValuesType"> + <xsd:sequence> + <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End RevocationValues--> + +<xsd:element name="ArchiveTimeStamp" type="TimeStampType"/> + + +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.2.2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.2.2.xsd new file mode 100644 index 000000000..04ddb2d33 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.2.2.xsd @@ -0,0 +1,551 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.2.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.2.2#" +xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified"> + + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + +<!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType, +EncapsulatedPKIDataType and TimestampType--> + +<!-- Start AnyType --> + + <xsd:element name="Any" type="AnyType"/> + <xsd:complexType name="AnyType" mixed="true"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + <xsd:anyAttribute namespace="##any"/> + </xsd:complexType> + +<!-- End AnyType --> + +<!-- Start ObjectIdentifierType--> + + <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/> + <xsd:complexType name="ObjectIdentifierType"> + <xsd:sequence> + <xsd:element name="Identifier" type="IdentifierType"/> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="IdentifierType"> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:simpleType name="QualifierType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="OIDAsURI"/> + <xsd:enumeration value="OIDAsURN"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="DocumentationReferencesType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="DocumentationReference" type="xsd:anyURI"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End ObjectIdentifierType--> + +<!-- Start EncapsulatedPKIDataType--> + + <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/> + <xsd:complexType name="EncapsulatedPKIDataType"> + <xsd:simpleContent> + <xsd:extension base="xsd:base64Binary"> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + +<!-- End EncapsulatedPKIDataType --> + +<!-- Start TimeStampType --> + + <xsd:element name="TimeStamp" type="TimeStampType"/> + <xsd:complexType name="TimeStampType"> + <xsd:sequence> + <xsd:element name="Include" type="IncludeType" maxOccurs="unbounded"/> + <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/> + <xsd:choice> + <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/> + <xsd:element name="XMLTimeStamp" type="AnyType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + + <xsd:complexType name="IncludeType"> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + <xsd:attribute name="referencedData" type="xsd:boolean" use="optional"/> + </xsd:complexType> + +<!-- End TimeStampType --> + +<!-- End auxiliary types definitions--> + +<!-- Start container types --> + +<!-- Start QualifyingProperties --> + + <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/> + + <xsd:complexType name="QualifyingPropertiesType"> + <xsd:sequence> + <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/> + <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Target" type="xsd:anyURI" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + +<!-- End QualifyingProperties --> + +<!-- Start SignedProperties--> + + <xsd:element name="SignedProperties" type="SignedPropertiesType"/> + + <xsd:complexType name="SignedPropertiesType"> + <xsd:sequence> + <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/> + <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + +<!-- End SignedProperties--> + +<!-- Start UnsignedProperties--> + +<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" /> + + <xsd:complexType name="UnsignedPropertiesType"> + <xsd:sequence> + <xsd:element name="UnsignedSignatureProperties" + type="UnsignedSignaturePropertiesType" minOccurs="0"/> + <xsd:element name="UnsignedDataObjectProperties" + type="UnsignedDataObjectPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + +<!-- End UnsignedProperties--> + +<!-- Start SignedSignatureProperties--> + +<xsd:element name="SignedSignatureProperties" + type="SignedSignaturePropertiesType" /> + +<xsd:complexType name="SignedSignaturePropertiesType"> + <xsd:sequence> + <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="SigningCertificate" type="CertIDListType" minOccurs="0"/> + <xsd:element name="SignaturePolicyIdentifier" +type="SignaturePolicyIdentifierType" minOccurs="0"/> + <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" + minOccurs="0"/> + <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End SignedSignatureProperties--> + + +<!-- Start SignedDataObjectProperties--> + +<xsd:element name="SignedDataObjectProperties" + type="SignedDataObjectPropertiesType"/> + +<xsd:complexType name="SignedDataObjectPropertiesType"> + <xsd:sequence> + <xsd:element name="DataObjectFormat" type="DataObjectFormatType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CommitmentTypeIndication" + type="CommitmentTypeIndicationType" minOccurs="0" + maxOccurs="unbounded"/> + <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End SignedDataObjectProperties--> + + +<!-- Start UnsignedSignatureProperties--> + +<xsd:element name="UnsignedSignatureProperties" + type="UnsignedSignaturePropertiesType"/> + +<xsd:complexType name="UnsignedSignaturePropertiesType"> + <xsd:sequence> + <xsd:element name="CounterSignature" type="CounterSignatureType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="SignatureTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CompleteCertificateRefs" + type="CompleteCertificateRefsType" minOccurs="0"/> + <xsd:element name="CompleteRevocationRefs" + type="CompleteRevocationRefsType" minOccurs="0"/> + <xsd:element name="AttributeCertificateRefs" + type="CompleteCertificateRefsType" minOccurs="0"/> + <xsd:element name="AttributeRevocationRefs" + type="CompleteRevocationRefsType" minOccurs="0"/> + <xsd:choice> + <xsd:element name="SigAndRefsTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="RefsOnlyTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + </xsd:choice> + <xsd:element name="CertificateValues" + type="CertificateValuesType" minOccurs="0"/> + <xsd:element name="RevocationValues" type="RevocationValuesType" + minOccurs="0"/> + <xsd:element name="ArchiveTimeStamp" type="TimeStampType" + minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + + +<!-- End UnsignedSignatureProperties--> + + +<!-- Start UnsignedDataObjectProperties--> + +<xsd:element name="UnsignedDataObjectProperties" + type="UnsignedDataObjectPropertiesType" /> + +<xsd:complexType name="UnsignedDataObjectPropertiesType"> + <xsd:sequence> + <xsd:element name="UnsignedDataObjectProperty" type="AnyType" + minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End UnsignedDataObjectProperties--> + +<!-- Start QualifyingPropertiesReference--> + +<xsd:element name="QualifyingPropertiesReference" + type="QualifyingPropertiesReferenceType"/> + +<xsd:complexType name="QualifyingPropertiesReferenceType"> + <xsd:sequence> + <xsd:element ref="ds:Transforms" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<!-- End QualifyingPropertiesReference--> + +<!-- End container types --> + + +<!-- Start SigningTime element --> + <xsd:element name="SigningTime" type="xsd:dateTime"/> + +<!-- End SigningTime element --> + +<!-- Start SigningCertificate --> + <xsd:element name="SigningCertificate" type="CertIDListType"/> + <xsd:complexType name="CertIDListType"> + <xsd:sequence> + <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CertIDType"> + <xsd:sequence> + <xsd:element name="CertDigest" type="DigestAlgAndValueType"/> + <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + <xsd:complexType name="DigestAlgAndValueType"> + <xsd:sequence> + <xsd:element ref="ds:DigestMethod"/> + <xsd:element ref="ds:DigestValue"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End SigningCertificate --> + +<!-- Start SignaturePolicyIdentifier --> + + <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/> + <xsd:complexType name="SignaturePolicyIdentifierType"> + <xsd:choice> + <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/> + <xsd:element name="SignaturePolicyImplied"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="SignaturePolicyIdType"> + <xsd:sequence> + <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/> + <xsd:element ref="ds:Transforms" minOccurs="0"/> + <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/> + <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SigPolicyQualifiersListType"> + <xsd:sequence> + <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="SPURI" type="xsd:anyURI"/> + <xsd:element name="SPUserNotice" type="SPUserNoticeType"/> + <xsd:complexType name="SPUserNoticeType"> + <xsd:sequence> + <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/> + <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="NoticeReferenceType"> + <xsd:sequence> + <xsd:element name="Organization" type="xsd:string"/> + <xsd:element name="NoticeNumbers" type="IntegerListType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="IntegerListType"> + <xsd:sequence> + <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End SignaturePolicyIdentifier --> + + +<!-- Start CounterSignature --> + <xsd:element name="CounterSignature" type="CounterSignatureType"/> + <xsd:complexType name="CounterSignatureType"> + <xsd:sequence> + <xsd:element ref="ds:Signature"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End CounterSignature --> + +<!-- Start DataObjectFormat --> + + <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/> + <xsd:complexType name="DataObjectFormatType"> + <xsd:sequence> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/> + <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/> + <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/> + </xsd:complexType> + +<!-- End DataObjectFormat --> + +<!-- Start CommitmentTypeIndication --> + + <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/> + <xsd:complexType name="CommitmentTypeIndicationType"> + <xsd:sequence> + <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/> + <xsd:choice> + <xsd:element name="ObjectReference" type="xsd:anyURI" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="AllSignedDataObjects"/> + </xsd:choice> + <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CommitmentTypeQualifiersListType"> + <xsd:sequence> + <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End CommitmentTypeIndication --> + +<!-- Start SignatureProductionPlace --> + + <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/> + <xsd:complexType name="SignatureProductionPlaceType"> + <xsd:sequence> + <xsd:element name="City" type="xsd:string" minOccurs="0"/> + <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/> + <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/> + <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + +<!-- End SignatureProductionPlace --> + +<!-- Start SignerRole --> + +<xsd:element name="SignerRole" type="SignerRoleType"/> +<xsd:complexType name="SignerRoleType"> + <xsd:sequence> + <xsd:element name="ClaimedRoles" type="ClaimedRolesListType" + minOccurs="0"/> + <xsd:element name="CertifiedRoles" type="CertifiedRolesListType" + minOccurs="0"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="ClaimedRolesListType"> + <xsd:sequence> + <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="CertifiedRolesListType"> + <xsd:sequence> + <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType" + maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End SignerRole --> + + + <xsd:element name="AllDataObjectsTimeStamp" type="TimeStampType"/> + + <xsd:element name="IndividualDataObjectsTimeStamp" type="TimeStampType"/> + + <xsd:element name="SignatureTimeStamp" type="TimeStampType"/> + +<!-- Start CompleteCertificateRefs --> + +<xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/> + +<xsd:complexType name="CompleteCertificateRefsType"> + <xsd:sequence> + <xsd:element name="CertRefs" type="CertIDListType" /> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<!-- End CompleteCertificateRefs --> + + +<!-- Start CompleteRevocationRefs--> + +<xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/> + +<xsd:complexType name="CompleteRevocationRefsType"> + <xsd:sequence> + <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/> + <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/> + <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<xsd:complexType name="CRLRefsType"> + <xsd:sequence> + <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="CRLRefType"> + <xsd:sequence> + <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/> + <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="CRLIdentifierType"> + <xsd:sequence> + <xsd:element name="Issuer" type="xsd:string"/> + <xsd:element name="IssueTime" type="xsd:dateTime" /> + <xsd:element name="Number" type="xsd:integer" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> +</xsd:complexType> + +<xsd:complexType name="OCSPRefsType"> + <xsd:sequence> + <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="OCSPRefType"> + <xsd:sequence> + <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/> + <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType" + minOccurs="0"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="OCSPIdentifierType"> + <xsd:sequence> + <xsd:element name="ResponderID" type="xsd:string"/> + <xsd:element name="ProducedAt" type="xsd:dateTime"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> +</xsd:complexType> + +<xsd:complexType name="OtherCertStatusRefsType"> + <xsd:sequence> + <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End CompleteRevocationRefs--> + + +<xsd:element name="SigAndRefsTimeStamp" type="TimeStampType"/> + +<xsd:element name="RefsOnlyTimeStamp" type="TimeStampType"/> + +<!-- Start CertificateValues --> + +<xsd:element name="CertificateValues" type="CertificateValuesType"/> + +<xsd:complexType name="CertificateValuesType"> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/> + <xsd:element name="OtherCertificate" type="AnyType"/> + </xsd:choice> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<!-- End CertificateValues --> + +<!-- Start RevocationValues--> + +<xsd:element name="RevocationValues" type="RevocationValuesType"/> + +<xsd:complexType name="RevocationValuesType"> + <xsd:sequence> + <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/> + <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/> + <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> +</xsd:complexType> + +<xsd:complexType name="CRLValuesType"> + <xsd:sequence> + <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType" + maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<xsd:complexType name="OCSPValuesType"> + <xsd:sequence> + <xsd:element name="EncapsulatedOCSPValue" + type="EncapsulatedPKIDataType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> +<xsd:complexType name="OtherCertStatusValuesType"> + <xsd:sequence> + <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> +</xsd:complexType> + +<!-- End RevocationValues--> + +<xsd:element name="ArchiveTimeStamp" type="TimeStampType"/> + + +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd new file mode 100644 index 000000000..b05691515 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd @@ -0,0 +1,466 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.3.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.3.2#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType, +EncapsulatedPKIDataType and containers for time-stamp tokens --> + <!-- Start AnyType --> + <xsd:element name="Any" type="AnyType"/> + <xsd:complexType name="AnyType" mixed="true"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + <xsd:anyAttribute namespace="##any"/> + </xsd:complexType> + <!-- End AnyType --> + <!-- Start ObjectIdentifierType--> + <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType"/> + <xsd:complexType name="ObjectIdentifierType"> + <xsd:sequence> + <xsd:element name="Identifier" type="IdentifierType"/> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:element name="DocumentationReferences" type="DocumentationReferencesType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="IdentifierType"> + <xsd:simpleContent> + <xsd:extension base="xsd:anyURI"> + <xsd:attribute name="Qualifier" type="QualifierType" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:simpleType name="QualifierType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="OIDAsURI"/> + <xsd:enumeration value="OIDAsURN"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="DocumentationReferencesType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="DocumentationReference" type="xsd:anyURI"/> + </xsd:sequence> + </xsd:complexType> + <!-- End ObjectIdentifierType--> + <!-- Start EncapsulatedPKIDataType--> + <xsd:element name="EncapsulatedPKIData" type="EncapsulatedPKIDataType"/> + <xsd:complexType name="EncapsulatedPKIDataType"> + <xsd:simpleContent> + <xsd:extension base="xsd:base64Binary"> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + <xsd:attribute name="Encoding" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!-- End EncapsulatedPKIDataType --> + <!-- Start time-stamp containers types --> + <!-- Start GenericTimeStampType --> + <xsd:element name="Include" type="IncludeType"/> + <xsd:complexType name="IncludeType"> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + <xsd:attribute name="referencedData" type="xsd:boolean" use="optional"/> + </xsd:complexType> + <xsd:element name="ReferenceInfo" type="ReferenceInfoType"/> + <xsd:complexType name="ReferenceInfoType"> + <xsd:sequence> + <xsd:element ref="ds:DigestMethod"/> + <xsd:element ref="ds:DigestValue"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + <xsd:complexType name="GenericTimeStampType" abstract="true"> + <xsd:sequence> + <xsd:choice minOccurs="0"> + <xsd:element ref="Include" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element ref="ReferenceInfo" maxOccurs="unbounded"/> + </xsd:choice> + <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/> + <xsd:element name="XMLTimeStamp" type="AnyType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End GenericTimeStampType --> + <!-- Start XAdESTimeStampType --> + <xsd:element name="XAdESTimeStamp" type="XAdESTimeStampType"/> + <xsd:complexType name="XAdESTimeStampType"> + <xsd:complexContent> + <xsd:restriction base="GenericTimeStampType"> + <xsd:sequence> + <xsd:element ref="Include" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/> + <xsd:element name="XMLTimeStamp" type="AnyType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!-- End XAdESTimeStampType --> + <!-- Start OtherTimeStampType --> + <xsd:element name="OtherTimeStamp" type="OtherTimeStampType"/> + <xsd:complexType name="OtherTimeStampType"> + <xsd:complexContent> + <xsd:restriction base="GenericTimeStampType"> + <xsd:sequence> + <xsd:element ref="ReferenceInfo" maxOccurs="unbounded"/> + <xsd:element ref="ds:CanonicalizationMethod" minOccurs="0"/> + <xsd:choice> + <xsd:element name="EncapsulatedTimeStamp" type="EncapsulatedPKIDataType"/> + <xsd:element name="XMLTimeStamp" type="AnyType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!-- End OtherTimeStampType --> + <!-- End time-stamp containers types --> + <!-- End auxiliary types definitions--> + <!-- Start container types --> + <!-- Start QualifyingProperties --> + <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/> + <xsd:complexType name="QualifyingPropertiesType"> + <xsd:sequence> + <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/> + <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Target" type="xsd:anyURI" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End QualifyingProperties --> + <!-- Start SignedProperties--> + <xsd:element name="SignedProperties" type="SignedPropertiesType"/> + <xsd:complexType name="SignedPropertiesType"> + <xsd:sequence> + <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType" minOccurs="0"/> + <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End SignedProperties--> + <!-- Start UnsignedProperties--> + <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType"/> + <xsd:complexType name="UnsignedPropertiesType"> + <xsd:sequence> + <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType" minOccurs="0"/> + <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End UnsignedProperties--> + <!-- Start SignedSignatureProperties--> + <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/> + <xsd:complexType name="SignedSignaturePropertiesType"> + <xsd:sequence> + <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="SigningCertificate" type="CertIDListType" minOccurs="0"/> + <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType" minOccurs="0"/> + <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" minOccurs="0"/> + <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End SignedSignatureProperties--> + <!-- Start SignedDataObjectProperties--> + <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType"/> + <xsd:complexType name="SignedDataObjectPropertiesType"> + <xsd:sequence> + <xsd:element name="DataObjectFormat" type="DataObjectFormatType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End SignedDataObjectProperties--> + <!-- Start UnsignedSignatureProperties--> + <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType"/> + <xsd:complexType name="UnsignedSignaturePropertiesType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="CounterSignature" type="CounterSignatureType"/> + <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/> + <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/> + <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/> + <xsd:element name="AttributeCertificateRefs" type="CompleteCertificateRefsType"/> + <xsd:element name="AttributeRevocationRefs" type="CompleteRevocationRefsType"/> + <xsd:element name="SigAndRefsTimeStamp" type="XAdESTimeStampType"/> + <xsd:element name="RefsOnlyTimeStamp" type="XAdESTimeStampType"/> + <xsd:element name="CertificateValues" type="CertificateValuesType"/> + <xsd:element name="RevocationValues" type="RevocationValuesType"/> + <xsd:element name="AttrAuthoritiesCertValues" type="CertificateValuesType"/> + <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/> + <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/> + <xsd:any namespace="##other"/> + </xsd:choice> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End UnsignedSignatureProperties--> + <!-- Start UnsignedDataObjectProperties--> + <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType"/> + <xsd:complexType name="UnsignedDataObjectPropertiesType"> + <xsd:sequence> + <xsd:element name="UnsignedDataObjectProperty" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End UnsignedDataObjectProperties--> + <!-- Start QualifyingPropertiesReference--> + <xsd:element name="QualifyingPropertiesReference" type="QualifyingPropertiesReferenceType"/> + <xsd:complexType name="QualifyingPropertiesReferenceType"> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End QualifyingPropertiesReference--> + <!-- End container types --> + <!-- Start SigningTime element --> + <xsd:element name="SigningTime" type="xsd:dateTime"/> + <!-- End SigningTime element --> + <!-- Start SigningCertificate --> + <xsd:element name="SigningCertificate" type="CertIDListType"/> + <xsd:complexType name="CertIDListType"> + <xsd:sequence> + <xsd:element name="Cert" type="CertIDType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CertIDType"> + <xsd:sequence> + <xsd:element name="CertDigest" type="DigestAlgAndValueType"/> + <xsd:element name="IssuerSerial" type="ds:X509IssuerSerialType"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + <xsd:complexType name="DigestAlgAndValueType"> + <xsd:sequence> + <xsd:element ref="ds:DigestMethod"/> + <xsd:element ref="ds:DigestValue"/> + </xsd:sequence> + </xsd:complexType> + <!-- End SigningCertificate --> + <!-- Start SignaturePolicyIdentifier --> + <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/> + <xsd:complexType name="SignaturePolicyIdentifierType"> + <xsd:choice> + <xsd:element name="SignaturePolicyId" type="SignaturePolicyIdType"/> + <xsd:element name="SignaturePolicyImplied"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="SignaturePolicyIdType"> + <xsd:sequence> + <xsd:element name="SigPolicyId" type="ObjectIdentifierType"/> + <xsd:element ref="ds:Transforms" minOccurs="0"/> + <xsd:element name="SigPolicyHash" type="DigestAlgAndValueType"/> + <xsd:element name="SigPolicyQualifiers" type="SigPolicyQualifiersListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="SigPolicyQualifiersListType"> + <xsd:sequence> + <xsd:element name="SigPolicyQualifier" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="SPURI" type="xsd:anyURI"/> + <xsd:element name="SPUserNotice" type="SPUserNoticeType"/> + <xsd:complexType name="SPUserNoticeType"> + <xsd:sequence> + <xsd:element name="NoticeRef" type="NoticeReferenceType" minOccurs="0"/> + <xsd:element name="ExplicitText" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="NoticeReferenceType"> + <xsd:sequence> + <xsd:element name="Organization" type="xsd:string"/> + <xsd:element name="NoticeNumbers" type="IntegerListType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="IntegerListType"> + <xsd:sequence> + <xsd:element name="int" type="xsd:integer" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- End SignaturePolicyIdentifier --> + <!-- Start CounterSignature --> + <xsd:element name="CounterSignature" type="CounterSignatureType"/> + <xsd:complexType name="CounterSignatureType"> + <xsd:sequence> + <xsd:element ref="ds:Signature"/> + </xsd:sequence> + </xsd:complexType> + <!-- End CounterSignature --> + <!-- Start DataObjectFormat --> + <xsd:element name="DataObjectFormat" type="DataObjectFormatType"/> + <xsd:complexType name="DataObjectFormatType"> + <xsd:sequence> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:element name="ObjectIdentifier" type="ObjectIdentifierType" minOccurs="0"/> + <xsd:element name="MimeType" type="xsd:string" minOccurs="0"/> + <xsd:element name="Encoding" type="xsd:anyURI" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="ObjectReference" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <!-- End DataObjectFormat --> + <!-- Start CommitmentTypeIndication --> + <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType"/> + <xsd:complexType name="CommitmentTypeIndicationType"> + <xsd:sequence> + <xsd:element name="CommitmentTypeId" type="ObjectIdentifierType"/> + <xsd:choice> + <xsd:element name="ObjectReference" type="xsd:anyURI" maxOccurs="unbounded"/> + <xsd:element name="AllSignedDataObjects"/> + </xsd:choice> + <xsd:element name="CommitmentTypeQualifiers" type="CommitmentTypeQualifiersListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CommitmentTypeQualifiersListType"> + <xsd:sequence> + <xsd:element name="CommitmentTypeQualifier" type="AnyType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- End CommitmentTypeIndication --> + <!-- Start SignatureProductionPlace --> + <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType"/> + <xsd:complexType name="SignatureProductionPlaceType"> + <xsd:sequence> + <xsd:element name="City" type="xsd:string" minOccurs="0"/> + <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/> + <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/> + <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- End SignatureProductionPlace --> + <!-- Start SignerRole --> + <xsd:element name="SignerRole" type="SignerRoleType"/> + <xsd:complexType name="SignerRoleType"> + <xsd:sequence> + <xsd:element name="ClaimedRoles" type="ClaimedRolesListType" minOccurs="0"/> + <xsd:element name="CertifiedRoles" type="CertifiedRolesListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ClaimedRolesListType"> + <xsd:sequence> + <xsd:element name="ClaimedRole" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CertifiedRolesListType"> + <xsd:sequence> + <xsd:element name="CertifiedRole" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- End SignerRole --> + <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType"/> + <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType"/> + <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/> + <!-- Start CompleteCertificateRefs --> + <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/> + <xsd:complexType name="CompleteCertificateRefsType"> + <xsd:sequence> + <xsd:element name="CertRefs" type="CertIDListType"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End CompleteCertificateRefs --> + <!-- Start CompleteRevocationRefs--> + <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/> + <xsd:complexType name="CompleteRevocationRefsType"> + <xsd:sequence> + <xsd:element name="CRLRefs" type="CRLRefsType" minOccurs="0"/> + <xsd:element name="OCSPRefs" type="OCSPRefsType" minOccurs="0"/> + <xsd:element name="OtherRefs" type="OtherCertStatusRefsType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <xsd:complexType name="CRLRefsType"> + <xsd:sequence> + <xsd:element name="CRLRef" type="CRLRefType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CRLRefType"> + <xsd:sequence> + <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType"/> + <xsd:element name="CRLIdentifier" type="CRLIdentifierType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CRLIdentifierType"> + <xsd:sequence> + <xsd:element name="Issuer" type="xsd:string"/> + <xsd:element name="IssueTime" type="xsd:dateTime"/> + <xsd:element name="Number" type="xsd:integer" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + <xsd:complexType name="OCSPRefsType"> + <xsd:sequence> + <xsd:element name="OCSPRef" type="OCSPRefType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="OCSPRefType"> + <xsd:sequence> + <xsd:element name="OCSPIdentifier" type="OCSPIdentifierType"/> + <xsd:element name="DigestAlgAndValue" type="DigestAlgAndValueType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ResponderIDType"> + <xsd:choice> + <xsd:element name="ByName" type="xsd:string"/> + <xsd:element name="ByKey" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="OCSPIdentifierType"> + <xsd:sequence> + <xsd:element name="ResponderID" type="ResponderIDType"/> + <xsd:element name="ProducedAt" type="xsd:dateTime"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + <xsd:complexType name="OtherCertStatusRefsType"> + <xsd:sequence> + <xsd:element name="OtherRef" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- End CompleteRevocationRefs--> + <xsd:element name="AttributeCertificateRefs" type="CompleteCertificateRefsType"/> + <xsd:element name="AttributeRevocationRefs" type="CompleteRevocationRefsType"/> + <xsd:element name="SigAndRefsTimeStamp" type="XAdESTimeStampType"/> + <xsd:element name="RefsOnlyTimeStamp" type="XAdESTimeStampType"/> + <!-- Start CertificateValues --> + <xsd:element name="CertificateValues" type="CertificateValuesType"/> + <xsd:complexType name="CertificateValuesType"> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element name="EncapsulatedX509Certificate" type="EncapsulatedPKIDataType"/> + <xsd:element name="OtherCertificate" type="AnyType"/> + </xsd:choice> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- End CertificateValues --> + <!-- Start RevocationValues--> + <xsd:element name="RevocationValues" type="RevocationValuesType"/> + <xsd:complexType name="RevocationValuesType"> + <xsd:sequence> + <xsd:element name="CRLValues" type="CRLValuesType" minOccurs="0"/> + <xsd:element name="OCSPValues" type="OCSPValuesType" minOccurs="0"/> + <xsd:element name="OtherValues" type="OtherCertStatusValuesType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <xsd:complexType name="CRLValuesType"> + <xsd:sequence> + <xsd:element name="EncapsulatedCRLValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="OCSPValuesType"> + <xsd:sequence> + <xsd:element name="EncapsulatedOCSPValue" type="EncapsulatedPKIDataType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="OtherCertStatusValuesType"> + <xsd:sequence> + <xsd:element name="OtherValue" type="AnyType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- End RevocationValues--> + <xsd:element name="AttrAuthoritiesCertValues" type="CertificateValuesType"/> + <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/> + <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd new file mode 100644 index 000000000..274dbdca1 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.4.1#" xmlns="http://uri.etsi.org/01903/v1.4.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" elementFormDefault="qualified"> + <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="XAdES-1.3.2.xsd"/> + <!-- Start CertificateValues --> + <xsd:element name="TimeStampValidationData" type="ValidationDataType"/> + <xsd:complexType name="ValidationDataType"> + <xsd:sequence> + <xsd:element ref="xades:CertificateValues" minOccurs="0" /> + <xsd:element ref="xades:RevocationValues" minOccurs="0" /> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + <xsd:attribute name="UR" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + <xsd:element name="ArchiveTimeStampV2" type="xades:XAdESTimeStampType"/> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XMLSchema-instance.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XMLSchema-instance.xsd new file mode 100644 index 000000000..f47577b8a --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XMLSchema-instance.xsd @@ -0,0 +1,37 @@ +<?xml version='1.0'?> +<!DOCTYPE xs:schema SYSTEM "XMLSchema.dtd" [ +<!ELEMENT p ANY> +<!ELEMENT a ANY> +<!ATTLIST a href CDATA #IMPLIED> +<!ELEMENT hr ANY> +<!ELEMENT h1 ANY> +<!ELEMENT br ANY> +]> +<xs:schema targetNamespace="http://www.w3.org/2001/XMLSchema-instance" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns="http://www.w3.org/1999/xhtml"> + <xs:annotation> + <xs:documentation> + <h1>XML Schema instance namespace</h1> + <p>See <a href="http://www.w3.org/TR/xmlschema-1/">the XML Schema + Recommendation</a> for an introduction</p> + + + <hr /> + $Date: 2001/03/16 20:25:57 $<br /> + $Id: XMLSchema-instance.xsd,v 1.4 2001/03/16 20:25:57 ht Exp $ + </xs:documentation> + </xs:annotation> + <xs:annotation> + <xs:documentation><p>This schema should never be used as such: + <a href="http://www.w3.org/TR/xmlschema-1/#no-xsi">the XML + Schema Recommendation</a> forbids the declaration of + attributes in this namespace</p> + </xs:documentation> + </xs:annotation> + + <xs:attribute name="nil"/> + <xs:attribute name="type"/> + <xs:attribute name="schemaLocation"/> + <xs:attribute name="noNamespaceSchemaLocation"/> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XMLSchema.dtd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XMLSchema.dtd new file mode 100644 index 000000000..e8e8f7625 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XMLSchema.dtd @@ -0,0 +1,402 @@ +<!-- DTD for XML Schemas: Part 1: Structures + Public Identifier: "-//W3C//DTD XMLSCHEMA 200102//EN" + Official Location: http://www.w3.org/2001/XMLSchema.dtd --> +<!-- $Id: XMLSchema.dtd,v 1.31 2001/10/24 15:50:16 ht Exp $ --> +<!-- Note this DTD is NOT normative, or even definitive. --> <!--d--> +<!-- prose copy in the structures REC is the definitive version --> <!--d--> +<!-- (which shouldn't differ from this one except for this --> <!--d--> +<!-- comment and entity expansions, but just in case) --> <!--d--> +<!-- With the exception of cases with multiple namespace + prefixes for the XML Schema namespace, any XML document which is + not valid per this DTD given redefinitions in its internal subset of the + 'p' and 's' parameter entities below appropriate to its namespace + declaration of the XML Schema namespace is almost certainly not + a valid schema. --> + +<!-- The simpleType element and its constituent parts + are defined in XML Schema: Part 2: Datatypes --> +<!ENTITY % xs-datatypes PUBLIC 'datatypes' 'datatypes.dtd' > + +<!ENTITY % p 'xs:'> <!-- can be overriden in the internal subset of a + schema document to establish a different + namespace prefix --> +<!ENTITY % s ':xs'> <!-- if %p is defined (e.g. as foo:) then you must + also define %s as the suffix for the appropriate + namespace declaration (e.g. :foo) --> +<!ENTITY % nds 'xmlns%s;'> + +<!-- Define all the element names, with optional prefix --> +<!ENTITY % schema "%p;schema"> +<!ENTITY % complexType "%p;complexType"> +<!ENTITY % complexContent "%p;complexContent"> +<!ENTITY % simpleContent "%p;simpleContent"> +<!ENTITY % extension "%p;extension"> +<!ENTITY % element "%p;element"> +<!ENTITY % unique "%p;unique"> +<!ENTITY % key "%p;key"> +<!ENTITY % keyref "%p;keyref"> +<!ENTITY % selector "%p;selector"> +<!ENTITY % field "%p;field"> +<!ENTITY % group "%p;group"> +<!ENTITY % all "%p;all"> +<!ENTITY % choice "%p;choice"> +<!ENTITY % sequence "%p;sequence"> +<!ENTITY % any "%p;any"> +<!ENTITY % anyAttribute "%p;anyAttribute"> +<!ENTITY % attribute "%p;attribute"> +<!ENTITY % attributeGroup "%p;attributeGroup"> +<!ENTITY % include "%p;include"> +<!ENTITY % import "%p;import"> +<!ENTITY % redefine "%p;redefine"> +<!ENTITY % notation "%p;notation"> + +<!-- annotation elements --> +<!ENTITY % annotation "%p;annotation"> +<!ENTITY % appinfo "%p;appinfo"> +<!ENTITY % documentation "%p;documentation"> + +<!-- Customisation entities for the ATTLIST of each element type. + Define one of these if your schema takes advantage of the + anyAttribute='##other' in the schema for schemas --> + +<!ENTITY % schemaAttrs ''> +<!ENTITY % complexTypeAttrs ''> +<!ENTITY % complexContentAttrs ''> +<!ENTITY % simpleContentAttrs ''> +<!ENTITY % extensionAttrs ''> +<!ENTITY % elementAttrs ''> +<!ENTITY % groupAttrs ''> +<!ENTITY % allAttrs ''> +<!ENTITY % choiceAttrs ''> +<!ENTITY % sequenceAttrs ''> +<!ENTITY % anyAttrs ''> +<!ENTITY % anyAttributeAttrs ''> +<!ENTITY % attributeAttrs ''> +<!ENTITY % attributeGroupAttrs ''> +<!ENTITY % uniqueAttrs ''> +<!ENTITY % keyAttrs ''> +<!ENTITY % keyrefAttrs ''> +<!ENTITY % selectorAttrs ''> +<!ENTITY % fieldAttrs ''> +<!ENTITY % includeAttrs ''> +<!ENTITY % importAttrs ''> +<!ENTITY % redefineAttrs ''> +<!ENTITY % notationAttrs ''> +<!ENTITY % annotationAttrs ''> +<!ENTITY % appinfoAttrs ''> +<!ENTITY % documentationAttrs ''> + +<!ENTITY % complexDerivationSet "CDATA"> + <!-- #all or space-separated list drawn from derivationChoice --> +<!ENTITY % blockSet "CDATA"> + <!-- #all or space-separated list drawn from + derivationChoice + 'substitution' --> + +<!ENTITY % mgs '%all; | %choice; | %sequence;'> +<!ENTITY % cs '%choice; | %sequence;'> +<!ENTITY % formValues '(qualified|unqualified)'> + + +<!ENTITY % attrDecls '((%attribute;| %attributeGroup;)*,(%anyAttribute;)?)'> + +<!ENTITY % particleAndAttrs '((%mgs; | %group;)?, %attrDecls;)'> + +<!-- This is used in part2 --> +<!ENTITY % restriction1 '((%mgs; | %group;)?)'> + +%xs-datatypes; + +<!-- the duplication below is to produce an unambiguous content model + which allows annotation everywhere --> +<!ELEMENT %schema; ((%include; | %import; | %redefine; | %annotation;)*, + ((%simpleType; | %complexType; + | %element; | %attribute; + | %attributeGroup; | %group; + | %notation; ), + (%annotation;)*)* )> +<!ATTLIST %schema; + targetNamespace %URIref; #IMPLIED + version CDATA #IMPLIED + %nds; %URIref; #FIXED 'http://www.w3.org/2001/XMLSchema' + xmlns CDATA #IMPLIED + finalDefault %complexDerivationSet; '' + blockDefault %blockSet; '' + id ID #IMPLIED + elementFormDefault %formValues; 'unqualified' + attributeFormDefault %formValues; 'unqualified' + xml:lang CDATA #IMPLIED + %schemaAttrs;> +<!-- Note the xmlns declaration is NOT in the Schema for Schemas, + because at the Infoset level where schemas operate, + xmlns(:prefix) is NOT an attribute! --> +<!-- The declaration of xmlns is a convenience for schema authors --> + +<!-- The id attribute here and below is for use in external references + from non-schemas using simple fragment identifiers. + It is NOT used for schema-to-schema reference, internal or + external. --> + +<!-- a type is a named content type specification which allows attribute + declarations--> +<!-- --> + +<!ELEMENT %complexType; ((%annotation;)?, + (%simpleContent;|%complexContent;| + %particleAndAttrs;))> + +<!ATTLIST %complexType; + name %NCName; #IMPLIED + id ID #IMPLIED + abstract %boolean; #IMPLIED + final %complexDerivationSet; #IMPLIED + block %complexDerivationSet; #IMPLIED + mixed (true|false) 'false' + %complexTypeAttrs;> + +<!-- particleAndAttrs is shorthand for a root type --> +<!-- mixed is disallowed if simpleContent, overriden if complexContent + has one too. --> + +<!-- If anyAttribute appears in one or more referenced attributeGroups + and/or explicitly, the intersection of the permissions is used --> + +<!ELEMENT %complexContent; ((%annotation;)?, (%restriction;|%extension;))> +<!ATTLIST %complexContent; + mixed (true|false) #IMPLIED + id ID #IMPLIED + %complexContentAttrs;> + +<!-- restriction should use the branch defined above, not the simple + one from part2; extension should use the full model --> + +<!ELEMENT %simpleContent; ((%annotation;)?, (%restriction;|%extension;))> +<!ATTLIST %simpleContent; + id ID #IMPLIED + %simpleContentAttrs;> + +<!-- restriction should use the simple branch from part2, not the + one defined above; extension should have no particle --> + +<!ELEMENT %extension; ((%annotation;)?, (%particleAndAttrs;))> +<!ATTLIST %extension; + base %QName; #REQUIRED + id ID #IMPLIED + %extensionAttrs;> + +<!-- an element is declared by either: + a name and a type (either nested or referenced via the type attribute) + or a ref to an existing element declaration --> + +<!ELEMENT %element; ((%annotation;)?, (%complexType;| %simpleType;)?, + (%unique; | %key; | %keyref;)*)> +<!-- simpleType or complexType only if no type|ref attribute --> +<!-- ref not allowed at top level --> +<!ATTLIST %element; + name %NCName; #IMPLIED + id ID #IMPLIED + ref %QName; #IMPLIED + type %QName; #IMPLIED + minOccurs %nonNegativeInteger; #IMPLIED + maxOccurs CDATA #IMPLIED + nillable %boolean; #IMPLIED + substitutionGroup %QName; #IMPLIED + abstract %boolean; #IMPLIED + final %complexDerivationSet; #IMPLIED + block %blockSet; #IMPLIED + default CDATA #IMPLIED + fixed CDATA #IMPLIED + form %formValues; #IMPLIED + %elementAttrs;> +<!-- type and ref are mutually exclusive. + name and ref are mutually exclusive, one is required --> +<!-- In the absence of type AND ref, type defaults to type of + substitutionGroup, if any, else the ur-type, i.e. unconstrained --> +<!-- default and fixed are mutually exclusive --> + +<!ELEMENT %group; ((%annotation;)?,(%mgs;)?)> +<!ATTLIST %group; + name %NCName; #IMPLIED + ref %QName; #IMPLIED + minOccurs %nonNegativeInteger; #IMPLIED + maxOccurs CDATA #IMPLIED + id ID #IMPLIED + %groupAttrs;> + +<!ELEMENT %all; ((%annotation;)?, (%element;)*)> +<!ATTLIST %all; + minOccurs (1) #IMPLIED + maxOccurs (1) #IMPLIED + id ID #IMPLIED + %allAttrs;> + +<!ELEMENT %choice; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)> +<!ATTLIST %choice; + minOccurs %nonNegativeInteger; #IMPLIED + maxOccurs CDATA #IMPLIED + id ID #IMPLIED + %choiceAttrs;> + +<!ELEMENT %sequence; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)> +<!ATTLIST %sequence; + minOccurs %nonNegativeInteger; #IMPLIED + maxOccurs CDATA #IMPLIED + id ID #IMPLIED + %sequenceAttrs;> + +<!-- an anonymous grouping in a model, or + a top-level named group definition, or a reference to same --> + +<!-- Note that if order is 'all', group is not allowed inside. + If order is 'all' THIS group must be alone (or referenced alone) at + the top level of a content model --> +<!-- If order is 'all', minOccurs==maxOccurs==1 on element/any inside --> +<!-- Should allow minOccurs=0 inside order='all' . . . --> + +<!ELEMENT %any; (%annotation;)?> +<!ATTLIST %any; + namespace CDATA '##any' + processContents (skip|lax|strict) 'strict' + minOccurs %nonNegativeInteger; '1' + maxOccurs CDATA '1' + id ID #IMPLIED + %anyAttrs;> + +<!-- namespace is interpreted as follows: + ##any - - any non-conflicting WFXML at all + + ##other - - any non-conflicting WFXML from namespace other + than targetNamespace + + ##local - - any unqualified non-conflicting WFXML/attribute + one or - - any non-conflicting WFXML from + more URI the listed namespaces + references + + ##targetNamespace ##local may appear in the above list, + with the obvious meaning --> + +<!ELEMENT %anyAttribute; (%annotation;)?> +<!ATTLIST %anyAttribute; + namespace CDATA '##any' + processContents (skip|lax|strict) 'strict' + id ID #IMPLIED + %anyAttributeAttrs;> +<!-- namespace is interpreted as for 'any' above --> + +<!-- simpleType only if no type|ref attribute --> +<!-- ref not allowed at top level, name iff at top level --> +<!ELEMENT %attribute; ((%annotation;)?, (%simpleType;)?)> +<!ATTLIST %attribute; + name %NCName; #IMPLIED + id ID #IMPLIED + ref %QName; #IMPLIED + type %QName; #IMPLIED + use (prohibited|optional|required) #IMPLIED + default CDATA #IMPLIED + fixed CDATA #IMPLIED + form %formValues; #IMPLIED + %attributeAttrs;> +<!-- type and ref are mutually exclusive. + name and ref are mutually exclusive, one is required --> +<!-- default for use is optional when nested, none otherwise --> +<!-- default and fixed are mutually exclusive --> +<!-- type attr and simpleType content are mutually exclusive --> + +<!-- an attributeGroup is a named collection of attribute decls, or a + reference thereto --> +<!ELEMENT %attributeGroup; ((%annotation;)?, + (%attribute; | %attributeGroup;)*, + (%anyAttribute;)?) > +<!ATTLIST %attributeGroup; + name %NCName; #IMPLIED + id ID #IMPLIED + ref %QName; #IMPLIED + %attributeGroupAttrs;> + +<!-- ref iff no content, no name. ref iff not top level --> + +<!-- better reference mechanisms --> +<!ELEMENT %unique; ((%annotation;)?, %selector;, (%field;)+)> +<!ATTLIST %unique; + name %NCName; #REQUIRED + id ID #IMPLIED + %uniqueAttrs;> + +<!ELEMENT %key; ((%annotation;)?, %selector;, (%field;)+)> +<!ATTLIST %key; + name %NCName; #REQUIRED + id ID #IMPLIED + %keyAttrs;> + +<!ELEMENT %keyref; ((%annotation;)?, %selector;, (%field;)+)> +<!ATTLIST %keyref; + name %NCName; #REQUIRED + refer %QName; #REQUIRED + id ID #IMPLIED + %keyrefAttrs;> + +<!ELEMENT %selector; ((%annotation;)?)> +<!ATTLIST %selector; + xpath %XPathExpr; #REQUIRED + id ID #IMPLIED + %selectorAttrs;> +<!ELEMENT %field; ((%annotation;)?)> +<!ATTLIST %field; + xpath %XPathExpr; #REQUIRED + id ID #IMPLIED + %fieldAttrs;> + +<!-- Schema combination mechanisms --> +<!ELEMENT %include; (%annotation;)?> +<!ATTLIST %include; + schemaLocation %URIref; #REQUIRED + id ID #IMPLIED + %includeAttrs;> + +<!ELEMENT %import; (%annotation;)?> +<!ATTLIST %import; + namespace %URIref; #IMPLIED + schemaLocation %URIref; #IMPLIED + id ID #IMPLIED + %importAttrs;> + +<!ELEMENT %redefine; (%annotation; | %simpleType; | %complexType; | + %attributeGroup; | %group;)*> +<!ATTLIST %redefine; + schemaLocation %URIref; #REQUIRED + id ID #IMPLIED + %redefineAttrs;> + +<!ELEMENT %notation; (%annotation;)?> +<!ATTLIST %notation; + name %NCName; #REQUIRED + id ID #IMPLIED + public CDATA #REQUIRED + system %URIref; #IMPLIED + %notationAttrs;> + +<!-- Annotation is either application information or documentation --> +<!-- By having these here they are available for datatypes as well + as all the structures elements --> + +<!ELEMENT %annotation; (%appinfo; | %documentation;)*> +<!ATTLIST %annotation; %annotationAttrs;> + +<!-- User must define annotation elements in internal subset for this + to work --> +<!ELEMENT %appinfo; ANY> <!-- too restrictive --> +<!ATTLIST %appinfo; + source %URIref; #IMPLIED + id ID #IMPLIED + %appinfoAttrs;> +<!ELEMENT %documentation; ANY> <!-- too restrictive --> +<!ATTLIST %documentation; + source %URIref; #IMPLIED + id ID #IMPLIED + xml:lang CDATA #IMPLIED + %documentationAttrs;> + +<!NOTATION XMLSchemaStructures PUBLIC + 'structures' 'http://www.w3.org/2001/XMLSchema.xsd' > +<!NOTATION XML PUBLIC + 'REC-xml-1998-0210' 'http://www.w3.org/TR/1998/REC-xml-19980210' > diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd new file mode 100644 index 000000000..d41f3e817 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/cs-sstc-schema-assertion-01.xsd @@ -0,0 +1,194 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XML Spy v3.5 NT (http://www.xmlspy.com) by Phill Hallam-Baker (VeriSign Inc.) --> +<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified"> + <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <annotation> + <documentation> + Document identifier: cs-sstc-schema-assertion-01 + Location: http://www.oasis-open.org/committees/security/docs/ + </documentation> + </annotation> + <simpleType name="IDType"> + <restriction base="string"/> + </simpleType> + <simpleType name="IDReferenceType"> + <restriction base="string"/> + </simpleType> + <simpleType name="DecisionType"> + <restriction base="string"> + <enumeration value="Permit"/> + <enumeration value="Deny"/> + <enumeration value="Indeterminate"/> + </restriction> + </simpleType> + <element name="AssertionIDReference" type="saml:IDReferenceType"/> + <element name="Assertion" type="saml:AssertionType"/> + <complexType name="AssertionType"> + <sequence> + <element ref="saml:Conditions" minOccurs="0"/> + <element ref="saml:Advice" minOccurs="0"/> + <choice maxOccurs="unbounded"> + <element ref="saml:Statement"/> + <element ref="saml:SubjectStatement"/> + <element ref="saml:AuthenticationStatement"/> + <element ref="saml:AuthorizationDecisionStatement"/> + <element ref="saml:AttributeStatement"/> + </choice> + <element ref="ds:Signature" minOccurs="0"/> + </sequence> + <attribute name="MajorVersion" type="integer" use="required"/> + <attribute name="MinorVersion" type="integer" use="required"/> + <attribute name="AssertionID" type="saml:IDType" use="required"/> + <attribute name="Issuer" type="string" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + </complexType> + <element name="Conditions" type="saml:ConditionsType"/> + <complexType name="ConditionsType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:AudienceRestrictionCondition"/> + <element ref="saml:Condition"/> + </choice> + <attribute name="NotBefore" type="dateTime" use="optional"/> + <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> + </complexType> + <element name="Condition" type="saml:ConditionAbstractType"/> + <complexType name="ConditionAbstractType" abstract="true"/> + <element name="AudienceRestrictionCondition" type="saml:AudienceRestrictionConditionType"/> + <complexType name="AudienceRestrictionConditionType"> + <complexContent> + <extension base="saml:ConditionAbstractType"> + <sequence> + <element ref="saml:Audience" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="Audience" type="anyURI"/> + <element name="Advice" type="saml:AdviceType"/> + <complexType name="AdviceType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:AssertionIDReference"/> + <element ref="saml:Assertion"/> + <any namespace="##other" processContents="lax"/> + </choice> + </complexType> + <element name="Statement" type="saml:StatementAbstractType"/> + <complexType name="StatementAbstractType" abstract="true"/> + <element name="SubjectStatement" type="saml:SubjectStatementAbstractType"/> + <complexType name="SubjectStatementAbstractType" abstract="true"> + <complexContent> + <extension base="saml:StatementAbstractType"> + <sequence> + <element ref="saml:Subject"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="Subject" type="saml:SubjectType"/> + <complexType name="SubjectType"> + <choice> + <sequence> + <element ref="saml:NameIdentifier"/> + <element ref="saml:SubjectConfirmation" minOccurs="0"/> + </sequence> + <element ref="saml:SubjectConfirmation"/> + </choice> + </complexType> + <element name="NameIdentifier" type="saml:NameIdentifierType"/> + <complexType name="NameIdentifierType"> + <simpleContent> + <extension base="string"> + <attribute name="NameQualifier" type="string" use="optional"/> + <attribute name="Format" type="anyURI" use="optional"/> + </extension> + </simpleContent> + </complexType> + <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/> + <complexType name="SubjectConfirmationType"> + <sequence> + <element ref="saml:ConfirmationMethod" maxOccurs="unbounded"/> + <element ref="saml:SubjectConfirmationData" minOccurs="0"/> + <element ref="ds:KeyInfo" minOccurs="0"/> + </sequence> + </complexType> + <element name="SubjectConfirmationData" type="anyType"/> + <element name="ConfirmationMethod" type="anyURI"/> + <element name="AuthenticationStatement" type="saml:AuthenticationStatementType"/> + <complexType name="AuthenticationStatementType"> + <complexContent> + <extension base="saml:SubjectStatementAbstractType"> + <sequence> + <element ref="saml:SubjectLocality" minOccurs="0"/> + <element ref="saml:AuthorityBinding" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="AuthenticationMethod" type="anyURI" use="required"/> + <attribute name="AuthenticationInstant" type="dateTime" use="required"/> + </extension> + </complexContent> + </complexType> + <element name="SubjectLocality" type="saml:SubjectLocalityType"/> + <complexType name="SubjectLocalityType"> + <attribute name="IPAddress" type="string" use="optional"/> + <attribute name="DNSAddress" type="string" use="optional"/> + </complexType> + <element name="AuthorityBinding" type="saml:AuthorityBindingType"/> + <complexType name="AuthorityBindingType"> + <attribute name="AuthorityKind" type="QName" use="required"/> + <attribute name="Location" type="anyURI" use="required"/> + <attribute name="Binding" type="anyURI" use="required"/> + </complexType> + <element name="AuthorizationDecisionStatement" type="saml:AuthorizationDecisionStatementType"/> + <complexType name="AuthorizationDecisionStatementType"> + <complexContent> + <extension base="saml:SubjectStatementAbstractType"> + <sequence> + <element ref="saml:Action" maxOccurs="unbounded"/> + <element ref="saml:Evidence" minOccurs="0"/> + </sequence> + <attribute name="Resource" type="anyURI" use="required"/> + <attribute name="Decision" type="saml:DecisionType" use="required"/> + </extension> + </complexContent> + </complexType> + <element name="Action" type="saml:ActionType"/> + <complexType name="ActionType"> + <simpleContent> + <extension base="string"> + <attribute name="Namespace" type="anyURI"/> + </extension> + </simpleContent> + </complexType> + <element name="Evidence" type="saml:EvidenceType"/> + <complexType name="EvidenceType"> + <choice maxOccurs="unbounded"> + <element ref="saml:AssertionIDReference"/> + <element ref="saml:Assertion"/> + </choice> + </complexType> + <element name="AttributeStatement" type="saml:AttributeStatementType"/> + <complexType name="AttributeStatementType"> + <complexContent> + <extension base="saml:SubjectStatementAbstractType"> + <sequence> + <element ref="saml:Attribute" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AttributeDesignator" type="saml:AttributeDesignatorType"/> + <complexType name="AttributeDesignatorType"> + <attribute name="AttributeName" type="string" use="required"/> + <attribute name="AttributeNamespace" type="anyURI" use="required"/> + </complexType> + <element name="Attribute" type="saml:AttributeType"/> + <complexType name="AttributeType"> + <complexContent> + <extension base="saml:AttributeDesignatorType"> + <sequence> + <element ref="saml:AttributeValue" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AttributeValue" type="anyType"/> +</schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd new file mode 100644 index 000000000..d939fa732 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/cs-sstc-schema-protocol-01.xsd @@ -0,0 +1,127 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XML Spy v4.2 U (http://www.xmlspy.com) by Phillip Hallam-Baker (Phillip Hallam-Baker) --> +<schema targetNamespace="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified"> + <import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="cs-sstc-schema-assertion-01.xsd"/> + <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <annotation> + <documentation> + Document identifier: cs-sstc-schema-protocol-01 + Location: http://www.oasis-open.org/committees/security/docs/ + </documentation> + </annotation> + <complexType name="RequestAbstractType" abstract="true"> + <sequence> + <element ref="samlp:RespondWith" minOccurs="0" maxOccurs="unbounded"/> + <element ref="ds:Signature" minOccurs="0"/> + </sequence> + <attribute name="RequestID" type="saml:IDType" use="required"/> + <attribute name="MajorVersion" type="integer" use="required"/> + <attribute name="MinorVersion" type="integer" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + </complexType> + <element name="RespondWith" type="QName"/> + <element name="Request" type="samlp:RequestType"/> + <complexType name="RequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <choice> + <element ref="samlp:Query"/> + <element ref="samlp:SubjectQuery"/> + <element ref="samlp:AuthenticationQuery"/> + <element ref="samlp:AttributeQuery"/> + <element ref="samlp:AuthorizationDecisionQuery"/> + <element ref="saml:AssertionIDReference" maxOccurs="unbounded"/> + <element ref="samlp:AssertionArtifact" maxOccurs="unbounded"/> + </choice> + </extension> + </complexContent> + </complexType> + <element name="AssertionArtifact" type="string"/> + <element name="Query" type="samlp:QueryAbstractType"/> + <complexType name="QueryAbstractType" abstract="true"/> + <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/> + <complexType name="SubjectQueryAbstractType" abstract="true"> + <complexContent> + <extension base="samlp:QueryAbstractType"> + <sequence> + <element ref="saml:Subject"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthenticationQuery" type="samlp:AuthenticationQueryType"/> + <complexType name="AuthenticationQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <attribute name="AuthenticationMethod" type="anyURI"/> + </extension> + </complexContent> + </complexType> + <element name="AttributeQuery" type="samlp:AttributeQueryType"/> + <complexType name="AttributeQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="saml:AttributeDesignator" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Resource" type="anyURI" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="AuthorizationDecisionQuery" type="samlp:AuthorizationDecisionQueryType"/> + <complexType name="AuthorizationDecisionQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="saml:Action" maxOccurs="unbounded"/> + <element ref="saml:Evidence" minOccurs="0" maxOccurs="1"/> + </sequence> + <attribute name="Resource" type="anyURI" use="required"/> + </extension> + </complexContent> + </complexType> + <complexType name="ResponseAbstractType" abstract="true"> + <sequence> + <element ref="ds:Signature" minOccurs="0"/> + </sequence> + <attribute name="ResponseID" type="saml:IDType" use="required"/> + <attribute name="InResponseTo" type="saml:IDReferenceType" use="optional"/> + <attribute name="MajorVersion" type="integer" use="required"/> + <attribute name="MinorVersion" type="integer" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + <attribute name="Recipient" type="anyURI" use="optional"/> + </complexType> + <element name="Response" type="samlp:ResponseType"/> + <complexType name="ResponseType"> + <complexContent> + <extension base="samlp:ResponseAbstractType"> + <sequence> + <element ref="samlp:Status"/> + <element ref="saml:Assertion" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="Status" type="samlp:StatusType"/> + <complexType name="StatusType"> + <sequence> + <element ref="samlp:StatusCode"/> + <element ref="samlp:StatusMessage" minOccurs="0" maxOccurs="1"/> + <element ref="samlp:StatusDetail" minOccurs="0"/> + </sequence> + </complexType> + <element name="StatusCode" type="samlp:StatusCodeType"/> + <complexType name="StatusCodeType"> + <sequence> + <element ref="samlp:StatusCode" minOccurs="0"/> + </sequence> + <attribute name="Value" type="QName" use="required"/> + </complexType> + <element name="StatusMessage" type="string"/> + <element name="StatusDetail" type="samlp:StatusDetailType"/> + <complexType name="StatusDetailType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> +</schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/datatypes.dtd b/id/server/moa-id-commons/src/main/resources/resources/schemas/datatypes.dtd new file mode 100644 index 000000000..8e48553be --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/datatypes.dtd @@ -0,0 +1,203 @@ +<!-- + DTD for XML Schemas: Part 2: Datatypes + $Id: datatypes.dtd,v 1.23 2001/03/16 17:36:30 ht Exp $ + Note this DTD is NOT normative, or even definitive. - - the + prose copy in the datatypes REC is the definitive version + (which shouldn't differ from this one except for this comment + and entity expansions, but just in case) + --> + +<!-- + This DTD cannot be used on its own, it is intended + only for incorporation in XMLSchema.dtd, q.v. + --> + +<!-- Define all the element names, with optional prefix --> +<!ENTITY % simpleType "%p;simpleType"> +<!ENTITY % restriction "%p;restriction"> +<!ENTITY % list "%p;list"> +<!ENTITY % union "%p;union"> +<!ENTITY % maxExclusive "%p;maxExclusive"> +<!ENTITY % minExclusive "%p;minExclusive"> +<!ENTITY % maxInclusive "%p;maxInclusive"> +<!ENTITY % minInclusive "%p;minInclusive"> +<!ENTITY % totalDigits "%p;totalDigits"> +<!ENTITY % fractionDigits "%p;fractionDigits"> +<!ENTITY % length "%p;length"> +<!ENTITY % minLength "%p;minLength"> +<!ENTITY % maxLength "%p;maxLength"> +<!ENTITY % enumeration "%p;enumeration"> +<!ENTITY % whiteSpace "%p;whiteSpace"> +<!ENTITY % pattern "%p;pattern"> + +<!-- + Customisation entities for the ATTLIST of each element + type. Define one of these if your schema takes advantage + of the anyAttribute='##other' in the schema for schemas + --> + +<!ENTITY % simpleTypeAttrs ""> +<!ENTITY % restrictionAttrs ""> +<!ENTITY % listAttrs ""> +<!ENTITY % unionAttrs ""> +<!ENTITY % maxExclusiveAttrs ""> +<!ENTITY % minExclusiveAttrs ""> +<!ENTITY % maxInclusiveAttrs ""> +<!ENTITY % minInclusiveAttrs ""> +<!ENTITY % totalDigitsAttrs ""> +<!ENTITY % fractionDigitsAttrs ""> +<!ENTITY % lengthAttrs ""> +<!ENTITY % minLengthAttrs ""> +<!ENTITY % maxLengthAttrs ""> +<!ENTITY % enumerationAttrs ""> +<!ENTITY % whiteSpaceAttrs ""> +<!ENTITY % patternAttrs ""> + +<!-- Define some entities for informative use as attribute + types --> +<!ENTITY % URIref "CDATA"> +<!ENTITY % XPathExpr "CDATA"> +<!ENTITY % QName "NMTOKEN"> +<!ENTITY % QNames "NMTOKENS"> +<!ENTITY % NCName "NMTOKEN"> +<!ENTITY % nonNegativeInteger "NMTOKEN"> +<!ENTITY % boolean "(true|false)"> +<!ENTITY % simpleDerivationSet "CDATA"> +<!-- + #all or space-separated list drawn from derivationChoice + --> + +<!-- + Note that the use of 'facet' below is less restrictive + than is really intended: There should in fact be no + more than one of each of minInclusive, minExclusive, + maxInclusive, maxExclusive, totalDigits, fractionDigits, + length, maxLength, minLength within datatype, + and the min- and max- variants of Inclusive and Exclusive + are mutually exclusive. On the other hand, pattern and + enumeration may repeat. + --> +<!ENTITY % minBound "(%minInclusive; | %minExclusive;)"> +<!ENTITY % maxBound "(%maxInclusive; | %maxExclusive;)"> +<!ENTITY % bounds "%minBound; | %maxBound;"> +<!ENTITY % numeric "%totalDigits; | %fractionDigits;"> +<!ENTITY % ordered "%bounds; | %numeric;"> +<!ENTITY % unordered + "%pattern; | %enumeration; | %whiteSpace; | %length; | + %maxLength; | %minLength;"> +<!ENTITY % facet "%ordered; | %unordered;"> +<!ENTITY % facetAttr + "value CDATA #REQUIRED + id ID #IMPLIED"> +<!ENTITY % fixedAttr "fixed %boolean; #IMPLIED"> +<!ENTITY % facetModel "(%annotation;)?"> +<!ELEMENT %simpleType; + ((%annotation;)?, (%restriction; | %list; | %union;))> +<!ATTLIST %simpleType; + name %NCName; #IMPLIED + final %simpleDerivationSet; #IMPLIED + id ID #IMPLIED + %simpleTypeAttrs;> +<!-- name is required at top level --> +<!ELEMENT %restriction; ((%annotation;)?, + (%restriction1; | + ((%simpleType;)?,(%facet;)*)), + (%attrDecls;))> +<!ATTLIST %restriction; + base %QName; #IMPLIED + id ID #IMPLIED + %restrictionAttrs;> +<!-- + base and simpleType child are mutually exclusive, + one is required. + + restriction is shared between simpleType and + simpleContent and complexContent (in XMLSchema.xsd). + restriction1 is for the latter cases, when this + is restricting a complex type, as is attrDecls. + --> +<!ELEMENT %list; ((%annotation;)?,(%simpleType;)?)> +<!ATTLIST %list; + itemType %QName; #IMPLIED + id ID #IMPLIED + %listAttrs;> +<!-- + itemType and simpleType child are mutually exclusive, + one is required + --> +<!ELEMENT %union; ((%annotation;)?,(%simpleType;)*)> +<!ATTLIST %union; + id ID #IMPLIED + memberTypes %QNames; #IMPLIED + %unionAttrs;> +<!-- + At least one item in memberTypes or one simpleType + child is required + --> + +<!ELEMENT %maxExclusive; %facetModel;> +<!ATTLIST %maxExclusive; + %facetAttr; + %fixedAttr; + %maxExclusiveAttrs;> +<!ELEMENT %minExclusive; %facetModel;> +<!ATTLIST %minExclusive; + %facetAttr; + %fixedAttr; + %minExclusiveAttrs;> + +<!ELEMENT %maxInclusive; %facetModel;> +<!ATTLIST %maxInclusive; + %facetAttr; + %fixedAttr; + %maxInclusiveAttrs;> +<!ELEMENT %minInclusive; %facetModel;> +<!ATTLIST %minInclusive; + %facetAttr; + %fixedAttr; + %minInclusiveAttrs;> + +<!ELEMENT %totalDigits; %facetModel;> +<!ATTLIST %totalDigits; + %facetAttr; + %fixedAttr; + %totalDigitsAttrs;> +<!ELEMENT %fractionDigits; %facetModel;> +<!ATTLIST %fractionDigits; + %facetAttr; + %fixedAttr; + %fractionDigitsAttrs;> + +<!ELEMENT %length; %facetModel;> +<!ATTLIST %length; + %facetAttr; + %fixedAttr; + %lengthAttrs;> +<!ELEMENT %minLength; %facetModel;> +<!ATTLIST %minLength; + %facetAttr; + %fixedAttr; + %minLengthAttrs;> +<!ELEMENT %maxLength; %facetModel;> +<!ATTLIST %maxLength; + %facetAttr; + %fixedAttr; + %maxLengthAttrs;> + +<!-- This one can be repeated --> +<!ELEMENT %enumeration; %facetModel;> +<!ATTLIST %enumeration; + %facetAttr; + %enumerationAttrs;> + +<!ELEMENT %whiteSpace; %facetModel;> +<!ATTLIST %whiteSpace; + %facetAttr; + %fixedAttr; + %whiteSpaceAttrs;> + +<!-- This one can be repeated --> +<!ELEMENT %pattern; %facetModel;> +<!ATTLIST %pattern; + %facetAttr; + %patternAttrs;> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/exclusive-canonicalization.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/exclusive-canonicalization.xsd new file mode 100644 index 000000000..074e3f19e --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/exclusive-canonicalization.xsd @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- commented out for compatibility with Xerces 2.0.2 +<!DOCTYPE schema + PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd" + [ + <!ATTLIST schema + xmlns:ec CDATA #FIXED 'http://www.w3.org/2001/10/xml-exc-c14n#'> + <!ENTITY ec 'http://www.w3.org/2001/10/xml-exc-c14n#'> + <!ENTITY % p ''> + <!ENTITY % s ''> + ]> +--> +<schema xmlns="http://www.w3.org/2001/XMLSchema" + xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" + targetNamespace="http://www.w3.org/2001/10/xml-exc-c14n#" + version="0.1" elementFormDefault="qualified"> + <element name="InclusiveNamespaces" + type="ec:InclusiveNamespaces"/> + <complexType name="InclusiveNamespaces"> + <attribute name="PrefixList" type="string"/> + </complexType> +</schema>
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-assertion-2.0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-assertion-2.0.xsd new file mode 100644 index 000000000..977c3fe69 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-assertion-2.0.xsd @@ -0,0 +1,290 @@ +<?xml version="1.0" encoding="US-ASCII"?> +<schema + targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns="http://www.w3.org/2001/XMLSchema" + xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns:ds="http://www.w3.org/2000/09/xmldsig#" + xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" + elementFormDefault="unqualified" + attributeFormDefault="unqualified" + blockDefault="substitution" + version="2.0"> + <!-- + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> + <import namespace="http://www.w3.org/2001/04/xmlenc#" + schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/> + --> + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="xmldsig-core-schema.xsd"/> + <import namespace="http://www.w3.org/2001/04/xmlenc#" + schemaLocation="xenc-schema.xsd"/> + + <annotation> + <documentation> + Document identifier: saml-schema-assertion-2.0 + Location: http://docs.oasis-open.org/security/saml/v2.0/ + Revision history: + V1.0 (November, 2002): + Initial Standard Schema. + V1.1 (September, 2003): + Updates within the same V1.0 namespace. + V2.0 (March, 2005): + New assertion schema for SAML V2.0 namespace. + </documentation> + </annotation> + <attributeGroup name="IDNameQualifiers"> + <attribute name="NameQualifier" type="string" use="optional"/> + <attribute name="SPNameQualifier" type="string" use="optional"/> + </attributeGroup> + <element name="BaseID" type="saml:BaseIDAbstractType"/> + <complexType name="BaseIDAbstractType" abstract="true"> + <attributeGroup ref="saml:IDNameQualifiers"/> + </complexType> + <element name="NameID" type="saml:NameIDType"/> + <complexType name="NameIDType"> + <simpleContent> + <extension base="string"> + <attributeGroup ref="saml:IDNameQualifiers"/> + <attribute name="Format" type="anyURI" use="optional"/> + <attribute name="SPProvidedID" type="string" use="optional"/> + </extension> + </simpleContent> + </complexType> + <complexType name="EncryptedElementType"> + <sequence> + <element ref="xenc:EncryptedData"/> + <element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="EncryptedID" type="saml:EncryptedElementType"/> + <element name="Issuer" type="saml:NameIDType"/> + <element name="AssertionIDRef" type="NCName"/> + <element name="AssertionURIRef" type="anyURI"/> + <element name="Assertion" type="saml:AssertionType"/> + <complexType name="AssertionType"> + <sequence> + <element ref="saml:Issuer"/> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="saml:Subject" minOccurs="0"/> + <element ref="saml:Conditions" minOccurs="0"/> + <element ref="saml:Advice" minOccurs="0"/> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:Statement"/> + <element ref="saml:AuthnStatement"/> + <element ref="saml:AuthzDecisionStatement"/> + <element ref="saml:AttributeStatement"/> + </choice> + </sequence> + <attribute name="Version" type="string" use="required"/> + <attribute name="ID" type="ID" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + </complexType> + <element name="Subject" type="saml:SubjectType"/> + <complexType name="SubjectType"> + <choice> + <sequence> + <choice> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <element ref="saml:SubjectConfirmation" maxOccurs="unbounded"/> + </choice> + </complexType> + <element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/> + <complexType name="SubjectConfirmationType"> + <sequence> + <choice minOccurs="0"> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="saml:SubjectConfirmationData" minOccurs="0"/> + </sequence> + <attribute name="Method" type="anyURI" use="required"/> + </complexType> + <element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/> + <complexType name="SubjectConfirmationDataType" mixed="true"> + <complexContent> + <restriction base="anyType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="NotBefore" type="dateTime" use="optional"/> + <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> + <attribute name="Recipient" type="anyURI" use="optional"/> + <attribute name="InResponseTo" type="NCName" use="optional"/> + <attribute name="Address" type="string" use="optional"/> + <anyAttribute namespace="##other" processContents="lax"/> + </restriction> + </complexContent> + </complexType> + <complexType name="KeyInfoConfirmationDataType" mixed="false"> + <complexContent> + <restriction base="saml:SubjectConfirmationDataType"> + <sequence> + <element ref="ds:KeyInfo" maxOccurs="unbounded"/> + </sequence> + </restriction> + </complexContent> + </complexType> + <element name="Conditions" type="saml:ConditionsType"/> + <complexType name="ConditionsType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:Condition"/> + <element ref="saml:AudienceRestriction"/> + <element ref="saml:OneTimeUse"/> + <element ref="saml:ProxyRestriction"/> + </choice> + <attribute name="NotBefore" type="dateTime" use="optional"/> + <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> + </complexType> + <element name="Condition" type="saml:ConditionAbstractType"/> + <complexType name="ConditionAbstractType" abstract="true"/> + <element name="AudienceRestriction" type="saml:AudienceRestrictionType"/> + <complexType name="AudienceRestrictionType"> + <complexContent> + <extension base="saml:ConditionAbstractType"> + <sequence> + <element ref="saml:Audience" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="Audience" type="anyURI"/> + <element name="OneTimeUse" type="saml:OneTimeUseType" /> + <complexType name="OneTimeUseType"> + <complexContent> + <extension base="saml:ConditionAbstractType"/> + </complexContent> + </complexType> + <element name="ProxyRestriction" type="saml:ProxyRestrictionType"/> + <complexType name="ProxyRestrictionType"> + <complexContent> + <extension base="saml:ConditionAbstractType"> + <sequence> + <element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Count" type="nonNegativeInteger" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="Advice" type="saml:AdviceType"/> + <complexType name="AdviceType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:AssertionIDRef"/> + <element ref="saml:AssertionURIRef"/> + <element ref="saml:Assertion"/> + <element ref="saml:EncryptedAssertion"/> + <any namespace="##other" processContents="lax"/> + </choice> + </complexType> + <element name="EncryptedAssertion" type="saml:EncryptedElementType"/> + <element name="Statement" type="saml:StatementAbstractType"/> + <complexType name="StatementAbstractType" abstract="true"/> + <element name="AuthnStatement" type="saml:AuthnStatementType"/> + <complexType name="AuthnStatementType"> + <complexContent> + <extension base="saml:StatementAbstractType"> + <sequence> + <element ref="saml:SubjectLocality" minOccurs="0"/> + <element ref="saml:AuthnContext"/> + </sequence> + <attribute name="AuthnInstant" type="dateTime" use="required"/> + <attribute name="SessionIndex" type="string" use="optional"/> + <attribute name="SessionNotOnOrAfter" type="dateTime" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="SubjectLocality" type="saml:SubjectLocalityType"/> + <complexType name="SubjectLocalityType"> + <attribute name="Address" type="string" use="optional"/> + <attribute name="DNSName" type="string" use="optional"/> + </complexType> + <element name="AuthnContext" type="saml:AuthnContextType"/> + <complexType name="AuthnContextType"> + <sequence> + <choice> + <sequence> + <element ref="saml:AuthnContextClassRef"/> + <choice minOccurs="0"> + <element ref="saml:AuthnContextDecl"/> + <element ref="saml:AuthnContextDeclRef"/> + </choice> + </sequence> + <choice> + <element ref="saml:AuthnContextDecl"/> + <element ref="saml:AuthnContextDeclRef"/> + </choice> + </choice> + <element ref="saml:AuthenticatingAuthority" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="AuthnContextClassRef" type="anyURI"/> + <element name="AuthnContextDeclRef" type="anyURI"/> + <element name="AuthnContextDecl" type="anyType"/> + <element name="AuthenticatingAuthority" type="anyURI"/> + <element name="AuthzDecisionStatement" type="saml:AuthzDecisionStatementType"/> + <complexType name="AuthzDecisionStatementType"> + <complexContent> + <extension base="saml:StatementAbstractType"> + <sequence> + <element ref="saml:Action" maxOccurs="unbounded"/> + <element ref="saml:Evidence" minOccurs="0"/> + </sequence> + <attribute name="Resource" type="anyURI" use="required"/> + <attribute name="Decision" type="saml:DecisionType" use="required"/> + </extension> + </complexContent> + </complexType> + <simpleType name="DecisionType"> + <restriction base="string"> + <enumeration value="Permit"/> + <enumeration value="Deny"/> + <enumeration value="Indeterminate"/> + </restriction> + </simpleType> + <element name="Action" type="saml:ActionType"/> + <complexType name="ActionType"> + <simpleContent> + <extension base="string"> + <attribute name="Namespace" type="anyURI" use="required"/> + </extension> + </simpleContent> + </complexType> + <element name="Evidence" type="saml:EvidenceType"/> + <complexType name="EvidenceType"> + <choice maxOccurs="unbounded"> + <element ref="saml:AssertionIDRef"/> + <element ref="saml:AssertionURIRef"/> + <element ref="saml:Assertion"/> + <element ref="saml:EncryptedAssertion"/> + </choice> + </complexType> + <element name="AttributeStatement" type="saml:AttributeStatementType"/> + <complexType name="AttributeStatementType"> + <complexContent> + <extension base="saml:StatementAbstractType"> + <choice maxOccurs="unbounded"> + <element ref="saml:Attribute"/> + <element ref="saml:EncryptedAttribute"/> + </choice> + </extension> + </complexContent> + </complexType> + <element name="Attribute" type="saml:AttributeType"/> + <complexType name="AttributeType"> + <sequence> + <element ref="saml:AttributeValue" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Name" type="string" use="required"/> + <attribute name="NameFormat" type="anyURI" use="optional"/> + <attribute name="FriendlyName" type="string" use="optional"/> + <anyAttribute namespace="##other" processContents="lax"/> + </complexType> + <element name="AttributeValue" type="anyType" nillable="true"/> + <element name="EncryptedAttribute" type="saml:EncryptedElementType"/> +</schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd new file mode 100644 index 000000000..c83806b0d --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-metadata-2.0.xsd @@ -0,0 +1,323 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema targetNamespace="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="unqualified" attributeFormDefault="unqualified" blockDefault="substitution" version="2.0"> + <import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> + <import namespace="http://www.w3.org/2001/04/xmlenc#" schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/> + <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" schemaLocation="saml-schema-assertion-2.0.xsd"/> + <import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <annotation> + <documentation> + Document identifier: saml-schema-metadata-2.0 + Location: http://docs.oasis-open.org/security/saml/v2.0/ + Revision history: + V2.0 (March, 2005): + Schema for SAML metadata, first published in SAML 2.0. + </documentation> + </annotation> + + <simpleType name="entityIDType"> + <restriction base="anyURI"> + <maxLength value="1024"/> + </restriction> + </simpleType> + <complexType name="localizedNameType"> + <simpleContent> + <extension base="string"> + <attribute ref="xml:lang" use="required"/> + </extension> + </simpleContent> + </complexType> + <complexType name="localizedURIType"> + <simpleContent> + <extension base="anyURI"> + <attribute ref="xml:lang" use="required"/> + </extension> + </simpleContent> + </complexType> + + <element name="Extensions" type="md:ExtensionsType"/> + <complexType final="#all" name="ExtensionsType"> + <sequence> + <any namespace="##other" processContents="lax" maxOccurs="unbounded"/> + </sequence> + </complexType> + + <complexType name="EndpointType"> + <sequence> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Binding" type="anyURI" use="required"/> + <attribute name="Location" type="anyURI" use="required"/> + <attribute name="ResponseLocation" type="anyURI" use="optional"/> + <anyAttribute namespace="##other" processContents="lax"/> + </complexType> + + <complexType name="IndexedEndpointType"> + <complexContent> + <extension base="md:EndpointType"> + <attribute name="index" type="unsignedShort" use="required"/> + <attribute name="isDefault" type="boolean" use="optional"/> + </extension> + </complexContent> + </complexType> + + <element name="EntitiesDescriptor" type="md:EntitiesDescriptorType"/> + <complexType name="EntitiesDescriptorType"> + <sequence> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="md:Extensions" minOccurs="0"/> + <choice minOccurs="1" maxOccurs="unbounded"> + <element ref="md:EntityDescriptor"/> + <element ref="md:EntitiesDescriptor"/> + </choice> + </sequence> + <attribute name="validUntil" type="dateTime" use="optional"/> + <attribute name="cacheDuration" type="duration" use="optional"/> + <attribute name="ID" type="ID" use="optional"/> + <attribute name="Name" type="string" use="optional"/> + </complexType> + + <element name="EntityDescriptor" type="md:EntityDescriptorType"/> + <complexType name="EntityDescriptorType"> + <sequence> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="md:Extensions" minOccurs="0"/> + <choice> + <choice maxOccurs="unbounded"> + <element ref="md:RoleDescriptor"/> + <element ref="md:IDPSSODescriptor"/> + <element ref="md:SPSSODescriptor"/> + <element ref="md:AuthnAuthorityDescriptor"/> + <element ref="md:AttributeAuthorityDescriptor"/> + <element ref="md:PDPDescriptor"/> + </choice> + <element ref="md:AffiliationDescriptor"/> + </choice> + <element ref="md:Organization" minOccurs="0"/> + <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:AdditionalMetadataLocation" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="entityID" type="md:entityIDType" use="required"/> + <attribute name="validUntil" type="dateTime" use="optional"/> + <attribute name="cacheDuration" type="duration" use="optional"/> + <attribute name="ID" type="ID" use="optional"/> + <anyAttribute namespace="##other" processContents="lax"/> + </complexType> + + <element name="Organization" type="md:OrganizationType"/> + <complexType name="OrganizationType"> + <sequence> + <element ref="md:Extensions" minOccurs="0"/> + <element ref="md:OrganizationName" maxOccurs="unbounded"/> + <element ref="md:OrganizationDisplayName" maxOccurs="unbounded"/> + <element ref="md:OrganizationURL" maxOccurs="unbounded"/> + </sequence> + <anyAttribute namespace="##other" processContents="lax"/> + </complexType> + <element name="OrganizationName" type="md:localizedNameType"/> + <element name="OrganizationDisplayName" type="md:localizedNameType"/> + <element name="OrganizationURL" type="md:localizedURIType"/> + <element name="ContactPerson" type="md:ContactType"/> + <complexType name="ContactType"> + <sequence> + <element ref="md:Extensions" minOccurs="0"/> + <element ref="md:Company" minOccurs="0"/> + <element ref="md:GivenName" minOccurs="0"/> + <element ref="md:SurName" minOccurs="0"/> + <element ref="md:EmailAddress" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:TelephoneNumber" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="contactType" type="md:ContactTypeType" use="required"/> + <anyAttribute namespace="##other" processContents="lax"/> + </complexType> + <element name="Company" type="string"/> + <element name="GivenName" type="string"/> + <element name="SurName" type="string"/> + <element name="EmailAddress" type="anyURI"/> + <element name="TelephoneNumber" type="string"/> + <simpleType name="ContactTypeType"> + <restriction base="string"> + <enumeration value="technical"/> + <enumeration value="support"/> + <enumeration value="administrative"/> + <enumeration value="billing"/> + <enumeration value="other"/> + </restriction> + </simpleType> + + <element name="AdditionalMetadataLocation" type="md:AdditionalMetadataLocationType"/> + <complexType name="AdditionalMetadataLocationType"> + <simpleContent> + <extension base="anyURI"> + <attribute name="namespace" type="anyURI" use="required"/> + </extension> + </simpleContent> + </complexType> + + <element name="RoleDescriptor" type="md:RoleDescriptorType"/> + <complexType name="RoleDescriptorType" abstract="true"> + <sequence> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="md:Extensions" minOccurs="0"/> + <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:Organization" minOccurs="0"/> + <element ref="md:ContactPerson" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="ID" type="ID" use="optional"/> + <attribute name="validUntil" type="dateTime" use="optional"/> + <attribute name="cacheDuration" type="duration" use="optional"/> + <attribute name="protocolSupportEnumeration" type="md:anyURIListType" use="required"/> + <attribute name="errorURL" type="anyURI" use="optional"/> + <anyAttribute namespace="##other" processContents="lax"/> + </complexType> + <simpleType name="anyURIListType"> + <list itemType="anyURI"/> + </simpleType> + + <element name="KeyDescriptor" type="md:KeyDescriptorType"/> + <complexType name="KeyDescriptorType"> + <sequence> + <element ref="ds:KeyInfo"/> + <element ref="md:EncryptionMethod" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="use" type="md:KeyTypes" use="optional"/> + </complexType> + <simpleType name="KeyTypes"> + <restriction base="string"> + <enumeration value="encryption"/> + <enumeration value="signing"/> + </restriction> + </simpleType> + <element name="EncryptionMethod" type="xenc:EncryptionMethodType"/> + + <complexType name="SSODescriptorType" abstract="true"> + <complexContent> + <extension base="md:RoleDescriptorType"> + <sequence> + <element ref="md:ArtifactResolutionService" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:SingleLogoutService" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:ManageNameIDService" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="ArtifactResolutionService" type="md:IndexedEndpointType"/> + <element name="SingleLogoutService" type="md:EndpointType"/> + <element name="ManageNameIDService" type="md:EndpointType"/> + <element name="NameIDFormat" type="anyURI"/> + + <element name="IDPSSODescriptor" type="md:IDPSSODescriptorType"/> + <complexType name="IDPSSODescriptorType"> + <complexContent> + <extension base="md:SSODescriptorType"> + <sequence> + <element ref="md:SingleSignOnService" maxOccurs="unbounded"/> + <element ref="md:NameIDMappingService" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/> + <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="WantAuthnRequestsSigned" type="boolean" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="SingleSignOnService" type="md:EndpointType"/> + <element name="NameIDMappingService" type="md:EndpointType"/> + <element name="AssertionIDRequestService" type="md:EndpointType"/> + <element name="AttributeProfile" type="anyURI"/> + + <element name="SPSSODescriptor" type="md:SPSSODescriptorType"/> + <complexType name="SPSSODescriptorType"> + <complexContent> + <extension base="md:SSODescriptorType"> + <sequence> + <element ref="md:AssertionConsumerService" maxOccurs="unbounded"/> + <element ref="md:AttributeConsumingService" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="AuthnRequestsSigned" type="boolean" use="optional"/> + <attribute name="WantAssertionsSigned" type="boolean" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="AssertionConsumerService" type="md:IndexedEndpointType"/> + <element name="AttributeConsumingService" type="md:AttributeConsumingServiceType"/> + <complexType name="AttributeConsumingServiceType"> + <sequence> + <element ref="md:ServiceName" maxOccurs="unbounded"/> + <element ref="md:ServiceDescription" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:RequestedAttribute" maxOccurs="unbounded"/> + </sequence> + <attribute name="index" type="unsignedShort" use="required"/> + <attribute name="isDefault" type="boolean" use="optional"/> + </complexType> + <element name="ServiceName" type="md:localizedNameType"/> + <element name="ServiceDescription" type="md:localizedNameType"/> + <element name="RequestedAttribute" type="md:RequestedAttributeType"/> + <complexType name="RequestedAttributeType"> + <complexContent> + <extension base="saml:AttributeType"> + <attribute name="isRequired" type="boolean" use="optional"/> + </extension> + </complexContent> + </complexType> + + <element name="AuthnAuthorityDescriptor" type="md:AuthnAuthorityDescriptorType"/> + <complexType name="AuthnAuthorityDescriptorType"> + <complexContent> + <extension base="md:RoleDescriptorType"> + <sequence> + <element ref="md:AuthnQueryService" maxOccurs="unbounded"/> + <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthnQueryService" type="md:EndpointType"/> + + <element name="PDPDescriptor" type="md:PDPDescriptorType"/> + <complexType name="PDPDescriptorType"> + <complexContent> + <extension base="md:RoleDescriptorType"> + <sequence> + <element ref="md:AuthzService" maxOccurs="unbounded"/> + <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthzService" type="md:EndpointType"/> + + <element name="AttributeAuthorityDescriptor" type="md:AttributeAuthorityDescriptorType"/> + <complexType name="AttributeAuthorityDescriptorType"> + <complexContent> + <extension base="md:RoleDescriptorType"> + <sequence> + <element ref="md:AttributeService" maxOccurs="unbounded"/> + <element ref="md:AssertionIDRequestService" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:NameIDFormat" minOccurs="0" maxOccurs="unbounded"/> + <element ref="md:AttributeProfile" minOccurs="0" maxOccurs="unbounded"/> + <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AttributeService" type="md:EndpointType"/> + + <element name="AffiliationDescriptor" type="md:AffiliationDescriptorType"/> + <complexType name="AffiliationDescriptorType"> + <sequence> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="md:Extensions" minOccurs="0"/> + <element ref="md:AffiliateMember" maxOccurs="unbounded"/> + <element ref="md:KeyDescriptor" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="affiliationOwnerID" type="md:entityIDType" use="required"/> + <attribute name="validUntil" type="dateTime" use="optional"/> + <attribute name="cacheDuration" type="duration" use="optional"/> + <attribute name="ID" type="ID" use="optional"/> + <anyAttribute namespace="##other" processContents="lax"/> + </complexType> + <element name="AffiliateMember" type="md:entityIDType"/> +</schema>
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-protocol-2.0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-protocol-2.0.xsd new file mode 100644 index 000000000..b7d14e3e9 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/saml-schema-protocol-2.0.xsd @@ -0,0 +1,306 @@ +<?xml version="1.0" encoding="UTF-8"?> +<schema + targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns="http://www.w3.org/2001/XMLSchema" + xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" + xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" + xmlns:ds="http://www.w3.org/2000/09/xmldsig#" + elementFormDefault="unqualified" + attributeFormDefault="unqualified" + blockDefault="substitution" + version="2.0"> + <import namespace="urn:oasis:names:tc:SAML:2.0:assertion" + schemaLocation="saml-schema-assertion-2.0.xsd"/> + <!-- + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> + --> + <import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="xmldsig-core-schema.xsd"/> + <annotation> + <documentation> + Document identifier: saml-schema-protocol-2.0 + Location: http://docs.oasis-open.org/security/saml/v2.0/ + Revision history: + V1.0 (November, 2002): + Initial Standard Schema. + V1.1 (September, 2003): + Updates within the same V1.0 namespace. + V2.0 (March, 2005): + New protocol schema based in a SAML V2.0 namespace. + </documentation> + </annotation> + <complexType name="RequestAbstractType" abstract="true"> + <sequence> + <element ref="saml:Issuer" minOccurs="0"/> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="samlp:Extensions" minOccurs="0"/> + </sequence> + <attribute name="ID" type="ID" use="required"/> + <attribute name="Version" type="string" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + <attribute name="Destination" type="anyURI" use="optional"/> + <attribute name="Consent" type="anyURI" use="optional"/> + </complexType> + <element name="Extensions" type="samlp:ExtensionsType"/> + <complexType name="ExtensionsType"> + <sequence> + <any namespace="##other" processContents="lax" maxOccurs="unbounded"/> + </sequence> + </complexType> + <complexType name="StatusResponseType"> + <sequence> + <element ref="saml:Issuer" minOccurs="0"/> + <element ref="ds:Signature" minOccurs="0"/> + <element ref="samlp:Extensions" minOccurs="0"/> + <element ref="samlp:Status"/> + </sequence> + <attribute name="ID" type="ID" use="required"/> + <attribute name="InResponseTo" type="NCName" use="optional"/> + <attribute name="Version" type="string" use="required"/> + <attribute name="IssueInstant" type="dateTime" use="required"/> + <attribute name="Destination" type="anyURI" use="optional"/> + <attribute name="Consent" type="anyURI" use="optional"/> + </complexType> + <element name="Status" type="samlp:StatusType"/> + <complexType name="StatusType"> + <sequence> + <element ref="samlp:StatusCode"/> + <element ref="samlp:StatusMessage" minOccurs="0"/> + <element ref="samlp:StatusDetail" minOccurs="0"/> + </sequence> + </complexType> + <element name="StatusCode" type="samlp:StatusCodeType"/> + <complexType name="StatusCodeType"> + <sequence> + <element ref="samlp:StatusCode" minOccurs="0"/> + </sequence> + <attribute name="Value" type="anyURI" use="required"/> + </complexType> + <element name="StatusMessage" type="string"/> + <element name="StatusDetail" type="samlp:StatusDetailType"/> + <complexType name="StatusDetailType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/> + <complexType name="AssertionIDRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:AssertionIDRef" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/> + <complexType name="SubjectQueryAbstractType" abstract="true"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:Subject"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthnQuery" type="samlp:AuthnQueryType"/> + <complexType name="AuthnQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="samlp:RequestedAuthnContext" minOccurs="0"/> + </sequence> + <attribute name="SessionIndex" type="string" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="RequestedAuthnContext" type="samlp:RequestedAuthnContextType"/> + <complexType name="RequestedAuthnContextType"> + <choice> + <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/> + <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/> + </choice> + <attribute name="Comparison" type="samlp:AuthnContextComparisonType" use="optional"/> + </complexType> + <simpleType name="AuthnContextComparisonType"> + <restriction base="string"> + <enumeration value="exact"/> + <enumeration value="minimum"/> + <enumeration value="maximum"/> + <enumeration value="better"/> + </restriction> + </simpleType> + <element name="AttributeQuery" type="samlp:AttributeQueryType"/> + <complexType name="AttributeQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/> + <complexType name="AuthzDecisionQueryType"> + <complexContent> + <extension base="samlp:SubjectQueryAbstractType"> + <sequence> + <element ref="saml:Action" maxOccurs="unbounded"/> + <element ref="saml:Evidence" minOccurs="0"/> + </sequence> + <attribute name="Resource" type="anyURI" use="required"/> + </extension> + </complexContent> + </complexType> + <element name="AuthnRequest" type="samlp:AuthnRequestType"/> + <complexType name="AuthnRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="saml:Subject" minOccurs="0"/> + <element ref="samlp:NameIDPolicy" minOccurs="0"/> + <element ref="saml:Conditions" minOccurs="0"/> + <element ref="samlp:RequestedAuthnContext" minOccurs="0"/> + <element ref="samlp:Scoping" minOccurs="0"/> + </sequence> + <attribute name="ForceAuthn" type="boolean" use="optional"/> + <attribute name="IsPassive" type="boolean" use="optional"/> + <attribute name="ProtocolBinding" type="anyURI" use="optional"/> + <attribute name="AssertionConsumerServiceIndex" type="unsignedShort" use="optional"/> + <attribute name="AssertionConsumerServiceURL" type="anyURI" use="optional"/> + <attribute name="AttributeConsumingServiceIndex" type="unsignedShort" use="optional"/> + <attribute name="ProviderName" type="string" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/> + <complexType name="NameIDPolicyType"> + <attribute name="Format" type="anyURI" use="optional"/> + <attribute name="SPNameQualifier" type="string" use="optional"/> + <attribute name="AllowCreate" type="boolean" use="optional"/> + </complexType> + <element name="Scoping" type="samlp:ScopingType"/> + <complexType name="ScopingType"> + <sequence> + <element ref="samlp:IDPList" minOccurs="0"/> + <element ref="samlp:RequesterID" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="ProxyCount" type="nonNegativeInteger" use="optional"/> + </complexType> + <element name="RequesterID" type="anyURI"/> + <element name="IDPList" type="samlp:IDPListType"/> + <complexType name="IDPListType"> + <sequence> + <element ref="samlp:IDPEntry" maxOccurs="unbounded"/> + <element ref="samlp:GetComplete" minOccurs="0"/> + </sequence> + </complexType> + <element name="IDPEntry" type="samlp:IDPEntryType"/> + <complexType name="IDPEntryType"> + <attribute name="ProviderID" type="anyURI" use="required"/> + <attribute name="Name" type="string" use="optional"/> + <attribute name="Loc" type="anyURI" use="optional"/> + </complexType> + <element name="GetComplete" type="anyURI"/> + <element name="Response" type="samlp:ResponseType"/> + <complexType name="ResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <choice minOccurs="0" maxOccurs="unbounded"> + <element ref="saml:Assertion"/> + <element ref="saml:EncryptedAssertion"/> + </choice> + </extension> + </complexContent> + </complexType> + <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/> + <complexType name="ArtifactResolveType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <element ref="samlp:Artifact"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="Artifact" type="string"/> + <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/> + <complexType name="ArtifactResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <sequence> + <any namespace="##any" processContents="lax" minOccurs="0"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="ManageNameIDRequest" type="samlp:ManageNameIDRequestType"/> + <complexType name="ManageNameIDRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <choice> + <element ref="samlp:NewID"/> + <element ref="samlp:NewEncryptedID"/> + <element ref="samlp:Terminate"/> + </choice> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="NewID" type="string"/> + <element name="NewEncryptedID" type="saml:EncryptedElementType"/> + <element name="Terminate" type="samlp:TerminateType"/> + <complexType name="TerminateType"/> + <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/> + <element name="LogoutRequest" type="samlp:LogoutRequestType"/> + <complexType name="LogoutRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="samlp:SessionIndex" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Reason" type="string" use="optional"/> + <attribute name="NotOnOrAfter" type="dateTime" use="optional"/> + </extension> + </complexContent> + </complexType> + <element name="SessionIndex" type="string"/> + <element name="LogoutResponse" type="samlp:StatusResponseType"/> + <element name="NameIDMappingRequest" type="samlp:NameIDMappingRequestType"/> + <complexType name="NameIDMappingRequestType"> + <complexContent> + <extension base="samlp:RequestAbstractType"> + <sequence> + <choice> + <element ref="saml:BaseID"/> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + <element ref="samlp:NameIDPolicy"/> + </sequence> + </extension> + </complexContent> + </complexType> + <element name="NameIDMappingResponse" type="samlp:NameIDMappingResponseType"/> + <complexType name="NameIDMappingResponseType"> + <complexContent> + <extension base="samlp:StatusResponseType"> + <choice> + <element ref="saml:NameID"/> + <element ref="saml:EncryptedID"/> + </choice> + </extension> + </complexContent> + </complexType> +</schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/stork-schema-assertion-1.0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/stork-schema-assertion-1.0.xsd new file mode 100644 index 000000000..2791f3a1e --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/stork-schema-assertion-1.0.xsd @@ -0,0 +1,80 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema + elementFormDefault="qualified" + targetNamespace="urn:eu:stork:names:tc:STORK:1.0:assertion" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" + xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion"> + + <xs:element name="QualityAuthenticationAssuranceLevel" type="stork:QualityAuthenticationAssuranceLevelType" /> + <xs:element name="spSector" type="stork:SPSectorType" /> + <xs:element name="spApplication" type="stork:SPApplicationType"/> + <xs:element name="spCountry" type="stork:CountryCodeType"/> + <xs:element name="CitizenCountryCode" type="stork:CountryCodeType" /> + <xs:element name="RequestedAttribute" type="stork:RequestedAttributeType" /> + <xs:element name="AttributeValue" type="xs:anyType" /> + <xs:element name="canonicalResidenceAddress" type="stork:canonicalResidenceAddressType"/> + <xs:element name="countryCodeAddress" type="stork:CountryCodeType"/> + + <xs:attribute name="AttributeStatus" type="stork:AttributeStatusType" /> + + + <xs:simpleType name="SPSectorType"> + <xs:restriction base="xs:string"> + <xs:minLength value="1" /> + <xs:maxLength value="20" /> + </xs:restriction> + </xs:simpleType> + + <xs:simpleType name="SPApplicationType"> + <xs:restriction base="xs:string"> + <xs:minLength value="1" /> + <xs:maxLength value="100" /> + </xs:restriction> + </xs:simpleType> + + <xs:simpleType name="AttributeStatusType"> + <xs:restriction base="xs:string"> + <xs:enumeration value="Available" /> + <xs:enumeration value="NotAvailable" /> + <xs:enumeration value="Withheld" /> + </xs:restriction> + </xs:simpleType> + + <xs:simpleType name="QualityAuthenticationAssuranceLevelType"> + <xs:restriction base="xs:integer"> + <xs:minInclusive value="1" /> + <xs:maxInclusive value="4" /> + </xs:restriction> + </xs:simpleType> + + <xs:complexType name="canonicalResidenceAddressType"> + <xs:sequence> + <xs:element name="countryCodeAddress" type="stork:CountryCodeType" /> + <xs:element name="state" type="xs:string" minOccurs="0"/> + <xs:element name="municipalityCode" type="xs:string" minOccurs="0"/> + <xs:element name="town" type="xs:string"/> + <xs:element name="postalCode" type="xs:string"/> + <xs:element name="streetName" type="xs:string"/> + <xs:element name="streetNumber" type="xs:string" minOccurs="0"/> + <xs:element name="apartmentNumber" type="xs:string" minOccurs="0"/> + </xs:sequence> + </xs:complexType> + + <xs:simpleType name="CountryCodeType"> + <xs:restriction base="xs:token"> + <xs:pattern value="[A-Z]{2}"/> + </xs:restriction> + </xs:simpleType> + + <xs:complexType name="RequestedAttributeType"> + <xs:sequence> + <xs:element minOccurs="0" maxOccurs="unbounded" ref="stork:AttributeValue"/> + </xs:sequence> + <xs:attribute name="Name" use="required" type="xs:string"/> + <xs:attribute name="NameFormat" use="required" type="xs:anyURI"/> + <xs:attribute name="FriendlyName" use="optional" type="xs:string"/> + <xs:attribute name="isRequired" use="optional" type="xs:boolean"/> + <xs:anyAttribute namespace="##other" processContents="lax"/> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/stork-schema-protocol-1.0.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/stork-schema-protocol-1.0.xsd new file mode 100644 index 000000000..92fda60a0 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/stork-schema-protocol-1.0.xsd @@ -0,0 +1,73 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xs:schema + elementFormDefault="qualified" + targetNamespace="urn:eu:stork:names:tc:STORK:1.0:protocol" + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" + xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" + xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + + <xs:import namespace="urn:eu:stork:names:tc:STORK:1.0:assertion" schemaLocation="stork-schema-assertion-1.0.xsd"/> + <!-- <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd" /> --> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd" /> + + + <xs:element name="eIDSectorShare" type="xs:boolean" default="false"/> + <xs:element name="eIDCrossSectorShare" type="xs:boolean" default="false"/> + <xs:element name="eIDCrossBorderShare" type="xs:boolean" default="false"/> + <xs:element name="RequestedAttributes" type="storkp:RequestedAttributesType" /> + <xs:element name="AuthenticationAttributes" type="storkp:AuthenticationAttributesType" /> + + <xs:complexType name="RequestedAttributesType"> + <xs:sequence> + <xs:element minOccurs="0" maxOccurs="unbounded" ref="stork:RequestedAttribute"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="AuthenticationAttributesType"> + <xs:sequence> + <xs:element name="VIDPAuthenticationAttributes" type="storkp:VIDPAuthenticationAttributesType" minOccurs="0" maxOccurs="1" /> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="VIDPAuthenticationAttributesType"> + <xs:sequence> + <xs:element name="CitizenCountryCode" minOccurs="0" maxOccurs="1" type="stork:CountryCodeType" /> + <xs:element name="SPInformation" minOccurs="1" maxOccurs="1" type="storkp:SPInformationType"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="SPInformationType"> + <xs:sequence> + <xs:element name="SPID" minOccurs="1" maxOccurs="1" type="storkp:SPIDType" /> + <xs:element name="SPCertSig" minOccurs="0" maxOccurs="1" type="storkp:SPCertSigType" /> + <xs:element name="SPCertEnc" minOccurs="0" maxOccurs="1" type="storkp:SPCertEncType" /> + <xs:element name="SPAuthRequest" minOccurs="0" maxOccurs="1" type="storkp:SPAuthRequestType"/> + </xs:sequence> + </xs:complexType> + + <xs:simpleType name="SPIDType"> + <xs:restriction base="xs:string"> + <xs:minLength value="1" /> + <xs:maxLength value="20" /> + </xs:restriction> + </xs:simpleType> + + <xs:complexType name="SPCertSigType"> + <xs:sequence> + <xs:element minOccurs="1" ref="ds:KeyInfo" /> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="SPCertEncType"> + <xs:sequence> + <xs:element minOccurs="1" ref="ds:KeyInfo" /> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="SPAuthRequestType"> + <xs:sequence> + <xs:any namespace="##other" processContents="lax" maxOccurs="unbounded"/> + </xs:sequence> + </xs:complexType> +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_additionaltypes_xsd.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_additionaltypes_xsd.xsd new file mode 100644 index 000000000..5f1c646a7 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_additionaltypes_xsd.xsd @@ -0,0 +1,35 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 102 231. In the event that any +part of this document in conflict with the text of TS 102 231 +then that text shall prevail as the authoritative source +--> +<schema targetNamespace="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:tslx="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <import namespace="http://uri.etsi.org/02231/v2#" schemaLocation="http://uri.etsi.org/02231/v3.1.2/tsl.xsd"/> + <import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> + <element name="MimeType" type="xsd:string"/> + <element name="X509CertificateLocation" type="tsl:NonEmptyURIType"/> + <element name="PublicKeyLocation" type="tsl:NonEmptyURIType"/> + <element name="ExtendedKeyUsage" type="tslx:ExtendedKeyUsageType"/> + <complexType name="ExtendedKeyUsageType"> + <sequence maxOccurs="unbounded"> + <element name="KeyPurposeId" type="xades:ObjectIdentifierType"/> + </sequence> + </complexType> + <element name="TakenOverBy" type="tslx:TakenOverByType"/> + <complexType name="TakenOverByType"> + <sequence> + <element name="URI" type="tsl:NonEmptyMultiLangURIType"/> + <element name="TSPName" type="tsl:InternationalNamesType"/> + <element ref="tsl:SchemeOperatorName"/> + <element ref="tsl:SchemeTerritory"/> + <element name="OtherQualifier" type="tsl:AnyType" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="CertSubjectDNAttribute" type="tslx:CertSubjectDNAttributeType"/> + <complexType name="CertSubjectDNAttributeType"> + <sequence maxOccurs="unbounded"> + <element name="AttributeOID" type="xades:ObjectIdentifierType"/> + </sequence> + </complexType> +</schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_sie_xsd.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_sie_xsd.xsd new file mode 100644 index 000000000..1b3bed4b7 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_sie_xsd.xsd @@ -0,0 +1,81 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 102 231. In the event that any +part of this document in conflict with the text of TS 102 231 +then that text shall prevail as the authoritative source +--> +<schema targetNamespace="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:tns="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> + <element name="Qualifications" type="tns:QualificationsType"/> + <complexType name="QualificationsType"> + <sequence maxOccurs="unbounded"> + <element name="QualificationElement" type="tns:QualificationElementType"/> + </sequence> + </complexType> + <complexType name="QualificationElementType"> + <sequence> + <element name="Qualifiers" type="tns:QualifiersType"/> + <element name="CriteriaList" type="tns:CriteriaListType"/> + </sequence> + </complexType> + <complexType name="CriteriaListType"> + <annotation> + <documentation>Please first try to use the CriteriaList before doing the OtherCriteria extension point.</documentation> + </annotation> + <sequence> + <element name="KeyUsage" type="tns:KeyUsageType" minOccurs="0" maxOccurs="unbounded"/> + <element name="PolicySet" type="tns:PoliciesListType" minOccurs="0" maxOccurs="unbounded"/> + <element name="CriteriaList" type="tns:CriteriaListType" minOccurs="0" maxOccurs="unbounded"/> + <element name="Description" type="xsd:string" minOccurs="0"/> + <element name="otherCriteriaList" type="xades:AnyType" minOccurs="0"/> + </sequence> + <attribute name="assert"> + <simpleType> + <restriction base="xsd:string"> + <enumeration value="all"/> + <enumeration value="atLeastOne"/> + <enumeration value="none"/> + </restriction> + </simpleType> + </attribute> + </complexType> + <complexType name="QualifiersType"> + <sequence maxOccurs="unbounded"> + <element name="Qualifier" type="tns:QualifierType"/> + </sequence> + </complexType> + <complexType name="QualifierType"> + <attribute name="uri" type="anyURI"/> + </complexType> + <complexType name="PoliciesListType"> + <sequence maxOccurs="unbounded"> + <element name="PolicyIdentifier" type="xades:ObjectIdentifierType"/> + </sequence> + </complexType> + <complexType name="KeyUsageType"> + <sequence maxOccurs="9"> + <element name="KeyUsageBit" type="tns:KeyUsageBitType"/> + </sequence> + </complexType> + <complexType name="KeyUsageBitType"> + <simpleContent> + <extension base="xsd:boolean"> + <attribute name="name"> + <simpleType> + <restriction base="xsd:string"> + <enumeration value="digitalSignature"/> + <enumeration value="nonRepudiation"/> + <enumeration value="keyEncipherment"/> + <enumeration value="dataEncipherment"/> + <enumeration value="keyAgreement"/> + <enumeration value="keyCertSign"/> + <enumeration value="crlSign"/> + <enumeration value="encipherOnly"/> + <enumeration value="decipherOnly"/> + </restriction> + </simpleType> + </attribute> + </extension> + </simpleContent> + </complexType> +</schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_xsd.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_xsd.xsd new file mode 100644 index 000000000..5ee04ec36 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_102231v030102_xsd.xsd @@ -0,0 +1,331 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 102 231. In the event that any +part of this document in conflict with the text of TS 102 231 +then that text shall prevail as the authoritative source +--> +<xsd:schema targetNamespace="http://uri.etsi.org/02231/v2#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tsl="http://uri.etsi.org/02231/v2#" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <!-- Imports --> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> + <!-- Begin auxiliary types --> + <!--InternationalNamesType--> + <xsd:complexType name="InternationalNamesType"> + <xsd:sequence> + <xsd:element name="Name" type="tsl:MultiLangNormStringType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="MultiLangNormStringType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyNormalizedString"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="MultiLangStringType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyString"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:simpleType name="NonEmptyString"> + <xsd:restriction base="xsd:string"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="NonEmptyNormalizedString"> + <xsd:restriction base="xsd:normalizedString"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <!-- AddressType --> + <xsd:complexType name="AddressType"> + <xsd:sequence> + <xsd:element ref="tsl:PostalAddresses"/> + <xsd:element ref="tsl:ElectronicAddress"/> + </xsd:sequence> + </xsd:complexType> + <!--PostalAddressList Type--> + <xsd:element name="PostalAddresses" type="tsl:PostalAddressListType"/> + <xsd:complexType name="PostalAddressListType"> + <xsd:sequence> + <xsd:element ref="tsl:PostalAddress" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--PostalAddress Type--> + <xsd:element name="PostalAddress" type="tsl:PostalAddressType"/> + <xsd:complexType name="PostalAddressType"> + <xsd:sequence> + <xsd:element name="StreetAddress" type="tsl:NonEmptyString"/> + <xsd:element name="Locality" type="tsl:NonEmptyString"/> + <xsd:element name="StateOrProvince" type="tsl:NonEmptyString" minOccurs="0"/> + <xsd:element name="PostalCode" type="tsl:NonEmptyString" minOccurs="0"/> + <xsd:element name="CountryName" type="tsl:NonEmptyString"/> + </xsd:sequence> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:complexType> + <!--ElectronicAddressType--> + <xsd:element name="ElectronicAddress" type="tsl:ElectronicAddressType"/> + <xsd:complexType name="ElectronicAddressType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- Types for extensions in TSL --> + <xsd:complexType name="AnyType" mixed="true"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="Extension" type="tsl:ExtensionType"/> + <xsd:complexType name="ExtensionType"> + <xsd:complexContent> + <xsd:extension base="tsl:AnyType"> + <xsd:attribute name="Critical" type="xsd:boolean" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ExtensionsListType"> + <xsd:sequence> + <xsd:element ref="tsl:Extension" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--NonEmptyURIType--> + <xsd:simpleType name="NonEmptyURIType"> + <xsd:restriction base="xsd:anyURI"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <!--NonEmptyURIType with language indication--> + <xsd:complexType name="NonEmptyMultiLangURIType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyURIType"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!--List of NonEmptyURIType with language indication--> + <xsd:complexType name="NonEmptyMultiLangURIListType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--List of NonEmptyURIType--> + <xsd:complexType name="NonEmptyURIListType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- End auxiliary types --> + <!-- ROOT Element --> + <xsd:element name="TrustServiceStatusList" type="tsl:TrustStatusListType"/> + <!-- Trust Status List Type Definition --> + <xsd:complexType name="TrustStatusListType"> + <xsd:sequence> + <xsd:element ref="tsl:SchemeInformation"/> + <xsd:element ref="tsl:TrustServiceProviderList" minOccurs="0"/> + <xsd:element ref="ds:Signature" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="TSLTag" type="tsl:TSLTagType" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- TSLTagType --> + <xsd:simpleType name="TSLTagType"> + <xsd:restriction base="xsd:anyURI"> + <xsd:enumeration value="http://uri.etsi.org/02231/TSLTag"/> + </xsd:restriction> + </xsd:simpleType> + <!-- TrustServiceProviderListType--> + <xsd:element name="TrustServiceProviderList" type="tsl:TrustServiceProviderListType"/> + <xsd:complexType name="TrustServiceProviderListType"> + <xsd:sequence> + <xsd:element ref="tsl:TrustServiceProvider" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSL Scheme Information --> + <xsd:element name="SchemeInformation" type="tsl:TSLSchemeInformationType"/> + <xsd:complexType name="TSLSchemeInformationType"> + <xsd:sequence> + <xsd:element name="TSLVersionIdentifier" type="xsd:integer" fixed="3"/> + <xsd:element name="TSLSequenceNumber" type="xsd:positiveInteger"/> + <xsd:element ref="tsl:TSLType"/> + <xsd:element ref="tsl:SchemeOperatorName"/> + <xsd:element name="SchemeOperatorAddress" type="tsl:AddressType"/> + <xsd:element ref="tsl:SchemeName"/> + <xsd:element ref="tsl:SchemeInformationURI"/> + <xsd:element name="StatusDeterminationApproach" type="tsl:NonEmptyURIType"/> + <xsd:element ref="tsl:SchemeTypeCommunityRules" minOccurs="0"/> + <xsd:element ref="tsl:SchemeTerritory" minOccurs="0"/> + <xsd:element ref="tsl:PolicyOrLegalNotice" minOccurs="0"/> + <xsd:element name="HistoricalInformationPeriod" type="xsd:nonNegativeInteger"/> + <xsd:element ref="tsl:PointersToOtherTSL" minOccurs="0"/> + <xsd:element name="ListIssueDateTime" type="xsd:dateTime"/> + <xsd:element ref="tsl:NextUpdate"/> + <xsd:element ref="tsl:DistributionPoints" minOccurs="0"/> + <xsd:element name="SchemeExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="TSLType" type="tsl:NonEmptyURIType"/> + <xsd:element name="SchemeOperatorName" type="tsl:InternationalNamesType"/> + <xsd:element name="SchemeName" type="tsl:InternationalNamesType"/> + <xsd:element name="SchemeInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> + <xsd:element name="SchemeTypeCommunityRules" type="tsl:NonEmptyURIListType"/> + <!-- SchemeTerritory --> + <xsd:element name="SchemeTerritory" type="tsl:SchemeTerritoryType"/> + <xsd:simpleType name="SchemeTerritoryType"> + <xsd:restriction base="xsd:string"> + <xsd:length value="2"/> + </xsd:restriction> + </xsd:simpleType> + <!-- Policy or Legal Notice --> + <xsd:element name="PolicyOrLegalNotice" type="tsl:PolicyOrLegalnoticeType"/> + <xsd:complexType name="PolicyOrLegalnoticeType"> + <xsd:choice> + <xsd:element name="TSLPolicy" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> + <xsd:element name="TSLLegalNotice" type="tsl:MultiLangStringType" maxOccurs="unbounded"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="NextUpdate" type="tsl:NextUpdateType"/> + <xsd:complexType name="NextUpdateType"> + <xsd:sequence> + <xsd:element name="dateTime" type="xsd:dateTime" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!--OtherTSLPointersType--> + <xsd:element name="PointersToOtherTSL" type="tsl:OtherTSLPointersType"/> + <xsd:complexType name="OtherTSLPointersType"> + <xsd:sequence> + <xsd:element ref="tsl:OtherTSLPointer" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="OtherTSLPointer" type="tsl:OtherTSLPointerType"/> + <xsd:complexType name="OtherTSLPointerType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceDigitalIdentities" minOccurs="0"/> + <xsd:element name="TSLLocation" type="tsl:NonEmptyURIType"/> + <xsd:element ref="tsl:AdditionalInformation" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="ServiceDigitalIdentities" type="tsl:ServiceDigitalIdentityListType"/> + <xsd:complexType name="ServiceDigitalIdentityListType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceDigitalIdentity" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="AdditionalInformation" type="tsl:AdditionalInformationType"/> + <xsd:complexType name="AdditionalInformationType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="TextualInformation" type="tsl:MultiLangStringType"/> + <xsd:element name="OtherInformation" type="tsl:AnyType"/> + </xsd:choice> + </xsd:complexType> + <!--DistributionPoints element--> + <xsd:element name="DistributionPoints" type="tsl:ElectronicAddressType"/> + <!-- TSPType --> + <xsd:element name="TrustServiceProvider" type="tsl:TSPType"/> + <xsd:complexType name="TSPType"> + <xsd:sequence> + <xsd:element ref="tsl:TSPInformation"/> + <xsd:element ref="tsl:TSPServices"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPInformationType --> + <xsd:element name="TSPInformation" type="tsl:TSPInformationType"/> + <xsd:complexType name="TSPInformationType"> + <xsd:sequence> + <xsd:element name="TSPName" type="tsl:InternationalNamesType"/> + <xsd:element name="TSPTradeName" type="tsl:InternationalNamesType" minOccurs="0"/> + <xsd:element name="TSPAddress" type="tsl:AddressType"/> + <xsd:element name="TSPInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> + <xsd:element name="TSPInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSP Services--> + <xsd:element name="TSPServices" type="tsl:TSPServicesListType"/> + <xsd:complexType name="TSPServicesListType"> + <xsd:sequence> + <xsd:element ref="tsl:TSPService" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="TSPService" type="tsl:TSPServiceType"/> + <xsd:complexType name="TSPServiceType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceInformation"/> + <xsd:element ref="tsl:ServiceHistory" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPServiceInformationType --> + <xsd:element name="ServiceInformation" type="tsl:TSPServiceInformationType"/> + <xsd:complexType name="TSPServiceInformationType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceTypeIdentifier"/> + <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> + <xsd:element ref="tsl:ServiceDigitalIdentity"/> + <xsd:element ref="tsl:ServiceStatus"/> + <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> + <xsd:element name="SchemeServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> + <xsd:element ref="tsl:ServiceSupplyPoints" minOccurs="0"/> + <xsd:element name="TSPServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> + <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- Service status --> + <xsd:element name="ServiceStatus" type="tsl:NonEmptyURIType"/> + <!-- Type for Service Supply Points --> + <xsd:element name="ServiceSupplyPoints" type="tsl:ServiceSupplyPointsType"/> + <xsd:complexType name="ServiceSupplyPointsType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="ServiceSupplyPoint" type="tsl:NonEmptyURIType"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPServiceIdentifier --> + <xsd:element name="ServiceTypeIdentifier" type="tsl:NonEmptyURIType"/> + <!-- DigitalIdentityType --> + <xsd:element name="ServiceDigitalIdentity" type="tsl:DigitalIdentityListType"/> + <xsd:complexType name="DigitalIdentityListType"> + <xsd:sequence> + <xsd:element name="DigitalId" type="tsl:DigitalIdentityType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="DigitalIdentityType"> + <xsd:choice> + <xsd:element name="X509Certificate" type="xsd:base64Binary"/> + <xsd:element name="X509SubjectName" type="xsd:string"/> + <xsd:element ref="ds:KeyValue"/> + <xsd:element name="X509SKI" type="xsd:base64Binary"/> + <xsd:element name="Other" type="tsl:AnyType"/> + </xsd:choice> + </xsd:complexType> + <!-- ServiceHistory element--> + <xsd:element name="ServiceHistory" type="tsl:ServiceHistoryType"/> + <xsd:complexType name="ServiceHistoryType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceHistoryInstance" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="ServiceHistoryInstance" type="tsl:ServiceHistoryInstanceType"/> + <xsd:complexType name="ServiceHistoryInstanceType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceTypeIdentifier"/> + <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> + <xsd:element ref="tsl:ServiceDigitalIdentity"/> + <xsd:element ref="tsl:ServiceStatus"/> + <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> + <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- Elements and types for Extensions --> + <!-- Extensions children of tsl:VaExtension--> + <!-- Element ExpiredCertsRevocationInfo --> + <xsd:element name="ExpiredCertsRevocationInfo" type="xsd:dateTime"/> + <!-- Element additionalServiceInformation --> + <xsd:element name="AdditionalServiceInformation" type="tsl:AdditionalServiceInformationType"/> + <xsd:complexType name="AdditionalServiceInformationType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType"/> + <xsd:element name="InformationValue" type="xsd:string" minOccurs="0"/> + <xsd:element name="OtherInformation" type="tsl:AnyType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd new file mode 100644 index 000000000..4af373cf0 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_additionaltypes_xsd.xsd @@ -0,0 +1,35 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 119 612. In the event that any +part of this document in conflict with the text of TS 119 612 +then that text shall prevail as the authoritative source +--> +<xsd:schema targetNamespace="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tslx="http://uri.etsi.org/02231/v2/additionaltypes#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xsd:import namespace="http://uri.etsi.org/02231/v2#" schemaLocation="http://uri.etsi.org/19612/v1.2.1/tsl.xsd"/> + <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> + <xsd:element name="MimeType" type="xsd:string"/> + <xsd:element name="X509CertificateLocation" type="tsl:NonEmptyURIType"/> + <xsd:element name="PublicKeyLocation" type="tsl:NonEmptyURIType"/> + <xsd:element name="ExtendedKeyUsage" type="tslx:ExtendedKeyUsageType"/> + <xsd:complexType name="ExtendedKeyUsageType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="KeyPurposeId" type="xades:ObjectIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="TakenOverBy" type="tslx:TakenOverByType"/> + <xsd:complexType name="TakenOverByType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType"/> + <xsd:element name="TSPName" type="tsl:InternationalNamesType"/> + <xsd:element ref="tsl:SchemeOperatorName"/> + <xsd:element ref="tsl:SchemeTerritory"/> + <xsd:element name="OtherQualifier" type="tsl:AnyType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="CertSubjectDNAttribute" type="tslx:CertSubjectDNAttributeType"/> + <xsd:complexType name="CertSubjectDNAttributeType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="AttributeOID" type="xades:ObjectIdentifierType"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd new file mode 100644 index 000000000..42a96b78c --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_sie_xsd.xsd @@ -0,0 +1,81 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 119 612. In the event that any +part of this document in conflict with the text of TS 119 612 +then that text shall prevail as the authoritative source +--> +<xsd:schema targetNamespace="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES.xsd"/> + <xsd:element name="Qualifications" type="tns:QualificationsType"/> + <xsd:complexType name="QualificationsType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="QualificationElement" type="tns:QualificationElementType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="QualificationElementType"> + <xsd:sequence> + <xsd:element name="Qualifiers" type="tns:QualifiersType"/> + <xsd:element name="CriteriaList" type="tns:CriteriaListType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CriteriaListType"> + <xsd:annotation> + <xsd:documentation>Please first try to use the CriteriaList before doing the OtherCriteria extension point.</xsd:documentation> + </xsd:annotation> + <xsd:sequence> + <xsd:element name="KeyUsage" type="tns:KeyUsageType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="PolicySet" type="tns:PoliciesListType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CriteriaList" type="tns:CriteriaListType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="Description" type="xsd:string" minOccurs="0"/> + <xsd:element name="otherCriteriaList" type="xades:AnyType" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="assert"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + <xsd:enumeration value="atLeastOne"/> + <xsd:enumeration value="none"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="QualifiersType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="Qualifier" type="tns:QualifierType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="QualifierType"> + <xsd:attribute name="uri" type="anyURI"/> + </xsd:complexType> + <xsd:complexType name="PoliciesListType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="PolicyIdentifier" type="xades:ObjectIdentifierType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="KeyUsageType"> + <xsd:sequence maxOccurs="9"> + <xsd:element name="KeyUsageBit" type="tns:KeyUsageBitType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="KeyUsageBitType"> + <xsd:simpleContent> + <xsd:extension base="xsd:boolean"> + <xsd:attribute name="name"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="digitalSignature"/> + <xsd:enumeration value="nonRepudiation"/> + <xsd:enumeration value="keyEncipherment"/> + <xsd:enumeration value="dataEncipherment"/> + <xsd:enumeration value="keyAgreement"/> + <xsd:enumeration value="keyCertSign"/> + <xsd:enumeration value="crlSign"/> + <xsd:enumeration value="encipherOnly"/> + <xsd:enumeration value="decipherOnly"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd new file mode 100644 index 000000000..fb1852ec0 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/ts_119612v010201_xsd.xsd @@ -0,0 +1,337 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- ****** NOTICE ****** +This document is part of ETSI TS 119 612. In the event that any +part of this document in conflict with the text of TS 119 612 +then that text shall prevail as the authoritative source + +This is a review done in October 2013 as a result of mismatches between the XML Schema and the specification of some data types within TS 119 612, +--> +<xsd:schema targetNamespace="http://uri.etsi.org/02231/v2#" xmlns:tsl="http://uri.etsi.org/02231/v2#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <!-- Imports --> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/> + <!-- Begin auxiliary types --> + <!--InternationalNamesType--> + <xsd:complexType name="InternationalNamesType"> + <xsd:sequence> + <xsd:element name="Name" type="tsl:MultiLangNormStringType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="MultiLangNormStringType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyNormalizedString"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="MultiLangStringType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyString"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:simpleType name="NonEmptyString"> + <xsd:restriction base="xsd:string"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="NonEmptyNormalizedString"> + <xsd:restriction base="xsd:normalizedString"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <!-- AddressType --> + <xsd:complexType name="AddressType"> + <xsd:sequence> + <xsd:element ref="tsl:PostalAddresses"/> + <xsd:element ref="tsl:ElectronicAddress"/> + </xsd:sequence> + </xsd:complexType> + <!--PostalAddressList Type--> + <xsd:element name="PostalAddresses" type="tsl:PostalAddressListType"/> + <xsd:complexType name="PostalAddressListType"> + <xsd:sequence> + <xsd:element ref="tsl:PostalAddress" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--PostalAddress Type--> + <xsd:element name="PostalAddress" type="tsl:PostalAddressType"/> + <xsd:complexType name="PostalAddressType"> + <xsd:sequence> + <xsd:element name="StreetAddress" type="tsl:NonEmptyString"/> + <xsd:element name="Locality" type="tsl:NonEmptyString"/> + <xsd:element name="StateOrProvince" type="tsl:NonEmptyString" minOccurs="0"/> + <xsd:element name="PostalCode" type="tsl:NonEmptyString" minOccurs="0"/> + <xsd:element name="CountryName" type="tsl:NonEmptyString"/> + </xsd:sequence> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:complexType> + <!--ElectronicAddressType--> + <!-- 2013-10. XML Schema CHANGE--> + <!-- ElectronicAddress changed to include MultilLan URIs for e-mails and web sites URIs as specified in TS 119 612--> + <xsd:element name="ElectronicAddress" type="tsl:ElectronicAddressType"/> + <xsd:complexType name="ElectronicAddressType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- Types for extensions in TSL --> + <xsd:complexType name="AnyType" mixed="true"> + <xsd:sequence minOccurs="0" maxOccurs="unbounded"> + <xsd:any processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="Extension" type="tsl:ExtensionType"/> + <xsd:complexType name="ExtensionType"> + <xsd:complexContent> + <xsd:extension base="tsl:AnyType"> + <xsd:attribute name="Critical" type="xsd:boolean" use="required"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ExtensionsListType"> + <xsd:sequence> + <xsd:element ref="tsl:Extension" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--NonEmptyURIType--> + <xsd:simpleType name="NonEmptyURIType"> + <xsd:restriction base="xsd:anyURI"> + <xsd:minLength value="1"/> + </xsd:restriction> + </xsd:simpleType> + <!--NonEmptyURIType with language indication--> + <xsd:complexType name="NonEmptyMultiLangURIType"> + <xsd:simpleContent> + <xsd:extension base="tsl:NonEmptyURIType"> + <xsd:attribute ref="xml:lang" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!--List of NonEmptyURIType with language indication--> + <xsd:complexType name="NonEmptyMultiLangURIListType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--List of NonEmptyURIType--> + <xsd:complexType name="NonEmptyURIListType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyURIType" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- End auxiliary types --> + <!-- ROOT Element --> + <xsd:element name="TrustServiceStatusList" type="tsl:TrustStatusListType"/> + <!-- Trust Status List Type Definition --> + <!-- 2013-10. XML Schema CHANGE--> + <!-- Attribute TSLTag declared as xsd:anyURI --> + <xsd:complexType name="TrustStatusListType"> + <xsd:sequence> + <xsd:element ref="tsl:SchemeInformation"/> + <xsd:element ref="tsl:TrustServiceProviderList" minOccurs="0"/> + <xsd:element ref="ds:Signature" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="TSLTag" type="xsd:anyURI" use="required"/> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- 2013-10. XML Schema CHANGE--> + <!-- Supressed the type TSLTagType that served to restrict the value of TSLTag by XML Schema--> + <!-- In this way, the XML Schema is independent of the TSLTag value and this may change from version to version--> + <!-- TrustServiceProviderListType--> + <xsd:element name="TrustServiceProviderList" type="tsl:TrustServiceProviderListType"/> + <xsd:complexType name="TrustServiceProviderListType"> + <xsd:sequence> + <xsd:element ref="tsl:TrustServiceProvider" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSL Scheme Information --> + <xsd:element name="SchemeInformation" type="tsl:TSLSchemeInformationType"/> + <xsd:complexType name="TSLSchemeInformationType"> + <xsd:sequence> + <xsd:element name="TSLVersionIdentifier" type="xsd:integer"/> + <xsd:element name="TSLSequenceNumber" type="xsd:positiveInteger"/> + <xsd:element ref="tsl:TSLType"/> + <xsd:element ref="tsl:SchemeOperatorName"/> + <xsd:element name="SchemeOperatorAddress" type="tsl:AddressType"/> + <xsd:element ref="tsl:SchemeName"/> + <xsd:element ref="tsl:SchemeInformationURI"/> + <xsd:element name="StatusDeterminationApproach" type="tsl:NonEmptyURIType"/> + <xsd:element ref="tsl:SchemeTypeCommunityRules" minOccurs="0"/> + <xsd:element ref="tsl:SchemeTerritory" minOccurs="0"/> + <xsd:element ref="tsl:PolicyOrLegalNotice" minOccurs="0"/> + <xsd:element name="HistoricalInformationPeriod" type="xsd:nonNegativeInteger"/> + <xsd:element ref="tsl:PointersToOtherTSL" minOccurs="0"/> + <xsd:element name="ListIssueDateTime" type="xsd:dateTime"/> + <xsd:element ref="tsl:NextUpdate"/> + <xsd:element ref="tsl:DistributionPoints" minOccurs="0"/> + <xsd:element name="SchemeExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="TSLType" type="tsl:NonEmptyURIType"/> + <xsd:element name="SchemeOperatorName" type="tsl:InternationalNamesType"/> + <xsd:element name="SchemeName" type="tsl:InternationalNamesType"/> + <xsd:element name="SchemeInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> + <!-- 2013-10. XML Schema CHANGE--> + <!-- SchemeTypeCommunityRules changed to include MultilLang URIs for e-mails and web sites URIs as specified in TS 119 612--> + <xsd:element name="SchemeTypeCommunityRules" type="tsl:NonEmptyMultiLangURIListType"/> + <!-- SchemeTerritory --> + <!-- 2014-04. XML Schema CHANGE--> + <!-- element SchemeTerritory is now of type xsd:string. Suppressed the restriction of having only 2 characters, + as this element may contain other values than the country codes--> + <xsd:element name="SchemeTerritory" type="xsd:string"/> + <!-- Policy or Legal Notice --> + <xsd:element name="PolicyOrLegalNotice" type="tsl:PolicyOrLegalnoticeType"/> + <xsd:complexType name="PolicyOrLegalnoticeType"> + <xsd:choice> + <xsd:element name="TSLPolicy" type="tsl:NonEmptyMultiLangURIType" maxOccurs="unbounded"/> + <xsd:element name="TSLLegalNotice" type="tsl:MultiLangStringType" maxOccurs="unbounded"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="NextUpdate" type="tsl:NextUpdateType"/> + <xsd:complexType name="NextUpdateType"> + <xsd:sequence> + <xsd:element name="dateTime" type="xsd:dateTime" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!--OtherTSLPointersType--> + <xsd:element name="PointersToOtherTSL" type="tsl:OtherTSLPointersType"/> + <xsd:complexType name="OtherTSLPointersType"> + <xsd:sequence> + <xsd:element ref="tsl:OtherTSLPointer" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="OtherTSLPointer" type="tsl:OtherTSLPointerType"/> + <xsd:complexType name="OtherTSLPointerType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceDigitalIdentities" minOccurs="0"/> + <xsd:element name="TSLLocation" type="tsl:NonEmptyURIType"/> + <xsd:element ref="tsl:AdditionalInformation" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="ServiceDigitalIdentities" type="tsl:ServiceDigitalIdentityListType"/> + <xsd:complexType name="ServiceDigitalIdentityListType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceDigitalIdentity" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="AdditionalInformation" type="tsl:AdditionalInformationType"/> + <xsd:complexType name="AdditionalInformationType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:element name="TextualInformation" type="tsl:MultiLangStringType"/> + <xsd:element name="OtherInformation" type="tsl:AnyType"/> + </xsd:choice> + </xsd:complexType> + <!--DistributionPoints element--> + <!-- 2013-10. XML Schema CHANGE--> + <!-- DistributionPointschanged from ElectronicAddress to nonEmptyURIListType as ElectronicAddress does + now contain a list of multilang URIs, which is not required for distribution points--> + <xsd:element name="DistributionPoints" type="tsl:NonEmptyURIListType"/> + <!-- TSPType --> + <xsd:element name="TrustServiceProvider" type="tsl:TSPType"/> + <xsd:complexType name="TSPType"> + <xsd:sequence> + <xsd:element ref="tsl:TSPInformation"/> + <xsd:element ref="tsl:TSPServices"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPInformationType --> + <xsd:element name="TSPInformation" type="tsl:TSPInformationType"/> + <xsd:complexType name="TSPInformationType"> + <xsd:sequence> + <xsd:element name="TSPName" type="tsl:InternationalNamesType"/> + <xsd:element name="TSPTradeName" type="tsl:InternationalNamesType" minOccurs="0"/> + <xsd:element name="TSPAddress" type="tsl:AddressType"/> + <xsd:element name="TSPInformationURI" type="tsl:NonEmptyMultiLangURIListType"/> + <xsd:element name="TSPInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSP Services--> + <xsd:element name="TSPServices" type="tsl:TSPServicesListType"/> + <xsd:complexType name="TSPServicesListType"> + <xsd:sequence> + <xsd:element ref="tsl:TSPService" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="TSPService" type="tsl:TSPServiceType"/> + <xsd:complexType name="TSPServiceType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceInformation"/> + <xsd:element ref="tsl:ServiceHistory" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPServiceInformationType --> + <xsd:element name="ServiceInformation" type="tsl:TSPServiceInformationType"/> + <xsd:complexType name="TSPServiceInformationType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceTypeIdentifier"/> + <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> + <xsd:element ref="tsl:ServiceDigitalIdentity"/> + <xsd:element ref="tsl:ServiceStatus"/> + <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> + <xsd:element name="SchemeServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> + <xsd:element ref="tsl:ServiceSupplyPoints" minOccurs="0"/> + <xsd:element name="TSPServiceDefinitionURI" type="tsl:NonEmptyMultiLangURIListType" minOccurs="0"/> + <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- Service status --> + <xsd:element name="ServiceStatus" type="tsl:NonEmptyURIType"/> + <!-- Type for Service Supply Points --> + <xsd:element name="ServiceSupplyPoints" type="tsl:ServiceSupplyPointsType"/> + <xsd:complexType name="ServiceSupplyPointsType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="ServiceSupplyPoint" type="tsl:NonEmptyURIType"/> + </xsd:sequence> + </xsd:complexType> + <!-- TSPServiceIdentifier --> + <xsd:element name="ServiceTypeIdentifier" type="tsl:NonEmptyURIType"/> + <!-- DigitalIdentityType --> + <xsd:element name="ServiceDigitalIdentity" type="tsl:DigitalIdentityListType"/> + <xsd:complexType name="DigitalIdentityListType"> + <xsd:sequence> + <xsd:element name="DigitalId" type="tsl:DigitalIdentityType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="DigitalIdentityType"> + <xsd:choice> + <xsd:element name="X509Certificate" type="xsd:base64Binary"/> + <xsd:element name="X509SubjectName" type="xsd:string"/> + <xsd:element ref="ds:KeyValue"/> + <xsd:element name="X509SKI" type="xsd:base64Binary"/> + <xsd:element name="Other" type="tsl:AnyType" minOccurs="0"/> + </xsd:choice> + </xsd:complexType> + <!-- ServiceHistory element--> + <xsd:element name="ServiceHistory" type="tsl:ServiceHistoryType"/> + <xsd:complexType name="ServiceHistoryType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceHistoryInstance" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="ServiceHistoryInstance" type="tsl:ServiceHistoryInstanceType"/> + <xsd:complexType name="ServiceHistoryInstanceType"> + <xsd:sequence> + <xsd:element ref="tsl:ServiceTypeIdentifier"/> + <xsd:element name="ServiceName" type="tsl:InternationalNamesType"/> + <xsd:element ref="tsl:ServiceDigitalIdentity"/> + <xsd:element ref="tsl:ServiceStatus"/> + <xsd:element name="StatusStartingTime" type="xsd:dateTime"/> + <xsd:element name="ServiceInformationExtensions" type="tsl:ExtensionsListType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- Elements and types for Extensions --> + <!-- Extensions children of tsl:VaExtension--> + <!-- Element ExpiredCertsRevocationInfo --> + <xsd:element name="ExpiredCertsRevocationInfo" type="xsd:dateTime"/> + <!-- Element additionalServiceInformation --> + <xsd:element name="AdditionalServiceInformation" type="tsl:AdditionalServiceInformationType"/> + <xsd:complexType name="AdditionalServiceInformationType"> + <xsd:sequence> + <xsd:element name="URI" type="tsl:NonEmptyMultiLangURIType"/> + <xsd:element name="InformationValue" type="xsd:string" minOccurs="0"/> + <xsd:element name="OtherInformation" type="tsl:AnyType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> +</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/xenc-schema.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/xenc-schema.xsd new file mode 100644 index 000000000..d4519cd7a --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/xenc-schema.xsd @@ -0,0 +1,150 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" + "http://www.w3.org/2001/XMLSchema.dtd" + [ + <!ATTLIST schema + xmlns:xenc CDATA #FIXED 'http://www.w3.org/2001/04/xmlenc#' + xmlns:ds CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'> + <!ENTITY xenc 'http://www.w3.org/2001/04/xmlenc#'> + <!ENTITY % p ''> + <!ENTITY % s ''> + ]> + +<schema xmlns='http://www.w3.org/2001/XMLSchema' version='1.0' + xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' + xmlns:ds='http://www.w3.org/2000/09/xmldsig#' + targetNamespace='http://www.w3.org/2001/04/xmlenc#' + elementFormDefault='qualified'> + +<!-- + <import namespace='http://www.w3.org/2000/09/xmldsig#' + schemaLocation='http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd'/> + --> + <import namespace='http://www.w3.org/2000/09/xmldsig#' + schemaLocation='xmldsig-core-schema.xsd'/> + + <complexType name='EncryptedType' abstract='true'> + <sequence> + <element name='EncryptionMethod' type='xenc:EncryptionMethodType' + minOccurs='0'/> + <element ref='ds:KeyInfo' minOccurs='0'/> + <element ref='xenc:CipherData'/> + <element ref='xenc:EncryptionProperties' minOccurs='0'/> + </sequence> + <attribute name='Id' type='ID' use='optional'/> + <attribute name='Type' type='anyURI' use='optional'/> + <attribute name='MimeType' type='string' use='optional'/> + <attribute name='Encoding' type='anyURI' use='optional'/> + </complexType> + + <complexType name='EncryptionMethodType' mixed='true'> + <sequence> + <element name='KeySize' minOccurs='0' type='xenc:KeySizeType'/> + <element name='OAEPparams' minOccurs='0' type='base64Binary'/> + <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> + </sequence> + <attribute name='Algorithm' type='anyURI' use='required'/> + </complexType> + + <simpleType name='KeySizeType'> + <restriction base="integer"/> + </simpleType> + + <element name='CipherData' type='xenc:CipherDataType'/> + <complexType name='CipherDataType'> + <choice> + <element name='CipherValue' type='base64Binary'/> + <element ref='xenc:CipherReference'/> + </choice> + </complexType> + + <element name='CipherReference' type='xenc:CipherReferenceType'/> + <complexType name='CipherReferenceType'> + <choice> + <element name='Transforms' type='xenc:TransformsType' minOccurs='0'/> + </choice> + <attribute name='URI' type='anyURI' use='required'/> + </complexType> + + <complexType name='TransformsType'> + <sequence> + <element ref='ds:Transform' maxOccurs='unbounded'/> + </sequence> + </complexType> + + + <element name='EncryptedData' type='xenc:EncryptedDataType'/> + <complexType name='EncryptedDataType'> + <complexContent> + <extension base='xenc:EncryptedType'> + </extension> + </complexContent> + </complexType> + + <!-- Children of ds:KeyInfo --> + + <element name='EncryptedKey' type='xenc:EncryptedKeyType'/> + <complexType name='EncryptedKeyType'> + <complexContent> + <extension base='xenc:EncryptedType'> + <sequence> + <element ref='xenc:ReferenceList' minOccurs='0'/> + <element name='CarriedKeyName' type='string' minOccurs='0'/> + </sequence> + <attribute name='Recipient' type='string' + use='optional'/> + </extension> + </complexContent> + </complexType> + + <element name="AgreementMethod" type="xenc:AgreementMethodType"/> + <complexType name="AgreementMethodType" mixed="true"> + <sequence> + <element name="KA-Nonce" minOccurs="0" type="base64Binary"/> + <!-- <element ref="ds:DigestMethod" minOccurs="0"/> --> + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/> + <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + + <!-- End Children of ds:KeyInfo --> + + <element name='ReferenceList'> + <complexType> + <choice minOccurs='1' maxOccurs='unbounded'> + <element name='DataReference' type='xenc:ReferenceType'/> + <element name='KeyReference' type='xenc:ReferenceType'/> + </choice> + </complexType> + </element> + + <complexType name='ReferenceType'> + <sequence> + <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/> + </sequence> + <attribute name='URI' type='anyURI' use='required'/> + </complexType> + + + <element name='EncryptionProperties' type='xenc:EncryptionPropertiesType'/> + <complexType name='EncryptionPropertiesType'> + <sequence> + <element ref='xenc:EncryptionProperty' maxOccurs='unbounded'/> + </sequence> + <attribute name='Id' type='ID' use='optional'/> + </complexType> + + <element name='EncryptionProperty' type='xenc:EncryptionPropertyType'/> + <complexType name='EncryptionPropertyType' mixed='true'> + <choice maxOccurs='unbounded'> + <any namespace='##other' processContents='lax'/> + </choice> + <attribute name='Target' type='anyURI' use='optional'/> + <attribute name='Id' type='ID' use='optional'/> + <anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/> + </complexType> + +</schema> + diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/xml.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/xml.xsd new file mode 100644 index 000000000..547867f51 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/xml.xsd @@ -0,0 +1,83 @@ +<?xml version='1.0'?> +<!-- documented out for compatibility with Xerces-2.0.2 +<!DOCTYPE xs:schema PUBLIC "-//W3C//DTD XMLSCHEMA 200102//EN" "XMLSchema.dtd" > +--> +<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace" xmlns:xs="http://www.w3.org/2001/XMLSchema" xml:lang="en"> + + <xs:annotation> + <xs:documentation> + See http://www.w3.org/XML/1998/namespace.html and + http://www.w3.org/TR/REC-xml for information about this namespace. + </xs:documentation> + </xs:annotation> + + <xs:annotation> + <xs:documentation>This schema defines attributes and an attribute group + suitable for use by + schemas wishing to allow xml:base, xml:lang or xml:space attributes + on elements they define. + + To enable this, such a schema must import this schema + for the XML namespace, e.g. as follows: + <schema . . .> + . . . + <import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="http://www.w3.org/2001/03/xml.xsd"/> + + Subsequently, qualified reference to any of the attributes + or the group defined below will have the desired effect, e.g. + + <type . . .> + . . . + <attributeGroup ref="xml:specialAttrs"/> + + will define a type which will schema-validate an instance + element with any of those attributes</xs:documentation> + </xs:annotation> + + <xs:annotation> + <xs:documentation>In keeping with the XML Schema WG's standard versioning + policy, this schema document will persist at + http://www.w3.org/2001/03/xml.xsd. + At the date of issue it can also be found at + http://www.w3.org/2001/xml.xsd. + The schema document at that URI may however change in the future, + in order to remain compatible with the latest version of XML Schema + itself. In other words, if the XML Schema namespace changes, the version + of this document at + http://www.w3.org/2001/xml.xsd will change + accordingly; the version at + http://www.w3.org/2001/03/xml.xsd will not change. + </xs:documentation> + </xs:annotation> + + <xs:attribute name="lang" type="xs:language"> + <xs:annotation> + <xs:documentation>In due course, we should install the relevant ISO 2- and 3-letter + codes as the enumerated possible values . . .</xs:documentation> + </xs:annotation> + </xs:attribute> + + <xs:attribute name="space" default="preserve"> + <xs:simpleType> + <xs:restriction base="xs:NCName"> + <xs:enumeration value="default"/> + <xs:enumeration value="preserve"/> + </xs:restriction> + </xs:simpleType> + </xs:attribute> + + <xs:attribute name="base" type="xs:anyURI"> + <xs:annotation> + <xs:documentation>See http://www.w3.org/TR/xmlbase/ for + information about this attribute.</xs:documentation> + </xs:annotation> + </xs:attribute> + + <xs:attributeGroup name="specialAttrs"> + <xs:attribute ref="xml:base"/> + <xs:attribute ref="xml:lang"/> + <xs:attribute ref="xml:space"/> + </xs:attributeGroup> + +</xs:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/xmldsig-core-schema.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/xmldsig-core-schema.xsd new file mode 100644 index 000000000..d21ca43f1 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/xmldsig-core-schema.xsd @@ -0,0 +1,264 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- documented out for compatibility with Xerces-2.0.2 +<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "XMLSchema.dtd" [ + <!ATTLIST schema + xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#" +> + <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'> + <!ENTITY % p ''> + <!ENTITY % s ''> +]> +--> +<!-- Schema for XML Signatures + http://www.w3.org/2000/09/xmldsig# + $Revision: 1.1 $ on $Date: 2003/03/11 10:10:34 $ by $Author: peck $ + + Copyright 2001 The Internet Society and W3C (Massachusetts Institute + of Technology, Institut National de Recherche en Informatique et en + Automatique, Keio University). All Rights Reserved. + http://www.w3.org/Consortium/Legal/ + + This document is governed by the W3C Software License [1] as described + in the FAQ [2]. + + [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720 + [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD +--> +<schema targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" version="0.1"> + <!-- Basic Types Defined for Signatures --> + <simpleType name="CryptoBinary"> + <restriction base="base64Binary"/> + </simpleType> + <!-- Start Signature --> + <element name="Signature" type="ds:SignatureType"/> + <complexType name="SignatureType"> + <sequence> + <element ref="ds:SignedInfo"/> + <element ref="ds:SignatureValue"/> + <element ref="ds:KeyInfo" minOccurs="0"/> + <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + <element name="SignatureValue" type="ds:SignatureValueType"/> + <complexType name="SignatureValueType"> + <simpleContent> + <extension base="base64Binary"> + <attribute name="Id" type="ID" use="optional"/> + </extension> + </simpleContent> + </complexType> + <!-- Start SignedInfo --> + <element name="SignedInfo" type="ds:SignedInfoType"/> + <complexType name="SignedInfoType"> + <sequence> + <element ref="ds:CanonicalizationMethod"/> + <element ref="ds:SignatureMethod"/> + <element ref="ds:Reference" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/> + <complexType name="CanonicalizationMethodType" mixed="true"> + <sequence> + <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/> + <!-- (0,unbounded) elements from (1,1) namespace --> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + <element name="SignatureMethod" type="ds:SignatureMethodType"/> + <complexType name="SignatureMethodType" mixed="true"> + <sequence> + <element name="HMACOutputLength" type="ds:HMACOutputLengthType" minOccurs="0"/> + <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + <!-- (0,unbounded) elements from (1,1) external namespace --> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + <!-- Start Reference --> + <element name="Reference" type="ds:ReferenceType"/> + <complexType name="ReferenceType"> + <sequence> + <element ref="ds:Transforms" minOccurs="0"/> + <element ref="ds:DigestMethod"/> + <element ref="ds:DigestValue"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="URI" type="anyURI" use="optional"/> + <attribute name="Type" type="anyURI" use="optional"/> + </complexType> + <element name="Transforms" type="ds:TransformsType"/> + <complexType name="TransformsType"> + <sequence> + <element ref="ds:Transform" maxOccurs="unbounded"/> + </sequence> + </complexType> + <element name="Transform" type="ds:TransformType"/> + <complexType name="TransformType" mixed="true"> + <choice minOccurs="0" maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> + <element name="XPath" type="string"/> + <!-- (1,1) elements from (0,unbounded) namespaces --> + </choice> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + <!-- End Reference --> + <element name="DigestMethod" type="ds:DigestMethodType"/> + <complexType name="DigestMethodType" mixed="true"> + <sequence> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <attribute name="Algorithm" type="anyURI" use="required"/> + </complexType> + <element name="DigestValue" type="ds:DigestValueType"/> + <simpleType name="DigestValueType"> + <restriction base="base64Binary"/> + </simpleType> + <!-- End SignedInfo --> + <!-- Start KeyInfo --> + <element name="KeyInfo" type="ds:KeyInfoType"/> + <complexType name="KeyInfoType" mixed="true"> + <choice maxOccurs="unbounded"> + <element ref="ds:KeyName"/> + <element ref="ds:KeyValue"/> + <element ref="ds:RetrievalMethod"/> + <element ref="ds:X509Data"/> + <element ref="ds:PGPData"/> + <element ref="ds:SPKIData"/> + <element ref="ds:MgmtData"/> + <any namespace="##other" processContents="lax"/> + <!-- (1,1) elements from (0,unbounded) namespaces --> + </choice> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + <element name="KeyName" type="string"/> + <element name="MgmtData" type="string"/> + <element name="KeyValue" type="ds:KeyValueType"/> + <complexType name="KeyValueType" mixed="true"> + <choice> + <element ref="ds:DSAKeyValue"/> + <element ref="ds:RSAKeyValue"/> + <any namespace="##other" processContents="lax"/> + </choice> + </complexType> + <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> + <complexType name="RetrievalMethodType"> + <sequence> + <element ref="ds:Transforms" minOccurs="0"/> + </sequence> + <attribute name="URI" type="anyURI"/> + <attribute name="Type" type="anyURI" use="optional"/> + </complexType> + <!-- Start X509Data --> + <element name="X509Data" type="ds:X509DataType"/> + <complexType name="X509DataType"> + <sequence maxOccurs="unbounded"> + <choice> + <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/> + <element name="X509SKI" type="base64Binary"/> + <element name="X509SubjectName" type="string"/> + <element name="X509Certificate" type="base64Binary"/> + <element name="X509CRL" type="base64Binary"/> + <any namespace="##other" processContents="lax"/> + </choice> + </sequence> + </complexType> + <complexType name="X509IssuerSerialType"> + <sequence> + <element name="X509IssuerName" type="string"/> + <element name="X509SerialNumber" type="integer"/> + </sequence> + </complexType> + <!-- End X509Data --> + <!-- Begin PGPData --> + <element name="PGPData" type="ds:PGPDataType"/> + <complexType name="PGPDataType"> + <choice> + <sequence> + <element name="PGPKeyID" type="base64Binary"/> + <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + <sequence> + <element name="PGPKeyPacket" type="base64Binary"/> + <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </sequence> + </choice> + </complexType> + <!-- End PGPData --> + <!-- Begin SPKIData --> + <element name="SPKIData" type="ds:SPKIDataType"/> + <complexType name="SPKIDataType"> + <sequence maxOccurs="unbounded"> + <element name="SPKISexp" type="base64Binary"/> + <any namespace="##other" processContents="lax" minOccurs="0"/> + </sequence> + </complexType> + <!-- End SPKIData --> + <!-- End KeyInfo --> + <!-- Start Object (Manifest, SignatureProperty) --> + <element name="Object" type="ds:ObjectType"/> + <complexType name="ObjectType" mixed="true"> + <sequence minOccurs="0" maxOccurs="unbounded"> + <any namespace="##any" processContents="lax"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + <attribute name="MimeType" type="string" use="optional"/> + <attribute name="Encoding" type="anyURI" use="optional"/> + <!-- add a grep facet --> + </complexType> + <element name="Manifest" type="ds:ManifestType"/> + <complexType name="ManifestType"> + <sequence> + <element ref="ds:Reference" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + <element name="SignatureProperties" type="ds:SignaturePropertiesType"/> + <complexType name="SignaturePropertiesType"> + <sequence> + <element ref="ds:SignatureProperty" maxOccurs="unbounded"/> + </sequence> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + <element name="SignatureProperty" type="ds:SignaturePropertyType"/> + <complexType name="SignaturePropertyType" mixed="true"> + <choice maxOccurs="unbounded"> + <any namespace="##other" processContents="lax"/> + <!-- (1,1) elements from (1,unbounded) namespaces --> + </choice> + <attribute name="Target" type="anyURI" use="required"/> + <attribute name="Id" type="ID" use="optional"/> + </complexType> + <!-- End Object (Manifest, SignatureProperty) --> + <!-- Start Algorithm Parameters --> + <simpleType name="HMACOutputLengthType"> + <restriction base="integer"/> + </simpleType> + <!-- Start KeyValue Element-types --> + <element name="DSAKeyValue" type="ds:DSAKeyValueType"/> + <complexType name="DSAKeyValueType"> + <sequence> + <sequence minOccurs="0"> + <element name="P" type="ds:CryptoBinary"/> + <element name="Q" type="ds:CryptoBinary"/> + </sequence> + <element name="G" type="ds:CryptoBinary" minOccurs="0"/> + <element name="Y" type="ds:CryptoBinary"/> + <element name="J" type="ds:CryptoBinary" minOccurs="0"/> + <sequence minOccurs="0"> + <element name="Seed" type="ds:CryptoBinary"/> + <element name="PgenCounter" type="ds:CryptoBinary"/> + </sequence> + </sequence> + </complexType> + <element name="RSAKeyValue" type="ds:RSAKeyValueType"/> + <complexType name="RSAKeyValueType"> + <sequence> + <element name="Modulus" type="ds:CryptoBinary"/> + <element name="Exponent" type="ds:CryptoBinary"/> + </sequence> + </complexType> + <!-- End KeyValue Element-types --> + <!-- End Signature --> +</schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/xmldsig-filter2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/xmldsig-filter2.xsd new file mode 100644 index 000000000..517e7bd54 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/xmldsig-filter2.xsd @@ -0,0 +1,38 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- documented out for compatibility with Xerces-2.0.2 + <!DOCTYPE schema + PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd" + [ + <!ATTLIST schema + xmlns:xf CDATA #FIXED 'http://www.w3.org/2002/06/xmldsig-filter2'> + <!ENTITY xf 'http://www.w3.org/2002/06/xmldsig-filter2'> + <!ENTITY % p ''> + <!ENTITY % s ''> + ]> +--> + + <schema xmlns="http://www.w3.org/2001/XMLSchema" + xmlns:xf="http://www.w3.org/2002/06/xmldsig-filter2" + targetNamespace="http://www.w3.org/2002/06/xmldsig-filter2" + version="0.1" elementFormDefault="qualified"> + + <element name="XPath" + type="xf:XPathType"/> + + <complexType name="XPathType"> + <simpleContent> + <extension base="string"> + <attribute name="Filter"> + <simpleType> + <restriction base="string"> + <enumeration value="intersect"/> + <enumeration value="subtract"/> + <enumeration value="union"/> + </restriction> + </simpleType> + </attribute> + </extension> + </simpleContent> + </complexType> + + </schema>
\ No newline at end of file diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java new file mode 100644 index 000000000..c0a93bf03 --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java @@ -0,0 +1,56 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author patrick + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + +// suite.addTestSuite(DOMUtilsTest.class); +// suite.addTestSuite(DateTimeUtilsTest.class); +// suite.addTestSuite(XPathUtilsTest.class); +// suite.addTestSuite(KeyStoreUtilsTest.class); +// suite.addTestSuite(SSLUtilsTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java new file mode 100644 index 000000000..66bf1faff --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java @@ -0,0 +1,112 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa; + +import java.io.FileInputStream; +import java.io.StringReader; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; + +import org.w3c.dom.Document; +import org.xml.sax.InputSource; + +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import junit.framework.TestCase; + +/** + * Base class for MOA test cases. + * + * Provides some utility functions. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOATestCase extends TestCase { + + protected static final String TESTDATA_ROOT = "data/test/"; + + protected static final Map<String, Object> parserFeatures = + Collections.unmodifiableMap(new HashMap<String, Object>() { + private static final long serialVersionUID = 1L; + { + put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true); + + } + }); + + + /** + * Constructor for MOATestCase. + * @param arg0 + */ + public MOATestCase(String name) { + super(name); + } + + /** + * Parse an XML file non-validating. + */ + public static Document parseXml(String fileName) throws Exception { + return DOMUtils.parseDocument( + new FileInputStream(fileName), + false, + null, + null, + parserFeatures); + } + + /** + * Parse an XML validating with a given file name. + * + * Uses the local schema resources. + */ + public static Document parseXmlValidating(String fileName) throws Exception { + return DOMUtils.parseDocument( + new FileInputStream(fileName), + true, + Constants.ALL_SCHEMA_LOCATIONS, + null, + parserFeatures); + } + + /** + * Parse an XML from a String. + */ + public static Document parseXmlString(String xml) throws Exception { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + DocumentBuilder builder; + + factory.setNamespaceAware(true); + builder = factory.newDocumentBuilder(); + + return builder.parse(new InputSource(new StringReader(xml))); + } + +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java new file mode 100644 index 000000000..7b1c0cb67 --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java @@ -0,0 +1,163 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import java.io.FileInputStream; +import java.util.Map; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; + +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import test.at.gv.egovernment.moa.MOATestCase; + +/** + * @author Patrick Peck + * @version $Id$ + */ +public class DOMUtilsTest extends MOATestCase { + private static final String TESTDATA_BASE = TESTDATA_ROOT + "xml/"; + private static boolean grammarsInitialized = false; + + /** + * Constructor for DOMUtilsTest. + * @param name + */ + public DOMUtilsTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + if (!grammarsInitialized) { + // preparse XML schema + DOMUtils.addSchemaToPool( + getClass().getResourceAsStream(Constants.XML_SCHEMA_LOCATION), + Constants.XML_NS_URI); + // preparse XMLDsig Filter2 schema + DOMUtils.addSchemaToPool( + getClass().getResourceAsStream(Constants.DSIG_FILTER2_SCHEMA_LOCATION), + Constants.DSIG_FILTER2_NS_URI); + // preparse XMLDsig schema + DOMUtils.addSchemaToPool( + getClass().getResourceAsStream(Constants.DSIG_SCHEMA_LOCATION), + Constants.DSIG_NS_URI); + // preparse MOA schema + DOMUtils.addSchemaToPool( + getClass().getResourceAsStream(Constants.MOA_SCHEMA_LOCATION), + Constants.MOA_NS_URI); + grammarsInitialized = true; + } + } + + private Document parse(String fileName) throws Exception { + return DOMUtils.parseDocument( + new FileInputStream(fileName), + true, + Constants.ALL_SCHEMA_LOCATIONS, + null, + parserFeatures); + } + + public void testParseCreateXMLSignature() throws Exception { + parse(TESTDATA_BASE + "CreateXMLSignature/TestGeneratorCX2.005.Req.xml"); + parse(TESTDATA_BASE + "CreateXMLSignature/Req000.xml"); + parse(TESTDATA_BASE + "CreateXMLSignature/Req001.xml"); + parse(TESTDATA_BASE + "CreateXMLSignature/Req002.xml"); + parse(TESTDATA_BASE + "CreateXMLSignature/Req004.xml"); + } + + public void testParseVerifyCMSSignature() throws Exception { + parse(TESTDATA_BASE + "VerifyCMSSignature/Req000.xml"); + } + + public void testParseVerifyXMLSignature() throws Exception { + parse(TESTDATA_BASE + "VerifyXMLSignature/Req000.xml"); + parse(TESTDATA_BASE + "VerifyXMLSignature/Req001.xml"); + parse(TESTDATA_BASE + "VerifyXMLSignature/Req002.xml"); + parse(TESTDATA_BASE + "VerifyXMLSignature/TestGeneratorVX.002.Req.xml"); + //parse(TESTDATA_BASE + "VerifyXMLSignature/TestGeneratorVX.006.Req.xml"); + parse(TESTDATA_BASE + "VerifyXMLSignature/VerifySAMLRequest.xml"); + } + + public void testParseInfobox() throws Exception { + parse(TESTDATA_BASE + "Infobox/InfoboxReadResponseMOA4.xml"); + parse(TESTDATA_BASE + "Infobox/InfoboxReadResponse.xml"); + } + + + private Document parsePlain(String fileName) throws Exception { + return DOMUtils.parseDocument( + new FileInputStream(fileName), + false, + null, + null, + null); + } + + public void testValidateCreateXMLSignature() throws Exception { + Document doc; + boolean valid; + + // test a valid request + doc = parsePlain(TESTDATA_BASE + "CreateXMLSignature/Req000.xml"); + valid = + DOMUtils.validateElement( + doc.getDocumentElement(), + Constants.ALL_SCHEMA_LOCATIONS, + null); + assertTrue(valid); + + // test an invalid request + doc = parsePlain(TESTDATA_BASE + "CreateXMLSignature/invalid.xml"); + try { + valid = + DOMUtils.validateElement( + doc.getDocumentElement(), + Constants.ALL_SCHEMA_LOCATIONS, + null); + fail(); + } catch (Exception e) { + } + } + + public void testGetNamespaceDeclarations() throws Exception { + Document doc; + NodeList nl; + Element elem; + Map nsDecls; + + doc = parse(TESTDATA_BASE + "VerifyXMLSignature/Req002.xml"); + nl = doc.getElementsByTagNameNS(Constants.DSIG_NS_URI, "Reference"); + elem = (Element) nl.item(0); + nsDecls = DOMUtils.getNamespaceDeclarations(elem); + + assertEquals(2, nsDecls.size()); + assertEquals(Constants.DSIG_NS_URI, nsDecls.get("dsig")); + assertEquals(Constants.MOA_NS_URI, nsDecls.get("")); + } + +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java new file mode 100644 index 000000000..e3468b89f --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java @@ -0,0 +1,129 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; +import java.text.DateFormat; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.TimeZone; + +import junit.framework.TestCase; + +import at.gv.egovernment.moa.util.DateTimeUtils; + +/** + * @author Patrick Peck + * @version $Id$ + */ +public class DateTimeUtilsTest extends TestCase { + + /** + * Constructor for DateTimeUtilsTest. + * @param arg0 + */ + public DateTimeUtilsTest(String arg0) { + super(arg0); + } + + public void testParseDateTimeValid() throws Exception { + Date date; + DateFormat format = new SimpleDateFormat("dd.MM.yyyy HH:mm:ss"); + + String dateStr; + + format.setTimeZone(TimeZone.getTimeZone("GMT")); + date = DateTimeUtils.parseDateTime("+1971-12-12T06:30:15"); + date.setTime(date.getTime() + TimeZone.getDefault().getRawOffset()); + dateStr = format.format(date); + assertEquals("12.12.1971 06:30:15", dateStr); + + date = DateTimeUtils.parseDateTime("2000-01-01T23:59:59.012Z"); + dateStr = format.format(date); + assertEquals("01.01.2000 23:59:59", dateStr); + + date = DateTimeUtils.parseDateTime("2003-05-20T12:17:30-05:00"); + dateStr = format.format(date); + assertEquals("20.05.2003 17:17:30", dateStr); + + + date = DateTimeUtils.parseDateTime("2002-02-02T02:02:02.33+04:30"); + dateStr = format.format(date); + assertEquals("01.02.2002 21:32:02", dateStr); + } + + public void testParseDateTimeInvalid() { + try { + DateTimeUtils.parseDateTime("+1971-12-12T6:30:15"); + fail(); + } catch (ParseException e) { + } + + try { + DateTimeUtils.parseDateTime("2000-01-0123:59:59.999999Z"); + fail(); + } catch (ParseException e) { + } + + try { + DateTimeUtils.parseDateTime("2003-05-20T12:17:3005:00"); + fail(); + } catch (ParseException e) { + } + + try { + DateTimeUtils.parseDateTime(" 2002-02-02T02:02:02.33+04:00"); + fail(); + } catch (ParseException e) { + } + + } + + public void testBuildDateTimeGMTMinus3() { + String should = "2002-01-01T01:01:01-03:00"; + doTestBuildDateTime(2002, 1, 1, 1, 1, 1, "GMT-03:00", should); + } + public void testBuildDateTimeMEZSommerzeit() { + String should = "2002-07-31T23:59:59+02:00"; + doTestBuildDateTime(2002, 7, 31, 23, 59, 59, "GMT+01:00", should); + } + public void testBuildDateTimeGMT() { + String should = "2002-01-01T01:01:01"; + doTestBuildDateTime(2002, 1, 1, 1, 1, 1, "GMT+00:00", should); + } + private void doTestBuildDateTime( + int year, int month, int day, + int hour, int min, int sec, + String timeZone, String dateTimeShould) { + +// Calendar cal = new GregorianCalendar(TimeZone.getTimeZone(timeZone)); +// cal.set(year,month, day, hour, min, sec); +// cal.set(Calendar.MILLISECOND, 0); +// String dateTimeBuilt = DateTimeUtils.buildDateTime(cal, false); +// assertEquals(dateTimeShould, dateTimeBuilt); + } + +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java new file mode 100644 index 000000000..2433eca89 --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java @@ -0,0 +1,114 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.KeyStore; +import java.security.Security; +import java.security.cert.X509Certificate; +import java.util.Enumeration; + +import at.gv.egovernment.moa.util.KeyStoreUtils; + +import junit.framework.TestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class KeyStoreUtilsTest extends TestCase { + private String tmpDir = "tmp/KeyStoreUtilsTest"; + private String tmpDirURL = "file:" + tmpDir; + + public KeyStoreUtilsTest(String arg0) { + super(arg0); + } + + protected void setUp() throws Exception { + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + new File(tmpDir).mkdirs(); + } + protected void tearDown() throws Exception { + new File(tmpDir).delete(); + } + public void testCreateKeyStoreJKS() throws Exception { + String[] certFilenames = new String[] { + "data/test/security/server-certs/baltimore.cer" + }; + KeyStore ks = KeyStoreUtils.createKeyStore("jks", certFilenames); + assertEquals(1, ks.size()); + X509Certificate cert = (X509Certificate)ks.getCertificate("0"); + assertEquals(3424, cert.getSerialNumber().intValue()); + } + public void testCreateKeyStorePKCS12() throws Exception { + String[] certFilenames = new String[] { + "data/test/security/server-certs/baltimore.cer" + }; + KeyStore ks = KeyStoreUtils.createKeyStore("pkcs12", certFilenames); + assertEquals(1, ks.size()); + X509Certificate cert = (X509Certificate)ks.getCertificate("0"); + assertEquals(3424, cert.getSerialNumber().intValue()); + } + public void testCreateKeyStoreFromCertificateDirectory() throws Exception { + // copy certificate files to a temporary directory, + // omitting the "CVS" directory in the source directory + copyCertificates("data/test/security/server-certs", tmpDir); + KeyStore ks = KeyStoreUtils.createKeyStoreFromCertificateDirectory("jks", tmpDirURL); + assertEquals(2, ks.size()); + X509Certificate cert0 = (X509Certificate)ks.getCertificate("0"); + X509Certificate cert1 = (X509Certificate)ks.getCertificate("1"); + assertTrue(3424 == cert0.getSerialNumber().intValue() || 3424 == cert1.getSerialNumber().intValue()); + } + private void copyCertificates(String from, String to) throws IOException { + String[] fromList = new File(from).list(); + for (int i = 0; i < fromList.length; i++) { + File fromFile = new File(from + File.separator + fromList[i]); + if (fromFile.isFile()) { + String toFile = to + "/" + fromList[i]; + FileInputStream in = new FileInputStream(fromFile); + FileOutputStream out = new FileOutputStream(toFile); + for (int ch = in.read(); ch >= 0; ch = in.read()) + out.write(ch); + out.close(); + in.close(); + } + } + + } + public void testLoadKeyStore() throws Exception { + String keyStoreURL = "file:data/test/security/client-certs/sicher-demo(buergerkarte).p12"; + KeyStore ks = KeyStoreUtils.loadKeyStore("pkcs12", keyStoreURL, "buergerkarte"); + assertEquals(1, ks.size()); + Enumeration aliases = ks.aliases(); + String alias = (String)aliases.nextElement(); + X509Certificate cert = (X509Certificate)ks.getCertificate(alias); + assertEquals(new BigInteger("1044289238331").intValue(), cert.getSerialNumber().intValue()); + } + +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java new file mode 100644 index 000000000..2b5094fb8 --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java @@ -0,0 +1,181 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import java.net.URL; +import java.security.KeyStore; +import java.security.Security; + +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSocketFactory; + +import junit.framework.TestCase; +import at.gv.egovernment.moa.util.KeyStoreUtils; +import at.gv.egovernment.moa.util.SSLUtils; + +import com.sun.net.ssl.HostnameVerifier; +import com.sun.net.ssl.HttpsURLConnection; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class SSLUtilsTest extends TestCase { + + public SSLUtilsTest(String arg0) { + super(arg0); + } + + + protected void setUp() throws Exception { + //System.setProperty("javax.net.debug", "all"); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5"); + } + + public void testGetSSLSocketFactoryBaltimoreOK() throws Exception { + doTestGetSSLSocketFactory( + "GET", + "https://www.baltimore.com/", + false, + "file:data/test/security/cacerts+gt_cybertrust_root", + "changeit", + true); + } + public void testGetSSLSocketFactoryBaltimoreNOK() throws Exception { + doTestGetSSLSocketFactory( + "GET", + "https://www.baltimore.com/", + false, + "file:data/test/security/cacerts", + "changeit", + false); + } + public void testGetSSLSocketFactoryVerisignOK() throws Exception { + doTestGetSSLSocketFactory( + "GET", + "https://www.verisign.com/", + false, + "file:data/test/security/cacerts", + "changeit", + true); + } + public void testGetSSLSocketFactoryVerisignNoTruststoreOK() throws Exception { + doTestGetSSLSocketFactory( + "GET", + "https://www.verisign.com/", + false, + null, + null, + true); + } + public void testGetSSLSocketFactoryLocalhostOK() throws Exception { + String urlString = "https://localhost:8443/moa-id-auth/index.jsp"; + doTestGetSSLSocketFactory( + "GET", + urlString, + true, + "file:data/test/security/server.keystore.tomcat", + "changeit", + true); + } + public void testGetSSLSocketFactoryLocalhostNOK() throws Exception { + String urlString = "https://localhost:8443/moa-id-auth/index.jsp"; + doTestGetSSLSocketFactory( + "GET", + urlString, + true, + null, + null, + false); + } + + public void doTestGetSSLSocketFactory( + String requestMethod, + String urlString, + boolean useHostnameVerifierHack, + String truststoreurl, + String trustpassword, + boolean shouldOk + ) throws Exception { + + doTestGetSSLSocketFactory( + requestMethod, urlString, useHostnameVerifierHack, truststoreurl, trustpassword, null, null, null, shouldOk); + } + public void doTestGetSSLSocketFactory( + String requestMethod, + String urlString, + boolean useHostnameVerifierHack, + String truststoreurl, + String trustpassword, + String keystoretype, + String keystoreurl, + String keypassword, + boolean shouldOk + ) throws Exception { + + KeyStore truststore = null; + if (truststoreurl != null) + truststore = KeyStoreUtils.loadKeyStore("jks", truststoreurl, trustpassword); + SSLSocketFactory sf = SSLUtils.getSSLSocketFactory( + truststore, keystoretype, keystoreurl, keypassword); + System.out.println(requestMethod + " " + urlString); + + URL url = new URL(urlString); + HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); + conn.setRequestMethod(requestMethod); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setSSLSocketFactory(sf); + if (useHostnameVerifierHack) + conn.setHostnameVerifier(new HostnameVerifierHack()); + try { + conn.connect(); + assertTrue(shouldOk); + assertEquals(200, conn.getResponseCode()); + conn.disconnect(); + } + catch (SSLException ex) { + assertFalse(shouldOk); + } + } +// private byte[] readTruststore(String filename) throws IOException { +// if (filename == null) +// return null; +// FileInputStream in = new FileInputStream(filename); +// byte[] buffer = new byte[in.available()]; +// in.read(buffer); +// in.close(); +// return buffer; +// } + private class HostnameVerifierHack implements HostnameVerifier { + public boolean verify(String arg0, String arg1) { + return true; + } + } +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java new file mode 100644 index 000000000..2ded896d0 --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLDecoderTest.java @@ -0,0 +1,53 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import java.net.URLEncoder; + +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.URLDecoder; + +import junit.framework.TestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class URLDecoderTest extends TestCase { + + public void test() throws Exception { + String s = "immerZUA0129<>%==$$%&/()@?{()=} \\\""; + String senc = URLEncoder.encode(s); + String sdec = URLDecoder.decode(senc, "ISO-8859-1"); + assertEquals(s, sdec); + } + public void testUTF8() throws Exception { + String s = new String(FileUtils.readFile("data/test/xml/CreateXMLSignature/CreateXMLSignatureResponse.xml")); + String senc = URLEncoder.encode(s); + String sdec = URLDecoder.decode(senc, "UTF-8"); + String sutf8 = FileUtils.readFile("data/test/xml/CreateXMLSignature/CreateXMLSignatureResponse.xml", "UTF-8"); + assertEquals(sutf8, sdec); + } +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java new file mode 100644 index 000000000..5f72c8aad --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/URLEncoderTest.java @@ -0,0 +1,67 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; + +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.URLDecoder; +import at.gv.egovernment.moa.util.URLEncoder; +import junit.framework.TestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class URLEncoderTest extends TestCase { + + public void testUnchangedString() throws Exception { + String s = "AZaz0123456789.-*_"; + String senc = URLEncoder.encode(s, "UTF-8"); + assertEquals(s, senc); + } + public void testAumlUTF8() throws Exception { + String s = "ä"; + String senc = URLEncoder.encode(s, "UTF-8"); + assertEquals("%C3%A4", senc); + } + public void testEncodeDecode() throws Exception { + String s = "AZaz09.-*_ <>%=$%&/()@?{}[]\\\""; + String senc = URLEncoder.encode(s, "UTF-8"); + String sdec = URLDecoder.decode(senc, "UTF-8"); + assertEquals(s, sdec); + } + public void testCertInfo() throws Exception { + String s = new String(FileUtils.readFile("data/test/xml/VerifyXMLSignature/CertInfoVerifyXMLSignatureRequest.xml", "UTF-8")); + String senc = URLEncoder.encode(s, "UTF-8"); + String sdec = URLDecoder.decode(senc, "UTF-8"); + assertEquals(s, sdec); + } + /*public void testJDK14() throws Exception { + String s = new String(FileUtils.readFile("data/test/xml/VerifyXMLSignature/CertInfoVerifyXMLSignatureRequest.xml", "UTF-8")); + String senc = URLEncoder.encode(s, "UTF-8"); + String senc14 = java.net.URLEncoder.encode(s, "UTF-8"); + assertEquals(senc, senc14); + }*/ + +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java new file mode 100644 index 000000000..dfe7a5358 --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java @@ -0,0 +1,123 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; +import java.io.FileInputStream; +import java.io.InputStream; + +import org.apache.xerces.parsers.DOMParser; +import org.apache.xerces.parsers.XMLGrammarPreparser; +import org.apache.xerces.util.SymbolTable; +import org.apache.xerces.util.XMLGrammarPoolImpl; +import org.apache.xerces.xni.grammars.Grammar; +import org.apache.xerces.xni.grammars.XMLGrammarDescription; +import org.apache.xerces.xni.parser.XMLInputSource; +import org.xml.sax.InputSource; + +import test.at.gv.egovernment.moa.MOATestCase; + +import at.gv.egovernment.moa.util.Constants; + + +/** + * Experimentation with Xerces grammar caching. + * + * Used the Xerces sample 'XMLGrammarBuilder' as a starting point. + * + * @author Patrick Peck + * @version $Id$ + */ +public class XMLGrammarBuilderTest extends MOATestCase { + + private static final String GRAMMAR_POOL = + org.apache.xerces.impl.Constants.XERCES_PROPERTY_PREFIX + + org.apache.xerces.impl.Constants.XMLGRAMMAR_POOL_PROPERTY; + + protected static final String NAMESPACES_FEATURE_ID = + "http://xml.org/sax/features/namespaces"; + protected static final String VALIDATION_FEATURE_ID = + "http://xml.org/sax/features/validation"; + protected static final String SCHEMA_VALIDATION_FEATURE_ID = + "http://apache.org/xml/features/validation/schema"; + protected static final String SCHEMA_FULL_CHECKING_FEATURE_ID = + "http://apache.org/xml/features/validation/schema-full-checking"; + + private static final int BIG_PRIME = 2039; + private SymbolTable symbolTable; + private XMLGrammarPoolImpl grammarPool; + + /** + * Constructor for XMLGrammarBuilderTest. + * @param name + */ + public XMLGrammarBuilderTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + XMLGrammarPreparser preparser; + + // set up symbol table and grammar pool + symbolTable = new SymbolTable(BIG_PRIME); + grammarPool = new XMLGrammarPoolImpl(); + preparser = new XMLGrammarPreparser(symbolTable); + preparser.registerPreparser(XMLGrammarDescription.XML_SCHEMA, null); + preparser.setProperty(GRAMMAR_POOL, grammarPool); + preparser.setFeature(NAMESPACES_FEATURE_ID, true); + preparser.setFeature(VALIDATION_FEATURE_ID, true); + // now we can still do schema features just in case, + // so long as it's our configuraiton...... + preparser.setFeature(SCHEMA_VALIDATION_FEATURE_ID, true); + preparseSchemaResource( + preparser, + Constants.DSIG_SCHEMA_LOCATION, + "/resources/schemas/xmldsig-core-schema.xsd"); + } + + private static Grammar preparseSchemaResource( + XMLGrammarPreparser preparser, + String systemId, + String resource) + throws Exception { + + InputStream is = XMLGrammarBuilderTest.class.getResourceAsStream(resource); + return preparser.preparseGrammar( + XMLGrammarDescription.XML_SCHEMA, + new XMLInputSource(null, systemId, null, is, null)); + } + + public void testParseValidating() throws Exception { + DOMParser parser = new DOMParser(symbolTable, grammarPool); + + parser.setFeature(NAMESPACES_FEATURE_ID, true); + parser.setFeature(VALIDATION_FEATURE_ID, true); + parser.setFeature(SCHEMA_VALIDATION_FEATURE_ID, true); + + parser.parse( + new InputSource( + new FileInputStream(TESTDATA_ROOT + "xml/dsigTransform/base64.xml"))); + parser.getDocument(); + } + +} diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java new file mode 100644 index 000000000..15e6a62f3 --- /dev/null +++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/XPathUtilsTest.java @@ -0,0 +1,75 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.util; +import org.w3c.dom.Document; +import org.w3c.dom.NodeList; + +import test.at.gv.egovernment.moa.MOATestCase; + +import at.gv.egovernment.moa.util.XPathUtils; + + +/** + * @author Patrick Peck + * @version $Id$ + */ +public class XPathUtilsTest extends MOATestCase { + + private Document doc1; + + /** + * Constructor for XPathUtilsTest. + * @param name + */ + public XPathUtilsTest(String name) { + super(name); + } + + /** + * @see TestCase#setUp() + */ + protected void setUp() throws Exception { + super.setUp(); + doc1 = + parseXml(TESTDATA_ROOT + "xml/VerifyXMLSignature/Req000.xml"); + } + + public void testSelectNodeList() throws Exception { + NodeList nodes; + + nodes = + XPathUtils.selectNodeList( + doc1.getDocumentElement(), + doc1.getDocumentElement(), + "/VerifyXMLSignatureRequest"); + assertEquals(1, nodes.getLength()); + nodes = + XPathUtils.selectNodeList( + doc1.getDocumentElement(), + "//dsig:Signature"); + assertEquals(1, nodes.getLength()); + } + +} diff --git a/id/server/moa-id-frontend-resources/.gitignore b/id/server/moa-id-frontend-resources/.gitignore new file mode 100644 index 000000000..b83d22266 --- /dev/null +++ b/id/server/moa-id-frontend-resources/.gitignore @@ -0,0 +1 @@ +/target/ diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml new file mode 100644 index 000000000..64ebc14b6 --- /dev/null +++ b/id/server/moa-id-frontend-resources/pom.xml @@ -0,0 +1,64 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id</groupId> + <artifactId>moa-id</artifactId> + <version>3.x</version> + </parent> + + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-frontend-resources</artifactId> + <version>${moa-id-version}</version> + <packaging>jar</packaging> + + <name>MOA-ID-Auth FrontEnd-Resources</name> + <description>FrontEnd resources for MOA-ID-Auth </description> + <organization> + <name>EGIZ</name> + <url>https://www.egiz.gv.at</url> + </organization> + <developers> + <developer> + <name>Thomas Lenz</name> + <organization>EGIZ</organization> + <email>thomas.lenz@egiz.gv.at</email> + </developer> + </developers> + + <properties> + <repositoryPath>${basedir}/../../../../repository</repositoryPath> + </properties> + + <dependencies> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> + </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-webmvc</artifactId> + <exclusions> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.apache.velocity</groupId> + <artifactId>velocity</artifactId> + <version>1.7</version> + </dependency> + + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + <scope>provided</scope> + </dependency> + + + </dependencies> + +</project>
\ No newline at end of file diff --git a/DocumentService/WebContent/META-INF/MANIFEST.MF b/id/server/moa-id-frontend-resources/src/main/java/META-INF/MANIFEST.MF index 254272e1c..254272e1c 100644 --- a/DocumentService/WebContent/META-INF/MANIFEST.MF +++ b/id/server/moa-id-frontend-resources/src/main/java/META-INF/MANIFEST.MF diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/StaticResourceConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/StaticResourceConfiguration.java new file mode 100644 index 000000000..d7d99d3a7 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/StaticResourceConfiguration.java @@ -0,0 +1,48 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend; + +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; + +/** + * @author tlenz + * + */ +@Configuration +@EnableWebMvc +public class StaticResourceConfiguration extends WebMvcConfigurerAdapter { + + private static final String[] CLASSPATH_RESOURCE_LOCATIONS = { + "classpath:/mainGUI/", + "/"}; + + @Override + public void addResourceHandlers(ResourceHandlerRegistry registry) { + registry.addResourceHandler("/**").addResourceLocations(CLASSPATH_RESOURCE_LOCATIONS); + + + } +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractGUIFormBuilderConfiguration.java new file mode 100644 index 000000000..52c1f0f97 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractGUIFormBuilderConfiguration.java @@ -0,0 +1,109 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.builder; + +import java.util.HashMap; +import java.util.Map; + +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public abstract class AbstractGUIFormBuilderConfiguration implements IGUIBuilderConfiguration { + + public static final String PARAM_AUTHCONTEXT = "contextPath"; + public static final String PARAM_FORMSUBMITENDPOINT = "submitEndpoint"; + + public static final String PARAM_PENDINGREQUESTID = "pendingReqID"; + + private String authURL = null; + private String viewName = null; + private String formSubmitEndpoint = null; + + /** + * @param authURL IDP PublicURL-Prefix which should be used, but never null + * @param viewName Name of the template (with suffix) but never null + * @param formSubmitEndpoint EndPoint on which the form should be submitted, + * or null if the form must not submitted + * + */ + public AbstractGUIFormBuilderConfiguration(String authURL, String viewName, String formSubmitEndpoint) { + if (viewName.startsWith("/")) + this.viewName = viewName.substring(1); + else + this.viewName = viewName; + + if (authURL.endsWith("/")) + this.authURL = authURL.substring(0, authURL.length() - 1); + else + this.authURL = authURL; + + if (MiscUtil.isNotEmpty(formSubmitEndpoint)) { + if (formSubmitEndpoint.startsWith("/")) + this.formSubmitEndpoint = formSubmitEndpoint; + else + this.formSubmitEndpoint = "/" + formSubmitEndpoint; + } + } + + + /** + * Define the parameters, which should be evaluated in the template + * + * @return Map of parameters, which should be added to template + */ + abstract protected Map<String, Object> getSpecificViewParameters(); + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewName() + */ + @Override + public final String getViewName() { + return this.viewName; + + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewParameters() + */ + @Override + public final Map<String, Object> getViewParameters() { + //get parameters from detail implementation + Map<String, Object> specParams = getSpecificViewParameters(); + if (specParams == null) + specParams = new HashMap<String, Object>(); + + //add generic parameters + specParams.put(PARAM_AUTHCONTEXT, this.authURL); + if (this.formSubmitEndpoint != null) + specParams.put(PARAM_FORMSUBMITENDPOINT, this.formSubmitEndpoint); + + return specParams; + + } + +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java new file mode 100644 index 000000000..2c2792b84 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java @@ -0,0 +1,120 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.builder; + +import java.io.InputStream; +import java.util.HashMap; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.IRequest; + +/** + * This class builds MOA-ID GUI forms from default resource paths + * + * @author tlenz + * + */ +public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration { + + public static final String VIEW_REDIRECT = "redirectForm.html"; + public static final String VIEW_ERRORMESSAGE = "error_message.html"; + public static final String VIEW_SINGLELOGOUT = "slo_template.html"; + public static final String VIEW_SSO_SESSION_TRANSFER = "sso_transfer_template.html"; + + private IRequest pendingReq; + private Map<String, Object> customParameters = null; + + + /** + * @param authURL PublicURLPrefix of the IDP but never null + * @param viewName Name of the template (with suffix) but never null + * @param formSubmitEndpoint EndPoint on which the form should be submitted, + * or null if the form must not submitted + */ + public DefaultGUIFormBuilderConfiguration(String authURL, String viewName, String formSubmitEndpoint) { + super(authURL, viewName, formSubmitEndpoint); + } + + /** + * @param Current processed pending-request DAO but never null + * @param viewName Name of the template (with suffix) but never null + * @param formSubmitEndpoint EndPoint on which the form should be submitted, + * or null if the form must not submitted + */ + public DefaultGUIFormBuilderConfiguration(IRequest pendingReq, String viewName, String formSubmitEndpoint) { + super(pendingReq.getAuthURL(), viewName, formSubmitEndpoint); + this.pendingReq = pendingReq; + + + } + + public void putCustomParameter(String key, Object value) { + if (customParameters == null) + customParameters = new HashMap<String, Object>(); + + customParameters.put(key, value); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewParameters() + */ + @Override + public Map<String, Object> getSpecificViewParameters() { + Map<String, Object> params = new HashMap<String, Object>(); + if (pendingReq != null) { + params.put(PARAM_PENDINGREQUESTID, pendingReq.getRequestID()); + + } + if (customParameters != null) + params.putAll(customParameters); + + return params; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getTemplate(java.lang.String) + */ + @Override + public InputStream getTemplate(String viewName) { + return null; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getContentType() + */ + @Override + public String getDefaultContentType() { + return null; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getClasspathTemplateDir() + */ + @Override + public String getClasspathTemplateDir() { + return null; + + } +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java new file mode 100644 index 000000000..94fa4d977 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/GUIFormBuilderImpl.java @@ -0,0 +1,221 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.builder; + +import java.io.BufferedReader; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.StringWriter; +import java.net.URI; +import java.util.Iterator; +import java.util.Map; +import java.util.Map.Entry; + +import javax.servlet.http.HttpServletResponse; + +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; +import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Service("guiFormBuilder") +public class GUIFormBuilderImpl implements IGUIFormBuilder { + + private static final String DEFAULT_CONTENT_TYPE = "text/html;charset=UTF-8"; + private static final String CONFIG_HTMLTEMPLATES_DIR = "htmlTemplates/"; + private static final String CLASSPATH_HTMLTEMPLATES_DIR = "templates/"; + + @Autowired private AuthConfiguration authConfig; + private VelocityEngine engine; + + public GUIFormBuilderImpl() throws GUIBuildException { + try { + engine = VelocityProvider.getClassPathVelocityEngine(); + + } catch (Exception e) { + Logger.fatal("Initialization of Velocity-Engine to render GUI components FAILED.", e); + throw new GUIBuildException("Initialization of Velocity-Engine to render GUI components FAILED.", e); + + } + + } + + public void build(HttpServletResponse httpResp, IGUIBuilderConfiguration config, String loggerName) throws GUIBuildException { + build(httpResp, config, getInternalContentType(config), loggerName); + + } + + + @Override + public void build(HttpServletResponse httpResp, IGUIBuilderConfiguration config, + String contentType, String loggerName) throws GUIBuildException { + + InputStream is = null; + try { + String viewName = config.getViewName(); + + //load Tempate + is = getInternalTemplate(config); + if (is == null) { + Logger.warn("No GUI with viewName:" + viewName + " FOUND."); + throw new GUIBuildException("No GUI with viewName:" + viewName + " FOUND."); + + } + + //build Velocity Context from input paramters + VelocityContext context = buildContextFromViewParams(config.getViewParameters()); + + //evaluate template + StringWriter writer = new StringWriter(); + engine.evaluate(context, writer, loggerName, new BufferedReader(new InputStreamReader(is))); + + //write template to response + httpResp.setStatus(HttpServletResponse.SC_OK); + httpResp.setContentType(contentType); + httpResp.getOutputStream().write(writer.toString().getBytes("UTF-8")); + + } catch (IOException e) { + Logger.error("GUI form-builder has an internal error.", e); + throw new GUIBuildException("GUI form-builder has an internal error.", e); + + } finally { + if (is != null) + try { + is.close(); + + } catch (IOException e) { + Logger.error("Can NOT close GUI-Template InputStream.", e); + + } + } + + } + + private String getInternalContentType(IGUIBuilderConfiguration config) { + if (MiscUtil.isEmpty(config.getDefaultContentType())) + return DEFAULT_CONTENT_TYPE; + + else + return config.getDefaultContentType(); + + } + + private InputStream getInternalTemplate(IGUIBuilderConfiguration config) throws GUIBuildException { + String viewName = config.getViewName(); + + //load specific template + InputStream is = config.getTemplate(viewName); + + if (is == null) { + //load template from default resources + try { + Logger.trace("Loading GUI template:" + viewName + " from default resources ... "); + String pathLocation = null; + try { + //load template from config directory + String rootconfigdir = authConfig.getRootConfigFileDir(); + pathLocation = rootconfigdir + CONFIG_HTMLTEMPLATES_DIR + + viewName; + File file = new File(new URI(pathLocation)); + is = new FileInputStream(file); + + } catch (Exception e) { + //load template from classpath as backup + Logger.info("GUI template:" + viewName + " is not found in configuration directory. " + + " Load template from project library ... "); + try { + pathLocation = getInternalClasspathTemplateDir(config) + viewName; + is = Thread.currentThread() + .getContextClassLoader() + .getResourceAsStream(pathLocation); + + } catch (Exception e1) { + Logger.error("GUI template:" + pathLocation + " is NOT loadable!", e); + throw new GUIBuildException("GUI template:" + pathLocation + " is NOT loadable!", e); + + } + } + + } catch (GUIBuildException e) { + throw e; + + } catch (Exception e) { + Logger.error("GUI builder has an internal error during template load operation", e); + throw new GUIBuildException("GUI builder has an internal error during template load operation", e); + + } + } + + return is; + + } + + + /** + * @return + */ + private String getInternalClasspathTemplateDir(IGUIBuilderConfiguration config) { + String dir = config.getClasspathTemplateDir(); + if (dir != null) { + if (!dir.endsWith("/")) + dir += "/"; + + return dir; + + } else + return CLASSPATH_HTMLTEMPLATES_DIR; + } + + /** + * @param viewParams + * @return + */ + private VelocityContext buildContextFromViewParams(Map<String, Object> viewParams) { + VelocityContext context = new VelocityContext(); + + if (viewParams != null) { + Iterator<Entry<String, Object>> interator = viewParams.entrySet().iterator(); + while (interator.hasNext()) { + Entry<String, Object> el = interator.next(); + context.put(el.getKey(), el.getValue()); + } + + } + + return context; + } + +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIBuilderConfiguration.java new file mode 100644 index 000000000..51f6295c7 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIBuilderConfiguration.java @@ -0,0 +1,74 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.builder; + +import java.io.InputStream; +import java.util.Map; + +/** + * @author tlenz + * + */ +public interface IGUIBuilderConfiguration { + + + /** + * Define the name of the template (with suffix) which should be used + * + * @return templatename, but never null + */ + public String getViewName(); + + /** + * Define the parameters, which should be evaluated in the template + * + * @return Map of parameters, which should be added to template + */ + public Map<String, Object> getViewParameters(); + + + /** + * Get a specific classpath template-directory prefix, which is used + * to load a template from classpath by using <code>ClassLoader.getResourceAsStream(...)</code> + * + * @return Classpath directory, or null if the default directory should be used + */ + public String getClasspathTemplateDir(); + + /** + * Get the GUI template with a specific name + * + * @param viewName Name of the template + * @return Tempate as <code>InputStream</code>, or null if default getTemplate method should be used + */ + public InputStream getTemplate(String viewName); + + /** + * Get the contentType, which should be set in HTTP response + * <br><br> + * <b>DefaultValue:</b> text/html;charset=UTF-8 + * + * @return ContentType, or null if default ContentType should be used. + */ + public String getDefaultContentType(); +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIFormBuilder.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIFormBuilder.java new file mode 100644 index 000000000..198220e97 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/IGUIFormBuilder.java @@ -0,0 +1,67 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.builder; + +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; + +/** + * @author tlenz + * + */ +public interface IGUIFormBuilder { + + /** + * Parse a GUI template, with parameters into a http servlet-response + * and use the default http-response content-type. + * <br><br> + * The parser use the <code>VelocityEngine</code> as internal template evaluator. + * + * @param httpResp http-response object + * @param viewName Name of the template (with suffix), which should be used. + * The template is selected by using the <code>getTemplate(String viewName)</code> method + * @param viewParams Map of parameters, which should be added to template + * @param loggerName String, which should be used from logger + * + * @throws GUIBuildException + */ + public void build(HttpServletResponse httpResp, IGUIBuilderConfiguration config, String loggerName) throws GUIBuildException; + + /** + * Parse a GUI template, with parameters into a http servlet-response. + * <br><br> + * The parser use the <code>VelocityEngine</code> as internal template evaluator. + * + * @param httpResp http-response object + * @param viewName Name of the template (with suffix), which should be used. + * The template is selected by using the <code>getTemplate(String viewName)</code> method + * @param viewParams Map of parameters, which should be added to template + * @param contentType http-response content-type, which should be set + * @param loggerName String, which should be used from logger + * + * @throws GUIBuildException + */ + void build(HttpServletResponse httpResp, IGUIBuilderConfiguration config, String contentType, + String loggerName) throws GUIBuildException; +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/ServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/ServiceProviderSpecificGUIFormBuilderConfiguration.java new file mode 100644 index 000000000..0a5cdaf3e --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/ServiceProviderSpecificGUIFormBuilderConfiguration.java @@ -0,0 +1,186 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.builder; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; +import java.util.HashMap; +import java.util.Map; + +import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.CPEPS; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServiceProviderSpecificGUIFormBuilderConfiguration extends AbstractGUIFormBuilderConfiguration { + + public static final String VIEW_BKUSELECTION = "loginFormFull.html"; + public static final String VIEW_SENDASSERTION = "sendAssertionFormFull.html"; + public static final String VIEW_TEMPLATE_CSS = "css_template.css"; + public static final String VIEW_TEMPLATE_JS = "javascript_tempalte.js"; + + public static final String PARAM_BKU_ONLINE = "bkuOnline"; + public static final String PARAM_BKU_HANDY = "bkuHandy"; + public static final String PARAM_BKU_LOCAL = "bkuLocal"; + + public static final String PARAM_OANAME = "OAName"; + public static final String PARAM_COUNTRYLIST = "countryList"; + + private IRequest pendingReq = null; + + /** + * @param authURL PublicURLPrefix of the IDP but never null + * @param viewName Name of the template (with suffix) but never null + * @param formSubmitEndpoint EndPoint on which the form should be submitted, + * or null if the form must not submitted + */ + public ServiceProviderSpecificGUIFormBuilderConfiguration(String authURL, String viewName, + String formSubmitEndpoint) { + super(authURL, viewName, formSubmitEndpoint); + + } + + /** + * @param Current processed pending-request DAO but never null + * @param viewName Name of the template (with suffix) but never null + * @param formSubmitEndpoint EndPoint on which the form should be submitted, + * or null if the form must not submitted + */ + public ServiceProviderSpecificGUIFormBuilderConfiguration(IRequest pendingReq, String viewName, + String formSubmitEndpoint) { + super(pendingReq.getAuthURL(), viewName, formSubmitEndpoint); + this.pendingReq = pendingReq; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration#getViewParameters() + */ + @Override + public Map<String, Object> getSpecificViewParameters() { + Map<String, Object> params = new HashMap<String, Object>(); + params.put(PARAM_BKU_ONLINE, IOAAuthParameters.ONLINEBKU); + params.put(PARAM_BKU_HANDY, IOAAuthParameters.HANDYBKU); + params.put(PARAM_BKU_LOCAL, IOAAuthParameters.LOCALBKU); + + if (pendingReq != null) { + params.put(PARAM_PENDINGREQUESTID, pendingReq.getRequestID()); + + //add service-provider specific GUI parameters + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); + if (oaParam != null) { + params.put(PARAM_OANAME, oaParam.getFriendlyName()); + + + if (oaParam.isShowStorkLogin()) + addCountrySelection(params, oaParam); + + FormBuildUtils.customiceLayoutBKUSelection(params, oaParam); + + } else + FormBuildUtils.defaultLayoutBKUSelection(params); + + + } else { + //add default GUI parameters + FormBuildUtils.defaultLayoutBKUSelection(params); + + } + + return params; + } + + /** + * @param params + * @param oaParam + */ + private void addCountrySelection(Map<String, Object> params, IOAAuthParameters oaParam) { + String pepslist = ""; + try { + for (CPEPS current : oaParam.getPepsList()) { + String countryName = null; + if (MiscUtil.isNotEmpty(MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()))) + countryName = MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()); + else + countryName = current.getCountryCode().toUpperCase(); + + pepslist += "<option value=" + current.getCountryCode() + ">" + + countryName + + "</option>\n"; + + } + params.put(PARAM_COUNTRYLIST, pepslist); + + } catch (NullPointerException e) { + Logger.warn("Can not at Countries to GUI. Msg:" + e.getMessage()); + + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getClasspathTemplateDir() + */ + @Override + public String getClasspathTemplateDir() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getTemplate(java.lang.String) + */ + @Override + public InputStream getTemplate(String viewName) { + if (pendingReq != null && pendingReq.getOnlineApplicationConfiguration() != null) { + + byte[] oatemplate = null; + if (VIEW_BKUSELECTION.equals(viewName)) + oatemplate = pendingReq.getOnlineApplicationConfiguration().getBKUSelectionTemplate(); + + else if (VIEW_SENDASSERTION.equals(viewName)) + oatemplate = pendingReq.getOnlineApplicationConfiguration().getSendAssertionTemplate(); + + // OA specific template requires a size of 8 bits minimum + if (oatemplate != null && oatemplate.length > 7) + return new ByteArrayInputStream(oatemplate); + } + + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.frontend.AbstractGUIFormBuilder#getDefaultContentType() + */ + @Override + public String getDefaultContentType() { + return null; + } + +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/exception/GUIBuildException.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/exception/GUIBuildException.java new file mode 100644 index 000000000..fff458546 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/exception/GUIBuildException.java @@ -0,0 +1,46 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.frontend.exception; + +/** + * @author tlenz + * + */ +public class GUIBuildException extends Exception { + + private static final long serialVersionUID = -278663750102498205L; + + /** + * @param string + */ + public GUIBuildException(String msg) { + super(msg); + + } + + public GUIBuildException(String msg, Throwable e) { + super(msg, e); + + } + +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java new file mode 100644 index 000000000..71093a4d3 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java @@ -0,0 +1,178 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.auth.frontend.utils; + + +import java.util.HashMap; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.util.MiscUtil; + +public class FormBuildUtils { + + private static Map<String, String> defaultmap = null; + + public static String PARAM_MAIN_BACKGROUNDCOLOR = "MAIN_BACKGOUNDCOLOR"; + public static String PARAM_MAIN_COLOR = "MAIN_COLOR"; + public static String PARAM_HEADER_BACKGROUNDCOLOR = "HEADER_BACKGROUNDCOLOR"; + public static String PARAM_HEADER_COLOR = "HEADER_COLOR"; + public static String PARAM_BUTTON_BACKGROUNDCOLOR = "BUTTON_BACKGROUNDCOLOR"; + public static String PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS = "BUTTON_BACKGROUNDCOLOR_FOCUS"; + public static String PARAM_BUTTON_COLOR = "BUTTON_COLOR"; + public static String PARAM_FONTFAMILY = "FONTTYPE"; + public static String PARAM_HEADER_TEXT = "HEADER_TEXT"; + public static String PARAM_REDIRECTTARGET = "REDIRECTTARGET"; + public static String PARAM_APPLET_HEIGHT = "APPLETHEIGHT"; + public static String PARAM_APPLET_WIDTH = "APPLETWIDTH"; + + private static String PARAM_MANDATEVISIBLE = "MANDATEVISIBLE"; + private static String PARAM_MANDATECHECKED = "MANDATECHECKED"; + + private static String PARAM_STORKVISIBLE = "STORKVISIBLE"; + + private static final String TEMPLATEVISIBLE = " display: none"; + private static final String TEMPLATEDISABLED = "disabled=\"true\""; + private static final String TEMPLATECHECKED = "checked=\"true\""; + private static final String TEMPLATE_ARIACHECKED = "aria-checked="; + + + static { + if (defaultmap == null) { + defaultmap = new HashMap<String, String>(); + defaultmap.put(PARAM_MAIN_BACKGROUNDCOLOR, "#F7F8F7"); + defaultmap.put(PARAM_MAIN_COLOR, "#000000"); + + defaultmap.put(PARAM_HEADER_BACKGROUNDCOLOR, "#C3D2E2"); + defaultmap.put(PARAM_HEADER_COLOR, "#000000"); + defaultmap.put(PARAM_HEADER_TEXT, "Login"); + + defaultmap.put(PARAM_BUTTON_BACKGROUNDCOLOR, "#EBEBEB"); + defaultmap.put(PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, "#EBEBEB"); + defaultmap.put(PARAM_BUTTON_COLOR, "#000000"); + + defaultmap.put(PARAM_FONTFAMILY, "Verdana,Geneva,Arial,sans-serif"); + + defaultmap.put(PARAM_REDIRECTTARGET, "_top"); + } + } + + public static void customiceLayoutBKUSelection(Map<String, Object> params, IOAAuthParameters oaParam) { + + if (oaParam.isShowMandateCheckBox()) + params.put(PARAM_MANDATEVISIBLE, ""); + else + params.put(PARAM_MANDATEVISIBLE, TEMPLATEVISIBLE); + + if (oaParam.isOnlyMandateAllowed()) { + params.put(PARAM_MANDATECHECKED, TEMPLATECHECKED + " " + + TEMPLATEDISABLED + " " +TEMPLATE_ARIACHECKED + "\"true\""); + + } else + params.put(PARAM_MANDATECHECKED, TEMPLATE_ARIACHECKED + "\"false\""); + + if (oaParam.isShowStorkLogin()) + params.put(PARAM_STORKVISIBLE, ""); + else + params.put(PARAM_STORKVISIBLE, TEMPLATEVISIBLE); + + //add more SP specific infos + setFormCustomizatenFromSP(params, oaParam); + + //format parameter-value for fontss + String fonttype = (String) params.get(PARAM_FONTFAMILY); + if (MiscUtil.isNotEmpty(fonttype)) { + String[] fonttypeList = fonttype.split(","); + String fonttypeformated = "\"" + fonttypeList[0].trim().replace("\"", "") + "\""; + + for (int i=1; i<fonttypeList.length; i++) { + fonttypeformated += ",\"" + fonttypeList[i].trim().replace("\"", "") + "\""; + } + + params.put(PARAM_FONTFAMILY, fonttypeformated); + } + + } + + public static Map<String, String> getDefaultMap() { + return defaultmap; + } + + /** + * @param value + * @return + */ + public static void defaultLayoutBKUSelection(Map<String, Object> params) { + params.put(PARAM_MANDATEVISIBLE, TEMPLATEVISIBLE); + params.put(PARAM_MANDATECHECKED, TEMPLATE_ARIACHECKED + "\"false\""); + params.put(PARAM_STORKVISIBLE, TEMPLATEVISIBLE); + + params.putAll(getDefaultMap()); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFormCustomizaten() + */ + private static void setFormCustomizatenFromSP(Map<String, Object> params, IOAAuthParameters spConfig) { + params.putAll(FormBuildUtils.getDefaultMap()); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR))) + params.put(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR))) + params.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS))) + params.put(FormBuildUtils.PARAM_BUTTON_BACKGROUNDCOLOR_FOCUS, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR))) + params.put(FormBuildUtils.PARAM_BUTTON_COLOR, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE))) + params.put(FormBuildUtils.PARAM_FONTFAMILY, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR))) + params.put(FormBuildUtils.PARAM_MAIN_COLOR, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR))) + params.put(FormBuildUtils.PARAM_HEADER_BACKGROUNDCOLOR, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR))) + params.put(FormBuildUtils.PARAM_HEADER_COLOR, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT))) + params.put(FormBuildUtils.PARAM_HEADER_TEXT, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET))) + params.put(FormBuildUtils.PARAM_REDIRECTTARGET, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT))) + params.put(FormBuildUtils.PARAM_APPLET_HEIGHT, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT)); + + if (MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH))) + params.put(FormBuildUtils.PARAM_APPLET_WIDTH, spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH)); + + } + +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityLogAdapter.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityLogAdapter.java new file mode 100644 index 000000000..3d5c5ed2f --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityLogAdapter.java @@ -0,0 +1,99 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.auth.frontend.velocity; + +import org.apache.velocity.app.Velocity; +import org.apache.velocity.runtime.RuntimeServices; +import org.apache.velocity.runtime.log.LogChute; + +import at.gv.egovernment.moa.logging.Logger; + +public class VelocityLogAdapter implements LogChute { + + public VelocityLogAdapter() { + try + { + /* + * register this class as a logger with the Velocity singleton + * (NOTE: this would not work for the non-singleton method.) + */ + Velocity.setProperty(Velocity.RUNTIME_LOG_LOGSYSTEM, this ); + Velocity.init(); + } + catch (Exception e) + { + Logger.error("Failed to register Velocity logger"); + } + } + + public void init(RuntimeServices arg0) throws Exception { + } + + public boolean isLevelEnabled(int arg0) { + switch(arg0) { + case LogChute.DEBUG_ID: + return Logger.isDebugEnabled(); + case LogChute.TRACE_ID: + return Logger.isTraceEnabled(); + default: + return true; + } + } + + public void log(int arg0, String arg1) { + switch(arg0) { + case LogChute.DEBUG_ID: + Logger.debug(arg1); + break; + case LogChute.TRACE_ID: + Logger.trace(arg1); + break; + case LogChute.INFO_ID: + Logger.info(arg1); + break; + case LogChute.WARN_ID: + Logger.warn(arg1); + break; + case LogChute.ERROR_ID: + default: + Logger.error(arg1); + break; + } + } + + public void log(int arg0, String arg1, Throwable arg2) { + switch(arg0) { + case LogChute.DEBUG_ID: + case LogChute.TRACE_ID: + case LogChute.INFO_ID: + case LogChute.WARN_ID: + Logger.warn(arg1, arg2); + break; + case LogChute.ERROR_ID: + default: + Logger.error(arg1, arg2); + break; + } + } + +} diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityProvider.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityProvider.java new file mode 100644 index 000000000..022c144f0 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/velocity/VelocityProvider.java @@ -0,0 +1,113 @@ +/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2011 by Graz University of Technology, Austria
+ * The Austrian STORK Modules have been developed by the E-Government
+ * Innovation Center EGIZ, a joint initiative of the Federal Chancellery
+ * Austria and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+/**
+ *
+ */
+package at.gv.egovernment.moa.id.auth.frontend.velocity;
+
+import org.apache.velocity.app.VelocityEngine;
+import org.apache.velocity.runtime.RuntimeConstants;
+
+/**
+ * Gets a Velocity Engine
+ *
+ * @author bzwattendorfer
+ *
+ */
+public class VelocityProvider {
+
+ /**
+ * Gets velocityEngine from Classpath
+ * @return VelocityEngine
+ * @throws Exception
+ */
+ public static VelocityEngine getClassPathVelocityEngine() throws Exception {
+ VelocityEngine velocityEngine = getBaseVelocityEngine();
+ velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+ velocityEngine.setProperty("classpath.resource.loader.class",
+ "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+
+
+ velocityEngine.init();
+
+ return velocityEngine;
+ }
+
+ /**
+ * Gets VelocityEngine from File
+ * @param rootPath File Path to template file
+ * @return VelocityEngine
+ * @throws Exception
+ */
+ public static VelocityEngine getFileVelocityEngine(String rootPath) throws Exception {
+ VelocityEngine velocityEngine = getBaseVelocityEngine();
+ velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "file");
+ velocityEngine.setProperty("file.resource.loader.class",
+ "org.apache.velocity.runtime.resource.loader.FileResourceLoader");
+ velocityEngine.setProperty("file.resource.loader.path", rootPath);
+
+ velocityEngine.init();
+
+ return velocityEngine;
+ }
+
+ /**
+ * Gets a basic VelocityEngine
+ * @return VelocityEngine
+ */
+ private static VelocityEngine getBaseVelocityEngine() {
+ VelocityEngine velocityEngine = new VelocityEngine();
+ velocityEngine.setProperty(RuntimeConstants.INPUT_ENCODING, "UTF-8");
+ velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+ velocityEngine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
+ "org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
+
+ return velocityEngine;
+ }
+
+}
diff --git a/id/server/auth/src/main/webapp/common/LogoBKA.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/common/LogoBKA.png Binary files differindex 6a92647fd..6a92647fd 100644 --- a/id/server/auth/src/main/webapp/common/LogoBKA.png +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/common/LogoBKA.png diff --git a/id/server/auth/src/main/webapp/common/LogoEGIZ.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/common/LogoEGIZ.png Binary files differindex 39f05d131..39f05d131 100644 --- a/id/server/auth/src/main/webapp/common/LogoEGIZ.png +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/common/LogoEGIZ.png diff --git a/id/server/auth/src/main/webapp/common/logo_digAT.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/common/logo_digAT.png Binary files differindex 4f36681e2..4f36681e2 100644 --- a/id/server/auth/src/main/webapp/common/logo_digAT.png +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/common/logo_digAT.png diff --git a/id/server/auth/src/main/webapp/common/main.css b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/common/main.css index 6bd964346..6bd964346 100644 --- a/id/server/auth/src/main/webapp/common/main.css +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/common/main.css diff --git a/id/server/auth/src/main/webapp/img/bk_aktivieren.jpg b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/bk_aktivieren.jpg Binary files differindex a6436dc72..a6436dc72 100644 --- a/id/server/auth/src/main/webapp/img/bk_aktivieren.jpg +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/bk_aktivieren.jpg diff --git a/id/server/auth/src/main/webapp/img/handy.gif b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/handy_deprecated.gif Binary files differindex 5aeb542db..5aeb542db 100644 --- a/id/server/auth/src/main/webapp/img/handy.gif +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/handy_deprecated.gif diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/handysign.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/handysign.png Binary files differnew file mode 100644 index 000000000..2c3645774 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/handysign.png diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/karte.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/karte.png Binary files differnew file mode 100644 index 000000000..5dfa694ca --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/karte.png diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/karte_deactivated.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/karte_deactivated.png Binary files differnew file mode 100644 index 000000000..5775734f2 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/karte_deactivated.png diff --git a/id/server/auth/src/main/webapp/img/karte.gif b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/karte_deprecated.gif Binary files differindex ee9ab7cad..ee9ab7cad 100644 --- a/id/server/auth/src/main/webapp/img/karte.gif +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/karte_deprecated.gif diff --git a/id/server/auth/src/main/webapp/img/logo.jpg b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/logo.jpg Binary files differindex bafbccc84..bafbccc84 100644 --- a/id/server/auth/src/main/webapp/img/logo.jpg +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/logo.jpg diff --git a/id/server/auth/src/main/webapp/img/mobile-bku.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/mobile-bku_deprecated.png Binary files differindex 697514273..697514273 100644 --- a/id/server/auth/src/main/webapp/img/mobile-bku.png +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/mobile-bku_deprecated.png diff --git a/id/server/auth/src/main/webapp/img/online-bku-deactivated.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/online-bku-deactivated_deprecated.png Binary files differindex c2145f12a..c2145f12a 100644 --- a/id/server/auth/src/main/webapp/img/online-bku-deactivated.png +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/online-bku-deactivated_deprecated.png diff --git a/id/server/auth/src/main/webapp/img/online-bku.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/online-bku_deprecated.png Binary files differindex d7d524999..d7d524999 100644 --- a/id/server/auth/src/main/webapp/img/online-bku.png +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/online-bku_deprecated.png diff --git a/id/server/auth/src/main/webapp/img/stork-logo.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/stork-logo.png Binary files differindex 70355a084..70355a084 100644 --- a/id/server/auth/src/main/webapp/img/stork-logo.png +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/stork-logo.png diff --git a/id/server/auth/src/main/webapp/img/valid-html5-blue.png b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/valid-html5-blue.png Binary files differindex 91ebe3e87..91ebe3e87 100644 --- a/id/server/auth/src/main/webapp/img/valid-html5-blue.png +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/valid-html5-blue.png diff --git a/id/server/auth/src/main/webapp/img/w3cvalidhtml5.jpg b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/w3cvalidhtml5.jpg Binary files differindex 2cd65412e..2cd65412e 100644 --- a/id/server/auth/src/main/webapp/img/w3cvalidhtml5.jpg +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/img/w3cvalidhtml5.jpg diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/index.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/index.html new file mode 100644 index 000000000..d2e7d1e1b --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/index.html @@ -0,0 +1,92 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> + <head> + <meta http-equiv="content-type" content="text/html; charset=utf8" > + <title>MOA-ID 3.1.x</title> + <link rel="stylesheet" href="./common/main.css" type="text/css"> + <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> + <link href='https://fonts.googleapis.com/css?family=Roboto:300,400' rel='stylesheet' type='text/css'> + <script language="JavaScript" type="text/javascript"> + + function PVP2LoginIframe(url) { + var el = document.getElementById("demologin"); + var iframe = document.createElement("iframe"); + iframe.setAttribute("src", url); + iframe.setAttribute("width", "240"); + iframe.setAttribute("height", "180"); + iframe.setAttribute("frameborder", "0"); + iframe.setAttribute("scrolling", "no"); + iframe.setAttribute("title", "Login"); + //iframe.setAttribute("scrolling", "yes"); + + iframe.setAttribute("name", "iframelogin"); + iframe.setAttribute("id", "iframelogin"); + + + iframe.setAttribute("onload","iframeLoaded()"); + + var divdemologin = document.getElementById("demologin"); + divdemologin.innerHTML=""; + + el.appendChild(iframe, el); + } + + function iframeLoaded(){ + //console.log(document.title); + var ifr=document.getElementById("iframelogin"); + + //only works on same origin + + /* + var iframedoc=(ifr.contentWindow||ifr.contentDocument); + + //var iframedoc=ifr.contentDocument||iframe.contentWindow.document; + console.log(iframedoc.title); + if(iframedoc.title=="Demo Applikation"){ + ifr.setAttribute("width",480); + ifr.setAttribute("height",240); + + var demologin=document.getElementById("demologin"); + demologin.style.marginRight="250px"; + } + */ + } + + </script> + </head> + <body> + <div id="headline"> + <div class="container"> + <a href="http://www.digitales.oesterreich.gv.at/"><img src="./common/logo_digAT.png"/></a> + <a href="../index.html"><h1>MOA-ID-AUTH </h1></a> + <br/> + </div> + </div> + <div id="description" class="container"> + <p>Bei MOA-ID-AUTH handelt es sich um ein Modul für die Identifizierung und Authentifizierung bei Onlineapplikationen unter Verwendung der Bürgerkarte. + Hier kann sowohl die Smartcard-Variante (e-Card) als auch die Handysignatur verwendet werden. + Die Konfiguration des Modules MOA-ID-Auth erfolgt mit Hilfe des Zusatzmodules MOA-ID-Configuration welches eine web-basierte Konfigurationsschnittstelle zur Verfügung stellt.</p> + </div> + <div id="maincontent" class="container"> + <nav> + <ul> + <!--li><a href="_index.html">Allgemein</a></li--> + <!--li><a href="http://joinup.ec.europa.eu/site/moa-idspss/">Dokumentation</a></li--> + <li><a href="http://joinup.ec.europa.eu/site/moa-idspss/moa-id-3.x/doc/handbook">Dokumentation</a></li> + <!--Link zu den Demo-Clients--> + <li><a href=#>Demo Clients</a></li> + <!--Link zum Konfigtool--> + <li><a href="https://localhost:8443/moa-id-configuration">Konfiguration GUI</a></li> + <li><a href="./TransferSSOSession">Transfer Single Sign-On Session to Smartphone App</a></li> + + </ul> + </nav> + <div id="demologin" class="container"> + <br/> + <a href="#" id="loginButton" class="button" onClick="PVP2LoginIframe('https://menja.iaik.tugraz.at:8443/moa-id-oa/servlet/pvp2login')">Login</a> + <p id="loginText">Über den Login-Button können Sie sich anschließend bei Ihrer Online-Applikation mit der Bürgerkarte oder der Handysignatur anmelden. Dazu müssen Sie allerdings zuvor die Applikation gemäß <a href="http://joinup.ec.europa.eu/site/moa-idspss/moa-id-3.x/doc/handbook/application/application.html#DemoApp_pvp21">Beschreibung</a> konfigurieren.</p> + </div> + </div> + + </body> +</html>
\ No newline at end of file diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_bk.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_bk.html new file mode 100644 index 000000000..708be703b --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_bk.html @@ -0,0 +1,100 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html lang="de"> + <head> + <title>Information</title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> + <meta http-equiv="Content-Style-Type" content="text/css"> + <link rel="stylesheet" type="text/css" href="css/index.css"> + </head> + <body> + <div id="wrapper"> + <p id="skiplinks"> + <a href="#content">Zum Inhalt springen</a> + </p> + <div id="banner"> + <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) --> + <div id="bannerleft"> + <h1>MOA-Template zur Bürgerkartenauswahl (Musterseite)</h1> + <!-- Meldung im Browser, wenn JavaScript nicht aktiviert --> + <noscript> + <p> + Bitte aktivieren Sie JavaScript. + </p> + </noscript> + </div> + <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) --> + <div id="bannerright"> + <img src="img/logo.jpg" alt="Logo"> + </div> + </div> + <div id="main"> + <div id="centercontent"> + <h2 id="contentheader" class="dunkel"> + Informationen zur Bürgerkarte + </h2> + <div id="content" class="hell"> + <p> + <B>Hinweis:</B> + Für natürliche Personen ist beim Login mit Bürgerkarte keine Erstanmeldung erforderlich. + </p> + <p> + Um mit der Bürgerkarte einsteigen zu können, benötigen Sie: + </p> + <ul> + <li> + eine Chipkarte, die für die Verwendung als Bürgerkarte geeignet ist, wie zum Beispiel Ihre e-card, Bankomatkarte oder Signaturkarte von A-Trust + </li> + <li> + einen Kartenleser mit den dazugehörigen Treibern + </li> + <li> + eine Bürgerkartensoftware (BKU) + </li> + </ul> + <p> </p> + <p>oder</p> + <ul> + <li> + ein Mobiltelefon, das zur Nutzung als Handysignatur registriert ist. + </li> + </ul> +<p> + </p> +<p>Als Bürgerkartensoftware stehen Ihnen folgende drei Varianten zur Verfügung: + </p> + <ul> + <li><i>Lokale BKU</i>: Diese Software wird lokal auf Ihrem Computer installiert. Die Software finden sie unter <a href="http://www.buergerkarte.at/download.de.php" target="_blank">http://www.buergerkarte.at/download.de.php</a> + </li> + <li><i>Online BKU</i>: Mit der Online BKU wird keine lokale Bürgerkartensoftware am PC benötigt. Über JAVA Technologien werden die benötigten Funktionen als Applet im Browser ausgeführt. Einzige Voraussetzung ist eine aktuelle JAVA Version (ab Java 6). + </li> + <li><i>Handysignatur</i>: Mit der Handysignatur können Sie sich mittels ihres Mobiltelefons anmelden. Voraussetzung ist eine vorherige Registrierung. Mehr Informationen hierzu finden Sie auf: <a href="https://www.handy-signatur.at/" target="_blank">https://www.handy-signatur.at/</a><br> + <br> + <b>Informationen zur Bürgerkarte finden Sie hier:</b> + </li> + </ul> + <ul> + <li> + <a href="http://www.digitales.oesterreich.gv.at" target="_blank">Digitales Österreich</a>: Informationen rund um E-Government + </li> + <li> + <a href="http://www.buergerkarte.at" target="_blank">Bürgerkarte</a>: Informationen zur Bürgerkarte + </li> + </ul> + <p> + <br> + <b>Hier bekommen Sie Ihre Bürgerkarte:</b> + </p> + <ul> + <li> + <a href="http://www.a-trust.at/" target="_blank">A-Trust</a>: Aktivieren der Bankomatkarte/e-card als Bürgerkarte oder Registrierung ihres Mobiltelefons als Bürgerkarte oder Ausstellung einer eigenen Bürgerkarte + </li> + </ul> + <p align="center"> + <a href="javascript:history.back();" class="link_nav">zurück</a> + </p> + </div> + </div> + </div> + </div> + </body> +</html>
\ No newline at end of file diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_mandates.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_mandates.html new file mode 100644 index 000000000..f5e935338 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_mandates.html @@ -0,0 +1,58 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html lang="de"> + <head> + <title>Information</title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> + <meta http-equiv="Content-Style-Type" content="text/css"> + <link rel="stylesheet" type="text/css" href="css/index.css"> + </head> + <body> + <div id="wrapper"> + <p id="skiplinks"> + <a href="#content">Zum Inhalt springen</a> + </p> + <div id="banner"> + <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) --> + <div id="bannerleft"> + <h1>MOA-Template zur Bürgerkartenauswahl (Musterseite)</h1> + <!-- Meldung im Browser, wenn JavaScript nicht aktiviert --> + <noscript> + <p> + Bitte aktivieren Sie JavaScript. + </p> + </noscript> + </div> + <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) --> + <div id="bannerright"> + <img src="img/logo.jpg" alt="Logo"> + </div> + </div> + <div id="main"> + <div id="centercontent"> + <h2 id="contentheader" class="dunkel"> + Information zur Anmeldung mittels elektronischer Vollmacht + </h2> + <div id="content" class="hell"> + <p> + <p>Aktivieren Sie das Kästchen <input type="checkbox" checked="true" readonly="true" enabled="false"/> "in Vertretung anmelden", + wenn Sie sich als Vertreter für eine andere Person anmelden möchten. Das Vollmachtenservice + der Stammzahlenregisterbehörde bietet Ihnen Ihre verfügbaren Vollmachten zur Auswahl an.</p> + + + <p>Das Service zum Eintragen einer Vollmacht zwischen zwei natürlichen Personen können Sie + unter dem Hyperlink <a href="https://vollmachten.stammzahlenregister.gv.at/">Bilaterale Vollmacht</a> + eintragen.</p> + + <p>Als Organwalter (gemäß § 5 Abs. 3 E-GovG) und berufsmäßige Parteinvertreter, + aktivieren Sie bitte ebenfalls das Kästchen <input type="checkbox" checked="true" readonly="true" enabled="false"/> "in Vertretung anmelden".</p> + + + <p><span style="text-decoration: underline">Hinweis</span>: Welche Vollmachten Ihnen bei der jeweiligen + Bürgerkartenapplikation zur Verfügung stehen, hängt vom Anwendungsbetreiber ab.</p> + </p> + </div> + </div> + </div> + </div> + </body> +</html>
\ No newline at end of file diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_stork.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_stork.html new file mode 100644 index 000000000..048f0ac78 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/info_stork.html @@ -0,0 +1,42 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html lang="de"> + <head> + <title>Information (STORK)</title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> + <meta http-equiv="Content-Style-Type" content="text/css"> + <link rel="stylesheet" type="text/css" href="css/index.css"> + </head> + <body> + <div id="wrapper"> + <p id="skiplinks"> + <a href="#content">Go to contents</a> + </p> + <div id="banner"> + <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) --> + <div id="bannerleft"> + <h1>Information using STORK for secure authentication</h1> + <!-- Meldung im Browser, wenn JavaScript nicht aktiviert --> + <noscript> + <p> + Please activate JavaScript. + </p> + </noscript> + </div> + <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) --> + <div id="bannerright"> + <img src="img/stork-logo.png" alt="STORK-Logo"> + </div> + </div> + <div id="main"> + <h2 id="contentheader" class="dunkel"> + Information using STORK for secure authentication + </h2> + <div id="content" class="hell"> + + <p>The STORK project makes it easier for citizens to access online public services across borders by implementing Europe-wide interoperable cross border platforms for the mutual recognition of national electronic identity (eID) between participating countries.</p> + <p>For more information, please consult the STORK website:</p><a href="https://www.eid-stork2.eu/">https://www.eid-stork2.eu/</a> + </div> + </div> + </div> + </body> +</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/moa_errorcodes.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/moa_errorcodes.html index a5702d60d..a5702d60d 100644 --- a/id/server/auth/src/main/webapp/moa_errorcodes.html +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/moa_errorcodes.html diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_handyBKU.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_handyBKU.html new file mode 100644 index 000000000..08071ac3a --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_handyBKU.html @@ -0,0 +1,38 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html lang="de"> + <head> + <title></title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> + <script language="javascript" type="text/javascript"> + function onAnmeldeSubmit() { + document.CustomizedForm.submit(); + document.CustomizedForm.Senden.disabled=true; + } + </script> + </head> + <body onLoad="onAnmeldeSubmit()"> + <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data"> + Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: + <input class="button" type="submit" value="Starte Anmeldung" name="Senden"> + <input type="hidden" name="XMLRequest" value="<XMLRequest>"> + <input type="hidden" name="DataURL" value="<DataURL>"> + <input type="hidden" name="PushInfobox" value="<PushInfobox>"> + + <!-- Angabe der Parameter für die Handy-BKU --> + <input type="hidden" name="appletWidth" value="<APPLETWIDTH>"> + <input type="hidden" name="appletHeight" value="<APPLETHEIGHT>"> + + <!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Handy-BKU --> + <input type="hidden" name="backgroundColor" value="<COLOR>"> + + <input type="hidden" name="redirecttarget" value="<REDIRECTTARGET>"> + </form> + + <form name="CustomizedInfoForm" action="<BKU>" method="post"> + <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>"> + <input type="hidden" name="DataURL" value="<CertInfoDataURL>"> + </form> + <form name="DummyForm" action="<BKU>" method="post"> + </form> + </body> +</html>
\ No newline at end of file diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_localBKU.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_localBKU.html new file mode 100644 index 000000000..b9905c4af --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_localBKU.html @@ -0,0 +1,30 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html lang="de"> + <head> + <title></title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> + <script language="javascript" type="text/javascript"> + function onAnmeldeSubmit() { + document.CustomizedForm.submit(); + document.CustomizedForm.Senden.disabled=true; + } + </script> + </head> + <body onLoad="onAnmeldeSubmit()"> + <form target=<REDIRECTTARGET> name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data"> + Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: + <input class="button" type="submit" value="Starte Anmeldung" name="Senden"> + <input type="hidden" name="XMLRequest" value="<XMLRequest>"> + <input type="hidden" name="DataURL" value="<DataURL>"> + <input type="hidden" name="PushInfobox" value="<PushInfobox>"> + </form> + + <form name="CustomizedInfoForm" action="<BKU>" method="post"> + <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>"> + <input type="hidden" name="DataURL" value="<CertInfoDataURL>"> + </form> + + <form name="DummyForm" action="<BKU>" method="post"> + </form> + </body> +</html> diff --git a/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_onlineBKU.html b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_onlineBKU.html new file mode 100644 index 000000000..a9932d49d --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/mainGUI/template_onlineBKU.html @@ -0,0 +1,37 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html lang="de"> + <head> + <title></title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> + <script language="javascript" type="text/javascript"> + function onAnmeldeSubmit() { + document.CustomizedForm.submit(); + document.CustomizedForm.Senden.disabled=true; + } + </script> + </head> + <body onLoad="onAnmeldeSubmit()"> + <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data"> + Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier: + <input class="button" type="hidden" value="Starte Anmeldung" name="Senden"> + <input type="hidden" name="XMLRequest" value="<XMLRequest>"> + <input type="hidden" name="DataURL" value="<DataURL>"> + <input type="hidden" name="PushInfobox" value="<PushInfobox>"> + + <!-- Angabe der Parameter fuer die Online-BKU --> + <input type="hidden" name="appletWidth" value="<APPLETWIDTH>"> + <input type="hidden" name="appletHeight" value="<APPLETHEIGHT>"> + + <!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Online-BKU --> + <input type="hidden" name="appletBackgroundColor" value="<COLOR>"> + <input type="hidden" name="redirectTarget" value="<REDIRECTTARGET>"> + </form> + + <form name="CustomizedInfoForm" action="<BKU>" method="post"> + <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>"> + <input type="hidden" name="DataURL" value="<CertInfoDataURL>"> + </form> + <form name="DummyForm" action="<BKU>" method="post"> + </form> + </body> +</html> diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/css_template.css b/id/server/moa-id-frontend-resources/src/main/resources/templates/css_template.css new file mode 100644 index 000000000..a334b258d --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/css_template.css @@ -0,0 +1,671 @@ +@charset "utf-8"; + @media screen and (min-width: 650px) { + + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: center; + background-color: #6B7B8B; + } + + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #localBKU p { + font-size: 0.7em; + } + + #localBKU input{ + font-size: 0.85em; + /*border-radius: 5px;*/ + } + + #bkuselectionarea input[type=button] { + font-size: 0.85em; + /*border-radius: 7px;*/ + margin-bottom: 25px; + min-width: 80px; + } + + #mandateLogin { + font-size: 0.85em; + } + + #bku_header h2 { + font-size: 0.8em; + } + + + #page { + display: block; + border: 2px solid rgb(0,0,0); + width: 650px; + height: 460px; + margin: 0 auto; + margin-top: 5%; + position: relative; + border-radius: 25px; + background: rgb(255,255,255); + } + + #page1 { + text-align: center; + } + + #main { + /* clear:both; */ + position:relative; + margin: 0 auto; + /*width: 250px;*/ + text-align: center; + } + + .OA_header { + /* background-color: white;*/ + font-size: 20pt; + margin-bottom: 25px; + margin-top: 25px; + } + #alert_area { + width: 500px; + padding-left: 80px; + } + #leftcontent { + /*float:left; */ + width:250px; + margin-bottom: 25px; + text-align: left; + border: 1px solid rgb(0,0,0); + } + + #selectArea { + font-size: 15px; + padding-bottom: 65px; + } + + #leftcontent { + width: 300px; + /*margin-top: 30px;*/ + margin: auto; + } + + #bku_header { + height: 5%; + padding-bottom: 3px; + padding-top: 3px; + } + + #bkulogin { + overflow:hidden; + min-width: 190px; + min-height: 180px; + /*height: 260px;*/ + } + + h2#tabheader{ + font-size: 1.1em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + #stork h2 { + font-size: 1.0em; + margin-bottom: 2%; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 100px; + height: 30px + } + + #leftbutton { + width: 30%; + float:left; + margin-left: 40px; + } + + #rightbutton { + width: 30%; + float:right; + margin-right: 45px; + text-align: right; + } + + button { + height: 25px; + width: 75px; + margin-bottom: 10px; + } + + + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } + + } + + @media screen and (max-width: 205px) { + #localBKU p { + font-size: 0.6em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #localBKU input { + font-size: 0.6em; + min-width: 60px; + /* max-width: 65px; */ + min-height: 1.0em; + /* border-radius: 5px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.7em; + min-width: 55px; + /*min-height: 1.1em; + border-radius: 5px;*/ + margin-bottom: 2% + } + + #mandateLogin { + font-size: 0.65em; + } + + #bku_header h2 { + font-size: 0.8em; + margin-top: -0.4em; + padding-top: 0.4em; + } + + #bkulogin { + min-height: 150px; + } + } + + @media screen and (max-width: 249px) and (min-width: 206px) { + #localBKU p { + font-size: 0.7em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #localBKU input { + font-size: 0.7em; + min-width: 70px; + /* max-width: 75px; */ + min-height: 0.95em; + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.75em; + min-width: 60px; + /* min-height: 0.95em; + border-radius: 6px; */ + margin-bottom: 5% + } + + #mandateLogin { + font-size: 0.75em; + } + + #bku_header h2 { + font-size: 0.9em; + margin-top: -0.45em; + padding-top: 0.45em; + } + + #bkulogin { + min-height: 180px; + } + } + + @media screen and (max-width: 299px) and (min-width: 250px) { + #localBKU p { + font-size: 0.9em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 75px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.85em; + /* min-height: 1.05em; + border-radius: 7px; */ + margin-bottom: 10%; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2 { + font-size: 1.0em; + margin-top: -0.50em; + padding-top: 0.50em; + } + } + + @media screen and (max-width: 399px) and (min-width: 300px) { + #localBKU p { + font-size: 0.9em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 75px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.9em; + /* min-height: 1.2em; + border-radius: 8px; */ + margin-bottom: 10%; + max-width: 80px; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2 { + font-size: 1.1em; + margin-top: -0.55em; + padding-top: 0.55em; + } + } + + @media screen and (max-width: 649px) and (min-width: 400px) { + #localBKU p { + font-size: 0.9em; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 80px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 1.0em; + /* min-height: 1.3em; + border-radius: 10px; */ + margin-bottom: 10%; + max-width: 85px; + } + + #mandateLogin { + font-size: 1.2em; + } + + #bku_header h2 { + font-size: 1.3em; + margin-top: -0.65em; + padding-top: 0.65em; + } + } + + + + @media screen and (max-width: 649px) { + + body { + margin:0; + padding:0; + color : #000; + text-align: center; + font-size: 100%; + background-color: $MAIN_BACKGOUNDCOLOR; + } + .browserInfoButton{ + color: rgb(128, 128, 128); + } + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; + display: none; + } + + .OA_header { + margin-bottom: 0px; + margin-top: 0px; + font-size: 0pt; + visibility: hidden; + } + + #alert_area { + visibility: visible; + width: 250px; + } + #alert_area > p:first-child { + display: none; + visibility: hidden; + } + + #leftcontent { + visibility: visible; + margin-bottom: 0px; + text-align: left; + border:none; + vertical-align: middle; + min-height: 173px; + min-width: 204px; + + } + + #bku_header { + height: 10%; + min-height: 1.2em; + margin-top: 1%; + } + + h2#tabheader{ + padding-left: 2%; + padding-right: 2%; + position: relative; + top: 50%; + } + + #stork h2 { + font-size: 0.9em; + margin-bottom: 2%; + } + + #bkulogin { + min-width: 190px; + min-height: 155px; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + input[type=button] { +/* height: 11%; */ + width: 70%; + } + } + + * { + margin: 0; + padding: 0; + #if($FONTTYPE) + font-family: $FONTTYPE; + #end + } + + #selectArea { + padding-top: 10px; + padding-bottom: 55px; + padding-left: 10px; + } + + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + #leftbutton { + width: 35%; + float:left; + margin-left: 15px; + } + + #rightbutton { + width: 35%; + float:right; + margin-right: 25px; + text-align: right; + } + + #stork { + /*margin-bottom: 10px;*/ + /* margin-top: 5px; */ + } + + #mandateLogin { + padding-bottom: 4%; + padding-top: 4%; + height: 10%; + position: relative; + text-align: center; + } + + .verticalcenter { + vertical-align: middle; + } + + #mandateLogin div { + clear: both; + margin-top: -1%; + position: relative; + top: 50%; + } + + #bkuselectionarea { + position: relative; + display: block; + } + + #localBKU { + padding-bottom: 4%; + /*padding-top: 4%;*/ + position: relative; + clear: both; + text-align: center; + } + + #bkukarte { + float:left; + text-align:center; + width:40%; + min-height: 70px; + padding-left: 5%; + padding-top: 2%; + } + + #bkuhandy { + float:right; + text-align:center; + width:40%; + min-height: 90px; + padding-right: 5%; + padding-top: 2%; + } + + .bkuimage { + width: 70%; + height: auto; + } + + #mandate{ + text-align:center; + padding : 5px 5px 5px 5px; + } + +/* input[type=button], .sendButton { + background: $BUTTON_BACKGROUNDCOLOR; + color: $BUTTON_COLOR; +/* border:1px solid #000; */ +/* cursor: pointer; +/* box-shadow: 3px 3px 3px #222222; */ +/* } + +/* button:hover, button:focus, button:active, + .sendButton:hover , .sendButton:focus, .sendButton:active, + #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { + background: $BUTTON_BACKGROUNDCOLOR_FOCUS; + color: $BUTTON_COLOR; +/* border:1px solid #000; */ +/* cursor: pointer; +/* box-shadow: -1px -1px 3px #222222; */ +/* } + +*/ + input { + /*border:1px solid #000;*/ + cursor: pointer; + } + + #localBKU input { +/* color: $BUTTON_COLOR; */ + /*border: 0px;*/ + display: inline-block; + + } + + #localBKU input:hover, #localBKU input:focus, #localBKU input:active { + /*text-decoration: underline;*/ + } + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + + .selectText{ + + } + + + .selectTextHeader{ + + } + + .sendButton { + width: 30%; + margin-bottom: 1%; + } + + #leftcontent a { + text-decoration:none; + color: #000; + /* display:block;*/ + padding:4px; + } + + #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { + text-decoration:underline; + color: #000; + } + + .infobutton { + background-color: #005a00; + color: white; + font-family: serif; + text-decoration: none; + padding-top: 2px; + padding-right: 4px; + padding-bottom: 2px; + padding-left: 4px; + font-weight: bold; + } + + .hell { + background-color : $MAIN_BACKGOUNDCOLOR; + color: $MAIN_COLOR; + } + + .dunkel { + background-color: $HEADER_BACKGROUNDCOLOR; + color: $HEADER_COLOR; + } + + .main_header { + color: black; + font-size: 32pt; + position: absolute; + right: 10%; + top: 40px; + + } + + #ssoSessionTransferBlock { + font-size: 0.8em; + margin-left: 5px; + margin-bottom: 5px; + } + #processInfoArea { + margin-bottom: 15px; + margin-top: 15px; + } + #processSelectionArea { + width: 550px; + margin-left: 25px; + margin-top: 35px; + } + .processSelectionButtonArea { + float: none; + margin-bottom: 20px; + height: 35px; + } + .processSelectionButton { + background: #ababab; + cursor: pointer; + height: 30px; + width: 200px; + float: right; + border-style: solid; + border-bottom-width: 2px; + border-right-width: 2px; + border-left-width: 1px; + border-top-width: 1px; + border-color: #000000; + } + .buttonDescription { + float: left; + margin-left: 10px; + padding-top: 4px; + text-align: left; + width: 330px; + } + #processContent { + margin-top: 25px; + }
\ No newline at end of file diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/error_message.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/error_message.html new file mode 100644 index 000000000..4fd4d63cd --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/error_message.html @@ -0,0 +1,37 @@ +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <link rel="stylesheet" href="$contextPath/css/buildCSS" /> + + <title>An error arise ... </title> +</head> + + <body> + <div id="page"> + <div id="page1" class="case selected-case" role="main"> + <h2 class="OA_header" role="heading">Authentication error arise</h2> + <!--div id="main"--> + <!--div id="leftcontent" class="hell" role="application"--> + + + + <div id="alert_area" class="hell" role="application" > + <p>The authentication stops on account of a process error:</p> + <br/> + <p><b>Error Code:</b> $errorCode</p> + <p><b>Error Message:</b >$errorMsg</p> + </div> + + + #if($stacktrace) + <div> + <p><b>Stacktrace:</b> $stacktrace</p> + </div> + #end + + <!--/div---> + <!--/div--> + </div> + </div> +</body> +</html>
\ No newline at end of file diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/javascript_tempalte.js b/id/server/moa-id-frontend-resources/src/main/resources/templates/javascript_tempalte.js new file mode 100644 index 000000000..a463bae65 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/javascript_tempalte.js @@ -0,0 +1,200 @@ +function isIE() { + return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); + } + function isFullscreen() { + try { + return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); + } catch (e) { + return false; + } + } + function isActivexEnabled() { + var supported = null; + try { + supported = !!new ActiveXObject("htmlfile"); + } catch (e) { + supported = false; + } + return supported; + } + function isMetro() { + if (!isIE()) + return false; + return !isActivexEnabled() && isFullscreen(); + } + window.onload=function() { + document.getElementById("localBKU").style.display="block"; + return; + } + function bkuLocalClicked() { + setMandateSelection(); + } + + function bkuOnlineClicked() { + if (isMetro()) + document.getElementById("metroDetected").style.display="block"; + document.getElementById("localBKU").style.display="block"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var iFrameURL = "$contextPath$submitEndpoint" + "?"; + iFrameURL += "&pendingid=" + "$pendingReqID"; + + iFrameURL += "&bkuURI=" + "$bkuOnline"; + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; + + generateIFrame(iFrameURL); + } + function bkuHandyClicked() { + document.getElementById("localBKU").style.display="none"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var iFrameURL = "$contextPath$submitEndpoint" + "?"; + iFrameURL += "&pendingid=" + "$pendingReqID"; + + iFrameURL += "&bkuURI=" + "$bkuHandy"; + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; + + generateIFrame(iFrameURL); + } + function storkClicked() { + document.getElementById("localBKU").style.display="none"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var ccc = "AT"; + var countrySelection = document.getElementById("cccSelection"); + if (countrySelection != null) { + ccc = document.getElementById("cccSelection").value; + } + var iFrameURL = "$contextPath$submitEndpoint" + "?"; + iFrameURL += "&pendingid=" + "$pendingReqID"; + + #if($bkuOnline) + iFrameURL += "&bkuURI=" + "$bkuOnline"; + #end + + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; + iFrameURL += "&CCC=" + ccc; + + generateIFrame(iFrameURL); + } + function generateIFrame(iFrameURL) { + var el = document.getElementById("bkulogin"); + var width = el.clientWidth; + var heigth = el.clientHeight - 20; + var parent = el.parentNode; + + iFrameURL += "&heigth=" + heigth; + iFrameURL += "&width=" + width; + + var iframe = document.createElement("iframe"); + iframe.setAttribute("src", iFrameURL); + iframe.setAttribute("width", el.clientWidth - 1); + iframe.setAttribute("height", el.clientHeight - 1); + iframe.setAttribute("frameborder", "0"); + iframe.setAttribute("scrolling", "no"); + iframe.setAttribute("title", "Login"); + parent.replaceChild(iframe, el); + } + function setMandateSelection() { + document.getElementById("useMandate").value = "false"; + var checkbox = document.getElementById("mandateCheckBox"); + if (checkbox != null) { + if (document.getElementById("mandateCheckBox").checked) { + document.getElementById("useMandate").value = "true"; + } + } + } + function onChangeChecks() { + if (self.innerWidth < 650) { + document.getElementById("moaidform").setAttribute("target","_parent"); + } else { + document.getElementById("moaidform").removeAttribute("target"); + } + + } + + function checkIfBrowserSupportsJava(){ + console.log("Browser is Chrome: "+checkIfBrowserIsChrome()); + console.log("Browser is Safari: "+checkIfBrowserIsSafari()); + console.log("Browser is Edge: "+checkIfBrowserIsEdge()); + + var cnt = 0; + + if(checkIfBrowserIsChrome())cnt++; + if(checkIfBrowserIsEdge())cnt++; + if(checkIfBrowserIsSafari())cnt++; + + if(cnt==0 || cnt>1)//cnt>1 means perhaps wrong detection + return true; + + var image = document.getElementById("bkuimage"); + var srcatt = image.getAttribute("src"); + var last = srcatt.substring(srcatt.lastIndexOf('/')+1); + srcatt = srcatt.replace(last,'karte_deactivated.png'); + image.setAttribute("src",srcatt); + + + var button = document.getElementsByName("bkuButtonOnline")[0]; + button.setAttribute("class","browserInfoButton"); + button.setAttribute("title","Java wird nicht unterstützt, klicken für mehr Informationen."); + button.setAttribute("onClick","alert('Java wird von Ihrem Browser nicht unterstützt, ist jedoch für den Betrieb der Online Bürgerkartenumgebung notwendig.\\nWollen Sie dennoch die Online Bürgerkartenumgebung verwenden, wird zur Zeit Java noch von Firefox und MS Internet Explorer unterstützt. \\nAlternativ koennen Sie auch eine lokale Bürgerkartenumgebung verwenden, verfügbar unter www.buergerkarte.at.');"); + + return false; + + } + function checkIfBrowserIsChrome(){ + var chrome_defined = !!window.chrome;//chrome object defined + var webstore_defined = false; + if(window.chrome){ + webstore_defined = !!window.chrome.webstore; + } + return chrome_defined && webstore_defined; + } + function checkIfBrowserIsEdge(){//edge also defines the chrome object, but not the webapp + var chrome_defined = !!window.chrome;//chrome object defined + var webstore_defined = true; + if(window.chrome){ + webstore_defined = !!window.chrome.webstore; + } + return chrome_defined && !webstore_defined; + } + function checkIfBrowserIsSafari(){ + var cond1 = Object.prototype.toString.call(window.HTMLElement).indexOf('Constructor') > 0; + return cond1; + } +/* function setSSOSelection() { + document.getElementById("useSSO").value = "false"; + var checkbox = document.getElementById("SSOCheckBox"); + if (checkbox != null) { + if (document.getElementById("SSOCheckBox").checked) { + document.getElementById("useSSO").value = "true"; + } + } + } */ + +/* function checkMandateSSO() { + var sso = document.getElementById("SSOCheckBox"); + var mandate = document.getElementById("mandateCheckBox"); + + + if (sso.checked && mandate.checked) { + alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!") + mandate.checked = false; + sso.checked = false; + return true; + } else { + return false; + } + } */
\ No newline at end of file diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html new file mode 100644 index 000000000..6c70b57b3 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/loginFormFull.html @@ -0,0 +1,92 @@ +<!DOCTYPE html> +<html> +<head> +<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> + + <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> + <script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script> + + +<title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title> +</head> +<body onload="onChangeChecks();checkIfBrowserSupportsJava();" onresize="onChangeChecks();"> + <div id="page"> + <div id="page1" class="case selected-case" role="main"> + <h2 class="OA_header" role="heading">Anmeldung an: $OAName</h2> + <div id="main"> + <div id="leftcontent" class="hell" role="application"> + <div id="bku_header" class="dunkel"> + <h2 id="tabheader" class="dunkel" role="heading">$HEADER_TEXT</h2> + </div> + <div id="bkulogin" class="hell" role="form"> + <div id="mandateLogin" style=""> + <div> + <input tabindex="1" type="checkbox" name="Mandate" + id="mandateCheckBox" class="verticalcenter" role="checkbox" + onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'$MANDATECHECKED> + <label for="mandateCheckBox" class="verticalcenter">in + Vertretung anmelden</label> + <!--a href="info_mandates.html" + target="_blank" + class="infobutton verticalcenter" + tabindex="5">i</a--> + </div> + </div> + <div id="bkuselectionarea"> + <div id="bkukarte"> + <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" + alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" + onClick="bkuOnlineClicked();" tabindex="2" role="button" + value="Karte" /> + </div> + <div id="bkuhandy"> + <img class="bkuimage" src="$contextPath/img/handysign.png" + alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" + onClick="bkuHandyClicked();" tabindex="3" role="button" + value="HANDY" /> + </div> + </div> + <div id="localBKU"> + <form method="get" id="moaidform" action="$contextPath$submitEndpoint" + class="verticalcenter" target="_parent"> + <input type="hidden" name="bkuURI" value="$bkuLocal" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="SSO" id="useSSO" /> + <input type="hidden" name="ccc" id="ccc" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" + role="button" onclick="setMandateSelection();"> + </form> + </div> + + <!-- Single Sign-On Session transfer functionality --> + <!--div id="ssoSessionTransferBlock"> + <a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + </div--> + + <div id="stork" align="center" style="$STORKVISIBLE"> + <h2 id="tabheader" class="dunkel">Home Country Selection</h2> + <p> + <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" > + $countryList + </select> + <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button> + <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a> + </p> + </div> + + <div id="metroDetected" style="display: none"> + <p>Anscheinend verwenden Sie Internet Explorer im + Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den + Optionen um die Karten-Anmeldung starten zu können.</p> + </div> + </div> + </div> + </div> + </div> + </div> +</body> +</html> diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/redirectForm.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/redirectForm.html new file mode 100644 index 000000000..ac3242c89 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/redirectForm.html @@ -0,0 +1,13 @@ +<html> +<head> +<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> +<script type="text/javascript"> + </script> +</head> + + +<body onload="document.getElementById('link').click();"> + <a href="$URL" target="$TARGET" id="link">CLICK to perform a + redirect back to Online Application</a> +</body> +</html> diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/sendAssertionFormFull.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/sendAssertionFormFull.html new file mode 100644 index 000000000..a9f0c4238 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/sendAssertionFormFull.html @@ -0,0 +1,52 @@ +<!DOCTYPE html> +<html> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=#ID#" /> + + <title>Anmeldung an Online-Applikation</title> +</head> + + +<body> + <div id="page"> + + <div id="page1" class="case selected-case" role="main"> + +<!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> --> + + <div id="main"> + <div id="leftcontent" class="hell"> + <div id="bku_header" class="dunkel"> + <h2 id="tabheader" class="dunkel" role="heading"> + Anmeldeinformationen: + </h2> + </div> + + <div id="selectArea" class="hell" role="application"> + <h3>Anmeldung an: $OAName</h3> + +<!-- <div class="hell"> --> + <div id="leftbutton"> + <form method="post" id="moaidform_yes" action="$contextPath$submitEndpoint"> + <input type="hidden" name="value" value="true"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Ja" class="setAssertionButton_full" role="button"> + </form> + </div> + <div id="rightbutton"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> + <input type="hidden" name="value" value="false"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Nein" class="setAssertionButton_full" role="button"> + </form> + </div> + + </div> + </div> + </div> + </div> + </div> +</body> +</html> diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/slo_template.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/slo_template.html new file mode 100644 index 000000000..b3eb18082 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/slo_template.html @@ -0,0 +1,94 @@ +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <link rel="stylesheet" href="$contextPath/css/buildCSS" /> + + #if($timeoutURL) + <script type="text/javascript"> + function sloTimeOut() { + window.location.href="$timeoutURL"; + + } + function RestartAfterDelay() { + var eDate = null; + var MilliSekZeit = 0; + var SysDatumJetzt = new Date(); + var SysDatumJetztMilli = SysDatumJetzt.getTime(); + + do { + eDate = new Date(); + MilliSekZeit = eDate.getTime(); + + } while ((MilliSekZeit-SysDatumJetztMilli) < $timeout); + + sloTimeOut(); + } + + </script> + #end + + <title>Single LogOut Vorgang ... </title> +</head> + +#if($timeoutURL) + <body onload='setTimeout(sloTimeOut, $timeout);'> +#else + <body> +#end + <noscript> + <p> + <strong>Note:</strong> Since your browser does not support + JavaScript, you must press the Continue button once to proceed. + </p> + </noscript> + + <div id="page"> + <div id="page1" class="case selected-case" role="main"> + <h2 class="OA_header" role="heading">MOA-ID Single LogOut Information</h2> + <div id="main"> + <div id="leftcontent" class="hell" role="application"> + + #if($errorMsg) + <div class="alert"> + <p>$errorMsg</p> + </div> + #end + + #if($successMsg) + <div> + <p>$successMsg</p> + </div> + #end + + #if($redirectURLs) + <div> + <p> + Sie werden von allen Online-Applikationen abgemeldet. <br> + Dieser Vorgang kann einige Zeit in Anspruch nehmen. + </p> + </div> + #end + + </div> + </div> + </div> + <!--div id="validation"> + <a href="http://validator.w3.org/check?uri="> <img + style="border: 0; width: 88px; height: 31px" + src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> + </a> <a href="http://jigsaw.w3.org/css-validator/"> <img + style="border: 0; width: 88px; height: 31px" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" + alt="CSS ist valide!" /> + </a> + </div--> + </div> + + + #foreach( $el in $redirectURLs ) + <iframe src=$el class="reqframe"></iframe> + #end +</body> +</html>
\ No newline at end of file diff --git a/id/server/moa-id-frontend-resources/src/main/resources/templates/sso_transfer_template.html b/id/server/moa-id-frontend-resources/src/main/resources/templates/sso_transfer_template.html new file mode 100644 index 000000000..c76e75d64 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/resources/templates/sso_transfer_template.html @@ -0,0 +1,75 @@ +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <link rel="stylesheet" href="$contextPath/css/buildCSS" /> + + #if($timeoutURL) + <script type="text/javascript"> + function sloTimeOut() { + window.location.href="$timeoutURL"; + + } + + </script> + #end + + <title>Single Sign-On Session Transfer</title> +</head> + +#if($timeoutURL) + <body onload='setTimeout(sloTimeOut, $timeout);'> +#else + <body> +#end + <noscript> + <p> + <strong>Note:</strong> Since your browser does not support + JavaScript, you must press the Continue button once to proceed. + </p> + + <a href="$timeoutURL">Press this link to resume</a> + </noscript> + + <div id="page"> + <div id="page1" class="case selected-case" role="main"> + <h2 class="OA_header" role="heading">MOA-ID Single Sign-On Session Transfer Service</h2> + <div id="main"> + <div id="leftcontent" class="hell" role="application"> + + #if($errorMsg) + <div class="alert"> + <p>$errorMsg</p> + </div> + #end + + #if($successMsg) + <div> + <p>$successMsg</p> + </div> + #end + + #if($QRImage) + <div> + <img id="qrCode" src="data:image/gif;base64,$QRImage"> + </div> + #end + + </div> + </div> + </div> + <!--div id="validation"> + <a href="http://validator.w3.org/check?uri="> <img + style="border: 0; width: 88px; height: 31px" + src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> + </a> <a href="http://jigsaw.w3.org/css-validator/"> <img + style="border: 0; width: 88px; height: 31px" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" + alt="CSS ist valide!" /> + </a> + </div--> + </div> + +</body> +</html>
\ No newline at end of file diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml new file mode 100644 index 000000000..d838bbe53 --- /dev/null +++ b/id/server/moa-id-spring-initializer/pom.xml @@ -0,0 +1,45 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id</groupId> + <artifactId>moa-id</artifactId> + <version>3.x</version> + </parent> + + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-spring-initializer</artifactId> + <version>${moa-id-version}</version> + + <packaging>jar</packaging> + <name>MOA-ID Spring Initializer</name> + + <properties> + <repositoryPath>${basedir}/../../../repository</repositoryPath> + </properties> + + <dependencies> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + </dependency> + + <dependency> + <groupId>at.gv.egiz.components</groupId> + <artifactId>egiz-spring-api</artifactId> + <version>0.1</version> + </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-webmvc</artifactId> + </dependency> + + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + <scope>provided</scope> + </dependency> + + + </dependencies> +</project>
\ No newline at end of file diff --git a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java new file mode 100644 index 000000000..327d659ec --- /dev/null +++ b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringInitializer.java @@ -0,0 +1,157 @@ +package at.gv.egovernment.moa.id.auth; + +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.ServletRegistration; + +import org.springframework.beans.factory.config.BeanDefinition; +import org.springframework.beans.factory.support.BeanDefinitionRegistry; +import org.springframework.beans.factory.xml.XmlBeanDefinitionReader; +import org.springframework.context.support.GenericApplicationContext; +import org.springframework.core.io.ClassPathResource; +import org.springframework.web.WebApplicationInitializer; +import org.springframework.web.context.ContextLoaderListener; +import org.springframework.web.context.request.RequestContextListener; +import org.springframework.web.context.support.GenericWebApplicationContext; +import org.springframework.web.context.support.ServletContextResource; +import org.springframework.web.servlet.DispatcherServlet; + +import at.gv.egiz.components.spring.api.SpringLoader; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; +import at.gv.egovernment.moa.logging.Logger; + +/** + * Web application initializer + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class MOAIDAuthSpringInitializer implements WebApplicationInitializer { + + private String[] rootServletContexts = null; + + private String[] servletContexts = null; + + private String[] activeProfiles = null; + + public MOAIDAuthSpringInitializer() { + this.rootServletContexts = null; + this.servletContexts = new String[] { + "/applicationContext.xml", + + }; + this.activeProfiles = null; + } + + + /* (non-Javadoc) + * @see org.springframework.web.WebApplicationInitializer#onStartup(javax.servlet.ServletContext) + */ + @Override + public void onStartup(ServletContext servletContext) throws ServletException { + try { + Logger.info("=============== Loading Root Context! ==============="); + GenericWebApplicationContext rootContext = new GenericWebApplicationContext(); + rootContext.setServletContext(servletContext); + + Logger.info("=============== Setting active profiles! ==============="); + if (this.activeProfiles != null) { + for (String profile : this.activeProfiles) { + rootContext.getEnvironment().addActiveProfile(profile); + } + } + + Logger.info("=============== Loading Local Contexts! ==============="); + XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader( + rootContext); + if (rootServletContexts != null) { + for (String rootServletContext : rootServletContexts) { + Logger.debug("Loading: "+ rootServletContext); + xmlReader.loadBeanDefinitions(new ServletContextResource( + servletContext, rootServletContext)); + } + } + // Manage the lifecycle of the root application context + servletContext.addListener(new ContextLoaderListener(rootContext)); + + // logger.debug("Beans after logAMQP in {}", rootContext); + // dumpBeanDefinitions(rootContext); + + Logger.info("=============== Loading SPI Context! ==============="); + // logger.debug("Startup with context {}", rootContext); + if (rootContext instanceof BeanDefinitionRegistry) { + Logger.debug("Loading EGIZ components"); + SpringLoader + .loadSpringServices(rootContext); + } else { + Logger.warn("Failed to load external Spring since no BeanDefinitionRegistry"); + } + + Logger.trace("Beans after SPI in "+ rootContext); + dumpBeanDefinitions(rootContext); + + Logger.debug("Loading servlet config in "+ rootContext); + if (servletContexts != null) { + for (String servletContextString : servletContexts) { + xmlReader.loadBeanDefinitions(new ClassPathResource( + servletContextString, + MOAIDAuthSpringInitializer.class)); + } + } + + Logger.debug("Refreshing context "+ rootContext); + rootContext.refresh(); + + Logger.info("=============== Register Dispatcher Servlet! ==============="); + + Logger.trace("Final Beans in "+ rootContext); + dumpBeanDefinitions(rootContext); + + Logger.info("Registering dispatcher configuration"); + ServletRegistration.Dynamic dispatcher = servletContext.addServlet( + "dispatcher", new DispatcherServlet(rootContext)); + if (dispatcher != null) { + dispatcher.setLoadOnStartup(1); + dispatcher.addMapping("/"); + dispatcher.setAsyncSupported(true); + } else { + Logger.error("Failed to register dispatcher server in servlet context!"); + } + + Logger.info("=============== Register RequestContextListener! ==============="); + servletContext.addListener(new RequestContextListener()); + +// Logger.info("=============== Register RequestFilter! ==============="); +// servletContext.addFilter("vHost RequestFilter", new VHostUrlRewriteServletFilter(rootContext)) +// .addMappingForUrlPatterns(null, false, "/*"); + + Logger.info("Basic Context initalisation finished --> Start MOA-ID-Auth initialisation process ..."); + MOAIDAuthInitializer.initialize(rootContext); + Logger.info(MOAIDMessageProvider.getInstance().getMessage( + "init.00", null)); + Logger.info("MOA-ID-Auth initialization finished."); + + + } catch (Throwable e) { + Logger.fatal( + MOAIDMessageProvider.getInstance().getMessage("init.02", + null), e); + + } + + } + + private void dumpBeanDefinitions(GenericApplicationContext context) { + Logger.trace("Registered Bean in context " + context.toString()); + + String[] registeredBeans = context.getBeanDefinitionNames(); + for (String registeredBean : registeredBeans) { + BeanDefinition beanDefinition = context + .getBeanDefinition(registeredBean); + Logger.trace(registeredBean + " -> " + beanDefinition.getBeanClassName()); + + } + + Logger.trace("Registered Bean in context --"+ context); + } +} diff --git a/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java new file mode 100644 index 000000000..def32e144 --- /dev/null +++ b/id/server/moa-id-spring-initializer/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthSpringResourceProvider.java @@ -0,0 +1,66 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +/** + * @author tlenz + * + */ +public class MOAIDAuthSpringResourceProvider implements SpringResourceProvider { + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() + */ + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource moaidauthConfig = new ClassPathResource("/moaid.configuration.beans.xml", MOAIDAuthInitializer.class); + ClassPathResource configurationDBConfig = new ClassPathResource("/configuration.beans.xml", MOAIDAuthInitializer.class); + ClassPathResource moaIdAuthBeans = new ClassPathResource("/moaid.authentication.beans.xml", MOAIDAuthInitializer.class); + + return new Resource[] {configurationDBConfig, moaidauthConfig, moaIdAuthBeans}; + + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan() + */ + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName() + */ + @Override + public String getName() { + return "MOA-ID-Auth SpringResourceProvider"; + } + +} diff --git a/id/server/moa-id-spring-initializer/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/moa-id-spring-initializer/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..caaad10ca --- /dev/null +++ b/id/server/moa-id-spring-initializer/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.MOAIDAuthSpringResourceProvider
\ No newline at end of file diff --git a/id/server/moa-id-spring-initializer/src/main/resources/applicationContext.xml b/id/server/moa-id-spring-initializer/src/main/resources/applicationContext.xml new file mode 100644 index 000000000..ae38c836e --- /dev/null +++ b/id/server/moa-id-spring-initializer/src/main/resources/applicationContext.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:mvc="http://www.springframework.org/schema/mvc" + xsi:schemaLocation=" + http://www.springframework.org/schema/beans + http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context + http://www.springframework.org/schema/context/spring-context.xsd + http://www.springframework.org/schema/mvc + http://www.springframework.org/schema/mvc/spring-mvc.xsd + http://www.springframework.org/schema/tx + http://www.springframework.org/schema/tx/spring-tx.xsd + " +> + + <context:annotation-config /> + <mvc:annotation-driven /> + + <context:component-scan base-package="at.gv.egovernment.moa.id.auth.frontend" /> + + <mvc:default-servlet-handler/> + + <mvc:interceptors> + <bean class="at.gv.egovernment.moa.id.auth.servlet.interceptor.WebFrontEndSecurityInterceptor" /> + <bean class="at.gv.egovernment.moa.id.auth.servlet.interceptor.UniqueSessionIdentifierInterceptor" /> + </mvc:interceptors> + + +</beans> diff --git a/id/server/moa-id-stork-tmp/src/main/java/StorkConnectorServlet.java b/id/server/moa-id-stork-tmp/src/main/java/StorkConnectorServlet.java deleted file mode 100644 index 512e619a6..000000000 --- a/id/server/moa-id-stork-tmp/src/main/java/StorkConnectorServlet.java +++ /dev/null @@ -1,52 +0,0 @@ - -import java.io.IOException; -import java.util.List; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.StatusCode; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; -import at.gv.egovernment.moa.id.auth.stork.STORKException; -import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.mw.messages.saml.STORKAuthnRequest; -import eu.stork.mw.messages.saml.STORKResponse; -import eu.stork.vidp.messages.util.XMLUtil; - -/** - * Endpoint for receiving STORK response messages - */ -public class StorkConnectorServlet extends AuthServlet { - private static final long serialVersionUID = 1L; - - public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/STORKConnector"; - - - /** - * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) - */ - protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - - } -} diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml index 49293420c..f2403a62e 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml +++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml @@ -20,12 +20,11 @@ <artifactId>moa-id-lib</artifactId> <scope>test</scope> <type>test-jar</type> - <version>3.0.3-Snapshot</version> </dependency> <dependency> - <groupId>MOA</groupId> - <artifactId>moa-common</artifactId> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> <type>test-jar</type> <scope>test</scope> </dependency> @@ -39,7 +38,19 @@ <groupId>xalan-bin-dist</groupId> <artifactId>xalan</artifactId> <scope>provided</scope> - </dependency> + <exclusions> + <exclusion> + <artifactId>xml-apis</artifactId> + <groupId>xml-apis</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xml-apis</artifactId> + <scope>provided</scope> + </dependency> <dependency> <groupId>org.springframework</groupId> diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 11917d0c3..f5000581c 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1,10 +1,6 @@ package at.gv.egovernment.moa.id.auth; -import iaik.asn1.ObjectID; -import iaik.x509.X509Certificate; -import iaik.x509.X509ExtensionInitException; - import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; @@ -22,6 +18,8 @@ import javax.xml.transform.TransformerException; import org.apache.commons.lang.StringEscapeUtils; import org.apache.xpath.XPathAPI; import org.opensaml.xml.util.Base64; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.NodeList; @@ -29,7 +27,6 @@ import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; @@ -46,7 +43,6 @@ import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BKUException; import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.auth.exception.ValidateException; @@ -60,12 +56,13 @@ import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.MISMandate; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.util.XMLUtil; import at.gv.egovernment.moa.logging.LogMsg; @@ -76,6 +73,9 @@ import at.gv.egovernment.moa.util.DateTimeUtils; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; +import iaik.asn1.ObjectID; +import iaik.x509.X509Certificate; +import iaik.x509.X509ExtensionInitException; /** * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is @@ -85,24 +85,12 @@ import at.gv.egovernment.moa.util.StringUtils; * @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher * $ */ +@Service("CitizenCardAuthenticationServer") public class AuthenticationServer extends BaseAuthenticationServer { - /** - * single instance - */ - private static AuthenticationServer instance; - - /** - * Returns the single instance of <code>AuthenticationServer</code>. - * - * @return the single instance of <code>AuthenticationServer</code> - */ - public static AuthenticationServer getInstance() { - if (instance == null) - instance = new AuthenticationServer(); - return instance; - } - + @Autowired private MOAReversionLogger revisionsLogger; + @Autowired private AuthConfiguration authConfig; + /** * Constructor for AuthenticationServer. */ @@ -139,13 +127,14 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @param templateMandteURL URL providing an HTML template for the HTML form generated * (for signing in mandates mode) * @param req determines the protocol used + * @param pendingReq * @param sourceID * @return HTML form * @throws AuthenticationException * @see GetIdentityLinkFormBuilder * @see InfoboxReadRequestBuilder */ - public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException, + public String startAuthentication(AuthenticationSession session, HttpServletRequest req, IRequest pendingReq) throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException { if (session == null) { @@ -153,40 +142,39 @@ public class AuthenticationServer extends BaseAuthenticationServer { } //load OnlineApplication configuration - OAAuthParameter oaParam = - AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); if (oaParam == null) - throw new AuthenticationException("auth.00", new Object[]{session.getPublicOAURLPrefix()}); + throw new AuthenticationException("auth.00", new Object[]{pendingReq.getOAURL()}); //load Template + String templateURL = pendingReq.getGenericData( + MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE, String.class); String template = null; - if (session.getTemplateURL() != null) { + if (MiscUtil.isNotEmpty(templateURL)) { try { - - template = new String(FileUtils.readURL(session.getTemplateURL())); + template = new String(FileUtils.readURL(templateURL)); + } catch (IOException ex) { throw new AuthenticationException("auth.03", new Object[]{ - session.getTemplateURL(), ex.toString()}, ex); + templateURL, ex.toString()}, ex); + } + + } else { + throw new AuthenticationException("auth.04", new Object[]{ + "SecurityLayerTemplate", "No template definde"}); + } String infoboxReadRequest = ""; - - String domainIdentifier = AuthConfigurationProviderFactory.getInstance().getSSOTagetIdentifier().trim(); - if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) { - //do not use SSO if no Target is set - Logger.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!"); - session.setSsoRequested(false); - - } - - if (session.isSsoRequested()) { - Logger.info("SSO Login requested"); + String ssoDomainIdentifier = authConfig.getSSOTagetIdentifier(); + if (MiscUtil.isNotEmpty(ssoDomainIdentifier) && + pendingReq.needSingleSignOnFunctionality()) { + Logger.debug("SSO Login requested"); //load identityLink with SSO Target boolean isbuisness = false; - - if (domainIdentifier.startsWith(PREFIX_WPBK)) { - + + if (ssoDomainIdentifier.startsWith(PREFIX_WPBK)) { isbuisness = true; } else { @@ -196,10 +184,10 @@ public class AuthenticationServer extends BaseAuthenticationServer { //build ReadInfobox request infoboxReadRequest = new InfoboxReadRequestBuilder().build( - isbuisness, domainIdentifier); + isbuisness, ssoDomainIdentifier); } else { - Logger.info("Non-SSO Login requested"); + Logger.debug("Non-SSO Login requested or SSO not allowed/possible"); //build ReadInfobox request infoboxReadRequest = new InfoboxReadRequestBuilder().build( oaParam.getBusinessService(), oaParam @@ -207,36 +195,19 @@ public class AuthenticationServer extends BaseAuthenticationServer { } - + //build DataURL for BKU request String dataURL = new DataURLBuilder().buildDataURL( - session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session - .getSessionID()); + pendingReq.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, pendingReq.getRequestID()); //removed in MOAID 2.0 String pushInfobox = ""; - // VerifyInfoboxParameters verifyInfoboxParameters = oaParam - // .getVerifyInfoboxParameters(); - // if (verifyInfoboxParameters != null) { - // pushInfobox = verifyInfoboxParameters.getPushInfobox(); - // session.setPushInfobox(pushInfobox); - // } - - //build CertInfo request - //removed in MOA-ID 2.0 - // String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder() - // .build(); - // String certInfoDataURL = new DataURLBuilder() - // .buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION, - // session.getSessionID()); - //get Applet Parameters String appletwidth = req.getParameter(PARAM_APPLET_WIDTH); String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH); appletheigth = StringEscapeUtils.escapeHtml(appletheigth); appletwidth = StringEscapeUtils.escapeHtml(appletwidth); - //TODO: cleanup before MOA-ID 2.1 release try { String htmlForm = new GetIdentityLinkFormBuilder().build(template, session.getBkuURL(), infoboxReadRequest, dataURL, null, @@ -291,9 +262,6 @@ public class AuthenticationServer extends BaseAuthenticationServer { throw new AuthenticationException("auth.10", new Object[]{ REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE}); - AuthConfiguration authConf = AuthConfigurationProviderFactory - .getInstance(); - // check if an identity link was found // Errorcode 2911 von Trustdesk BKU (nicht spezifikationskonform // (SL1.2)) @@ -323,23 +291,22 @@ public class AuthenticationServer extends BaseAuthenticationServer { IdentityLinkValidator.getInstance().validate(identityLink); // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() - .build(identityLink, authConf + .build(identityLink, authConfig .getMoaSpIdentityLinkTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseIDLTestTrustStore())); // invokes the call - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() + Element domVerifyXMLSignatureResponse = SignatureVerificationInvoker.getInstance() .verifyXMLSignature(domVerifyXMLSignatureRequest); // parses the <VerifyXMLSignatureResponse> VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); + // validates the <VerifyXMLSignatureResponse> VerifyXMLSignatureResponseValidator.getInstance().validate( verifyXMLSignatureResponse, - authConf.getIdentityLinkX509SubjectNames(), + authConfig.getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, oaParam); @@ -349,7 +316,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { //Removed in MOA-ID 2.0 //verifyInfoboxes(session, infoboxReadResponseParameters, false); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED); return "found!"; @@ -379,15 +346,11 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @return String representation of the * <code><CreateXMLSignatureRequest></code> */ - public String verifyCertificate(AuthenticationSession session, + public void verifyCertificate(AuthenticationSession session, X509Certificate certificate, IRequest pendingReq) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, MOAIDException { - if (session == null) - throw new AuthenticationException("auth.10", new Object[]{ - REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID}); - // check if person is a Organwalter // if true - don't show bPK in AUTH Block try { @@ -403,16 +366,6 @@ public class AuthenticationServer extends BaseAuthenticationServer { session.setOW(false); } - AuthConfiguration authConf = AuthConfigurationProviderFactory - .getInstance(); - - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session, - authConf, oaParam, pendingReq); - - return returnvalue; } /** @@ -426,6 +379,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * layer implementation</li> * </ul> * @param pendingReq + * @param pendingReq * * @param sessionID ID of associated authentication session data * @param infoboxReadResponseParameters The parameters from the response returned from the BKU @@ -433,7 +387,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @return String representation of the * <code><CreateXMLSignatureRequest></code> */ - public void verifyMandate(AuthenticationSession session, MISMandate mandate) + public void verifyMandate(IRequest pendingReq, AuthenticationSession session, MISMandate mandate) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException { @@ -441,9 +395,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { throw new AuthenticationException("auth.10", new Object[]{ GET_MIS_SESSIONID, PARAM_SESSIONID}); - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); try { // sets the extended SAML attributes for OID (Organwalter) setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam @@ -470,8 +422,6 @@ public class AuthenticationServer extends BaseAuthenticationServer { /** * @param session - * @param authConf - * @param oaParam * @param pendingReq * @return * @throws ConfigurationException @@ -479,26 +429,16 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @throws ValidateException */ public String getCreateXMLSignatureRequestAuthBlockOrRedirect( - AuthenticationSession session, AuthConfiguration authConf, - OAAuthParameter oaParam, IRequest pendingReq) throws ConfigurationException, + AuthenticationSession session, IRequest pendingReq) throws ConfigurationException, BuildException, ValidateException { - // // check for intermediate processing of the infoboxes - // if (session.isValidatorInputPending()) - // return "Redirect to Input Processor"; - - if (authConf == null) - authConf = AuthConfigurationProviderFactory.getInstance(); - if (oaParam == null) - oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); // builds the AUTH-block String authBlock = buildAuthenticationBlock(session, oaParam, pendingReq); // builds the <CreateXMLSignatureRequest> - List<String> transformsInfos = authConf.getTransformsInfos(); + List<String> transformsInfos = authConfig.getTransformsInfos(); String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() .build(authBlock, oaParam.getKeyBoxIdentifier(), @@ -511,112 +451,26 @@ public class AuthenticationServer extends BaseAuthenticationServer { * <ul> * <li>Creates an CreateXMLSignatureRequest to be signed by the user</li> * </ul> + * @param pendingReq * * @param sessionID ID of associated authentication session data * @param cert The certificate from the user * @return String representation of the * <code><CreateXMLSignatureRequest></code> */ - public String createXMLSignatureRequestForeignID(AuthenticationSession session, + public String createXMLSignatureRequestForeignID(IRequest pendingReq, X509Certificate cert) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException { - if (session == null) - throw new AuthenticationException("auth.10", new Object[]{ - REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID}); - - AuthConfiguration authConf = AuthConfigurationProviderFactory - .getInstance(); - - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam, - cert); - } - - public String getCreateXMLSignatureRequestForeigID( - AuthenticationSession session, AuthConfiguration authConf, - OAAuthParameter oaParam, X509Certificate cert) - throws ConfigurationException { - - // // check for intermediate processing of the infoboxes - // if (session.isValidatorInputPending()) - // return "Redirect to Input Processor"; - - if (authConf == null) - authConf = AuthConfigurationProviderFactory.getInstance(); - if (oaParam == null) - oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - Principal subject = cert.getSubjectDN(); String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() - .buildForeignID(subject.toString(), oaParam, session); + .buildForeignID(subject.toString(), pendingReq); return createXMLSignatureRequest; + } -// /** -// * Processes an <code><CreateXMLSignatureResponse></code> sent by the -// * security layer implementation.<br> -// * <ul> -// * <li>Validates given <code><CreateXMLSignatureResponse></code></li> -// * <li>Parses response enclosed in -// * <code><CreateXMLSignatureResponse></code></li> -// * <li>Verifies signature by calling the MOA SP component</li> -// * <li>Returns the signer certificate</li> -// * </ul> -// * -// * @param sessionID ID of associated authentication session data -// * @param createXMLSignatureResponseParameters The parameters from the response returned from the BKU -// * including the <code><CreateXMLSignatureResponse></code> -// * @throws BKUException -// */ -// public X509Certificate verifyXMLSignature(String sessionID, -// Map<String, String> createXMLSignatureResponseParameters) -// throws AuthenticationException, BuildException, ParseException, -// ConfigurationException, ValidateException, ServiceException, BKUException { -// -// if (isEmpty(sessionID)) -// throw new AuthenticationException("auth.10", new Object[]{ -// REQ_GET_FOREIGN_ID, PARAM_SESSIONID}); -// -// String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters -// .get(PARAM_XMLRESPONSE); -// -// if (isEmpty(xmlCreateXMLSignatureResponse)) -// throw new AuthenticationException("auth.10", new Object[]{ -// REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE}); -// -// AuthConfiguration authConf = AuthConfigurationProviderFactory -// .getInstance(); -// -// // parses the <CreateXMLSignatureResponse> -// CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser( -// xmlCreateXMLSignatureResponse); -// CreateXMLSignatureResponse createXMLSignatureResponse = p -// .parseResponseDsig(); -// -// // builds a <VerifyXMLSignatureRequest> for a call of MOA-SP -// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() -// .buildDsig(createXMLSignatureResponse, authConf -// .getMoaSpAuthBlockTrustProfileID()); -// -// // invokes the call -// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() -// .verifyXMLSignature(domVerifyXMLSignatureRequest); -// -// // parses the <VerifyXMLSignatureResponse> -// VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( -// domVerifyXMLSignatureResponse).parseData(); -// -// return verifyXMLSignatureResponse.getX509certificate(); -// -// } - /** * Processes an <code><CreateXMLSignatureResponse></code> sent by the * security layer implementation.<br> @@ -634,15 +488,11 @@ public class AuthenticationServer extends BaseAuthenticationServer { * including the <code><ReadInfoboxResponse></code> * @throws BKUException */ - public X509Certificate getCertificate(IRequest pendingReq, String sessionID, + public X509Certificate getCertificate(IRequest pendingReq, Map<String, String> readInfoboxResponseParameters) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, BKUException { - if (isEmpty(sessionID)) - throw new AuthenticationException("auth.10", new Object[]{ - REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID}); - String xmlReadInfoboxResponse = (String) readInfoboxResponseParameters .get(PARAM_XMLRESPONSE); @@ -655,7 +505,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { xmlReadInfoboxResponse); X509Certificate cert = p.parseCertificate(); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED); return cert; @@ -673,7 +523,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * to be appended to the AUTH-Block. */ private String buildAuthenticationBlock(AuthenticationSession session, - OAAuthParameter oaParam, IRequest pendingReq) throws BuildException { + IOAAuthParameters oaParam, IRequest pendingReq) throws BuildException { IdentityLink identityLink = session.getIdentityLink(); String issuer = identityLink.getName(); @@ -682,8 +532,16 @@ public class AuthenticationServer extends BaseAuthenticationServer { String identificationValue = null; String identificationType = null; + //get processing data from pending-request + String authURL = pendingReq.getAuthURL(); + String requestedTarget = pendingReq.getGenericData( + MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class); + String targetFriendlyName = pendingReq.getGenericData( + MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class); + + //set empty AuthBlock BPK in case of OW or SSO or bpk is not requested - if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) { + if (session.isOW() || pendingReq.needSingleSignOnFunctionality() || oaParam.isRemovePBKFromAuthBlock()) { identificationType = ""; identificationValue = ""; @@ -700,11 +558,11 @@ public class AuthenticationServer extends BaseAuthenticationServer { else identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier(); - } else { + } else { String bpkBase64 = new BPKBuilder().buildBPK(identityLink - .getIdentificationValue(), session.getTarget()); + .getIdentificationValue(), requestedTarget); identificationValue = bpkBase64; - identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget(); + identificationType = Constants.URN_PREFIX_CDID + "+" + requestedTarget; } @@ -714,12 +572,10 @@ public class AuthenticationServer extends BaseAuthenticationServer { } + //set AuthBlock generation time to session String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar .getInstance()); session.setIssueInstant(issueInstant); - String authURL = session.getAuthURL(); - String target = session.getTarget(); - String targetFriendlyName = session.getTargetFriendlyName(); // Bug #485 // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105) @@ -728,22 +584,22 @@ public class AuthenticationServer extends BaseAuthenticationServer { List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); - if (session.isSsoRequested()) { + if (pendingReq.needSingleSignOnFunctionality()) { String oaURL = pendingReq.getAuthURL(); if (MiscUtil.isNotEmpty(oaURL)) oaURL = oaURL.replaceAll("&", "&"); String authBlock = new AuthenticationBlockAssertionBuilder() - .buildAuthBlockSSO(issuer, issueInstant, authURL, target, + .buildAuthBlockSSO(issuer, issueInstant, authURL, requestedTarget, targetFriendlyName, identificationValue, identificationType, oaURL, gebDat, extendedSAMLAttributes, session, oaParam); return authBlock; - } else { - String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&"); + } else { + String oaURL = oaParam.getPublicURLPrefix().replaceAll("&", "&"); String authBlock = new AuthenticationBlockAssertionBuilder() - .buildAuthBlock(issuer, issueInstant, authURL, target, + .buildAuthBlock(issuer, issueInstant, authURL, requestedTarget, targetFriendlyName, identificationValue, identificationType, oaURL, gebDat, extendedSAMLAttributes, session, oaParam); @@ -1066,8 +922,6 @@ public class AuthenticationServer extends BaseAuthenticationServer { throw new AuthenticationException("auth.10", new Object[]{ REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE}); - AuthConfiguration authConf = AuthConfigurationProviderFactory - .getInstance(); // parses <CreateXMLSignatureResponse> CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser( xmlCreateXMLSignatureReadResponse).parseResponse(); @@ -1084,14 +938,15 @@ public class AuthenticationServer extends BaseAuthenticationServer { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE}); } // validates <CreateXMLSignatureResponse> - if (session.isSsoRequested()) + if (pendingReq.needSingleSignOnFunctionality()) new CreateXMLSignatureResponseValidator().validateSSO(csresp, session, pendingReq); + else new CreateXMLSignatureResponseValidator().validate(csresp, session, pendingReq); // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call - List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); - String tpid = authConf.getMoaSpAuthBlockTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseAuthBlockTestTestStore()); + List<String> vtids = authConfig.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + String tpid = authConfig.getMoaSpAuthBlockTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseAuthBlockTestTestStore()); Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); // debug output @@ -1100,8 +955,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { // try { // invokes the call - domVsresp = new SignatureVerificationInvoker() - .verifyXMLSignature(domVsreq); + domVsresp = SignatureVerificationInvoker.getInstance().verifyXMLSignature(domVsreq); // parses the <VerifyXMLSignatureResponse> VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser( @@ -1121,8 +975,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { } } - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); // validates the <VerifyXMLSignatureResponse> VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, @@ -1163,10 +1016,10 @@ public class AuthenticationServer extends BaseAuthenticationServer { //set QAA Level four in case of card authentifcation session.setQAALevel(PVPConstants.STORK_QAA_1_4); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED); - MOAReversionLogger.getInstance().logPersonalInformationEvent(pendingReq, session.getIdentityLink() + revisionsLogger.logPersonalInformationEvent(pendingReq, session.getIdentityLink() ); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/CitizenCardAuthenticationSpringResourceProvider.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/CitizenCardAuthenticationSpringResourceProvider.java new file mode 100644 index 000000000..ea22b8c4f --- /dev/null +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/CitizenCardAuthenticationSpringResourceProvider.java @@ -0,0 +1,63 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +/** + * @author tlenz + * + */ +public class CitizenCardAuthenticationSpringResourceProvider implements SpringResourceProvider { + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() + */ + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource citizenCardAuthConfig = new ClassPathResource("/moaid_citizencard_auth.beans.xml", CitizenCardAuthenticationSpringResourceProvider.class); + + return new Resource[] {citizenCardAuthConfig}; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan() + */ + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName() + */ + @Override + public String getName() { + return "MOA-ID-CitizenCardAuthentication SpringResourceProvider"; + } + +} diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index 760d28d5b..e51700111 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java @@ -48,11 +48,10 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -175,7 +174,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String gebDat, List<ExtendedSAMLAttribute> extendedSAMLAttributes, AuthenticationSession session, - OAAuthParameter oaParam) + IOAAuthParameters oaParam) throws BuildException { @@ -233,9 +232,10 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion extendedSAMLAttributes.add(bpkAttribute); } - boolean useMandate = session.getUseMandate(); + boolean useMandate = session.isMandateUsed(); if (useMandate) { - String mandateReferenceValue = Random.nextRandom(); + //String mandateReferenceValue = Random.nextRandom(); + String mandateReferenceValue = Random.nextProcessReferenceValue(); // remove leading "-" if (mandateReferenceValue.startsWith("-")) mandateReferenceValue = mandateReferenceValue.substring(1); @@ -264,15 +264,9 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String text = ""; - try { - OAAuthParameter oaparam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - if (MiscUtil.isNotEmpty(oaparam.getAditionalAuthBlockText())) { - Logger.debug("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix()); - text = oaparam.getAditionalAuthBlockText(); - } - - } catch (ConfigurationException e) { - Logger.warn("Addional AuthBlock Text can not loaded from OA!", e); + if (MiscUtil.isNotEmpty(oaParam.getAditionalAuthBlockText())) { + Logger.debug("Use addional AuthBlock Text from OA=" + oaParam.getPublicURLPrefix()); + text = oaParam.getAditionalAuthBlockText(); } String specialText = MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, @@ -345,25 +339,14 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String oaURL, String gebDat, List<ExtendedSAMLAttribute> extendedSAMLAttributes, - AuthenticationSession session) + AuthenticationSession session, + IOAAuthParameters oaParam) throws BuildException { session.setSAMLAttributeGebeORwbpk(true); String gebeORwbpk = ""; String wbpkNSDeclaration = ""; - - //BZ.., reading OA parameters - OAAuthParameter oaParam; - try { - oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - } catch (ConfigurationException e) { - Logger.error("Error on building AUTH-Block: " + e.getMessage()); - throw new BuildException("builder.00", new Object[] { "AUTH-Block", e.toString()}); - } - //..BZ - - + if (target == null) { // OA is a business application if (!Constants.URN_PREFIX_HPI.equals(identityLinkType)) { @@ -419,14 +402,9 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion //..BZ String text = ""; - try { - OAAuthParameter oaparam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - if (MiscUtil.isNotEmpty(oaparam.getAditionalAuthBlockText())) { - Logger.debug("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix()); - text = oaparam.getAditionalAuthBlockText(); - } - } catch (ConfigurationException e) { - Logger.warn("Addional AuthBlock Text can not loaded from OA!", e); + if (MiscUtil.isNotEmpty(oaParam.getAditionalAuthBlockText())) { + Logger.debug("Use addional AuthBlock Text from OA=" + oaParam.getPublicURLPrefix()); + text = oaParam.getAditionalAuthBlockText(); } String specialText = MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, @@ -511,9 +489,10 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion if (target != null) { - boolean useMandate = session.getUseMandate(); + boolean useMandate = session.isMandateUsed(); if (useMandate) { - String mandateReferenceValue = Random.nextRandom(); + //String mandateReferenceValue = Random.nextRandom(); + String mandateReferenceValue = Random.nextProcessReferenceValue(); // remove leading "-" if (mandateReferenceValue.startsWith("-")) mandateReferenceValue = mandateReferenceValue.substring(1); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index dc981ba33..18495381e 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -49,11 +49,11 @@ package at.gv.egovernment.moa.id.auth.builder; import java.io.IOException; import java.io.StringReader; import java.io.StringWriter; -import java.util.Map; import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.util.FormBuildUtils; +import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.util.MiscUtil; /** @@ -165,31 +165,32 @@ public class GetIdentityLinkFormBuilder extends Builder { htmlForm = replaceTag(htmlForm, PUSHINFOBOX_TAG, pushInfobox, false, ALL); //new:wird oben mitreplaced htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL); - //removed in MOA-ID 2.0 -// htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), true, ALL); -// htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL); + + //set applet-background coller + if (oaParam != null && MiscUtil.isNotEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR))) + htmlForm = replaceTag(htmlForm, COLOR_TAG, + oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR), false, ALL); + else + htmlForm = replaceTag(htmlForm, COLOR_TAG, FormBuildUtils.getDefaultMap().get(FormBuildUtils.PARAM_MAIN_BACKGROUNDCOLOR), false, ALL); + + //set redirect target + if (oaParam != null && MiscUtil.isNotEmpty(oaParam.getConfigurationValue(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET)))) + htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, + oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET), false, ALL); + else + htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, FormBuildUtils.getDefaultMap().get(FormBuildUtils.PARAM_REDIRECTTARGET), false, ALL); - Map<String, String> map = null; - - if (oaParam != null) { - map = oaParam.getFormCustomizaten(); - htmlForm = replaceTag(htmlForm, COLOR_TAG, map.get(FormBuildUtils.MAIN_BACKGROUNDCOLOR), false, ALL); - htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, map.get(FormBuildUtils.REDIRECTTARGET), false, ALL); - - } else { - htmlForm = replaceTag(htmlForm, COLOR_TAG, FormBuildUtils.getDefaultMap().get(FormBuildUtils.MAIN_BACKGROUNDCOLOR), false, ALL); - htmlForm = replaceTag(htmlForm, REDIRECTTARGETTAG, FormBuildUtils.getDefaultMap().get(FormBuildUtils.REDIRECTTARGET), false, ALL); - } - - if (map != null && MiscUtil.isNotEmpty(map.get(FormBuildUtils.APPLET_HEIGHT))) - htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, map.get(FormBuildUtils.APPLET_HEIGHT), false, ALL); + //set applet heigh + if (oaParam != null && MiscUtil.isNotEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT))) + htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT), false, ALL); else if (MiscUtil.isNotEmpty(appletheigth)) htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, appletheigth, false, ALL); else htmlForm = replaceTag(htmlForm, APPLETHEIGHT_TAG, "160", false, ALL); - if (map != null && MiscUtil.isNotEmpty(map.get(FormBuildUtils.APPLET_WIDTH))) - htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, map.get(FormBuildUtils.APPLET_WIDTH), false, ALL); + //set applet width + if (oaParam != null && MiscUtil.isNotEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH))) + htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH), false, ALL); else if (MiscUtil.isNotEmpty(appletwidth)) htmlForm = replaceTag(htmlForm, APPLETWIDTH_TAG, appletwidth, false, ALL); else diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java index 8b0d906fe..306c871fc 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLResponseBuilder.java @@ -123,7 +123,8 @@ public class SAMLResponseBuilder implements Constants { statusMessage, StringUtils.removeXMLDeclaration(samlAssertion) }); Element domResponse = DOMUtils.parseDocument(xmlResponse, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); - return domResponse; + return domResponse; + } catch (Throwable ex) { throw new BuildException( diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java deleted file mode 100644 index 5c1b12e0d..000000000 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java +++ /dev/null @@ -1,70 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.builder; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.logging.Logger; - -public class StartAuthenticationBuilder { - - private static StartAuthenticationBuilder instance = null; - - public static StartAuthenticationBuilder getInstance() { - if (instance == null) { - instance = new StartAuthenticationBuilder(); - } - return instance; - } - - - /** - * Depending on the selected citizen's country ({@code moasession.ccc}): - * <ul> - * <li><strong>Either</strong> creates an "IdentityLinkForm" with embedded {@code InfoBoxReadRequest} to be submitted to a citizen card - * environment for reading the subject's IdentityLink</li> - * </ul> - * - * @return The IdentityLinkForm. - */ - public String build(AuthenticationSession moasession, HttpServletRequest req, - HttpServletResponse resp) throws WrongParametersException, MOAIDException { - - if (moasession == null) { - throw new AuthenticationException("auth.18", new Object[] { }); - } - - //normal MOA-ID authentication - Logger.debug("Starting normal MOA-ID authentication"); - - String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(moasession, req); - - return getIdentityLinkForm; - } -} diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java deleted file mode 100644 index 72a7d3ba1..000000000 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java +++ /dev/null @@ -1,142 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.invoke; - -import java.util.Vector; - -import javax.xml.namespace.QName; -import javax.xml.rpc.Call; -import javax.xml.rpc.Service; -import javax.xml.rpc.ServiceFactory; - -import org.apache.axis.message.SOAPBodyElement; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.exception.ServiceException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.spss.api.SignatureVerificationService; -import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; -import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.util.MiscUtil; - -/** - * Invoker of the <code>SignatureVerification</code> web service of MOA-SPSS.<br> - * Either invokes the web service, or calls the corresponding API, depending on configuration data. - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class SignatureVerificationInvoker { - /** This QName Object identifies the SignatureVerification endpoint of the web service */ - private static final QName SERVICE_QNAME = new QName("SignatureVerification"); - - /** - * Method verifyXMLSignature. - * @param request to be sent - * @return Element with the answer - * @throws ServiceException if an error occurs - */ - public Element verifyXMLSignature(Element request) throws ServiceException { - return doCall(SERVICE_QNAME, request); - } - - /** - * Method doCall. - * @param serviceName the name of the service - * @param request the request to be sent - * @return Element the answer - * @throws ServiceException if an error occurs - */ - protected Element doCall(QName serviceName, Element request) throws ServiceException { - ConnectionParameter authConnParam = null; - try { - Service service = ServiceFactory.newInstance().createService(serviceName); - Call call = service.createCall(); - SOAPBodyElement body = new SOAPBodyElement(request); - SOAPBodyElement[] params = new SOAPBodyElement[] { body }; - Vector responses; - SOAPBodyElement response; - - String endPoint; - AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance(); - authConnParam = authConfigProvider.getMoaSpConnectionParameter(); - //If the ConnectionParameter do NOT exist, we try to get the api to work.... - if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) { - Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix()); - endPoint = authConnParam.getUrl(); - call.setTargetEndpointAddress(endPoint); - responses = (Vector) call.invoke(serviceName, params); - Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used - response = (SOAPBodyElement) responses.get(0); - return response.getAsDOM(); - } - else { - SignatureVerificationService svs = SignatureVerificationService.getInstance(); - VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request); - - VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest); - Document result = new VerifyXMLSignatureResponseBuilder().build(vsresponse); - - //Logger.setHierarchy("moa.id.auth"); - return result.getDocumentElement(); - } - } - catch (Exception ex) { - if (authConnParam != null) { - throw new ServiceException("service.00", new Object[] { ex.toString()}, ex); - } else { - throw new ServiceException("service.03", new Object[] { ex.toString()}, ex); - } - } - } -} diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java deleted file mode 100644 index cac7359c7..000000000 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthModuleImpl.java +++ /dev/null @@ -1,36 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.internal; - -import org.apache.commons.lang3.StringUtils; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.modules.AuthModule; -import at.gv.egovernment.moa.id.process.api.ExecutionContext; - -/** - * Module descriptor - */ -public class DefaultAuthModuleImpl implements AuthModule { - - @Override - public int getPriority() { - return 0; - } - - @Override - public String selectProcess(ExecutionContext context) { - //select process if BKU is selected and it is no STORK authentication - if (StringUtils.isBlank((String) context.get("ccc")) && - StringUtils.isNotBlank((String) context.get(MOAIDAuthConstants.PARAM_BKU))) - return "DefaultAuthentication"; - - else - return null; - - } - - @Override - public String[] getProcessDefinitions() { - return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml" }; - } - -} diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java new file mode 100644 index 000000000..b0efb100a --- /dev/null +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java @@ -0,0 +1,44 @@ +package at.gv.egovernment.moa.id.auth.modules.internal; + + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egovernment.moa.id.auth.modules.AuthModule; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; + +/** + * Module descriptor + */ +public class DefaultCitizenCardAuthModuleImpl implements AuthModule { + + @Override + public int getPriority() { + return 0; + } + + @Override + public String selectProcess(ExecutionContext context) { + //select process if BKU is selected and it is no STORK authentication + + boolean performBKUSelection = false; + Object performBKUSelectionObj = context.get("performBKUSelection"); + if (performBKUSelectionObj != null && performBKUSelectionObj instanceof Boolean) + performBKUSelection = (boolean) performBKUSelectionObj; + + if (StringUtils.isBlank((String) context.get("ccc")) && + StringUtils.isNotBlank((String) context.get(MOAIDAuthConstants.PARAM_BKU)) && + !performBKUSelection) + return "DefaultAuthentication"; + + else + return null; + + } + + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml" }; + } + +} diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java index 7e1bf1fc7..000a47438 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java @@ -1,29 +1,25 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; +import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.REQ_VERIFY_CERTIFICATE; import java.io.IOException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang3.BooleanUtils; +import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; - +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; /** @@ -36,7 +32,7 @@ import at.gv.egovernment.moa.logging.Logger; * </ul> * Expects: * <ul> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> * </ul> * Result: * <ul> @@ -46,53 +42,43 @@ import at.gv.egovernment.moa.logging.Logger; * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) * */ +@Component("CertificateReadRequestTask") public class CertificateReadRequestTask extends AbstractAuthServletTask { @Override public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) throws TaskExecutionException { - - // TODO[branch]: Foreign citizen or mandate mode; respond with IRR for certificates, dataURL = "/VerifyCertificate" - Logger.info("Send InfoboxReadRequest to BKU to get signer certificate."); - - setNoCachingHeaders(resp); + Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate."); + try { + //execute default task initialization + defaultTaskInitialization(req, executionContext); - String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID)); - - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) { - throw new WrongParametersException("CertificateReadRequestTask", PARAM_SESSIONID, "auth.12"); - } - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - - boolean useMandate = session.getUseMandate(); - boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable")); - + boolean useMandate = moasession.isMandateUsed(); + boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable")); if (!identityLinkAvailable && useMandate) { Logger.error("Online-Mandate Mode for foreign citizencs not supported."); throw new AuthenticationException("auth.13", null); } - - // change MOASessionID - AuthenticationSessionStoreage.changeSessionID(session); // create the InfoboxReadRequest to get the certificate String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true); // build dataurl (to the VerifyCertificateSerlvet) - String dataurl = new DataURLBuilder().buildDataURL(session.getAuthURL(), REQ_VERIFY_CERTIFICATE, - session.getSessionID()); + String dataurl = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), REQ_VERIFY_CERTIFICATE, + pendingReq.getRequestID()); CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); } catch (MOAIDException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (IOException e) { - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (MOADatabaseException e1) { + throw new TaskExecutionException(pendingReq, e1.getMessage(), e1); } finally { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java index 307074ee2..e82aa8fbb 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java @@ -1,33 +1,24 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID; - import java.io.PrintWriter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang3.BooleanUtils; -import org.apache.commons.lang3.ObjectUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; -import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; /** @@ -35,14 +26,14 @@ import at.gv.egovernment.moa.util.StringUtils; * In detail: * <ul> * <li>Renames the moa session id.</li> - * <li>Removes ExecutionContext property {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}.</li> + * <li>Removes ExecutionContext property {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}.</li> * <li>Creates the http form mentioned above.</li> * <li>Returns the http form via HttpServletResponse.</li> * </ul> * Expects: * <ul> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} <strong>or</strong></li> - * <li>ExecutionContext property {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} (in case of legacy authentication without CCE selection, where the moa session is not provided by request parameter).</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} <strong>or</strong></li> + * <li>ExecutionContext property {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID} (in case of legacy authentication without CCE selection, where the moa session is not provided by request parameter).</li> * </ul> * Result: * <ul> @@ -62,46 +53,27 @@ import at.gv.egovernment.moa.util.StringUtils; * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) * */ +@Component("CreateIdentityLinkFormTask") public class CreateIdentityLinkFormTask extends AbstractAuthServletTask { + @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer; + @Override public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) - throws TaskExecutionException { - - String moasessionid = StringEscapeUtils.escapeHtml(ObjectUtils.defaultIfNull(req.getParameter(PARAM_SESSIONID), (String) executionContext.get(PARAM_SESSIONID))); - AuthenticationSession moasession = null; + throws TaskExecutionException { try { - - if (MiscUtil.isEmpty(moasessionid)) { - Logger.warn("MOASessionID is empty."); - throw new MOAIDException("auth.18", new Object[] {}); - } - - try { - moasession = AuthenticationSessionStoreage.getSession(moasessionid); + //execute default task initialization + defaultTaskInitialization(req, executionContext); + + //normal MOA-ID authentication + Logger.debug("Starting normal MOA-ID authentication"); + String getIdentityLinkForm = authServer.startAuthentication(moasession, req, pendingReq); - AuthenticationSessionStoreage.changeSessionID(moasession); - executionContext.remove(PARAM_SESSIONID); - - } catch (MOADatabaseException e) { - Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database"); - throw new MOAIDException("init.04", new Object[] { moasessionid }); - - } catch (Throwable e) { - Logger.info("No HTTP Session found!"); - throw new MOAIDException("auth.18", new Object[] {}); - } - - StartAuthenticationBuilder startauth = StartAuthenticationBuilder.getInstance(); - String getIdentityLinkForm = startauth.build(moasession, req, resp); - - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); if (BooleanUtils.isTrue((Boolean) executionContext.get("useMandate"))) - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL()); if (!StringUtils.isEmpty(getIdentityLinkForm)) { @@ -109,21 +81,21 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask { PrintWriter out = new PrintWriter(resp.getOutputStream()); out.print(getIdentityLinkForm); out.flush(); - Logger.debug("Finished GET " + GenerateIFrameTemplateServlet.class); + Logger.debug("Finished GET " + CreateIdentityLinkFormTask.class); } } catch (WrongParametersException ex) { -// handleWrongParameters(ex, req, resp); - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); + } catch (MOAIDException ex) { Logger.info("GetIdentityLink request generation FAILED. Reason:" + ex.getMessage()); - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (Exception e) { Logger.error("CreateIdentityLinkFormTask has an interal Error.", e); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java index b729f26e1..7cc9df30c 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java @@ -1,6 +1,7 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; +import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.PARAM_XMLRESPONSE; +import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK; import java.io.ByteArrayInputStream; import java.io.IOException; @@ -12,17 +13,15 @@ import javax.servlet.http.HttpServletResponse; import javax.xml.transform.TransformerException; import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.stereotype.Component; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; @@ -31,13 +30,10 @@ import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.client.SZRGWClientException; import at.gv.egovernment.moa.id.client.utils.SZRGWClientUtils; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; @@ -48,7 +44,7 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; * In detail: * <ul> * <li>Renames the moa session id.</li> - * <li>Parses the CreateXMLSignatureResponse retrieved from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> + * <li>Parses the CreateXMLSignatureResponse retrieved from POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> * <li>Extracts signature and signer certificate.</li> * <li>Send request to SZR Gateway in order to get an identity link.</li> * <li>Updates moa session (sets identity link, QAA level 4, authentication data and foreigner flag).</li> @@ -56,8 +52,8 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; * </ul> * Expects: * <ul> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li> * </ul> * Result: * <ul> @@ -68,16 +64,17 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) * */ +@Component("GetForeignIDTask") public class GetForeignIDTask extends AbstractAuthServletTask { + @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer; + @Override public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) throws TaskExecutionException { Logger.debug("POST GetForeignIDServlet"); - setNoCachingHeaders(resp); - Map<String, String> parameters; try { @@ -85,41 +82,28 @@ public class GetForeignIDTask extends AbstractAuthServletTask { } catch (FileUploadException | IOException e) { Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); + throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); } - String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID)); - String pendingRequestID = null; - String redirectURL = null; - AuthenticationSession session = null; try { - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) { - throw new WrongParametersException("GetForeignID", PARAM_SESSIONID, "auth.12"); - } + //check if response exists String xmlCreateXMLSignatureResponse = (String) parameters.get(PARAM_XMLRESPONSE); if (!ParamValidatorUtils.isValidXMLDocument(xmlCreateXMLSignatureResponse)) { throw new WrongParametersException("GetForeignID", PARAM_XMLRESPONSE, "auth.12"); + } - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - session = AuthenticationServer.getSession(sessionID); - - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), - pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); - - // change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - Logger.debug(xmlCreateXMLSignatureResponse); - + + //execute default task initialization + defaultTaskInitialization(req, executionContext); + + CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse) .parseResponseDsig(); try { String serializedAssertion = DOMUtils.serializeNode(csresp.getDsigSignature()); - session.setAuthBlock(serializedAssertion); + moasession.setAuthBlock(serializedAssertion); } catch (TransformerException e) { throw new ParseException("parser.04", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); @@ -132,13 +116,14 @@ public class GetForeignIDTask extends AbstractAuthServletTask { Element signature = csresp.getDsigSignature(); try { - session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature)); + moasession.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature)); + } catch (CertificateException e) { Logger.error("Could not extract certificate from CreateXMLSignatureResponse"); throw new MOAIDException("auth.14", null); } - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_CONNECTED); // make SZR request to the identity link @@ -152,38 +137,32 @@ public class GetForeignIDTask extends AbstractAuthServletTask { IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream( response.getIdentityLink())); IdentityLink identitylink = ilParser.parseIdentityLink(); - session.setIdentityLink(identitylink); + moasession.setIdentityLink(identitylink); // set QAA Level four in case of card authentifcation - session.setQAALevel(PVPConstants.STORK_QAA_1_4); - - AuthenticationServer.getInstance().getForeignAuthenticationData(session); - - // session is implicit stored in changeSessionID!!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); + moasession.setQAALevel(PVPConstants.STORK_QAA_1_4); - Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID); - Logger.info("Daten angelegt zu MOASession " + newMOASessionID); + authServer.getForeignAuthenticationData(moasession); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED); try { - AuthenticationSessionStoreage.storeSession(session); + authenticatedSessionStorage.storeSession(moasession); + } catch (MOADatabaseException e) { throw new MOAIDException("Session store error", null); } - //put session to context - executionContext.put(PARAM_SESSIONID, session.getSessionID()); + } } catch (MOAIDException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (Exception e) { Logger.error("GetForeignIDServlet has an interal Error.", e); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java index d85681b40..c172c3b9c 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java @@ -1,7 +1,6 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; -import iaik.pki.PKIException; +import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.GET_MIS_SESSIONID; import java.security.GeneralSecurityException; import java.util.List; @@ -11,35 +10,25 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.xml.parsers.ParserConfigurationException; -import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.stereotype.Component; import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; - -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.MISMandate; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; +import iaik.pki.PKIException; /** * Retrieves a mandate from the online mandate issuing service.<p/> @@ -53,7 +42,7 @@ import at.gv.egovernment.moa.util.DOMUtils; * </ul> * Expects: * <ul> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> * </ul> * Result: * <ul> @@ -64,64 +53,47 @@ import at.gv.egovernment.moa.util.DOMUtils; * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) * */ +@Component("GetMISSessionIDTask") public class GetMISSessionIDTask extends AbstractAuthServletTask { + @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer; + @Override public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) throws TaskExecutionException { Logger.debug("POST GetMISSessionIDServlet"); - String sessionID = req.getParameter(PARAM_SESSIONID); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - - AuthenticationSession session = null; - String pendingRequestID = null; try { - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("VerifyCertificate", - PARAM_SESSIONID, "auth.12"); - - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); + //execute default task initialization + defaultTaskInitialization(req, executionContext); - session = AuthenticationServer.getSession(sessionID); + //get MIS sessionID + String misSessionID = moasession.getMISSessionID(); - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - - //change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - String misSessionID = session.getMISSessionID(); - - AuthConfiguration authConf = AuthConfigurationProviderFactory - .getInstance(); - ConnectionParameter connectionParameters = authConf + //get mandates from MIS + ConnectionParameterInterface connectionParameters = authConfig .getOnlineMandatesConnectionParameter(); SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory( - AuthConfigurationProviderFactory.getInstance(), + authConfig, connectionParameters); - List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest( connectionParameters.getUrl(), misSessionID, sslFactory); + //check if mandates received if (list == null || list.size() == 0) { Logger.error("Keine Vollmacht gefunden."); throw new AuthenticationException("auth.15", null); } - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED); // for now: list contains only one element MISMandate mandate = (MISMandate) list.get(0); - // TODO[tlenz]: UTF-8 ? - String sMandate = new String(mandate.getMandate()); + String sMandate = new String(mandate.getMandate(), "UTF-8"); if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) { Logger.error("Mandate is empty."); throw new AuthenticationException("auth.15", @@ -136,43 +108,35 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask { null, null).getDocumentElement(); // extract RepresentationType - AuthenticationServer.getInstance().verifyMandate(session, mandate); + authServer.verifyMandate(pendingReq, moasession, mandate); - session.setMISMandate(mandate); + moasession.setMISMandate(mandate); //log mandate specific set of events - MOAReversionLogger.getInstance().logMandateEventSet(pendingReq, mandate); - - String oldsessionID = session.getSessionID(); + revisionsLogger.logMandateEventSet(pendingReq, mandate); + + //Stor MOAsession + authenticatedSessionStorage.storeSession(moasession); - //Session is implicite stored in changeSessionID!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID); - Logger.info("Daten angelegt zu MOASession " + newMOASessionID); - - //put session to context - executionContext.put(PARAM_SESSIONID, session.getSessionID()); - - } catch (MOAIDException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (GeneralSecurityException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (PKIException e) { - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } catch (SAXException e) { - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } catch (ParserConfigurationException e) { - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } catch (Exception e) { Logger.error("MISMandateValidation has an interal Error.", e); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } finally { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java index 1dd4780f7..c1fae1f1e 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java @@ -27,22 +27,20 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; @@ -51,8 +49,11 @@ import at.gv.egovernment.moa.util.MiscUtil; * @author tlenz * */ +@Component("InitializeBKUAuthenticationTask") public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask { + @Autowired StartAuthentificationParameterParser authInitialisationParser; + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @@ -62,111 +63,14 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask { throws TaskExecutionException { try { - String moasessionid = (String) executionContext.get(MOAIDAuthConstants.PARAM_SESSIONID); - String pendingRequestID = (String) executionContext.get("pendingRequestID"); - - //load pending request - IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID); - if (pendingReq == null) { - Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure."); - throw new MOAIDException("auth.28", new Object[]{pendingRequestID}); - - } - - //load MOASession object - AuthenticationSession moasession = AuthenticationSessionStoreage.getSession(moasessionid); - - boolean isLegacyRequest = false; - Object isLegacyRequestObj = executionContext.get("isLegacyRequest"); - if (isLegacyRequestObj != null && isLegacyRequestObj instanceof Boolean) - isLegacyRequest = (boolean) isLegacyRequestObj; - - if (isLegacyRequest) { - //parse request parameter into MOASession - Logger.info("Start Authentication Module: " + moasession.getModul() - + " Action: " + moasession.getAction()); - - StartAuthentificationParameterParser.parse(executionContext, request, moasession, pendingReq); - - } else { - String bkuid = (String) executionContext.get(MOAIDAuthConstants.PARAM_BKU); - String useMandate = (String) executionContext.get(MOAIDAuthConstants.PARAM_USEMANDATE); - String ccc = (String) executionContext.get(MOAIDAuthConstants.PARAM_CCC); - - //remove MOASessionID from executionContext because it is not needed any more - - - if (MiscUtil.isEmpty(bkuid) || MiscUtil.isEmpty(moasessionid)) { - Logger.warn("MOASessionID or BKU-type is empty. Maybe an old BKU-selection template is in use."); - throw new MOAIDException("auth.23", new Object[] {}); - } - - //load OA Config - IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); - - if (oaParam == null) - throw new AuthenticationException("auth.00", new Object[] { moasession.getOAURLRequested() }); - - else { - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), - pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid); - - //get Target from config or from request in case of SAML 1 - String target = null; - if (MiscUtil.isNotEmpty(pendingReq.getTarget()) && - pendingReq.requestedModule().equals("id_saml1")) - target = pendingReq.getTarget(); - else - target = oaParam.getTarget(); - - String bkuURL = oaParam.getBKUURL(bkuid); - if (MiscUtil.isEmpty(bkuURL)) { - Logger.info("No OA specific BKU defined. Use BKU from default configuration"); - bkuURL = AuthConfigurationProviderFactory.getInstance().getDefaultBKUURL(bkuid); - } - - //search for OA specific template - String templateURL = null; - List<String> oaTemplateURLList = oaParam.getTemplateURL(); - if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0 - && MiscUtil.isNotEmpty(oaTemplateURLList.get(0)) ) { - templateURL = oaTemplateURLList.get(0); - - } else { - templateURL = AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(bkuid); - } - - //make url absolut if it is a local url - if (MiscUtil.isNotEmpty(templateURL)) - templateURL = FileUtils.makeAbsoluteURL(templateURL, - AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); - - if (oaParam.isOnlyMandateAllowed()) - useMandate = "true"; - - if (!oaParam.isShowMandateCheckBox()) - useMandate = "false"; - - //parse all OA parameters i - StartAuthentificationParameterParser.parse(moasession, - target, - moasession.getOAURLRequested(), - bkuURL, - templateURL, - useMandate, - ccc, - moasession.getModul(), - moasession.getAction(), - request, - pendingReq); - } - } + // + internalInitializeWithoutPersist(executionContext, request, response); - executionContext.put(MOAIDAuthConstants.PARAM_USEMANDATE, moasession.getUseMandate()); - - // make sure moa session has been persisted before running the process + // make sure MOASession and Pending-Request has been persisted before running the process try { - AuthenticationSessionStoreage.storeSession(moasession); + authenticatedSessionStorage.storeSession(moasession); + requestStoreage.storePendingRequest(pendingReq); + } catch (MOADatabaseException e) { Logger.error("Database Error! MOASession is not stored!"); throw new MOAIDException("init.04", new Object[] { @@ -176,14 +80,106 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask { } catch (MOADatabaseException | MOAIDException e) { Logger.info("Initialize BKUAuthentication FAILED. Reason:" + e.getMessage()); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } catch (Exception e) { Logger.warn("InitializeBKUAuthentication has an internal error", e); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } } + + protected void internalInitializeWithoutPersist(ExecutionContext executionContext, + HttpServletRequest request, HttpServletResponse response) throws WrongParametersException, MOAIDException, MOADatabaseException { + + Logger.info("BKU is selected -> Start BKU communication ..."); + defaultTaskInitialization(request, executionContext); + + boolean isLegacyRequest = false; + Object isLegacyRequestObj = executionContext.get("isLegacyRequest"); + if (isLegacyRequestObj != null && isLegacyRequestObj instanceof Boolean) + isLegacyRequest = (boolean) isLegacyRequestObj; + + if (isLegacyRequest) { + //parse request parameter into MOASession + Logger.info("Start Authentication Module: " + pendingReq.requestedModule() + + " Action: " + pendingReq.requestedAction()); + + authInitialisationParser.parse(executionContext, request, moasession, pendingReq); + + } else { + String bkuid = (String) executionContext.get(MOAIDAuthConstants.PARAM_BKU); + String useMandate = (String) executionContext.get(MOAIDAuthConstants.PARAM_USEMANDATE); + String ccc = (String) executionContext.get(MOAIDAuthConstants.PARAM_CCC); + + if (MiscUtil.isEmpty(bkuid)) { + Logger.warn("BKU-type is empty. Maybe an old BKU-selection template is in use."); + throw new MOAIDException("auth.23", new Object[] {}); + } + + //load OA Config + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); + + if (oaParam == null) + throw new AuthenticationException("auth.00", new Object[] { pendingReq.getOAURL() }); + + else { + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid); + + //get Target from config or from request in case of SAML 1 + String target = null; + if (MiscUtil.isNotEmpty(pendingReq.getGenericData("target", String.class)) && + pendingReq.requestedModule().equals("at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol")) + target = pendingReq.getGenericData("target", String.class); + else + target = oaParam.getTarget(); + + String bkuURL = oaParam.getBKUURL(bkuid); + if (MiscUtil.isEmpty(bkuURL)) { + Logger.info("No OA specific BKU defined. Use BKU from default configuration"); + bkuURL = authConfig.getDefaultBKUURL(bkuid); + } + + //search for OA specific template + String templateURL = null; + List<String> oaTemplateURLList = oaParam.getTemplateURL(); + if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0 + && MiscUtil.isNotEmpty(oaTemplateURLList.get(0)) ) { + templateURL = oaTemplateURLList.get(0); + + } else { + templateURL = authConfig.getSLRequestTemplates(bkuid); + } + + //make url absolut if it is a local url + if (MiscUtil.isNotEmpty(templateURL)) + templateURL = FileUtils.makeAbsoluteURL(templateURL, + authConfig.getRootConfigFileDir()); + + if (oaParam.isOnlyMandateAllowed()) + useMandate = "true"; + + if (!oaParam.isShowMandateCheckBox()) + useMandate = "false"; + + //parse all OA parameters i + authInitialisationParser.parse( moasession, + target, + pendingReq.getOAURL(), + bkuURL, + templateURL, + useMandate, + ccc, + request, + pendingReq); + } + } + + //set useMandate flag to executionContext + executionContext.put(MOAIDAuthConstants.PARAM_USEMANDATE, moasession.isMandateUsed()); + + } } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java index 49888c136..ed49201b8 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java @@ -1,28 +1,18 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; - -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; /** @@ -35,7 +25,7 @@ import at.gv.egovernment.moa.logging.Logger; * </ul> * Expects: * <ul> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> * </ul> * Result: * <ul> @@ -45,56 +35,40 @@ import at.gv.egovernment.moa.logging.Logger; * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) * */ +@Component("PrepareAuthBlockSignatureTask") public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask { + @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer; + @Override public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) throws TaskExecutionException { // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet - Logger.debug("Process IdentityLink"); - - setNoCachingHeaders(resp); + Logger.debug("Process CreateAuthBlock Task"); - String pendingRequestID = null; - try { + //initialize task + defaultTaskInitialization(req, executionContext); - String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID)); - - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) { - throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12"); - } - - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - - // change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); - - String createXMLSignatureRequest = AuthenticationServer.getInstance() - .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam, pendingReq); + //build authBlock + String createXMLSignatureRequest = authServer + .getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq); - AuthenticationSessionStoreage.storeSession(session); + //store MOASession + authenticatedSessionStorage.storeSession(moasession); - CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, + //write response + CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink"); } catch (MOAIDException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (Exception e) { Logger.error("IdentityLinkValidation has an interal Error.", e); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } finally { diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java index 099bc085c..afbb87f10 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java @@ -22,47 +22,41 @@ */ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.GET_MIS_SESSIONID; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID; +import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.GET_MIS_SESSIONID; import java.util.List; import javax.net.ssl.SSLSocketFactory; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + +import org.springframework.stereotype.Component; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.MiscUtil; /** * @author tlenz * */ +@Component("PrepareGetMISMandateTask") public class PrepareGetMISMandateTask extends AbstractAuthServletTask { /* (non-Javadoc) @@ -75,66 +69,26 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask { //mandate Mode try { - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - - //get Session from context - String moasessionid = (String) executionContext.get(PARAM_SESSIONID); - AuthenticationSession session = null; - if (MiscUtil.isEmpty(moasessionid)) { - Logger.warn("MOASessionID is empty."); - throw new MOAIDException("auth.18", new Object[] {}); - } - - try { - session = AuthenticationSessionStoreage.getSession(moasessionid); - AuthenticationSessionStoreage.changeSessionID(session); - - } catch (MOADatabaseException e) { - Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database"); - throw new MOAIDException("init.04", new Object[] { moasessionid }); - - } catch (Throwable e) { - Logger.info("No HTTP Session found!"); - throw new MOAIDException("auth.18", new Object[] {}); - - } finally { - executionContext.remove(PARAM_SESSIONID); - - } - - - AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance(); - ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); - SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters); + //perform default task initialization + defaultTaskInitialization(request, executionContext); + + ConnectionParameterInterface connectionParameters = authConfig.getOnlineMandatesConnectionParameter(); + SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(authConfig, connectionParameters); // get identitity link as byte[] - Element elem = session.getIdentityLink().getSamlAssertion(); + Element elem = moasession.getIdentityLink().getSamlAssertion(); String s = DOMUtils.serializeNode(elem); //System.out.println("IDL: " + s); byte[] idl = s.getBytes("UTF-8"); - - // redirect url - // build redirect(to the GetMISSessionIdSerlvet) - - //change MOASessionID before MIS request - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - + String redirectURL = new DataURLBuilder().buildDataURL( - session.getAuthURL(), + pendingReq.getAuthURL(), GET_MIS_SESSIONID, - newMOASessionID); + pendingReq.getRequestID()); - String oaURL = session.getOAURLRequested(); IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); - if (oaParam == null) { - oaParam = authConf.getOnlineApplicationParameter(oaURL); - Logger.info("No Service info in PendingRequest --> load service info from configuration"); - - } - List<String> profiles = oaParam.getMandateProfiles(); if (profiles == null) { @@ -143,24 +97,21 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask { } String oaFriendlyName = oaParam.getFriendlyName(); - String mandateReferenceValue = session.getMandateReferenceValue(); - byte[] cert = session.getEncodedSignerCertificate(); - byte[] authBlock = session.getAuthBlock().getBytes("UTF-8"); + String mandateReferenceValue = moasession.getMandateReferenceValue(); + byte[] cert = moasession.getEncodedSignerCertificate(); + byte[] authBlock = moasession.getAuthBlock().getBytes("UTF-8"); //TODO: check in case of SSO!!! String targetType = null; - if(oaParam.getBusinessService()) { - String id = oaParam.getIdentityLinkDomainIdentifier(); - if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) - targetType = id; - else - targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier(); + if(oaParam.getBusinessService()){ + targetType = oaParam.getIdentityLinkDomainIdentifier(); } else { targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget(); + } - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue); MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest( @@ -178,20 +129,21 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask { if (misSessionID == null) { Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); + } String redirectMISGUI = misSessionID.getRedirectURL(); - session.setMISSessionID(misSessionID.getSessiondId()); + moasession.setMISSessionID(misSessionID.getSessiondId()); try { - AuthenticationSessionStoreage.storeSession(session); + authenticatedSessionStorage.storeSession(moasession); } catch (MOADatabaseException | BuildException e) { throw new MOAIDException("Session store error", null); } - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT); response.setStatus(302); @@ -199,7 +151,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask { Logger.debug("REDIRECT TO: " + redirectMISGUI); } catch (Exception e ) { - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java index 35104bf3e..516e9501b 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java @@ -1,65 +1,42 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; -import iaik.pki.PKIException; +import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.PARAM_XMLRESPONSE; import java.io.IOException; -import java.security.GeneralSecurityException; -import java.util.List; import java.util.Map; -import javax.net.ssl.SSLSocketFactory; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.TransformerException; import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; -import org.w3c.dom.Element; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; - -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.SSLUtils; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; /** * Verifies the signed authentication block (provided as {@code CreateXMLSignatureResponse}).<p/> * In detail: * <ul> * <li>Renames the moa session id.</li> - * <li>Takes the {@code CreateXMLSignatureResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> + * <li>Takes the {@code CreateXMLSignatureResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> * <li>Verifies the {@code CreateXMLSignatureResponse}.</li> * <li>Updates moa session.</li> * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li> * </ul> * Expects: * <ul> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code CreateXMLSignatureResponse}.</li> * </ul> * Result: * <ul> @@ -79,82 +56,63 @@ import at.gv.egovernment.moa.util.DOMUtils; * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) * */ +@Component("VerifyAuthenticationBlockTask") public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask { + @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer; + @Override public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) throws TaskExecutionException { - - // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet Logger.debug("POST VerifyAuthenticationBlock"); - String pendingRequestID = null; - Map<String, String> parameters; try { parameters = getParameters(req); - } catch (FileUploadException | IOException e) - { + } catch (FileUploadException | IOException e) { Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); - } + throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); - String sessionID = req.getParameter(PARAM_SESSIONID); - String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - - String redirectURL = null; - try { - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12"); - if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse)) - throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12"); - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), - pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); - - //change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse); - - //store all changes in session DAO - AuthenticationSessionStoreage.storeSession(session); - - //put session to context - executionContext.put(PARAM_SESSIONID, session.getSessionID()); - - } + } - catch (MOAIDException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); - + String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE); + + try { + //check if authblock is received + if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse)) + throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12"); + + //execute default task initialization + defaultTaskInitialization(req, executionContext); - - } catch (Exception e) { - Logger.error("AuthBlockValidation has an interal Error.", e); - throw new TaskExecutionException(e.getMessage(), e); - - } - + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), + pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); - finally { - - } - - + //verify authBlock + authServer.verifyAuthenticationBlock(pendingReq, moasession, createXMLSignatureResponse); + + //store all changes in session DAO + authenticatedSessionStorage.storeSession(moasession); + + } + + catch (MOAIDException ex) { + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); + + } catch (Exception e) { + Logger.error("AuthBlockValidation has an interal Error.", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + + finally { + + } + } } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java index 2734d1027..df158a7ec 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java @@ -1,7 +1,6 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; -import iaik.x509.X509Certificate; +import static at.gv.egovernment.moa.id.commons.MOAIDAuthConstants.REQ_GET_FOREIGN_ID; import java.io.IOException; import java.util.Map; @@ -10,36 +9,30 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; - +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.ServletUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.spss.util.CertificateUtils; +import iaik.x509.X509Certificate; /** - * Parses the certificate from {@code InfoBoxReadResponse} (via POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}), creates the auth block to be signed and returns a {@code CreateXMLSignatureRequest} for auth block signature.<p/> + * Parses the certificate from {@code InfoBoxReadResponse} (via POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}), creates the auth block to be signed and returns a {@code CreateXMLSignatureRequest} for auth block signature.<p/> * In detail: * <ul> * <li>Renames the moa session id.</li> - * <li>Retrieves the certificate via {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> + * <li>Retrieves the certificate via {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> * <li>Verifies the certificate.</li> * <li>Creates the auth block to be signed using information from the certificate (Organwalter, foreign citizen.</li> * <li>Puts it in a {@code CreateXMLSignatureRequest}.</li> @@ -48,8 +41,8 @@ import at.gv.egovernment.moa.spss.util.CertificateUtils; * </ul> * Expects: * <ul> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_SESSIONID} containing a {@code InfoBoxReadResponse}.</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_SESSIONID} containing a {@code InfoBoxReadResponse}.</li> * </ul> * Result: * <ul> @@ -59,15 +52,18 @@ import at.gv.egovernment.moa.spss.util.CertificateUtils; * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) * */ +@Component("VerifyCertificateTask") public class VerifyCertificateTask extends AbstractAuthServletTask { + @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer; + @Override public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) throws TaskExecutionException { // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet - Logger.debug("POST VerifyCertificateServlet"); + Logger.debug("Reveive VerifyCertificate Response"); Map<String, String> parameters; try @@ -76,53 +72,42 @@ public class VerifyCertificateTask extends AbstractAuthServletTask { } catch (FileUploadException | IOException e) { Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); + throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); } - String sessionID = req.getParameter(PARAM_SESSIONID); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - AuthenticationSession session = null; try { - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("VerifyCertificate", PARAM_SESSIONID, "auth.12"); - - session = AuthenticationServer.getSession(sessionID); - - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + //execute default task initialization + defaultTaskInitialization(req, executionContext); + + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); - //change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - X509Certificate cert = AuthenticationServer.getInstance().getCertificate(pendingReq, sessionID, parameters); + //read certificate from response + X509Certificate cert = authServer.getCertificate(pendingReq, parameters); if (cert == null) { Logger.error("Certificate could not be read."); throw new AuthenticationException("auth.14", null); } - - boolean useMandate = session.getUseMandate(); - - if (useMandate) { + + if (moasession.isMandateUsed()) { - // verify certificate for OrganWalter - String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert, pendingReq); + // verify certificate for OrganWalter + authServer.verifyCertificate(moasession, cert, pendingReq); + + //create AuthBlock + String createXMLSignatureRequestOrRedirect = + authServer.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq); try { - AuthenticationSessionStoreage.storeSession(session); + authenticatedSessionStorage.storeSession(moasession); + } catch (MOADatabaseException e) { throw new MOAIDException("session store error", null); } - // TODO[branch]: Mandate; respond with CXSR for authblock signature, dataURL "/VerifyAuthBlock" - CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate"); + CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate"); - } - else { + } else { String countrycode = CertificateUtils.getIssuerCountry(cert); if (countrycode != null) { @@ -133,35 +118,29 @@ public class VerifyCertificateTask extends AbstractAuthServletTask { } // Foreign Identities Modus - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND); - String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert); + String createXMLSignatureRequest = authServer.createXMLSignatureRequestForeignID(pendingReq, cert); + // build dataurl (to the GetForeignIDSerlvet) String dataurl = new DataURLBuilder().buildDataURL( - session.getAuthURL(), + pendingReq.getAuthURL(), REQ_GET_FOREIGN_ID, - session.getSessionID()); - - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("session store error", null); - } - - // TODO[branch]: Foreign citizen; respond with CXSR for authblock signature, dataURL "/GetForeignID" + pendingReq.getRequestID()); + CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl); Logger.debug("Send CreateXMLSignatureRequest to BKU"); } } catch (MOAIDException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (Exception e) { Logger.error("CertificateValidation has an interal Error.", e); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java index 50ef11f27..0deda4d43 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java @@ -1,30 +1,22 @@ package at.gv.egovernment.moa.id.auth.modules.internal.tasks; -import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; - import java.io.IOException; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.stereotype.Component; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ParseException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; - -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.process.api.ExecutionContext; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; /** @@ -32,15 +24,15 @@ import at.gv.egovernment.moa.logging.Logger; * In detail: * <ul> * <li>Renames the moa session id.</li> - * <li>Parses the identity link retrieved as {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> + * <li>Parses the identity link retrieved as {@code InfoBoxReadResponse} from POST parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE}.</li> * <li>Verifies the identity link.</li> * <li>Updates moa session.</li> * <li>Puts boolean flag {@code identityLinkAvailable} into {@code ExecutionContext}.</li> * </ul> * Expects: * <ul> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> - * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code InfoBoxReadResponse}.</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li> + * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.commons.MOAIDAuthConstants#PARAM_XMLRESPONSE PARAM_XMLRESPONSE} containing a {@code InfoBoxReadResponse}.</li> * </ul> * Result: * <ul> @@ -51,17 +43,16 @@ import at.gv.egovernment.moa.logging.Logger; * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse) * */ +@Component("VerifyIdentityLinkTask") public class VerifyIdentityLinkTask extends AbstractAuthServletTask { + @Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer; + @Override public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp) throws TaskExecutionException { - // note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet - - Logger.debug("POST VerifyIdentityLink"); - - setNoCachingHeaders(resp); + Logger.debug("Receive VerifyIdentityLink Response"); Map<String, String> parameters; @@ -69,37 +60,34 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask { parameters = getParameters(req); } catch (Exception e) { Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); + throw new TaskExecutionException(pendingReq, "Parsing mulitpart/form-data request parameters failed", new IOException(e.getMessage())); } try { - - String sessionID = StringEscapeUtils.escapeHtml(req.getParameter(PARAM_SESSIONID)); - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) { - throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12"); - } - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - - IRequest pendingReq = RequestStorage.getPendingRequest( - (String) executionContext.get("pendingRequestID")); - MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), + //execute default task initialization + defaultTaskInitialization(req, executionContext); + + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost()); + + //verify identityLink + boolean identityLinkAvailable = authServer.verifyIdentityLink(pendingReq, moasession, parameters) != null; - boolean identityLinkAvailable = AuthenticationServer.getInstance().verifyIdentityLink(pendingReq, session, parameters) != null; - AuthenticationSessionStoreage.storeSession(session); + //store session + authenticatedSessionStorage.storeSession(moasession); + //set 'identityLink exists' flag to context executionContext.put("identityLinkAvailable", identityLinkAvailable); } catch (ParseException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (MOAIDException ex) { - throw new TaskExecutionException(ex.getMessage(), ex); + throw new TaskExecutionException(pendingReq, ex.getMessage(), ex); } catch (Exception e) { Logger.error("IdentityLinkValidation has an interal Error.", e); - throw new TaskExecutionException(e.getMessage(), e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java index b39cf9e9b..eca231094 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java @@ -49,7 +49,10 @@ package at.gv.egovernment.moa.id.auth.parser; import java.io.ByteArrayInputStream; import java.io.InputStream; import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; import java.util.List; +import java.util.Map; import org.w3c.dom.Element; import org.w3c.dom.NodeList; @@ -96,6 +99,15 @@ public class CreateXMLSignatureResponseParser { /** This is the root element of the CreateXMLsignatureResponse */ private Element sigResponse_; + private static final Map<String, Object> parserFeatures = + Collections.unmodifiableMap(new HashMap<String, Object>() { + private static final long serialVersionUID = 1L; + { + put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true); + + } + }); + /** * Parses and validates the document given as string and extracts the * root element. @@ -156,7 +168,7 @@ public class CreateXMLSignatureResponseParser { private void init(InputStream is) throws AuthenticationException, ParseException, BKUException { try { - Element responseElem = DOMUtils.parseXmlValidating(is); + Element responseElem = DOMUtils.parseXmlValidating(is, parserFeatures); if ("CreateXMLSignatureResponse".equals(responseElem.getLocalName())) { sigResponse_ = responseElem; diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java index 28ce69e95..90fd7e1c7 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParser.java @@ -46,18 +46,19 @@ package at.gv.egovernment.moa.id.auth.parser; -import iaik.x509.X509Certificate; - import java.io.ByteArrayInputStream; +import java.io.IOException; import java.io.InputStream; import java.security.cert.CertificateException; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; -import org.apache.axis.encoding.Base64; import org.apache.xpath.XPathAPI; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -66,9 +67,11 @@ import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BKUException; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; +import iaik.x509.X509Certificate; /** * Parses an <code><InfoboxReadResponse></code>. @@ -82,6 +85,16 @@ public class InfoboxReadResponseParser { /** This is the root element of the XML-Document provided by the Security Layer Card*/ private Element infoBoxElem_; + private static final Map<String, Object> parserFeatures = + Collections.unmodifiableMap(new HashMap<String, Object>() { + private static final long serialVersionUID = 1L; + { + put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true); + + } + }); + + /** * Parses and validates the document given as string and extracts the * root element. @@ -132,7 +145,8 @@ public class InfoboxReadResponseParser { private void init(InputStream is) throws AuthenticationException, ParseException, BKUException { try { - Element responseElem = DOMUtils.parseXmlValidating(is); + + Element responseElem = DOMUtils.parseXmlValidating(is, parserFeatures); if ("InfoboxReadResponse".equals(responseElem.getLocalName())) { infoBoxElem_ = responseElem; @@ -256,16 +270,14 @@ public class InfoboxReadResponseParser { String base64Content = DOMUtils.getText(base64ContentElement); - // Decode Base64 value to X509Certificate - byte[] content = Base64.decode(base64Content); + // Decode Base64 value to X509Certificate + byte[] content = Base64Utils.decode(base64Content, false); return new X509Certificate(content); - } catch (ParserConfigurationException e) { - throw new ParseException("parser.01", new Object[] { "Could not parse X509Certificate from InfoboxReadRequest."}, e); - } catch (TransformerException e) { - throw new ParseException("parser.01", new Object[] { "Could not parse X509Certificate from InfoboxReadRequest."}, e); - } catch (CertificateException e) { + } catch (ParserConfigurationException | TransformerException | + CertificateException | IOException e) { throw new ParseException("parser.01", new Object[] { "Could not parse X509Certificate from InfoboxReadRequest."}, e); + } } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java new file mode 100644 index 000000000..139be49fe --- /dev/null +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java @@ -0,0 +1,52 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.servlet; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +/** + * @author tlenz + * + */ +@Controller +public class CitizenCardAuthProcessEngineSignalController extends AbstractProcessEngineSignalController { + + @RequestMapping(value = {"/GetMISSessionID", + "/GetForeignID", + "/VerifyAuthBlock", + "/VerifyCertificate", + "/VerifyIdentityLink" + }, + method = {RequestMethod.POST, RequestMethod.GET}) + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + signalProcessManagement(req, resp); + +} +} diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index 8a9c19c80..4b0e7b869 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -63,11 +63,12 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.ValidateException; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.MiscUtil; @@ -132,10 +133,14 @@ public class CreateXMLSignatureResponseValidator { throws ValidateException { // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier - - String gbTarget = session.getTarget(); - String oaURL = session.getPublicOAURLPrefix(); - boolean businessService = session.getBusinessService(); + IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration(); + + String gbTarget = pendingReq.getGenericData( + MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class); + String targetFriendlyName = pendingReq.getGenericData( + MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class); + String oaURL = oaParam.getPublicURLPrefix(); + boolean businessService = oaParam.getBusinessService(); IdentityLink identityLink = session.getIdentityLink(); @@ -227,8 +232,7 @@ public class CreateXMLSignatureResponseValidator { } } if (samlAttribute.getNamespace().equals("http://reference.e-government.gv.at/namespace/moa/20020822#")) { - foundGB = true; - String targetFriendlyName = session.getTargetFriendlyName(); + foundGB = true; String sectorName = TargetToSectorNameMapper.getSectorNameViaTarget(gbTarget); if (StringUtils.isEmpty(sectorName)) { if (targetFriendlyName != null) @@ -293,23 +297,18 @@ public class CreateXMLSignatureResponseValidator { samlSpecialText = samlSpecialText.replaceAll("'", "'"); String text = ""; - try { - OAAuthParameter oaparam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - if (MiscUtil.isNotEmpty(oaparam.getAditionalAuthBlockText())) { - Logger.info("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix()); - text = oaparam.getAditionalAuthBlockText(); - } - } catch (ConfigurationException e) { - Logger.warn("Addional AuthBlock Text can not loaded from OA!", e); + if (MiscUtil.isNotEmpty(oaParam.getAditionalAuthBlockText())) { + Logger.info("Use addional AuthBlock Text from OA=" + oaParam.getPublicURLPrefix()); + text = oaParam.getAditionalAuthBlockText(); } - - + String specialText = AuthenticationBlockAssertionBuilder.generateSpecialText(text, issuer, identityLink.getDateOfBirth(), issueInstant); if (!samlSpecialText.equals(specialText)) { - throw new ValidateException("validator.67", new Object[] {samlSpecialText, specialText}); + throw new ValidateException("validator.67", new Object[] {samlSpecialText, specialText}); } } else { throw new ValidateException("validator.35", null); + } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index ac528c89d..df101f5b7 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -61,14 +61,14 @@ import java.util.Iterator; import java.util.List; import java.util.Set; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.ValidateException; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; /** diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java index 1850ff671..55562176d 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java @@ -69,7 +69,7 @@ import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.Constants; diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java index 276d6a105..2a8d26566 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java @@ -53,13 +53,13 @@ import java.io.IOException; import java.io.OutputStream; import java.net.URLEncoder; -import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.logging.Logger; /** @@ -73,21 +73,21 @@ public class CitizenCardServletUtils extends ServletUtils{ * depending on the requests starting text. * * @param resp The httpServletResponse - * @param session The current AuthenticationSession + * @param pendingReq The current AuthenticationSession * @param createXMLSignatureRequestOrRedirect The request * @param servletGoal The servlet to which the redirect should happen * @param servletName The servlet name for debug purposes * @throws MOAIDException * @throws IOException */ - public static void writeCreateXMLSignatureRequestOrRedirect(HttpServletResponse resp, AuthenticationSession session, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName) + public static void writeCreateXMLSignatureRequestOrRedirect(HttpServletResponse resp, IRequest pendingReq, String createXMLSignatureRequestOrRedirect, String servletGoal, String servletName) throws MOAIDException, IOException { if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) { resp.setStatus(307); String dataURL = new DataURLBuilder().buildDataURL( - session.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, session.getSessionID()); + pendingReq.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, pendingReq.getRequestID()); resp.addHeader("Location", dataURL); //TODO test impact of explicit setting charset with older versions of BKUs (HotSign) @@ -100,7 +100,7 @@ public class CitizenCardServletUtils extends ServletUtils{ Logger.debug("Finished POST " + servletName); } else { - String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), servletGoal, session.getSessionID()); + String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), servletGoal, pendingReq.getRequestID()); resp.setContentType("text/html"); resp.setStatus(302); resp.addHeader("Location", redirectURL); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java index e346c8bee..7b5a7b9c0 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java @@ -56,7 +56,6 @@ import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; import org.apache.commons.codec.binary.Base64; -import org.apache.commons.httpclient.HostConfiguration; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.methods.PostMethod; import org.apache.commons.httpclient.methods.StringRequestEntity; @@ -148,7 +147,6 @@ public class MISSimpleClient { //misMandate.setMandate(Base64.decodeBase64(DOMUtils.getText(mandate))); misMandate.setMandate(Base64.decodeBase64(DOMUtils.getText(mandate).getBytes())); - misMandate.setFullMandateIncluded(true); foundMandates.add(misMandate); } diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..2ca8587b6 --- /dev/null +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.CitizenCardAuthenticationSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule index 865096055..e628fbd1b 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule @@ -1,2 +1,2 @@ # The default moaid process -at.gv.egovernment.moa.id.auth.modules.internal.DefaultAuthModuleImpl +at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml index 6bbaf6ece..74792ed72 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml @@ -5,17 +5,17 @@ - National authentication with Austrian Citizen Card and mobile signature with our without mandate. - Legacy authentication for foreign citizens using MOCCA supported signature cards. --> - <pd:Task id="initializeBKUAuthentication" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.InitializeBKUAuthenticationTask" /> - <pd:Task id="createIdentityLinkForm" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CreateIdentityLinkFormTask" /> - <pd:Task id="verifyIdentityLink" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask" async="true" /> - <pd:Task id="verifyAuthBlock" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask" async="true" /> - <pd:Task id="verifyCertificate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask" async="true" /> - <pd:Task id="getMISMandate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask" async="true" /> - <pd:Task id="certificateReadRequest" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CertificateReadRequestTask" /> - <pd:Task id="prepareAuthBlockSignature" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareAuthBlockSignatureTask" /> - <pd:Task id="prepareGetMISMandate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareGetMISMandateTask" /> - <pd:Task id="finalizeAuthentication" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.FinalizeAuthenticationTask" /> - <pd:Task id="getForeignID" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetForeignIDTask" async="true" /> + <pd:Task id="initializeBKUAuthentication" class="InitializeBKUAuthenticationTask" /> + <pd:Task id="createIdentityLinkForm" class="CreateIdentityLinkFormTask" /> + <pd:Task id="verifyIdentityLink" class="VerifyIdentityLinkTask" async="true" /> + <pd:Task id="verifyAuthBlock" class="VerifyAuthenticationBlockTask" async="true" /> + <pd:Task id="verifyCertificate" class="VerifyCertificateTask" async="true" /> + <pd:Task id="getMISMandate" class="GetMISSessionIDTask" async="true" /> + <pd:Task id="certificateReadRequest" class="CertificateReadRequestTask" /> + <pd:Task id="prepareAuthBlockSignature" class="PrepareAuthBlockSignatureTask" /> + <pd:Task id="prepareGetMISMandate" class="PrepareGetMISMandateTask" /> + <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" /> + <pd:Task id="getForeignID" class="GetForeignIDTask" async="true" /> <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. --> <pd:StartEvent id="start" /> diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/moaid_citizencard_auth.beans.xml b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/moaid_citizencard_auth.beans.xml new file mode 100644 index 000000000..b0ab11a11 --- /dev/null +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/resources/moaid_citizencard_auth.beans.xml @@ -0,0 +1,57 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="CitizenCardAuthenticationServer" + class="at.gv.egovernment.moa.id.auth.AuthenticationServer"/> + + +<!-- Authentication Process Tasks --> + <bean id="InitializeBKUAuthenticationTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.InitializeBKUAuthenticationTask" + scope="prototype"/> + + <bean id="CreateIdentityLinkFormTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CreateIdentityLinkFormTask" + scope="prototype"/> + + <bean id="VerifyIdentityLinkTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask" + scope="prototype"/> + + <bean id="CertificateReadRequestTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CertificateReadRequestTask" + scope="prototype"/> + + <bean id="VerifyCertificateTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask" + scope="prototype"/> + + <bean id="PrepareAuthBlockSignatureTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareAuthBlockSignatureTask" + scope="prototype"/> + + <bean id="VerifyAuthenticationBlockTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask" + scope="prototype"/> + + <bean id="PrepareGetMISMandateTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareGetMISMandateTask" + scope="prototype"/> + + <bean id="GetMISSessionIDTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask" + scope="prototype"/> + + <bean id="GetForeignIDTask" + class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetForeignIDTask" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml new file mode 100644 index 000000000..addf086d8 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/pom.xml @@ -0,0 +1,160 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>${moa-id-version}</version> + </parent> + <artifactId>moa-id-module-eIDAS</artifactId> + <name>MOA-ID eIDAS Module</name> + <description>Inbound / outbound implemention of eIDAS protocol for MOA-ID</description> + + <properties> + <repositoryPath>${basedir}/../../../../repository</repositoryPath> + + <eidas-commons.version>eidas.1.0</eidas-commons.version> + <eidas-saml-engine.version>eidas.1.0</eidas-saml-engine.version> + <eidas-encryption.version>eidas.1.0</eidas-encryption.version> + <eidas-configmodule.version>eidas.1.0</eidas-configmodule.version> + + </properties> + + <profiles> + <profile> + <id>default</id> + <activation> + <activeByDefault>true</activeByDefault> + </activation> + <repositories> + <repository> + <id>local</id> + <name>local</name> + <url>file:${basedir}/../../../../repository</url> + </repository> + <repository> + <id>egiz-commons</id> + <url>https://demo.egiz.gv.at/int-repo/</url> + <releases> + <enabled>true</enabled> + </releases> + </repository> + </repositories> + </profile> + </profiles> + + <dependencies> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <scope>test</scope> + </dependency> + + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + + <!-- eidas Commons --> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-commons</artifactId> + <version>${eidas-commons.version}</version> + <!--scope>provided</scope--> + <exclusions> + <exclusion> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> + <exclusion> + <artifactId>log4j-over-slf4j</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-configmodule</artifactId> + <version>${eidas-configmodule.version}</version> + <exclusions> + <exclusion> + <artifactId>log4j-over-slf4j</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-encryption</artifactId> + <version>${eidas-encryption.version}</version> + <exclusions> + <exclusion> + <artifactId>log4j-over-slf4j</artifactId> + <groupId>org.slf4j</groupId> + </exclusion> + </exclusions> + </dependency> + + <!-- eidas SAML Engine --> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>saml-engine</artifactId> + <version>${eidas-saml-engine.version}</version> + <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>xalan</groupId> + <artifactId>serializer</artifactId> + </exclusion> + <exclusion> + <groupId>xalan</groupId> + <artifactId>xalan</artifactId> + </exclusion> + <exclusion> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + </exclusion> + <exclusion> + <groupId>xml-resolver</groupId> + <artifactId>xml-resolver</artifactId> + </exclusion> + <exclusion> + <groupId>xml-apis</groupId> + <artifactId>xml-apis</artifactId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>1.52</version> + <!-- <scope>provided</scope> --> + </dependency> + + + </dependencies> + +</project>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java new file mode 100644 index 000000000..d93d739b1 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java @@ -0,0 +1,124 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas; + +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +import org.opensaml.xml.encryption.EncryptionConstants; +import org.opensaml.xml.signature.SignatureConstants; + +import eu.eidas.auth.engine.core.eidas.EidasAttributesTypes; +import eu.eidas.auth.engine.core.validator.eidas.EIDASAttributes; + +/** + * @author tlenz + * + */ +public class Constants { + + public static final String eIDAS_SAML_ENGINE_NAME = "default"; + public static final String SSLSOCKETFACTORYNAME = "eIDASMetadataSSLSocketFactory"; + + //default keys for eIDAS SAML-engine configuration + public static final String eIDAS_SAML_ENGINE_NAME_ID_BASICCONFIG = "SamlEngineConf"; + public static final String eIDAS_SAML_ENGINE_NAME_ID_SIGNATURECONFIG = "SignatureConf"; + public static final String eIDAS_SAML_ENGINE_NAME_ID_ENCRYPTIONCONFIG = "EncryptionConf"; + public static final String eIDAS_SAML_ENGINE_NAME_ID_CLASS = "class"; + + //default implementations for eIDAS SAML-engine functionality + public static final String SAML_SIGNING_IMPLENTATION = "eu.eidas.auth.engine.core.impl.SignSW"; + public static final String SAML_ENCRYPTION_IMPLENTATION = "at.gv.egovernment.moa.id.auth.modules.eidas.config.ModifiedEncryptionSW"; + + //configuration property keys + public static final String CONIG_PROPS_EIDAS_PREFIX="moa.id.protocols.eIDAS"; + public static final String CONIG_PROPS_EIDAS_SAMLENGINE="samlengine"; + public static final String CONIG_PROPS_EIDAS_SAMLENGINE_PREFIX=CONIG_PROPS_EIDAS_PREFIX + "." + CONIG_PROPS_EIDAS_SAMLENGINE; + public static final String CONIG_PROPS_EIDAS_SAMLENGINE_BASIC_CONFIGFILE = CONIG_PROPS_EIDAS_SAMLENGINE_PREFIX + ".config.file"; + public static final String CONIG_PROPS_EIDAS_SAMLENGINE_SIGN="sign"; + public static final String CONIG_PROPS_EIDAS_SAMLENGINE_ENCRYPT="enc"; + public static final String CONIG_PROPS_EIDAS_SAMLENGINE_SIGN_CONFIGFILE = CONIG_PROPS_EIDAS_SAMLENGINE_PREFIX + "." + + CONIG_PROPS_EIDAS_SAMLENGINE_SIGN + ".config.file"; + public static final String CONIG_PROPS_EIDAS_SAMLENGINE_ENC_CONFIGFILE = CONIG_PROPS_EIDAS_SAMLENGINE_PREFIX + "." + + CONIG_PROPS_EIDAS_SAMLENGINE_ENCRYPT + ".config.file"; + public static final String CONIG_PROPS_EIDAS_METADATA_VALIDATION_TRUSTSTORE = CONIG_PROPS_EIDAS_PREFIX + ".metadata.validation.truststore"; + + //timeouts and clock skews + public static final long CONFIG_PROPS_SKEWTIME = 2 * 60 * 1000; //2 minutes skew time for response validation + public static final int CONFIG_PROPS_METADATA_SOCKED_TIMEOUT = 20 * 1000; //20 seconds metadata socked timeout + public static final long CONFIG_PROPS_METADATA_GARBAGE_TIMEOUT = 7 * 24 * 60 * 60 * 1000; //remove unused eIDAS metadata after 7 days + + //eIDAS attribute names + public static final String eIDAS_ATTR_PERSONALIDENTIFIER = EIDASAttributes.ATTRIBUTE_NAME_SUFFIX_PERSONIDENTIFIER; + public static final String eIDAS_ATTR_DATEOFBIRTH = EIDASAttributes.ATTRIBUTE_NAME_SUFFIX_DATEOFBIRTH; + public static final String eIDAS_ATTR_CURRENTGIVENNAME = EIDASAttributes.ATTRIBUTE_NAME_SUFFIX_FIRSTNAME; + public static final String eIDAS_ATTR_CURRENTFAMILYNAME = EIDASAttributes.ATTRIBUTE_NAME_SUFFIX_GIVENNAME; + + //http endpoint descriptions + public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/sp/post"; + public static final String eIDAS_HTTP_ENDPOINT_SP_REDIRECT = "/eidas/sp/redirect"; + public static final String eIDAS_HTTP_ENDPOINT_IDP_POST = "/eidas/idp/post"; + public static final String eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST = "/eidas/ColleagueRequest"; + public static final String eIDAS_HTTP_ENDPOINT_IDP_REDIRECT = "/eidas/idp/redirect"; + public static final String eIDAS_HTTP_ENDPOINT_METADATA = "/eidas/metadata"; + + + //Event-Codes for Revisionslog + public static final int eIDAS_REVERSIONSLOG_METADATA = 3400; + public static final int eIDAS_REVERSIONSLOG_IDP_AUTHREQUEST = 3401; + public static final int eIDAS_REVERSIONSLOG_IDP_AUTHRESPONSE = 3402; + public static final int eIDAS_REVERSIONSLOG_SP_AUTHREQUEST= 3403; + public static final int eIDAS_REVERSIONSLOG_SP_AUTHRESPONSE= 3404; + + //metadata constants + public final static Map<String, EidasAttributesTypes> METADATA_POSSIBLE_ATTRIBUTES = Collections.unmodifiableMap( + new HashMap<String, EidasAttributesTypes>(){ + private static final long serialVersionUID = 1L; + { + put(EIDASAttributes.ATTRIBUTE_GIVENNAME, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); + put(EIDASAttributes.ATTRIBUTE_FIRSTNAME, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); + put(EIDASAttributes.ATTRIBUTE_DATEOFBIRTH, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); + put(EIDASAttributes.ATTRIBUTE_PERSONIDENTIFIER, EidasAttributesTypes.NATURAL_PERSON_MANDATORY); + + //TODO: add additional attributes for eIDAS with mandates + //put(EIDASAttributes.ATTRIBUTE_LEGALIDENTIFIER, EidasAttributesTypes.LEGAL_PERSON_MANDATORY); + //put(EIDASAttributes.ATTRIBUTE_LEGALNAME, EidasAttributesTypes.LEGAL_PERSON_MANDATORY); + } + } + ); + + public static final String METADATA_ALLOWED_ALG_DIGIST = + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256 + ";" + + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512 ; + + public static final String METADATA_ALLOWED_ALG_SIGN = + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256 + ";" + + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512; + + public static final String METADATA_ALLOWED_ALG_ENCRYPT = + EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM + ";" + + EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192_GCM + ";" + + EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM; + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAIDCertificateManagerConfigurationImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAIDCertificateManagerConfigurationImpl.java new file mode 100644 index 000000000..1759a7281 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAIDCertificateManagerConfigurationImpl.java @@ -0,0 +1,118 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.config; + +import java.util.HashMap; +import java.util.Map; + +import at.gv.egovernment.moa.logging.Logger; + +import eu.eidas.config.ConfigurationException; +import eu.eidas.samlengineconfig.AbstractCertificateConfigurationManager; +import eu.eidas.samlengineconfig.EngineInstance; +import eu.eidas.samlengineconfig.SamlEngineConfiguration; +import eu.eidas.samlengineconfig.impl.SamlEngineConfigurationImpl; + +/** + * @author tlenz + * + */ +public class MOAIDCertificateManagerConfigurationImpl extends + AbstractCertificateConfigurationManager { + + private SamlEngineConfiguration samlEngineConfiguration =null; + + @Override + public boolean isActive() { + return true; + } + + /** + * + */ + public MOAIDCertificateManagerConfigurationImpl() { + try { + initalizeConfiguration(); + + } catch (at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException e) { + Logger.error("eIDAS SAML-engine initialization FAILED", e); + + } + } + + + /* (non-Javadoc) + * @see eu.eidas.samlengineconfig.CertificateConfigurationManager#addConfiguration(java.lang.String, java.lang.String, java.util.Map, boolean) + */ + @Override + public void addConfiguration(String paramString1, String paramString2, + Map<String, String> paramMap, boolean paramBoolean) { + throw new ConfigurationException("","not yet implemented"); + + } + + /* (non-Javadoc) + * @see eu.eidas.samlengineconfig.CertificateConfigurationManager#getInstance(java.lang.String) + */ + @Override + public EngineInstance getInstance(String paramString) { + return getConfiguration().get(paramString); + + } + + /* (non-Javadoc) + * @see eu.eidas.samlengineconfig.CertificateConfigurationManager#getConfiguration() + */ + @Override + public Map<String, EngineInstance> getConfiguration() { + if(samlEngineConfiguration == null){ + try { + initalizeConfiguration(); + + } catch (at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException e) { + Logger.error("eIDAS SAML-engine initialization FAILED", e); + + } + + } + + return samlEngineConfiguration==null?new HashMap<String, EngineInstance>():((MOAeIDASSAMLEngineConfigurationImpl) samlEngineConfiguration).getInstanceMap(); + + } + + + /** + * Initialize eIDAS SAML-engine from MOA-ID configuration + * @throws at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException + * + */ + private void initalizeConfiguration() throws at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException { + //initialize configuration + MOAeIDASSAMLEngineConfigurationImpl tmp = new MOAeIDASSAMLEngineConfigurationImpl(); + tmp.initialize(); + + //set initialized configuration + samlEngineConfiguration = tmp; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java new file mode 100644 index 000000000..5d1874157 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java @@ -0,0 +1,268 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.config; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URISyntaxException; +import java.net.URL; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.MiscUtil; + +import eu.eidas.samlengineconfig.BinaryParameter; +import eu.eidas.samlengineconfig.ConfigurationParameter; +import eu.eidas.samlengineconfig.EngineInstance; +import eu.eidas.samlengineconfig.InstanceConfiguration; +import eu.eidas.samlengineconfig.PropsParameter; +import eu.eidas.samlengineconfig.SamlEngineConfiguration; + +/** + * @author tlenz + * + */ +public class MOAeIDASSAMLEngineConfigurationImpl extends + SamlEngineConfiguration { + + private static final String KEYSTORE_PATH="keystorePath"; + private static final String METADATA_KEYSTORE_PATH="metadata.keystorePath"; + private static final String ENCRYPTION_ACTIVATION="encryptionActivation"; + private static final String[] BINARY_PARAMETERS={KEYSTORE_PATH, ENCRYPTION_ACTIVATION,METADATA_KEYSTORE_PATH}; + + public List<EngineInstance> getInstances(){ + return super.getInstances(); + } + + @Override + public void setInstances(List<EngineInstance> engineInstances) { + super.setInstances(engineInstances); + + } + + public Map<String, EngineInstance> getInstanceMap() { + Map<String, EngineInstance> result = new HashMap<String, EngineInstance>(); + for(EngineInstance instance:getInstances()) { + + result.put(instance.getName(), instance); + } + + return result; + } + + //initialize + public void initialize() throws ConfigurationException { + //create an eIDAS SAML-engine instance + EngineInstance engineInst = new EngineInstance(); + engineInst.setName(Constants.eIDAS_SAML_ENGINE_NAME); + List<InstanceConfiguration> engineConfigs = new ArrayList<InstanceConfiguration>(); + + + //add configurations + + //add basic eIDAS SAML-engine configuration + MOAeIDASSAMLInstanceConfigurationImpl samlBaseConfig = new MOAeIDASSAMLInstanceConfigurationImpl(); + samlBaseConfig.setName(Constants.eIDAS_SAML_ENGINE_NAME_ID_BASICCONFIG); + samlBaseConfig.addParameter(loadConfigurationFromExternalFile(Constants.CONIG_PROPS_EIDAS_SAMLENGINE_BASIC_CONFIGFILE)); + engineConfigs.add(samlBaseConfig); + + //add signing eIDAS SAML-engine configuration + MOAeIDASSAMLInstanceConfigurationImpl samlSignConfig = new MOAeIDASSAMLInstanceConfigurationImpl(); + samlSignConfig.setName(Constants.eIDAS_SAML_ENGINE_NAME_ID_SIGNATURECONFIG); + samlSignConfig.addParameter(Constants.eIDAS_SAML_ENGINE_NAME_ID_CLASS, + Constants.SAML_SIGNING_IMPLENTATION); + + //TODO: load signing keys directly from MOA-ID configuration in finale version + samlSignConfig.addParameter(loadConfigurationFromExternalFile(Constants.CONIG_PROPS_EIDAS_SAMLENGINE_SIGN_CONFIGFILE)); + engineConfigs.add(samlSignConfig); + + //add encryption eIDAS SAML-engine configuration + MOAeIDASSAMLInstanceConfigurationImpl samlEncConfig = new MOAeIDASSAMLInstanceConfigurationImpl(); + samlEncConfig.setName(Constants.eIDAS_SAML_ENGINE_NAME_ID_ENCRYPTIONCONFIG); + samlEncConfig.addParameter(Constants.eIDAS_SAML_ENGINE_NAME_ID_CLASS, + Constants.SAML_ENCRYPTION_IMPLENTATION); + + //TODO: load encryption keys directly from MOA-ID configuration in finale version + samlEncConfig.addParameter(loadConfigurationFromExternalFile(Constants.CONIG_PROPS_EIDAS_SAMLENGINE_ENC_CONFIGFILE)); + engineConfigs.add(samlEncConfig); + + engineInst.setConfigurations(engineConfigs); + super.addInstance(engineInst); + + } + + /** + * Load an external eIDAS SAML-engine configuration file, which is referenced from MOA-ID configuration + * + * @param key Configuration key, which is used in property based MOA-ID configuration file + * @return eIDAS SAML-engine configuration object + * @throws ConfigurationException + */ + + private ConfigurationParameter loadConfigurationFromExternalFile(String key) throws ConfigurationException { + String configFile = + AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfiguration(key); + if (MiscUtil.isEmpty(configFile)) { + Logger.warn("No eIDAS SAML-engine configuration key: " + + key + " found in MOA-ID properties configuration file."); + //throw new EIDASEngineConfigurationException("No eIDAS SAML-engine configuration property.", null); + return null; + } + + Properties inputProps = loadPropsFromXml(configFile); + return buildPropsParameter(inputProps, configFile); + + } + + + private PropsParameter buildPropsParameter(Properties inputProps, String fileName) throws EIDASEngineConfigurationException { + PropsParameter outputProps = new PropsParameter(); + outputProps.setFileName(fileName); + + //original eIDAS SAML-engine use this identifier + outputProps.setName("fileConfiguration"); + + outputProps.setValue(inputProps); + + //post-process special parameters + for(String key:BINARY_PARAMETERS) { + Object keystorePath = inputProps.get(key); + if (keystorePath != null) { + if (keystorePath instanceof String && + isBinaryParameter((String)keystorePath) ) { + BinaryParameter bp = new BinaryParameter(); + bp.setValue(loadBinaryFile(keystorePath.toString())); + bp.setName(key); + bp.setUrl(keystorePath.toString()); + inputProps.put(key, bp); + + } else { + Logger.warn("eIDAS SAML-engine keyStore parameter has an unsuspected type. +" + + "(Type: " + keystorePath.toString() + ")"); + + } + } + } + + return outputProps; + } + + private boolean isBinaryParameter(String parameter) { + if (MiscUtil.isNotEmpty(parameter)) { + String absoluteConfigFile; + try { + absoluteConfigFile = FileUtils.makeAbsoluteURL( + parameter, + AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); + File file = new File(new URL(absoluteConfigFile).toURI()); + return file.exists(); + + } catch (ConfigurationException | MalformedURLException | URISyntaxException e) { + Logger.warn("Binary eIDAS SAML-engine configuration parameter: " + + parameter + " is not loadable."); + + } + + } + + return false; + + } + + private byte[] loadBinaryFile(String fileName) throws EIDASEngineConfigurationException{ + InputStream is = null; + byte data[]=null; + try { + String absoluteConfigFile = FileUtils.makeAbsoluteURL( + fileName, + AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); + + File file = new File(new URL(absoluteConfigFile).toURI()); + is = new FileInputStream(file); + data=new byte[is.available()]; + is.read(data); + + } catch (ConfigurationException | URISyntaxException | IOException e) { + throw new EIDASEngineConfigurationException("eIDAS SAML-engine configuration FAILED", null, e); + + } finally { + if (is != null) + try { + is.close(); + + } catch (IOException e) { + Logger.warn("eIDAS SAML-engine configuration is not closeable.", e); + + } + + } + + return data; + + } + + private Properties loadPropsFromXml(String configFile) throws EIDASEngineConfigurationException { + Properties props = new Properties(); + InputStream is = null; + try { + String absoluteConfigFile = FileUtils.makeAbsoluteURL( + configFile, + AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); + + File file = new File(new URL(absoluteConfigFile).toURI()); + is = new FileInputStream(file); + props.loadFromXML(is); + + } catch (ConfigurationException | URISyntaxException | IOException e) { + throw new EIDASEngineConfigurationException("eIDAS SAML-engine configuration FAILED", null, e); + + } finally { + if (is != null) + try { + is.close(); + + } catch (IOException e) { + Logger.warn("eIDAS SAML-engine configuration is not closeable.", e); + + } + + } + + return props; + + } + + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLInstanceConfigurationImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLInstanceConfigurationImpl.java new file mode 100644 index 000000000..dccd39905 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLInstanceConfigurationImpl.java @@ -0,0 +1,60 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.config; + +import java.util.ArrayList; +import java.util.List; + +import eu.eidas.samlengineconfig.ConfigurationParameter; +import eu.eidas.samlengineconfig.InstanceConfiguration; +import eu.eidas.samlengineconfig.StringParameter; + +/** + * @author tlenz + * + */ +public class MOAeIDASSAMLInstanceConfigurationImpl extends + InstanceConfiguration { + + public void addParameter(ConfigurationParameter param) { + if (param != null) { + List<ConfigurationParameter> paramList = super.getParameters(); + if (paramList == null) { + paramList = new ArrayList<ConfigurationParameter>(); + super.setParameters(paramList); + + } + + paramList.add(param); + } + } + + public void addParameter(String key, String value) { + StringParameter param = new StringParameter(); + param.setName(key); + param.setValue(value); + addParameter(param); + + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java new file mode 100644 index 000000000..1ba344fd1 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java @@ -0,0 +1,29 @@ +package at.gv.egovernment.moa.id.auth.modules.eidas.config; + +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.logging.Logger; +import eu.eidas.auth.engine.core.impl.EncryptionSW; + +/** + * This encryption module asks the moa configuration on whether to encrypt the response or not. In doubt, encryption is enforced. + */ +public class ModifiedEncryptionSW extends EncryptionSW { + + @Override + public boolean isEncryptionEnable(String countryCode) { + // - encrypt if so configured + try { + AuthConfiguration moaconfig = AuthConfigurationProviderFactory.getInstance(); + Boolean useEncryption = moaconfig.getStorkConfig().getCPEPS(countryCode).isXMLSignatureSupported(); + Logger.info(useEncryption ? "using encryption" : "do not use encrpytion"); + return useEncryption; + } catch(NullPointerException | ConfigurationException e) { + Logger.warn("failed to gather information about encryption for countryCode " + countryCode + " - thus, enabling encryption"); + if(Logger.isDebugEnabled()) + e.printStackTrace(); + return true; + } + } +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java new file mode 100644 index 000000000..7b044522c --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java @@ -0,0 +1,72 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egovernment.moa.id.auth.modules.AuthModule; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; + +/** + * @author tlenz + * + */ +public class eIDASAuthenticationModulImpl implements AuthModule { + + private int priority = 1; + + @Override + public int getPriority() { + return priority; + } + + /** + * Sets the priority of this module. Default value is {@code 0}. + * @param priority The priority. + */ + public void setPriority(int priority) { + this.priority = priority; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext) + */ + @Override + public String selectProcess(ExecutionContext context) { + if (StringUtils.isNotBlank((String) context.get("ccc")) || + StringUtils.isNotBlank((String) context.get("CCC"))) + return "eIDASAuthentication"; + else + return null; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/eidas/eIDAS.Authentication.process.xml" }; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationSpringResourceProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationSpringResourceProvider.java new file mode 100644 index 000000000..70bd7b3d7 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationSpringResourceProvider.java @@ -0,0 +1,28 @@ +package at.gv.egovernment.moa.id.auth.modules.eidas; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +public class eIDASAuthenticationSpringResourceProvider implements SpringResourceProvider { + + @Override + public String getName() { + return "MOA-ID eIDAS-Authentication SpringResourceProvider"; + } + + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource eIDASAuthConfig = new ClassPathResource("/moaid_eidas_auth.beans.xml", eIDASAuthenticationSpringResourceProvider.class); + + return new Resource[] {eIDASAuthConfig}; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java new file mode 100644 index 000000000..16d909331 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java @@ -0,0 +1,107 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.auth.servlet.AbstractProcessEngineSignalController; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Controller +public class eIDASSignalServlet extends AbstractProcessEngineSignalController { + + public eIDASSignalServlet() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '"+ Constants.eIDAS_HTTP_ENDPOINT_SP_POST + + "' and '"+ Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT + "'."); + + } + + @RequestMapping(value = { "/eidas/sp/post", + "/eidas/sp/redirect" + }, + method = {RequestMethod.POST, RequestMethod.GET}) + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + signalProcessManagement(req, resp); + } + + @Override + /** + * Protocol specific implementation to get the pending-requestID + * from http request object + * + * @param request The http Servlet-Request object + * @return The Pending-request id + * + */ + public String getPendingRequestId(HttpServletRequest request) { + String sessionId = super.getPendingRequestId(request); + + try { + + // use SAML2 relayState + if (sessionId == null) { + sessionId = StringEscapeUtils.escapeHtml(request.getParameter("RelayState")); + } else + Logger.warn("No parameter 'SAMLResponse'. Unable to retrieve MOA session id."); + + // take from InResponseTo attribute of SAMLResponse +// if (sessionId == null) { +// String base64SamlToken = request.getParameter("SAMLResponse"); +// if (base64SamlToken != null && false) { +// byte[] samlToken = Base64Utils.decode(base64SamlToken, false); +// Document samlResponse = parseDocument(new ByteArrayInputStream(samlToken)); +// +// XPath xPath = XPathFactory.newInstance().newXPath(); +// SimpleNamespaceContext nsContext = new SimpleNamespaceContext(); +// nsContext.bindNamespaceUri("saml2p", "urn:oasis:names:tc:SAML:2.0:protocol"); +// xPath.setNamespaceContext(nsContext); +// XPathExpression expression = xPath.compile("string(/saml2p:Response/@InResponseTo)"); +// sessionId = (String) expression.evaluate(samlResponse, XPathConstants.STRING); +// sessionId = StringEscapeUtils.escapeHtml(StringUtils.trimToNull(sessionId)); +// } else { +// Logger.warn("No parameter 'SAMLResponse'. Unable to retrieve MOA session id."); +// } +// } + + } catch (Exception e) { + Logger.warn("Unable to retrieve moa session id.", e); + } + + return sessionId; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java new file mode 100644 index 000000000..80a2734f2 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java @@ -0,0 +1,409 @@ +package at.gv.egovernment.moa.id.auth.modules.eidas.engine; + +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Timer; + +import javax.net.ssl.SSLHandshakeException; +import javax.xml.namespace.QName; + +import org.apache.commons.httpclient.MOAHttpClient; +import org.apache.commons.httpclient.params.HttpClientParams; +import org.opensaml.saml2.metadata.EntitiesDescriptor; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.RoleDescriptor; +import org.opensaml.saml2.metadata.provider.ChainingMetadataProvider; +import org.opensaml.saml2.metadata.provider.FilterException; +import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.saml2.metadata.provider.MetadataProvider; +import org.opensaml.saml2.metadata.provider.MetadataProviderException; +import org.opensaml.saml2.metadata.provider.ObservableMetadataProvider; +import org.opensaml.xml.XMLObject; + +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; +import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing; +import at.gv.egovernment.moa.id.config.auth.MOAGarbageCollector; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MOASPMetadataSignatureFilter; +import at.gv.egovernment.moa.id.saml2.MetadataFilterChain; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; +import eu.eidas.auth.engine.AbstractSAMLEngine; + +public class MOAeIDASChainingMetadataProvider implements ObservableMetadataProvider, IGarbageCollectorProcessing { + + private static MOAeIDASChainingMetadataProvider instance = null; + private static Object mutex = new Object(); + + private MetadataProvider internalProvider; + private Map<String, Date> lastAccess = null; + + + public static MOAeIDASChainingMetadataProvider getInstance() { + if (instance == null) { + synchronized (mutex) { + if (instance == null) { + instance = new MOAeIDASChainingMetadataProvider(); + MOAGarbageCollector.addModulForGarbageCollection(instance); + } + } + } + return instance; + } + + + private MOAeIDASChainingMetadataProvider() { + internalProvider = new ChainingMetadataProvider(); + lastAccess = new HashMap<String, Date>(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing#runGarbageCollector() + */ + @Override + public void runGarbageCollector() { + if (!lastAccess.isEmpty()) { + Date now = new Date(); + Date expioredate = new Date(now.getTime() - + Constants.CONFIG_PROPS_METADATA_GARBAGE_TIMEOUT); + Logger.debug("Starting eIDAS Metadata garbag collection (Expioredate:" + + expioredate + ")"); + + List<String> expiredEntities = new ArrayList<String>(); + + Iterator<Entry<String, Date>> lastAccessInterator = lastAccess.entrySet().iterator(); + while(lastAccessInterator.hasNext()) { + Entry<String, Date> element = lastAccessInterator.next(); + if (element.getValue().before(expioredate)) { + Logger.debug("Remove unused eIDAS Metadate: " + element.getKey()); + expiredEntities.add(element.getKey()); + + } + } + + ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; + boolean isUpdateRequired = false; + + //get all actually loaded metadata providers + Map<String, HTTPMetadataProvider> loadedproviders = getAllActuallyLoadedProviders(); + + if (!expiredEntities.isEmpty()) { + for (String expired : expiredEntities) { + if (loadedproviders.containsKey(expired)) { + HTTPMetadataProvider provider = loadedproviders.get(expired); + + //destroy metadata provider + provider.destroy(); + + //remove from map + loadedproviders.remove(expired); + isUpdateRequired = true; + + /*OpenSAML ChainingMetadataProvider can not remove a MetadataProvider (UnsupportedOperationException) + *The ChainingMetadataProvider use internal a unmodifiableList to hold all registrated MetadataProviders.*/ + //chainProvider.removeMetadataProvider(provider); + Logger.info("Remove not used eIDAS MetadataProvider " + expired + + " after timeout."); + + } else + Logger.warn("eIDAS metadata for EntityID: " + expired + + " is marked as unsed, but no loaded metadata provider is found."); + + } + } + + //check signature of all metadata which are actually loaded + List<String> nonValidMetadataProvider = new ArrayList<String>(); + for (HTTPMetadataProvider provider : loadedproviders.values()) { + try { + provider.getMetadataFilter().doFilter(provider.getMetadata()); + + } catch (FilterException | MetadataProviderException e) { + Logger.info("eIDAS MetadataProvider: " + provider.getMetadataURI() + + " is not valid any more. Reason:" + e.getMessage()); + if (Logger.isDebugEnabled()) + Logger.warn("Reason", e); + + nonValidMetadataProvider.add(provider.getMetadataURI()); + + } + } + for (String el : nonValidMetadataProvider) { + loadedproviders.remove(el); + isUpdateRequired = true; + + } + + //update chaining metadata-provider if it is required + if (isUpdateRequired) { + try { + synchronized (chainProvider) { + chainProvider.setProviders(new ArrayList<MetadataProvider>(loadedproviders.values())); + + emitChangeEvent(); + } + + } catch (MetadataProviderException e) { + Logger.warn("ReInitalize eIDASA MetaDataProvider is not possible! MOA-ID Instance has to be restarted manualy", e); + + } + } + } + } + + + + private HTTPMetadataProvider createNewHTTPMetaDataProvider(String metadataURL) { + HTTPMetadataProvider httpProvider = null; + Timer timer= null; + MOAHttpClient httpClient = null; + try { + AuthConfiguration authConfig = AuthConfigurationProviderFactory.getInstance(); + + httpClient = new MOAHttpClient(); + + HttpClientParams httpClientParams = new HttpClientParams(); + httpClientParams.setSoTimeout(Constants.CONFIG_PROPS_METADATA_SOCKED_TIMEOUT); + httpClient.setParams(httpClientParams); + + if (metadataURL.startsWith("https:")) { + try { + MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( + Constants.SSLSOCKETFACTORYNAME, + authConfig.getCertstoreDirectory(), + authConfig.getTrustedCACertificates(), + null, + AuthConfiguration.DEFAULT_X509_CHAININGMODE, + authConfig.isTrustmanagerrevoationchecking()); + + httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); + + } catch (MOAHttpProtocolSocketFactoryException e) { + Logger.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore."); + + } + } + + timer = new Timer(); + httpProvider = new HTTPMetadataProvider(timer, httpClient, + metadataURL); + httpProvider.setParserPool(AbstractSAMLEngine.getNewBasicSecuredParserPool()); + httpProvider.setRequireValidMetadata(true); + httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes + httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours + //httpProvider.setRefreshDelayFactor(0.1F); + + //add Metadata filters + MetadataFilterChain filter = new MetadataFilterChain(); + filter.addFilter(new MOASPMetadataSignatureFilter( + authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_METADATA_VALIDATION_TRUSTSTORE))); + httpProvider.setMetadataFilter(filter); + + httpProvider.initialize(); + + return httpProvider; + + } catch (Throwable e) { + if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) { + Logger.warn("SSL-Server certificate for metadata " + + metadataURL + " not trusted.", e); + + } if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) { + Logger.warn("Signature verification for metadata" + + metadataURL + " FAILED.", e); + + } if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) { + Logger.warn("Schema validation for metadata " + + metadataURL + " FAILED.", e); + } + + Logger.error( + "Failed to add Metadata file for " + + metadataURL + "[ " + + e.getMessage() + " ]", e); + + if (httpProvider != null) { + Logger.debug("Destroy failed Metadata provider"); + httpProvider.destroy(); + } + + if (timer != null) { + Logger.debug("Destroy Timer."); + timer.cancel(); + } + + + } + + return null; + } + + private Map<String, HTTPMetadataProvider> getAllActuallyLoadedProviders() { + Map<String, HTTPMetadataProvider> loadedproviders = new HashMap<String, HTTPMetadataProvider>(); + ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; + + //make a Map of all actually loaded HTTPMetadataProvider + List<MetadataProvider> providers = chainProvider.getProviders(); + for (MetadataProvider provider : providers) { + if (provider instanceof HTTPMetadataProvider) { + HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider; + loadedproviders.put(httpprovider.getMetadataURI(), httpprovider); + + } + } + + return loadedproviders; + } + + public boolean refreshMetadataProvider(String metadataURL) { + try { + if (MiscUtil.isNotEmpty(metadataURL)) { + Map<String, HTTPMetadataProvider> actuallyLoadedProviders = getAllActuallyLoadedProviders(); + + // check if MetadataProvider is actually loaded + if (actuallyLoadedProviders.containsKey(metadataURL)) { + actuallyLoadedProviders.get(metadataURL).refresh(); + Logger.info("eIDAS metadata for " + + metadataURL + " is refreshed."); + return true; + + } else { + //load new Metadata Provider + ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; + HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL); + chainProvider.addMetadataProvider(newMetadataProvider); + + emitChangeEvent(); + Logger.info("eIDAS metadata for " + + metadataURL + " is added."); + return true; + + } + + } else + Logger.debug("Can not refresh eIDAS metadata: NO eIDAS metadata URL."); + + } catch (MetadataProviderException e) { + Logger.warn("Refresh eIDAS metadata for " + + metadataURL + " FAILED.", e); + + } + + return false; + + } + + + public boolean requireValidMetadata() { + return internalProvider.requireValidMetadata(); + } + + public void setRequireValidMetadata(boolean requireValidMetadata) { + internalProvider.setRequireValidMetadata(requireValidMetadata); + } + + public MetadataFilter getMetadataFilter() { + return internalProvider.getMetadataFilter(); + } + + public void setMetadataFilter(MetadataFilter newFilter) + throws MetadataProviderException { + internalProvider.setMetadataFilter(newFilter); + } + + public XMLObject getMetadata() throws MetadataProviderException { + return internalProvider.getMetadata(); + } + + public EntitiesDescriptor getEntitiesDescriptor(String entitiesID) + throws MetadataProviderException { + Logger.warn("eIDAS metadata not support 'EntitiesDescriptor' elements!"); + return null; + + } + + public EntityDescriptor getEntityDescriptor(String entityID) + throws MetadataProviderException { + EntityDescriptor entityDesc = null; + try { + entityDesc = internalProvider.getEntityDescriptor(entityID); + if (entityDesc == null) { + Logger.debug("Can not find eIDAS metadata for entityID: " + entityID + + " Start refreshing process ..."); + if (refreshMetadataProvider(entityID)) + entityDesc = internalProvider.getEntityDescriptor(entityID); + + } else { + if (!entityDesc.isValid()) + if (refreshMetadataProvider(entityID)) + entityDesc = internalProvider.getEntityDescriptor(entityID); + + } + + + } catch (MetadataProviderException e) { + Logger.debug("Can not find eIDAS metadata for entityID: " + entityID + + " Start refreshing process ..."); + if (refreshMetadataProvider(entityID)) + entityDesc = internalProvider.getEntityDescriptor(entityID); + + } + + if (entityDesc != null) + lastAccess.put(entityID, new Date()); + + return entityDesc; + } + + public List<RoleDescriptor> getRole(String entityID, QName roleName) + throws MetadataProviderException { + EntityDescriptor entityDesc = getEntityDescriptor(entityID); + if (entityDesc != null) + return entityDesc.getRoleDescriptors(roleName); + + else + return null; + } + + public RoleDescriptor getRole(String entityID, QName roleName, + String supportedProtocol) throws MetadataProviderException { + EntityDescriptor entityDesc = getEntityDescriptor(entityID); + if (entityDesc != null) + return internalProvider.getRole(entityID, roleName, supportedProtocol); + + else + return null; + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.ObservableMetadataProvider#getObservers() + */ + @Override + public List<Observer> getObservers() { + return ((ChainingMetadataProvider) internalProvider).getObservers(); + } + + protected void emitChangeEvent() { + if ((getObservers() == null) || (getObservers().size() == 0)) { + return; + } + + List<Observer> tempObserverList = new ArrayList<Observer>(getObservers()); + for (ObservableMetadataProvider.Observer observer : tempObserverList) + if (observer != null) + observer.onEvent(this); + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASMetadataProviderDecorator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASMetadataProviderDecorator.java new file mode 100644 index 000000000..7537c4d84 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASMetadataProviderDecorator.java @@ -0,0 +1,122 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.engine; + +import java.security.KeyStore; + +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.IDPSSODescriptor; +import org.opensaml.saml2.metadata.RoleDescriptor; +import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml2.metadata.provider.MetadataProvider; +import org.opensaml.saml2.metadata.provider.MetadataProviderException; + +import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.engine.metadata.MetadataProcessorI; +import eu.eidas.engine.exceptions.SAMLEngineException; + +/** + * @author tlenz + * + */ +public class MOAeIDASMetadataProviderDecorator implements MetadataProcessorI { + + private MetadataProvider metadataprovider = null; + + /** + * + */ + public MOAeIDASMetadataProviderDecorator(MetadataProvider metadataprovider) { + this.metadataprovider = metadataprovider; + + } + + /* (non-Javadoc) + * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#getEntityDescriptor(java.lang.String) + */ + @Override + public EntityDescriptor getEntityDescriptor(String url) + throws SAMLEngineException { + try { + return this.metadataprovider.getEntityDescriptor(url); + + } catch (MetadataProviderException e) { + throw new SAMLEngineException("eIDAS Metadata processing FAILED.", e); + + } + } + + /* (non-Javadoc) + * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#getSPSSODescriptor(java.lang.String) + */ + @Override + public SPSSODescriptor getSPSSODescriptor(String url) + throws SAMLEngineException { + return getFirstRoleDescriptor(getEntityDescriptor(url), SPSSODescriptor.class); + + } + + /* (non-Javadoc) + * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#getIDPSSODescriptor(java.lang.String) + */ + @Override + public IDPSSODescriptor getIDPSSODescriptor(String url) + throws SAMLEngineException { + return getFirstRoleDescriptor(getEntityDescriptor(url), IDPSSODescriptor.class); + + } + + /* (non-Javadoc) + * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#checkValidMetadataSignature(java.lang.String, eu.eidas.auth.engine.EIDASSAMLEngine) + */ + @Override + public void checkValidMetadataSignature(String url, EIDASSAMLEngine engine) + throws SAMLEngineException { + //Do nothing, because metadata signature is already validated during + //metadata provider initialization + + //TODO: maybe signature validation is needed on every request + + } + + /* (non-Javadoc) + * @see eu.eidas.auth.engine.metadata.MetadataProcessorI#checkValidMetadataSignature(java.lang.String, java.security.KeyStore) + */ + @Override + public void checkValidMetadataSignature(String url, KeyStore trustStore) + throws SAMLEngineException { + //Do nothing, because metadata signature is already validated during + //metadata provider initialization + + } + + protected <T extends RoleDescriptor> T getFirstRoleDescriptor(EntityDescriptor entityDescriptor, final Class<T> clazz){ + for(RoleDescriptor rd:entityDescriptor.getRoleDescriptors()){ + if(clazz.isInstance(rd)){ + return (T)rd; + } + } + return null; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDAsExtensionProcessor.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDAsExtensionProcessor.java new file mode 100644 index 000000000..5837d7dbf --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDAsExtensionProcessor.java @@ -0,0 +1,48 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.engine; + +import java.util.HashSet; +import java.util.Set; + +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import eu.eidas.auth.engine.core.ExtensionProcessorI; +import eu.eidas.auth.engine.core.eidas.EidasExtensionProcessor; + +/** + * @author tlenz + * + */ +public class MOAeIDAsExtensionProcessor extends EidasExtensionProcessor implements ExtensionProcessorI { + + /** + * Add only eIDAS attributes which are supported by Austrian eIDAS node + * + */ + @Override + public Set<String> getSupportedAttributes(){ + Set<String> supportedAttributes=new HashSet<String>( Constants.METADATA_POSSIBLE_ATTRIBUTES.keySet()); + + return supportedAttributes; + } +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineConfigurationException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineConfigurationException.java new file mode 100644 index 000000000..20f18b772 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineConfigurationException.java @@ -0,0 +1,60 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.exceptions; + +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; + +/** + * @author tlenz + * + */ +public class EIDASEngineConfigurationException extends ConfigurationException { + + /** + * + */ + private static final long serialVersionUID = 1L; + + /** + * @param messageId + * @param parameters + * @param wrapped + */ + public EIDASEngineConfigurationException(String messageId, + Object[] parameters, Throwable wrapped) { + super(messageId, parameters, wrapped); + } + + /** + * @param string + * @param object + */ + public EIDASEngineConfigurationException(String string, Object[] object) { + super(string, object); + } + + + + + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineException.java new file mode 100644 index 000000000..234c4e038 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/EIDASEngineException.java @@ -0,0 +1,64 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.exceptions; + +import org.opensaml.saml2.core.StatusCode; + +/** + * @author tlenz + * + */ +public class EIDASEngineException extends eIDASException { + + /** + * @param objects + * @param string + * @param e + */ + public EIDASEngineException(String msg, Object[] objects, Throwable e) { + super(msg, objects, e); + } + + /** + * + */ + private static final long serialVersionUID = 1559812927427153879L; + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASException#getStatusCodeFirstLevel() + */ + @Override + public String getStatusCodeFirstLevel() { + return StatusCode.RESPONDER_URI; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASException#getStatusCodeSecondLevel() + */ + @Override + public String getStatusCodeSecondLevel() { + return StatusCode.AUTHN_FAILED_URI; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAttributeException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAttributeException.java new file mode 100644 index 000000000..b25895eca --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAttributeException.java @@ -0,0 +1,52 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.exceptions; + +import org.opensaml.saml2.core.StatusCode; + +/** + * @author tlenz + * + */ +public class eIDASAttributeException extends eIDASException { + + private static final long serialVersionUID = 1L; + + public eIDASAttributeException(String message) { + super("eIDAS.07", new Object[]{message}); + + } + + @Override + public String getStatusCodeFirstLevel() { + return StatusCode.RESPONDER_URI; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASException#getStatusCodeSecondLevel() + */ + @Override + public String getStatusCodeSecondLevel() { + return StatusCode.AUTHN_FAILED_URI; + } +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestProcessingException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestProcessingException.java new file mode 100644 index 000000000..c96af37ef --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestProcessingException.java @@ -0,0 +1,80 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.exceptions; + +import org.opensaml.saml2.core.StatusCode; + +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class eIDASAuthnRequestProcessingException extends eIDASException { + + private String subStatusCode = null; + + /** + * + */ + private static final long serialVersionUID = 1083563877689098041L; + + /** + * @param messageId + * @param parameters + */ + public eIDASAuthnRequestProcessingException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + public eIDASAuthnRequestProcessingException(String subStatusCode, String messageId, Object[] parameters) { + super(messageId, parameters); + this.subStatusCode = subStatusCode; + } + + public eIDASAuthnRequestProcessingException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e ); + } + + public eIDASAuthnRequestProcessingException(String subStatusCode, String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e ); + this.subStatusCode = subStatusCode; + } + + @Override + public String getStatusCodeFirstLevel() { + return StatusCode.REQUESTER_URI; + + } + + @Override + public String getStatusCodeSecondLevel() { + if (MiscUtil.isNotEmpty(subStatusCode)) + return subStatusCode; + + else + return StatusCode.REQUEST_DENIED_URI; + + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestValidationException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestValidationException.java new file mode 100644 index 000000000..2a15ee18a --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASAuthnRequestValidationException.java @@ -0,0 +1,59 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.exceptions; + +import org.opensaml.saml2.core.StatusCode; + +/** + * @author tlenz + * + */ +public class eIDASAuthnRequestValidationException extends eIDASException { + + /** + * + */ + private static final long serialVersionUID = 4353716509546972267L; + + /** + * @param messageId + * @param parameters + */ + public eIDASAuthnRequestValidationException(String messageId, Object[] parameters) { + super(messageId, parameters); + + } + + @Override + public String getStatusCodeFirstLevel() { + return StatusCode.REQUESTER_URI; + + } + + @Override + public String getStatusCodeSecondLevel() { + return StatusCode.RESOURCE_NOT_RECOGNIZED_URI; + + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASException.java new file mode 100644 index 000000000..f42004abc --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASException.java @@ -0,0 +1,59 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.exceptions; + +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + +/** + * @author tlenz + * + */ +public abstract class eIDASException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 1L; + + + public abstract String getStatusCodeFirstLevel(); + public abstract String getStatusCodeSecondLevel(); + + + /** + * @param messageId + * @param parameters + */ + public eIDASException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + /** + * @param messageId + * @param parameters + */ + public eIDASException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseBuildException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseBuildException.java new file mode 100644 index 000000000..0ffcf11ef --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseBuildException.java @@ -0,0 +1,62 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.exceptions; + +import org.opensaml.saml2.core.StatusCode; + +/** + * @author tlenz + * + */ +public class eIDASResponseBuildException extends eIDASException { + + /** + * + */ + private static final long serialVersionUID = 4446851988854996919L; + + /** + * @param messageId + * @param parameters + */ + public eIDASResponseBuildException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + public eIDASResponseBuildException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + } + + @Override + public String getStatusCodeFirstLevel() { + return StatusCode.RESPONDER_URI; + + } + + @Override + public String getStatusCodeSecondLevel() { + return StatusCode.AUTHN_FAILED_URI; + + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseNotSuccessException.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseNotSuccessException.java new file mode 100644 index 000000000..d10ca1c88 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/exceptions/eIDASResponseNotSuccessException.java @@ -0,0 +1,67 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.exceptions; + +import org.opensaml.saml2.core.StatusCode; + +/** + * @author tlenz + * + */ +public class eIDASResponseNotSuccessException extends eIDASException { + + /** + * + */ + private static final long serialVersionUID = 6145402939313568907L; + + public eIDASResponseNotSuccessException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + /** + * @param messageId + * @param parameters + * @param e + */ + public eIDASResponseNotSuccessException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASException#getStatusCodeFirstLevel() + */ + @Override + public String getStatusCodeFirstLevel() { + return StatusCode.RESPONDER_URI; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASException#getStatusCodeSecondLevel() + */ + @Override + public String getStatusCodeSecondLevel() { + return StatusCode.AUTHN_FAILED_URI; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java new file mode 100644 index 000000000..5d7430dd7 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java @@ -0,0 +1,162 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.tasks; + +import java.io.InputStream; +import java.text.SimpleDateFormat; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.stereotype.Component; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAttributeException; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.XPathUtils; +import eu.eidas.auth.commons.IPersonalAttributeList; + +/** + * @author tlenz + * + */ +@Component("CreateIdentityLinkTask") +public class CreateIdentityLinkTask extends AbstractAuthServletTask { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, + HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try{ + defaultTaskInitialization(request, executionContext); + + //get eIDAS attributes from MOA-Session + IPersonalAttributeList eIDASAttributes = moasession.getGenericDataFromSession( + AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST, + IPersonalAttributeList.class); + + IdentityLink identityLink = null; + + //connect SZR-Gateway + //TODO: implement SZR-Gateway communication!!!! + if(true) { + + // create fake IdL + // - fetch IdL template from resources + InputStream s = CreateIdentityLinkTask.class.getResourceAsStream("/resources/xmldata/fakeIdL_IdL_template.xml"); + Element idlTemplate = DOMUtils.parseXmlValidating(s); + + identityLink = new IdentityLinkAssertionParser(idlTemplate).parseIdentityLink(); + + // replace data + Element idlassertion = identityLink.getSamlAssertion(); + + // - set bpk/wpbk; + Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); + if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + String eIdentifier = eIDASAttributes.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).getValue().get(0); + prIdentification.getFirstChild().setNodeValue(eIdentifier); + + // - set last name + Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH); + if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); + String familyName = eIDASAttributes.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME).getValue().get(0); + prFamilyName.getFirstChild().setNodeValue(familyName); + + // - set first name + Node prGivenName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH); + if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_CURRENTGIVENNAME)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); + String givenName = eIDASAttributes.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME).getValue().get(0); + prGivenName.getFirstChild().setNodeValue(givenName); + + // - set date of birth + Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH); + if(!eIDASAttributes.containsKey(Constants.eIDAS_ATTR_DATEOFBIRTH)) + throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); + String dateOfBirth = eIDASAttributes.get(Constants.eIDAS_ATTR_DATEOFBIRTH).getValue().get(0); + dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(new SimpleDateFormat("yyyyMMdd").parse(dateOfBirth)); + prDateOfBirth.getFirstChild().setNodeValue(dateOfBirth); + + identityLink = new IdentityLinkAssertionParser(idlassertion).parseIdentityLink(); + + //resign IDL + IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); + Element resignedilAssertion = identitylinkresigner.resignIdentityLink(identityLink.getSamlAssertion(), authConfig.getStorkFakeIdLResigningKey()); + identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink(); + + } else { + //contact SZR Gateway + Logger.debug("Starting connecting SZR Gateway"); + + //TODO:!!!!!! + + } + + Logger.debug("SZR communication was successfull"); + + if (identityLink == null) { + Logger.error("SZR Gateway did not return an identity link."); + throw new MOAIDException("stork.10", null); + } + + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED); + moasession.setForeigner(true); + moasession.setIdentityLink(identityLink); + moasession.setBkuURL("Not applicable (eIDASAuthentication)"); + + //store MOA-session to database + authenticatedSessionStorage.storeSession(moasession); + + } catch (eIDASAttributeException e) { + throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e); + + } catch (MOAIDException | MOADatabaseException e) { + throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e); + + } catch (Exception e) { + Logger.error("IdentityLink generation for foreign person FAILED.", e); + throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e); + + } + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java new file mode 100644 index 000000000..c82636a8f --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java @@ -0,0 +1,207 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.tasks; + +import java.io.StringWriter; +import java.util.Collection; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.BooleanUtils; +import org.apache.commons.lang3.StringUtils; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.CPEPS; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.logging.Logger; +import eu.eidas.auth.commons.EIDASAuthnRequest; +import eu.eidas.auth.commons.EIDASUtil; +import eu.eidas.auth.commons.EidasLoaCompareType; +import eu.eidas.auth.commons.EidasLoaLevels; +import eu.eidas.auth.commons.IPersonalAttributeList; +import eu.eidas.auth.commons.PersonalAttribute; +import eu.eidas.auth.commons.PersonalAttributeList; +import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.engine.core.eidas.SPType; +import eu.eidas.engine.exceptions.EIDASSAMLEngineException; + +/** + * @author tlenz + * + */ +@Component("GenerateAuthnRequestTask") +public class GenerateAuthnRequestTask extends AbstractAuthServletTask { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, + HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + + try{ + //get service-provider configuration + IOAAuthParameters oaConfig = pendingReq.getOnlineApplicationConfiguration(); + + // get target country + String citizenCountryCode = (String) executionContext.get(MOAIDAuthConstants.PARAM_CCC); + + if (StringUtils.isEmpty(citizenCountryCode)) { + // illegal state; task should not have been executed without a selected country + throw new AuthenticationException("eIDAS.03", new Object[] { "" }); + } + + CPEPS cpeps = authConfig.getStorkConfig().getCPEPS(citizenCountryCode); + if(null == cpeps) { + Logger.error("PEPS unknown for country", new Object[] {citizenCountryCode}); + throw new AuthenticationException("eIDAS.04", new Object[] {citizenCountryCode}); + } + Logger.debug("Found eIDaS Node/C-PEPS configuration for citizen of country: " + citizenCountryCode); + String destination = cpeps.getPepsURL().toString().split(";")[1].trim(); // FIXME convenience for metadata url and assertion destination + String metadataUrl = cpeps.getPepsURL().toString().split(";")[0].trim(); + + + //TODO: switch to entityID + revisionsLogger.logEvent(oaConfig, pendingReq, + MOAIDEventConstants.AUTHPROCESS_PEPS_SELECTED, + metadataUrl); + + // assemble requested attributes + Collection<StorkAttribute> attributesFromConfig = oaConfig.getRequestedSTORKAttributes(); + + // - prepare attribute list + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + // - fill container + for (StorkAttribute current : attributesFromConfig) { + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName(current.getName()); + + boolean globallyMandatory = false; + for (StorkAttribute currentGlobalAttribute : authConfig.getStorkConfig().getStorkAttributes()) + if (current.getName().equals(currentGlobalAttribute.getName())) { + globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.getMandatory()); + break; + } + + newAttribute.setIsRequired(current.getMandatory() || globallyMandatory); + pAttList.add(newAttribute); + } + + EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + + //build eIDAS AuthnRequest + EIDASAuthnRequest authnRequest = new EIDASAuthnRequest(); + authnRequest.setProviderName(pendingReq.getAuthURL()); + authnRequest.setPersonalAttributeList(pAttList); + + authnRequest.setIssuer(pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA); + + authnRequest.setDestination(destination); + authnRequest.setEidasNameidFormat(EIDASAuthnRequest.NAMEID_FORMAT_UNSPECIFIED); + authnRequest.setEidasLoA(EidasLoaLevels.LOW.stringValue()); + authnRequest.setEidasLoACompareType(EidasLoaCompareType.MINIMUM.stringValue()); + + //set correct SPType for this online application + if (oaConfig.getBusinessService()) + authnRequest.setSPType("private"); + else + authnRequest.setSPType(SPType.DEFAULT_VALUE); + + engine.initRequestedAttributes(pAttList); + authnRequest = engine.generateEIDASAuthnRequest(authnRequest); + + //encode AuthnRequest + byte[] token = authnRequest.getTokenSaml(); + String SAMLRequest = EIDASUtil.encodeSAMLToken(token); + + + //send + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/eidas_postbinding_template.vm"); + VelocityContext context = new VelocityContext(); + + String actionType = "SAMLRequest"; + context.put(actionType, SAMLRequest); + Logger.debug("Encoded " + actionType + " original: " + SAMLRequest); + + context.put("RelayState", pendingReq.getRequestID()); + + Logger.debug("Using assertion consumer url as action: " + destination); + context.put("action", destination); + + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + + response.setContentType("text/html;charset=UTF-8"); + response.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); + + revisionsLogger.logEvent(oaConfig, pendingReq, + MOAIDEventConstants.AUTHPROCESS_PEPS_REQUESTED, + authnRequest.getSamlId()); + + } catch (Exception e) { + Logger.error("Velocity general error: " + e.getMessage()); + throw new MOAIDException("eIDAS.02", new Object[]{e.getMessage()}, e); + + } + + }catch (EIDASSAMLEngineException e){ + throw new TaskExecutionException(pendingReq, "eIDAS AuthnRequest generation FAILED.", + new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e)); + + } catch (MOAIDException e) { + throw new TaskExecutionException(pendingReq, "eIDAS AuthnRequest generation FAILED.", e); + + } catch (Exception e) { + Logger.error("eIDAS AuthnRequest generation FAILED.", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java new file mode 100644 index 000000000..fae06031a --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java @@ -0,0 +1,121 @@ +package at.gv.egovernment.moa.id.auth.modules.eidas.tasks; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.opensaml.saml2.core.StatusCode; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASResponseNotSuccessException; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; +import eu.eidas.auth.commons.EIDASAuthnResponse; +import eu.eidas.auth.commons.EIDASUtil; +import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.engine.exceptions.EIDASSAMLEngineException; + +@Component("ReceiveAuthnResponseTask") +public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { + + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException { + + try{ + //get SAML Response + String base64SamlToken = request.getParameter("SAMLResponse"); + if (MiscUtil.isEmpty(base64SamlToken)) { + Logger.warn("No eIDAS SAMLReponse found in http request."); + throw new MOAIDException("HTTP request includes no eIDAS SAML-Response element.", null); + + } + + //get MOASession + defaultTaskInitialization(request, executionContext); + + //decode SAML response + byte[] decSamlToken = EIDASUtil.decodeSAMLToken(base64SamlToken); + + //get eIDAS SAML-engine + EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + + //validate SAML token + EIDASAuthnResponse samlResp = engine.validateEIDASAuthnResponse(decSamlToken, + request.getRemoteHost(), Constants.CONFIG_PROPS_SKEWTIME); + + boolean encryptedResponse=engine.isEncryptedSamlResponse(decSamlToken); + if (encryptedResponse) { + Logger.info("Received encrypted eIDAS SAML-Response."); + //TODO: check if additional decryption operation is required + + } + + //check response StatusCode + if (!samlResp.getStatusCode().equals(StatusCode.SUCCESS_URI)) { + Logger.info("Receice eIDAS Response with StatusCode:" + samlResp.getStatusCode() + + " Subcode:" + samlResp.getSubStatusCode() + " Msg:" + samlResp.getMessage()); + throw new eIDASResponseNotSuccessException("eIDAS.11", new Object[]{samlResp.getMessage()}); + + } + + //MOA-ID specific response validation + //TODO: implement MOA-ID specific response validation + + //update MOA-Session data with received information + Logger.debug("Store eIDAS response information into MOA-session."); + moasession.setQAALevel(samlResp.getAssuranceLevel()); + + moasession.setGenericDataToSession( + AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST, + new MOAPersonalAttributeList(samlResp.getPersonalAttributeList())); + + moasession.setGenericDataToSession( + AuthenticationSessionStorageConstants.eIDAS_RESPONSE, + decSamlToken); + + //set issuer nation as PVP attribute into MOASession + moasession.setGenericDataToSession(PVPConstants.EID_ISSUING_NATION_NAME, samlResp.getCountry()); + + //store MOA-session to database + authenticatedSessionStorage.storeSession(moasession); + + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, + MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED, + samlResp.getSamlId()); + + }catch (EIDASSAMLEngineException e) { + Logger.error("eIDAS AuthnRequest generation FAILED.", e); + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, + MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR); + throw new TaskExecutionException(pendingReq, "eIDAS AuthnRequest generation FAILED.", + new EIDASEngineException("eIDAS.09", new Object[]{e.getMessage()}, e)); + + } catch (MOADatabaseException e) { + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, + MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR); + throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", + new MOAIDException("init.04", new Object[]{""}, e)); + + } catch (Exception e) { + Logger.error("eIDAS Response processing FAILED.", e); + revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq, + MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR); + throw new TaskExecutionException(pendingReq, e.getMessage(), + new MOAIDException("eIDAS.10", new Object[]{e.getMessage()}, e)); + + } + + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAOrderedAttributeIterator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAOrderedAttributeIterator.java new file mode 100644 index 000000000..573163af0 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAOrderedAttributeIterator.java @@ -0,0 +1,66 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.utils; + +import java.util.Iterator; +import java.util.NoSuchElementException; + +import at.gv.egovernment.moa.logging.Logger; + +import eu.eidas.auth.commons.PersonalAttribute; +import eu.eidas.auth.commons.PersonalAttributeList; + + +/** + * @author tlenz + * + */ +public class MOAOrderedAttributeIterator implements Iterator<PersonalAttribute> { + + private MOAPersonalAttributeList pal; + private Iterator<String> keyIterator; + + public MOAOrderedAttributeIterator(MOAPersonalAttributeList palArg) { + this.pal = palArg; + keyIterator = palArg.getInsertOrder().iterator(); + } + + @Override + public boolean hasNext() { + return keyIterator.hasNext(); + } + + @Override + public PersonalAttribute next() { + if (!hasNext()) { + throw new NoSuchElementException(); + } + return pal.get(keyIterator.next()); + } + + @Override + public void remove() { + Logger.error("Not implemented"); + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAPersonalAttributeList.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAPersonalAttributeList.java new file mode 100644 index 000000000..5cc100b70 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAPersonalAttributeList.java @@ -0,0 +1,343 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.utils; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.StringTokenizer; +import java.util.concurrent.ConcurrentHashMap; + +import org.apache.commons.lang.StringUtils; + +import at.gv.egovernment.moa.logging.Logger; + +import eu.eidas.auth.commons.AttributeConstants; +import eu.eidas.auth.commons.AttributeUtil; +import eu.eidas.auth.commons.EIDASErrors; +import eu.eidas.auth.commons.EIDASParameters; +import eu.eidas.auth.commons.EIDASUtil; +import eu.eidas.auth.commons.EIDASValues; +import eu.eidas.auth.commons.IPersonalAttributeList; +import eu.eidas.auth.commons.PersonalAttribute; +import eu.eidas.auth.commons.exceptions.InternalErrorEIDASException; + +/** + * @author tlenz + * + */ +public final class MOAPersonalAttributeList extends + ConcurrentHashMap<String, PersonalAttribute> implements IPersonalAttributeList { + + /** + * + */ + private static final long serialVersionUID = -4488124133022713089L; + + public MOAPersonalAttributeList(IPersonalAttributeList eIDASAttributeList) { + super(); + Iterator<PersonalAttribute> element = eIDASAttributeList.iterator(); + while(element.hasNext()) + add(element.next()); + + } + + /** + * Hash with the latest fetched attribute name alias. + */ + private Map<String, Integer> latestAttrAlias = + new HashMap<String, Integer>(); + + /** + * Hash with mapping number of alias or the attribute name. + */ + private Map<String, Integer> attrAliasNumber = + new HashMap<String, Integer>(); + private List<String> insertOrder = new ArrayList<String>(); + + /** + * Obtain the insertOrder Collection + * + * @return defensive copy of the collection + */ + List<String> getInsertOrder() { + return Collections.unmodifiableList(this.insertOrder); + } + + /** + * Default constructor. + */ + public MOAPersonalAttributeList() { + super(); + + } + + /** + * Constructor with initial capacity for the PersonalAttributeList size. + * + * @param capacity The initial capacity for the PersonalAttributeList. + */ + public MOAPersonalAttributeList(final int capacity) { + super(capacity); + } + + /** + * {@inheritDoc} + */ + public Iterator<PersonalAttribute> iterator() { + return new MOAOrderedAttributeIterator(this); + } + + /** + * {@inheritDoc} + */ + public PersonalAttribute get(final Object key) { + String attrName = (String) key; + + if (this.latestAttrAlias == null) + this.latestAttrAlias = new HashMap<String, Integer>(); + + if (this.attrAliasNumber == null) + this.attrAliasNumber = new HashMap<String, Integer>(); + + if (this.latestAttrAlias.containsKey(key)) { + attrName = attrName + this.latestAttrAlias.get(key); + } else { + if (this.attrAliasNumber.containsKey(key)) { + this.latestAttrAlias.put(attrName, this.attrAliasNumber.get(key)); + } + } + return super.get(attrName); + } + + /** + * {@inheritDoc} + */ + public void add(final PersonalAttribute value) { + if (value != null) { + this.put(value.getName(), value); + } + } + + /** + * {@inheritDoc} + */ + public PersonalAttribute put(final String key, final PersonalAttribute val) { + if (StringUtils.isNotEmpty(key) && val != null) { + // Validate if attribute name already exists! + String attrAlias = key; + if (this.containsKey(attrAlias)) { + if (this.attrAliasNumber == null) + this.attrAliasNumber = new HashMap<String, Integer>(); + if (!val.isEmptyValue() && StringUtils.isNumeric(val.getValue().get(0))) { + final String attrValue = val.getValue().get(0); + attrAlias = key + attrValue; + this.attrAliasNumber.put(key, Integer.valueOf(attrValue)); + } else { + final PersonalAttribute attr = super.get(key); + if (!attr.isEmptyValue() + && StringUtils.isNumeric(attr.getValue().get(0))) { + attrAlias = key + attr.getValue().get(0); + super.put(key, (PersonalAttribute) attr); + this.attrAliasNumber.put(key, null); + } + } + } else { + if (insertOrder == null) + insertOrder = new ArrayList<String>(); + + insertOrder.add(key); + } + return super.put(attrAlias, val); + } else { + return null; + } + } + + @Override + public PersonalAttribute remove(Object key) { + insertOrder.remove(key); + return super.remove(key); + } + + /** + * {@inheritDoc} + */ + public void populate(final String attrList) { + final StringTokenizer strToken = + new StringTokenizer(attrList, EIDASValues.ATTRIBUTE_SEP.toString()); + + while (strToken.hasMoreTokens()) { + final PersonalAttribute persAttr = new PersonalAttribute(); + String[] tuples = + strToken.nextToken().split(EIDASValues.ATTRIBUTE_TUPLE_SEP.toString(), + AttributeConstants.NUMBER_TUPLES.intValue()); + + // Convert to the new format if needed! + tuples = convertFormat(tuples); + + if (AttributeUtil.hasValidTuples(tuples)) { + final int attrValueIndex = + AttributeConstants.ATTR_VALUE_INDEX.intValue(); + final String tmpAttrValue = + tuples[attrValueIndex].substring(1, + tuples[attrValueIndex].length() - 1); + final String[] vals = + tmpAttrValue.split(EIDASValues.ATTRIBUTE_VALUE_SEP.toString()); + + persAttr.setName(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()]); + persAttr.setIsRequired(Boolean + .valueOf(tuples[AttributeConstants.ATTR_TYPE_INDEX.intValue()])); + // check if it is a complex value + if (tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()] + .equals(EIDASParameters.COMPLEX_ADDRESS_VALUE.toString())) { + persAttr.setComplexValue(createComplexValue(vals)); + } else { + persAttr.setValue(createValues(vals)); + } + + if (tuples.length == AttributeConstants.NUMBER_TUPLES.intValue()) { + persAttr.setStatus(tuples[AttributeConstants.ATTR_STATUS_INDEX + .intValue()]); + } + this.put(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()], + persAttr); + + } else { + Logger.info("BUSINESS EXCEPTION : Invalid personal attribute list tuples"); + } + + } + } + + /** + * Returns a copy of this <tt>IPersonalAttributeList</tt> instance. + * + * @return The copy of this IPersonalAttributeList. + */ + public Object clone() { + try { + MOAPersonalAttributeList theClone= (MOAPersonalAttributeList)super.clone(); + theClone.insertOrder=new ArrayList<String>(insertOrder); + return theClone; + + } catch (CloneNotSupportedException e) { + throw new InternalErrorEIDASException( + EIDASUtil.getConfig(EIDASErrors.INTERNAL_ERROR.errorCode()), + EIDASUtil.getConfig(EIDASErrors.INTERNAL_ERROR.errorMessage()), e); + } + } + + /** + * Creates a string in the following format. + * + * attrName:attrType:[attrValue1,attrValue2=attrComplexValue]:attrStatus; + * + * @return {@inheritDoc} + */ + @Override + public String toString() { + final StringBuilder strBuilder = new StringBuilder(); + final Iterator<String> iteratorInsertOrder = insertOrder.iterator(); + while (iteratorInsertOrder.hasNext()) { + String key = iteratorInsertOrder.next(); + final PersonalAttribute attr = get(key); + strBuilder.append(attr.toString()); + if (isNumberAlias(key)) { + strBuilder.append(get(key).toString()); + } + } + return strBuilder.toString(); + } + + /** + * Validates and creates the attribute's complex values. + * + * @param values The complex values. + * @return The {@link Map} with the complex values. + * @see Map + */ + private Map<String, String> createComplexValue(final String[] values) { + final Map<String, String> complexValue = new HashMap<String, String>(); + for (final String val : values) { + final String[] tVal = val.split("="); + if (StringUtils.isNotEmpty(val) && tVal.length == 2) { + complexValue.put(tVal[0], AttributeUtil.unescape(tVal[1])); + } + } + return complexValue; + } + + /** + * Validates and creates the attribute values. + * + * @param vals The attribute values. + * @return The {@link List} with the attribute values. + * @see List + */ + private List<String> createValues(final String[] vals) { + final List<String> values = new ArrayList<String>(); + for (final String val : vals) { + if (StringUtils.isNotEmpty(val)) { + values.add(AttributeUtil.unescape(val)); + } + } + return values; + } + + ////////////////// + /** + * Converts the attribute tuple (attrName:attrType...) to the new format. + * + * @param tuples The attribute tuples to convert. + * @return The attribute tuples in the new format. + */ + private String[] convertFormat(final String[] tuples) { + final String[] newFormatTuples = + new String[AttributeConstants.NUMBER_TUPLES.intValue()]; + if (tuples != null) { + System.arraycopy(tuples, 0, newFormatTuples, 0, tuples.length); + + for (int i = tuples.length; i < newFormatTuples.length; i++) { + if (i == AttributeConstants.ATTR_VALUE_INDEX.intValue()) { + newFormatTuples[i] = "[]"; + } else { + newFormatTuples[i] = ""; + } + } + } + return newFormatTuples; + } + + public boolean isNumberAlias(String key) { + return this.attrAliasNumber.containsKey(key); + } + + + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java new file mode 100644 index 000000000..eeb8305cf --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java @@ -0,0 +1,77 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.eidas.utils; + +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.config.MOAIDCertificateManagerConfigurationImpl; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDAsExtensionProcessor; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; +import at.gv.egovernment.moa.logging.Logger; +import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.engine.core.ExtensionProcessorI; +import eu.eidas.engine.exceptions.EIDASSAMLEngineException; +import eu.eidas.samlengineconfig.CertificateConfigurationManager; + +/** + * @author tlenz + * + */ +public class SAMLEngineUtils { + + private static EIDASSAMLEngine eIDASEngine = null; + + public static synchronized EIDASSAMLEngine createSAMLEngine() throws EIDASEngineException{ + + if (eIDASEngine == null) { + try { + //get eIDAS SAMLengine configuration from MOA-ID configuration + CertificateConfigurationManager configManager = new MOAIDCertificateManagerConfigurationImpl(); + + //initial eIDAS SAMLengine + EIDASSAMLEngine engine = EIDASSAMLEngine.createSAMLEngine(Constants.eIDAS_SAML_ENGINE_NAME, + configManager); + + //set metadata management to eIDAS SAMLengine + engine.setMetadataProcessor( + new MOAeIDASMetadataProviderDecorator( + MOAeIDASChainingMetadataProvider.getInstance())); + + //set MOA specific extension processor + ExtensionProcessorI extensionProcessor = new MOAeIDAsExtensionProcessor(); + engine.setExtensionProcessor(extensionProcessor); + + eIDASEngine = engine; + + } catch (EIDASSAMLEngineException e) { + Logger.error("eIDAS SAMLengine initialization FAILED!", e); + throw new EIDASEngineException("eIDAS.00", new Object[]{e.getMessage()}, e); + + } + } + + return eIDASEngine; + } + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java new file mode 100644 index 000000000..563c3a18c --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java @@ -0,0 +1,108 @@ +package at.gv.egovernment.moa.id.protocols.eidas; + +import java.util.Collection; + +import org.springframework.beans.factory.config.BeanDefinition; +import org.springframework.context.annotation.Scope; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import eu.eidas.auth.commons.EIDASAuthnRequest; + +@Component("EIDASData") +@Scope(value = BeanDefinition.SCOPE_PROTOTYPE) +public class EIDASData extends RequestImpl { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 8765755670214923910L; + + /** The attributes requested by the eIDaS. */ + private MOAPersonalAttributeList attributes; + + /** The incoming eIDaS SAML2 AuthnRequest. */ + private EIDASAuthnRequest authnRequest; + + /** The ip address of the requester. */ + private String remoteIPAddress; + + private String remoteRelayState; + + @Override + public Collection<String> getRequestedAttributes() { + // TODO Auto-generated method stub + return null; + } + + /** + * Gets the eidas requested attributes. + * + * @return the requested attributes + */ + public MOAPersonalAttributeList getEidasRequestedAttributes() { + return (MOAPersonalAttributeList) attributes.clone(); + } + + /** + * Sets the eidas requested attributes. + * + * @param personalAttributeList the requested attributes + */ + public void setEidasRequestedAttributes(MOAPersonalAttributeList personalAttributeList) { + attributes = personalAttributeList; + } + + /** + * Gets the eidas request. + * + * @return the eidas request + */ + public EIDASAuthnRequest getEidasRequest() { + return authnRequest; + } + + /** + * Sets the eidas request. + * + * @param request the new eidas request + */ + public void setEidasRequest(EIDASAuthnRequest request) { + authnRequest = request; + } + + /** + * Gets the remote address. + * + * @return the remote address + */ + public String getRemoteAddress() { + return remoteIPAddress; + } + + /** + * Sets the remote address. + * + * @param remoteIP the new remote address + */ + public void setRemoteAddress(String remoteIP) { + remoteIPAddress = remoteIP; + } + + /** + * Gets the remote relay state. + * + * @return the remote relay state + */ + public String getRemoteRelayState() { + return remoteRelayState; + } + + /** + * Sets the remote relay state. + * + * @param relayState the new remote relay state + */ + public void setRemoteRelayState(String relayState) { + remoteRelayState = relayState; + } +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java new file mode 100644 index 000000000..24134f1d9 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java @@ -0,0 +1,339 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.protocols.eidas; + +import java.io.IOException; +import java.io.StringWriter; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.saml2.metadata.AssertionConsumerService; +import org.springframework.http.MediaType; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAuthnRequestProcessingException; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAuthnRequestValidationException; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASException; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; +import eu.eidas.auth.commons.EIDASAuthnRequest; +import eu.eidas.auth.commons.EIDASAuthnResponse; +import eu.eidas.auth.commons.EIDASUtil; +import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.engine.metadata.MetadataUtil; +import eu.eidas.engine.exceptions.EIDASSAMLEngineException; + +/** + * eIDAS Protocol Support for outbound authentication and metadata generation + * + * @author tlenz + */ +@Controller +public class EIDASProtocol extends AbstractAuthProtocolModulController { + + public static final String NAME = EIDASProtocol.class.getName(); + public static final String PATH = "eidas"; + + public EIDASProtocol() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '" + Constants.eIDAS_HTTP_ENDPOINT_METADATA + + "' and '" + Constants.eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST + + "' and '" + Constants.eIDAS_HTTP_ENDPOINT_IDP_POST +"'."); + + } + + public String getName() { + return NAME; + } + + public String getPath() { + return PATH; + } + + //eIDAS metadata end-point + @RequestMapping(value = "/eidas/metadata", method = {RequestMethod.GET}) + public void eIDASMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException { + + //create pendingRequest object + EIDASData pendingReq = applicationContext.getBean(EIDASData.class); + pendingReq.initialize(req); + pendingReq.setModule(NAME); + pendingReq.setNeedAuthentication(false); + pendingReq.setAuthenticated(false); + + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); + + + EidasMetaDataRequest metadataAction = applicationContext.getBean(EidasMetaDataRequest.class); + metadataAction.processRequest(pendingReq, + req, resp, null); + + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + Constants.eIDAS_REVERSIONSLOG_METADATA); + } + + + //PVP2.x IDP POST-Binding end-point + @RequestMapping(value = "/eidas/ColleagueRequest", method = {RequestMethod.POST}) + public void PVPIDPPostRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException { + + //create pending-request object + EIDASData pendingReq = applicationContext.getBean(EIDASData.class); + pendingReq.initialize(req); + pendingReq.setModule(NAME); + + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier()); + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier()); + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); + + //preProcess eIDAS request + preProcess(req, resp, pendingReq); + + revisionsLogger.logEvent(pendingReq, Constants.eIDAS_REVERSIONSLOG_IDP_AUTHREQUEST); + + //AuthnRequest needs authentication + pendingReq.setNeedAuthentication(true); + + //set protocol action, which should be executed after authentication + pendingReq.setAction(eIDASAuthenticationRequest.class.getName()); + + //switch to session authentication + performAuthentication(req, resp, pendingReq); + } + + /* + First request step - send it to BKU selection for user authentication. After the user credentials + and other info are obtained, in the second step the request will be processed and the user redirected + */ + private void preProcess(HttpServletRequest request, HttpServletResponse response, EIDASData pendingReq) throws MOAIDException { + + Logger.info("received an eIDaS request"); + + //get SAML Response and decode it + String base64SamlToken = request.getParameter("SAMLRequest"); + if (MiscUtil.isEmpty(base64SamlToken)) { + Logger.warn("No eIDAS SAMLRequest found in http request."); + throw new MOAIDException("HTTP request includes no eIDAS SAML-Request element.", null); + } + byte[] decSamlToken = EIDASUtil.decodeSAMLToken(base64SamlToken); + + try { + //get eIDAS SAML-engine + EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + + //validate SAML token + EIDASAuthnRequest samlReq = engine.validateEIDASAuthnRequest(decSamlToken); + + // - memorize remote ip + pendingReq.setRemoteAddress(request.getRemoteAddr()); + + // - memorize relaystate + String relayState = request.getParameter("RelayState"); + pendingReq.setRemoteRelayState(relayState); + + // - memorize country code of target country + pendingReq.setGenericDataToSession( + RequestImpl.eIDAS_GENERIC_REQ_DATA_COUNTRY, samlReq.getCountry()); + + // - memorize requested attributes + pendingReq.setEidasRequestedAttributes(new MOAPersonalAttributeList(samlReq.getPersonalAttributeList())); + + // - memorize whole request + samlReq.setPersonalAttributeList(pendingReq.getEidasRequestedAttributes()); // circumvent non-serializable eidas personal attribute list + pendingReq.setEidasRequest(samlReq); + + //validate destination against metadata + String reqDestination = samlReq.getDestination(); + if (MiscUtil.isNotEmpty(reqDestination)) { + boolean isValid = false; + List<AssertionConsumerService> allowedAssertionConsumerUrl = new MOAeIDASMetadataProviderDecorator(MOAeIDASChainingMetadataProvider.getInstance()) + .getSPSSODescriptor(samlReq.getIssuer()).getAssertionConsumerServices(); + + for (AssertionConsumerService el : allowedAssertionConsumerUrl) { + if (reqDestination.equals(el.getLocation())) + isValid = true; + + } + + if (!isValid) { + Logger.info("eIDAS AuthnRequest contains a not valid 'Destination' attribute"); + throw new eIDASAuthnRequestValidationException("stork.01", + new Object[]{"eIDAS AuthnRequest contains a not valid 'Destination' attribute"}); + } + + } + + + // - memorize OA url + pendingReq.setOAURL(samlReq.getIssuer()); + + // - memorize OA config + IOAAuthParameters oaConfig = authConfig.getOnlineApplicationParameter(pendingReq.getOAURL()); + if (oaConfig == null) + throw new eIDASAuthnRequestProcessingException("eIDAS.08", new Object[]{pendingReq.getOAURL()}); + + pendingReq.setOnlineApplicationConfiguration(oaConfig); + + String spType = samlReq.getSPType(); + if (MiscUtil.isEmpty(spType)) { + Logger.info("Load SPType from metadata ... IS NOT IMPLEMENTED YET!!!"); + //TODO: maybe implement this if required + + } + + Logger.debug("eIDAS request has SPType:" + spType); + + } catch (MOAIDException e) { + Logger.info("eIDAS AuthnRequest preProcessing FAILED. Msg:" + e.getMessage()); + throw e; + + } catch (EIDASSAMLEngineException e) { + Logger.info("eIDAS AuthnRequest preProcessing FAILED. Msg:" + e.getMessage()); + throw new eIDASAuthnRequestProcessingException("eIDAS.06", new Object[]{e.getMessage()}, e); + + } catch(Exception e) { + Logger.warn("eIDAS AuthnRequest preProcessing FAILED. Msg:" + e.getMessage(), e); + throw new eIDASAuthnRequestProcessingException("eIDAS.06", new Object[]{e.getMessage()}, e); + + } + } + + public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest pendingReq) throws Throwable { + if (pendingReq != null && pendingReq instanceof EIDASData) { + EIDASData eidasReq = (EIDASData) pendingReq; + if (eidasReq.getEidasRequest() == null) { + Logger.info("Can not build eIDAS ErrorResponse. No eIDAS AuthnRequest found."); + return false; + } + + try { + EIDASAuthnResponse eIDASResp = new EIDASAuthnResponse(); + eIDASResp.setIssuer(pendingReq.getAuthURL() + Constants.eIDAS_HTTP_ENDPOINT_METADATA); + + if (e instanceof eIDASException) { + eIDASResp.setStatusCode(((eIDASException) e).getStatusCodeFirstLevel()); + eIDASResp.setSubStatusCode(((eIDASException) e).getStatusCodeSecondLevel()); + eIDASResp.setMessage(e.getMessage()); + + } else if (e instanceof MOAIDException ) { + eIDASResp.setStatusCode(StatusCode.RESPONDER_URI); + eIDASResp.setSubStatusCode(StatusCode.AUTHN_FAILED_URI); + eIDASResp.setMessage(e.getMessage()); + + } else { + eIDASResp.setStatusCode(StatusCode.RESPONDER_URI); + eIDASResp.setSubStatusCode(StatusCode.AUTHN_FAILED_URI); + eIDASResp.setMessage(e.getMessage()); + + } + + + EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + + if(null == eidasReq.getEidasRequest().getAssertionConsumerServiceURL()) { + String assertionConsumerUrl = MetadataUtil.getAssertionUrlFromMetadata( + new MOAeIDASMetadataProviderDecorator(MOAeIDASChainingMetadataProvider.getInstance()), + engine, + eidasReq.getEidasRequest()); + eidasReq.getEidasRequest().setAssertionConsumerServiceURL(assertionConsumerUrl); + + } + //get eIDAS SAML-engine + + eIDASResp = engine.generateEIDASAuthnResponseFail(eidasReq.getEidasRequest(), eIDASResp, + eidasReq.getRemoteAddress(), true); + + String token = EIDASUtil.encodeSAMLToken(eIDASResp.getTokenSaml()); + + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + context.put("RelayState", eidasReq.getRemoteRelayState()); + + context.put("SAMLResponse", token); + Logger.debug("SAMLResponse original: " + token); + + Logger.debug("Putting assertion consumer url as action: " + eidasReq.getEidasRequest().getAssertionConsumerServiceURL()); + context.put("action", eidasReq.getEidasRequest().getAssertionConsumerServiceURL()); + Logger.trace("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.trace("Doing template merge"); + template.merge(context, writer); + Logger.trace("Template merge done"); + + Logger.trace("Sending html content : " + new String(writer.getBuffer())); + + response.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); + response.setContentType(MediaType.TEXT_HTML.getType()); + + return true; + + } catch (Exception e1 ) { + Logger.error("Generate eIDAS Error-Response failed.", e); + + } + + } + + return false; + } + + public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { + return false; + } +} + + diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java new file mode 100644 index 000000000..b4db5c83d --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java @@ -0,0 +1,162 @@ +/******************************************************************************* + * Copyright 2015 e-SENS project + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be + * approved by the European Commission - subsequent versions of + * the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: http://ec.europa.eu/idabc/eupl + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + *******************************************************************************/ +package at.gv.egovernment.moa.id.protocols.eidas; + +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.opensaml.saml2.metadata.ContactPerson; +import org.opensaml.saml2.metadata.Organization; +import org.springframework.http.MediaType; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.SLOInformationInterface; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.logging.Logger; +import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.engine.metadata.Contact; +import eu.eidas.auth.engine.metadata.MetadataConfigParams; +import eu.eidas.auth.engine.metadata.MetadataGenerator; +import eu.eidas.engine.exceptions.SAMLEngineException; + + +/** + * First version to provide some valid metadata to an asking eIDaS node + */ +@Service("EidasMetaDataRequest") +public class EidasMetaDataRequest implements IAction { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData) + */ + @Override + public SLOInformationInterface processRequest(IRequest req, + HttpServletRequest httpReq, HttpServletResponse httpResp, + IAuthData authData) throws MOAIDException { + + try { + String pubURLPrefix = req.getAuthURL(); + + String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA; + + String sp_return_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_SP_POST; + String metaData = generateMetadata(metadata_url, sp_return_url); + + Logger.trace(metaData); + + httpResp.setContentType(MediaType.APPLICATION_XML.getType()); + httpResp.getWriter().print(metaData); + httpResp.flushBuffer(); + } catch (Exception e) { + Logger.error("eIDAS Metadata generation FAILED.", e); + throw new MOAIDException("eIDAS.05", new Object[]{e.getMessage()}, e); + + } + + + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, + HttpServletResponse httpResp) { + return false; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName() + */ + @Override + public String getDefaultActionName() { + return "eIDAS-Metadata Action"; + + } + + public String generateMetadata(String metadata_url, String sp_return_url) throws SAMLEngineException, EIDASEngineException{ + String metadata="invalid metadata"; + + EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + + MetadataGenerator generator = new MetadataGenerator(); + MetadataConfigParams mcp=new MetadataConfigParams(); + generator.setConfigParams(mcp); + generator.initialize(engine); + + mcp.setEntityID(metadata_url); + mcp.setAssertionConsumerUrl(sp_return_url); + + + //TODO: make it configurable + mcp.setAuthnRequestsSigned(true); + mcp.setWantAssertionsSigned(true); + mcp.setAssuranceLevel("http://eidas.europa.eu/LoA/substantial"); + + //must be set in request, because it could be different for every online-application + //mcp.setSpType(SPType.DEFAULT_VALUE); + + mcp.setDigestMethods(Constants.METADATA_ALLOWED_ALG_DIGIST); + mcp.setSigningMethods(Constants.METADATA_ALLOWED_ALG_SIGN); + mcp.setEncryptionAlgorithms(Constants.METADATA_ALLOWED_ALG_ENCRYPT); + + //add organisation information from PVP metadata information + Organization pvpOrganisation = null; + try { + pvpOrganisation = PVPConfiguration.getInstance().getIDPOrganisation(); + Contact technicalContact = new Contact(); + + List<ContactPerson> contacts = PVPConfiguration.getInstance().getIDPContacts(); + if (contacts != null && contacts.size() >= 1) { + technicalContact.setEmail(contacts.get(0).getEmailAddresses().get(0).getAddress()); + technicalContact.setGivenName(contacts.get(0).getGivenName().getName()); + technicalContact.setSurName(contacts.get(0).getSurName().getName()); + technicalContact.setPhone(contacts.get(0).getTelephoneNumbers().get(0).getNumber()); + mcp.setTechnicalContact(technicalContact ); + + } + + if (pvpOrganisation != null) { + mcp.setNodeUrl(pvpOrganisation.getURLs().get(0).getURL().getLocalString()); + mcp.setCountryName("Austria"); + technicalContact.setCompany(pvpOrganisation.getDisplayNames().get(0).getName().getLocalString()); + } + + } catch (ConfigurationException | NullPointerException e) { + Logger.warn("Can not load Organisation or Contact from Configuration", e); + + } + + generator.addSPRole(); + generator.addIDPRole(); + + metadata = generator.generateMetadata(); + return metadata; + } +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java new file mode 100644 index 000000000..9943cc5fb --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java @@ -0,0 +1,189 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.protocols.eidas; + +import java.io.StringWriter; +import java.text.SimpleDateFormat; +import java.util.Map.Entry; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.MediaType; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; +import at.gv.egovernment.moa.id.auth.modules.eidas.Constants; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider; +import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; +import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.SLOInformationInterface; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.logging.Logger; +import eu.eidas.auth.commons.EIDASAuthnResponse; +import eu.eidas.auth.commons.EIDASStatusCode; +import eu.eidas.auth.commons.EIDASUtil; +import eu.eidas.auth.commons.PersonalAttribute; +import eu.eidas.auth.engine.EIDASSAMLEngine; +import eu.eidas.auth.engine.metadata.MetadataUtil; + + +/** + * Second request step - after authentication of the user is done and moasession obtained, + * process request and forward the user further to PEPS and/or other entities + * + * @author tlenz + */ + +@Service("eIDASAuthenticationRequest") +public class eIDASAuthenticationRequest implements IAction { + + @Autowired protected MOAReversionLogger revisionsLogger; + + @Override + public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { + EIDASData eidasRequest; + if(req instanceof EIDASData) + eidasRequest = (EIDASData) req; + else + throw new MOAIDException("got wrong IRequest type. is: {}, should be: {}", new String[] {req.getClass().toString(), EIDASData.class.toString()}); + + + // gather attributes + MOAPersonalAttributeList resultingAttributeList = (MOAPersonalAttributeList) eidasRequest.getEidasRequestedAttributes().clone(); + + for(Entry<String, PersonalAttribute> current : resultingAttributeList.entrySet()) { + String newValue = ""; + + // TODO make use of proper builder + switch(current.getKey()) { + case Constants.eIDAS_ATTR_DATEOFBIRTH: newValue = new SimpleDateFormat("YYYY-MM-dd").format(authData.getDateOfBirth()); break; + case Constants.eIDAS_ATTR_CURRENTFAMILYNAME: newValue = authData.getFamilyName();break; + case Constants.eIDAS_ATTR_CURRENTGIVENNAME: newValue = authData.getGivenName();break; + + //TODO: change bPK builder !!!!!! + case Constants.eIDAS_ATTR_PERSONALIDENTIFIER: newValue = authData.getBPK(); break; + } + + if("".equals(newValue)) + current.getValue().setStatus(EIDASStatusCode.STATUS_NOT_AVAILABLE.toString()); + else { + current.getValue().getValue().clear(); + current.getValue().getValue().add(newValue); + current.getValue().setStatus(EIDASStatusCode.STATUS_AVAILABLE.toString()); + } + } + + // construct eIDaS response + EIDASAuthnResponse response = new EIDASAuthnResponse(); + response.setPersonalAttributeList(resultingAttributeList); + + // - create metadata url + String pubURLPrefix = req.getAuthURL(); + String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA; + response.setIssuer(metadata_url); + + response.setAssuranceLevel(authData.getEIDASQAALevel()); + + String token = null; + try { + EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + + // encryption is done by the SamlEngine, i.e. by the module we provide in the config + // but we need to set the appropriate request issuer + engine.setRequestIssuer(eidasRequest.getEidasRequest().getIssuer()); + + + if(null == eidasRequest.getEidasRequest().getAssertionConsumerServiceURL()) { + String assertionConsumerUrl = MetadataUtil.getAssertionUrlFromMetadata( + new MOAeIDASMetadataProviderDecorator(MOAeIDASChainingMetadataProvider.getInstance()), + engine, + eidasRequest.getEidasRequest()); + eidasRequest.getEidasRequest().setAssertionConsumerServiceURL(assertionConsumerUrl); + + } + + response = engine.generateEIDASAuthnResponse(eidasRequest.getEidasRequest(), response, eidasRequest.getRemoteAddress(), true); + + + token = EIDASUtil.encodeSAMLToken(response.getTokenSaml()); + + } catch(Exception e) { + e.printStackTrace(); + } + + revisionsLogger.logEvent(req, Constants.eIDAS_REVERSIONSLOG_IDP_AUTHREQUEST); + + // send the response + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + context.put("RelayState", eidasRequest.getRemoteRelayState()); + + context.put("SAMLResponse", token); + Logger.debug("SAMLResponse original: " + token); + + Logger.debug("Putting assertion consumer url as action: " + eidasRequest.getEidasRequest().getAssertionConsumerServiceURL()); + context.put("action", eidasRequest.getEidasRequest().getAssertionConsumerServiceURL()); + Logger.trace("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.trace("Doing template merge"); + template.merge(context, writer); + Logger.trace("Template merge done"); + + Logger.trace("Sending html content : " + new String(writer.getBuffer())); + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); + httpResp.setContentType(MediaType.TEXT_HTML.getType()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + + return null; + } + + @Override + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + return true; + } + + @Override + public String getDefaultActionName() { + return "eIDAS_AuthnRequest"; + } + + +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..cd2416a91 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.modules.eidas.eIDASAuthenticationSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/at/gv/egovernment/moa/id/auth/modules/eidas/eIDAS.Authentication.process.xml b/id/server/modules/moa-id-module-eIDAS/src/main/resources/at/gv/egovernment/moa/id/auth/modules/eidas/eIDAS.Authentication.process.xml new file mode 100644 index 000000000..4ff64e76d --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/at/gv/egovernment/moa/id/auth/modules/eidas/eIDAS.Authentication.process.xml @@ -0,0 +1,18 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="eIDASAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + + + <pd:Task id="createAuthnRequest" class="GenerateAuthnRequestTask" /> + <pd:Task id="receiveAuthnResponse" class="ReceiveAuthnResponseTask" async="true" /> + <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" /> + <pd:Task id="generateIdentityLink" class="CreateIdentityLinkTask" /> + + <pd:StartEvent id="start" /> + <pd:Transition from="start" to="createAuthnRequest" /> + <pd:Transition from="createAuthnRequest" to="receiveAuthnResponse" /> + <pd:Transition from="receiveAuthnResponse" to="generateIdentityLink" /> + <pd:Transition from="generateIdentityLink" to="finalizeAuthentication" /> + <pd:Transition from="finalizeAuthentication" to="end" /> + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/at/gv/egovernment/moa/id/auth/modules/eidas/eIDAS.authmodule.beans.xml b/id/server/modules/moa-id-module-eIDAS/src/main/resources/at/gv/egovernment/moa/id/auth/modules/eidas/eIDAS.authmodule.beans.xml new file mode 100644 index 000000000..0e1b60fe7 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/at/gv/egovernment/moa/id/auth/modules/eidas/eIDAS.authmodule.beans.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"> + + <context:annotation-config /> + + <bean id="eIDASAuthModule" class="at.gv.egovernment.moa.id.auth.modules.eidas.eIDASAuthenticationModulImpl"> + <property name="priority" value="1" /> + </bean> + +</beans> diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/moaid_eidas_auth.beans.xml b/id/server/modules/moa-id-module-eIDAS/src/main/resources/moaid_eidas_auth.beans.xml new file mode 100644 index 000000000..5d79d082a --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/moaid_eidas_auth.beans.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="eIDASSignalServlet" + class="at.gv.egovernment.moa.id.auth.modules.eidas.eIDASSignalServlet"/> + + <bean id="EIDASProtocol" + class="at.gv.egovernment.moa.id.protocols.eidas.EIDASProtocol"/> + +<!-- Authentication Process Tasks --> + <bean id="GenerateAuthnRequestTask" + class="at.gv.egovernment.moa.id.auth.modules.eidas.tasks.GenerateAuthnRequestTask" + scope="prototype"/> + + <bean id="ReceiveAuthnResponseTask" + class="at.gv.egovernment.moa.id.auth.modules.eidas.tasks.ReceiveAuthnResponseTask" + scope="prototype"/> + + <bean id="CreateIdentityLinkTask" + class="at.gv.egovernment.moa.id.auth.modules.eidas.tasks.CreateIdentityLinkTask" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/resources/resources/templates/eidas_postbinding_template.vm b/id/server/modules/moa-id-module-eIDAS/src/main/resources/resources/templates/eidas_postbinding_template.vm new file mode 100644 index 000000000..3bd225b00 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/resources/templates/eidas_postbinding_template.vm @@ -0,0 +1,41 @@ +## +## Velocity Template for SAML 2 HTTP-POST binding +## +## Velocity context may contain the following properties +## action - String - the action URL for the form +## RelayState - String - the relay state for the message +## SAMLRequest - String - the Base64 encoded SAML Request +## SAMLResponse - String - the Base64 encoded SAML Response +## Contains target attribute to delegate PEPS authentication out of iFrame + +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> + </head> + + <body onload="document.forms[0].submit()"> + <noscript> + <p> + <strong>Note:</strong> Since your browser does not support JavaScript, + you must press the Continue button once to proceed. + </p> + </noscript> + + <form action="${action}" method="post" target="_top"> + <div> + #if($RelayState)<input type="hidden" name="RelayState" value="${RelayState}"/>#end + + #if($SAMLRequest)<input type="hidden" name="SAMLRequest" value="${SAMLRequest}"/>#end + + #if($SAMLResponse)<input type="hidden" name="SAMLResponse" value="${SAMLResponse}"/>#end + + </div> + <noscript> + <div> + <input type="submit" value="Continue"/> + </div> + </noscript> + </form> + + </body> +</html>
\ No newline at end of file diff --git a/id/server/modules/module-stork/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml b/id/server/modules/moa-id-module-eIDAS/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml index 09084a34f..09084a34f 100644 --- a/id/server/modules/module-stork/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml +++ b/id/server/modules/moa-id-module-eIDAS/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml diff --git a/id/server/modules/moa-id-module-elga_mandate_service/.gitignore b/id/server/modules/moa-id-module-elga_mandate_service/.gitignore new file mode 100644 index 000000000..b83d22266 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/.gitignore @@ -0,0 +1 @@ +/target/ diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml new file mode 100644 index 000000000..3b5d1ba66 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml @@ -0,0 +1,47 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>${moa-id-version}</version> + </parent> + <artifactId>moa-id-module-elga_mandate_service</artifactId> + <version>${moa-id-module-elga_mandate_client}</version> + <name>ELGA mandate-service client</name> + <description>This authentication module implements a + client to integrate ELGA mandates in the MOA-ID identification and authentication process. + </description> + <organization> + <name>EGIZ</name> + <url>https://www.egiz.gv.at</url> + </organization> + <developers> + <developer> + <name>Thomas Lenz</name> + <organization>EGIZ</organization> + <email>thomas.lenz@egiz.gv.at</email> + </developer> + </developers> + + <properties> + <repositoryPath>${basedir}/../../../../repository</repositoryPath> + </properties> + + <dependencies> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + <exclusions> + <exclusion> + <groupId>*</groupId> + </exclusion> + </exclusions> + </dependency> + </dependencies> + +</project>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java new file mode 100644 index 000000000..7ca4590bb --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java @@ -0,0 +1,116 @@ +package at.gv.egovernment.moa.id.auth.modules.elgamandates; +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import at.gv.egovernment.moa.id.data.Pair; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; + +/** + * @author tlenz + * + */ +public class ELGAMandatesAuthConstants { + + public static final String MODULE_NAME_FOR_LOGGING = "ELGA Mandate-Service"; + + public static final int METADATA_VALIDUNTIL_IN_HOURS = 24; + + //Service endpoint definitions + public static final String ENDPOINT_POST = "/sp/elga_mandate/post"; + public static final String ENDPOINT_REDIRECT = "/sp/elga_mandate/redirect"; + public static final String ENDPOINT_METADATA = "/sp/elga_mandate/metadata"; + + public static final String TEMPLATE_MANDATE_SERVICE_SELECTION = "/mandate-service-selection.html"; + + //configuration properties + public static final String CONFIG_PROPS_PREFIX = "modules.elga_mandate."; + + public static final String CONFIG_PROPS_SUBJECTNAMEID_TARGET = CONFIG_PROPS_PREFIX + "nameID.target"; + + public static final String CONFIG_PROPS_ENTITYID = CONFIG_PROPS_PREFIX + "service.entityID"; + public static final String CONFIG_PROPS_METADATAURL = CONFIG_PROPS_PREFIX + "service.metadataurl"; + public static final String CONFIG_PROPS_METADATA_TRUSTPROFILE = CONFIG_PROPS_PREFIX + "service.metadata.trustprofileID"; + public static final String CONFIG_PROPS_ALLOWED_MANDATE_TYPES = CONFIG_PROPS_PREFIX + "service.mandateprofiles"; + + public static final String CONFIG_PROPS_KEYSTORE = CONFIG_PROPS_PREFIX + "keystore.path"; + public static final String CONFIG_PROPS_KEYSTOREPASSWORD = CONFIG_PROPS_PREFIX + "keystore.password"; + public static final String CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD = CONFIG_PROPS_PREFIX + "metadata.sign.password"; + public static final String CONFIG_PROPS_SIGN_METADATA_ALIAS_PASSWORD = CONFIG_PROPS_PREFIX + "metadata.sign.alias"; + public static final String CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD = CONFIG_PROPS_PREFIX + "request.sign.password"; + public static final String CONFIG_PROPS_SIGN_SIGNING_ALIAS_PASSWORD = CONFIG_PROPS_PREFIX + "request.sign.alias"; + public static final String CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD = CONFIG_PROPS_PREFIX + "response.encryption.password"; + public static final String CONFIG_PROPS_ENCRYPTION_ALIAS_PASSWORD = CONFIG_PROPS_PREFIX + "response.encryption.alias"; + + + /** + * + * Get required PVP attributes + * First : PVP attribute name (OID) + * Second: FriendlyName + * + */ + public static final List<Pair<String, String>> REQUIRED_PVP_ATTRIBUTES = + Collections.unmodifiableList(new ArrayList<Pair<String, String>>() { + private static final long serialVersionUID = 1L; + { + //add PVP Version attribute + add(Pair.newInstance(PVPConstants.PVP_VERSION_NAME, PVPConstants.PVP_VERSION_FRIENDLY_NAME)); + + //request mandate type + add(Pair.newInstance(PVPConstants.MANDATE_TYPE_NAME, PVPConstants.MANDATE_TYPE_FRIENDLY_NAME)); + + //request attributes for natural mandators + add(Pair.newInstance(PVPConstants.MANDATE_NAT_PER_BPK_NAME, PVPConstants.MANDATE_NAT_PER_BPK_FRIENDLY_NAME)); + add(Pair.newInstance(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME, PVPConstants.MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME)); + add(Pair.newInstance(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME, PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME)); + add(Pair.newInstance(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME, PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME)); + + //request reference_value + add(Pair.newInstance(PVPConstants.MANDATE_REFERENCE_VALUE_NAME, PVPConstants.MANDATE_REFERENCE_VALUE_FRIENDLY_NAME)); + } + }); + + + public static final String CONFIG_DEFAULT_QAA_STORK_LEVEL = "http://www.stork.gov.eu/1.0/citizenQAALevel/4"; + public static final String CONFIG_DEFAULT_QAA_SECCLASS_LEVEL = "http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3"; + + public static final String SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE = "rc"; + public static final String SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI = "http://egiz.gv.at/namespace/subjectconformationdate/elga"; + public static final String SUBJECTCONFORMATIONDATE_ELEMENT_ROOT = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":Representative"; + public static final String SUBJECTCONFORMATIONDATE_ELEMENT_FAMILYNAME = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":FamilyName"; + public static final String SUBJECTCONFORMATIONDATE_ELEMENT_GIVENNAME = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":GivenName"; + public static final String SUBJECTCONFORMATIONDATE_ELEMENT_DATEOFBIRTH = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":DateOfBirth"; + + public static List<String> getRequiredAttributeNames() { + List<String> list = new ArrayList<String>(); + for (Pair<String, String> el : REQUIRED_PVP_ATTRIBUTES) + list.add(el.getFirst()); + return list; + } + + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java new file mode 100644 index 000000000..c2efe5bfc --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java @@ -0,0 +1,86 @@ +package at.gv.egovernment.moa.id.auth.modules.elgamandates; +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * This authentication module extens the default citizen + * + * @author tlenz + * + */ +public class ELGAMandatesAuthModuleImpl extends DefaultCitizenCardAuthModuleImpl { + + @Autowired private AuthConfiguration authConfig; + + private int priority = 0; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() + */ + @Override + public int getPriority() { + return priority; + } + + @Override + public String selectProcess(ExecutionContext context) { + String selectedProcessID = super.selectProcess(context); + + //check if BKU authentication is selected and ELGA-MandateService is configurated + if (MiscUtil.isNotEmpty(selectedProcessID)) { + if (MiscUtil.isNotEmpty(authConfig.getBasicMOAIDConfiguration( + ELGAMandatesAuthConstants.CONFIG_PROPS_ENTITYID))) + return "DefaultAuthenticationWithELGAMandates"; + + } + + return selectedProcessID; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/elgamandates/DefaultAuth_with_ELGA_mandates.process.xml" }; + } + + /** + * @param priority the priority to set + */ + public void setPriority(int priority) { + this.priority = priority; + + } + + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesSpringResourceProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesSpringResourceProvider.java new file mode 100644 index 000000000..649e8e5f5 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesSpringResourceProvider.java @@ -0,0 +1,64 @@ +package at.gv.egovernment.moa.id.auth.modules.elgamandates; +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +/** + * @author tlenz + * + */ +public class ELGAMandatesSpringResourceProvider implements SpringResourceProvider { + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() + */ + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource elgaAuthConfig = new ClassPathResource("/moaid_elga_mandate_client_auth.beans.xml", ELGAMandatesSpringResourceProvider.class); + + return new Resource[] {elgaAuthConfig}; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan() + */ + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName() + */ + @Override + public String getName() { + return "MOA-ID Auth-module 'ELGA Mandate-Client'"; + } + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java new file mode 100644 index 000000000..5743590f9 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java @@ -0,0 +1,313 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.config; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.NameIDType; +import org.opensaml.saml2.metadata.ContactPerson; +import org.opensaml.saml2.metadata.Organization; +import org.opensaml.saml2.metadata.RequestedAttribute; +import org.opensaml.xml.security.credential.Credential; + +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandatesCredentialProvider; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.data.Pair; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class ELGAMandatesMetadataConfiguration implements IPVPMetadataBuilderConfiguration { + + private String authURL; + private ELGAMandatesCredentialProvider credentialProvider; + + public ELGAMandatesMetadataConfiguration(String authURL, ELGAMandatesCredentialProvider credentialProvider) { + this.authURL = authURL; + this.credentialProvider = credentialProvider; + + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getMetadataValidUntil() + */ + @Override + public int getMetadataValidUntil() { + return ELGAMandatesAuthConstants.METADATA_VALIDUNTIL_IN_HOURS; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildEntitiesDescriptorAsRootElement() + */ + @Override + public boolean buildEntitiesDescriptorAsRootElement() { + return false; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildIDPSSODescriptor() + */ + @Override + public boolean buildIDPSSODescriptor() { + return false; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildSPSSODescriptor() + */ + @Override + public boolean buildSPSSODescriptor() { + return true; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEntityIDPostfix() + */ + @Override + public String getEntityID() { + return authURL + ELGAMandatesAuthConstants.ENDPOINT_METADATA; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEntityFriendlyName() + */ + @Override + public String getEntityFriendlyName() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getContactPersonInformation() + */ + @Override + public List<ContactPerson> getContactPersonInformation() { + try { + return PVPConfiguration.getInstance().getIDPContacts(); + + } catch (ConfigurationException e) { + Logger.warn("Can not load Metadata entry: Contect Person", e); + return null; + + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getOrgansiationInformation() + */ + @Override + public Organization getOrgansiationInformation() { + try { + return PVPConfiguration.getInstance().getIDPOrganisation(); + + } catch (ConfigurationException e) { + Logger.warn("Can not load Metadata entry: Organisation", e); + return null; + + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getMetadataSigningCredentials() + */ + @Override + public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPMetaDataSigningCredential(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getRequestorResponseSigningCredentials() + */ + @Override + public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPAssertionSigningCredential(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEncryptionCredentials() + */ + @Override + public Credential getEncryptionCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPAssertionEncryptionCredential(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPWebSSOPostBindingURL() + */ + @Override + public String getIDPWebSSOPostBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPWebSSORedirectBindingURL() + */ + @Override + public String getIDPWebSSORedirectBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPSLOPostBindingURL() + */ + @Override + public String getIDPSLOPostBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPSLORedirectBindingURL() + */ + @Override + public String getIDPSLORedirectBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAssertionConsumerServicePostBindingURL() + */ + @Override + public String getSPAssertionConsumerServicePostBindingURL() { + return authURL + ELGAMandatesAuthConstants.ENDPOINT_POST; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAssertionConsumerServiceRedirectBindingURL() + */ + @Override + public String getSPAssertionConsumerServiceRedirectBindingURL() { + return authURL + ELGAMandatesAuthConstants.ENDPOINT_REDIRECT; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLOPostBindingURL() + */ + @Override + public String getSPSLOPostBindingURL() { + //return authURL + ELGAMandatesAuthConstants.ENDPOINT_POST; + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLORedirectBindingURL() + */ + @Override + public String getSPSLORedirectBindingURL() { + //return authURL + ELGAMandatesAuthConstants.ENDPOINT_REDIRECT; + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLOSOAPBindingURL() + */ + @Override + public String getSPSLOSOAPBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPPossibleAttributes() + */ + @Override + public List<Attribute> getIDPPossibleAttributes() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPPossibleNameITTypes() + */ + @Override + public List<String> getIDPPossibleNameITTypes() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPRequiredAttributes() + */ + @Override + public List<RequestedAttribute> getSPRequiredAttributes() { + List<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>(); + + for (Pair<String, String> el : ELGAMandatesAuthConstants.REQUIRED_PVP_ATTRIBUTES) + requestedAttributes.add(PVPAttributeBuilder.buildReqAttribute(el.getFirst(), el.getSecond(), true)); + + return requestedAttributes; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAllowedNameITTypes() + */ + @Override + public List<String> getSPAllowedNameITTypes() { + return Arrays.asList(NameIDType.PERSISTENT); + + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#getSPNameForLogging() + */ + @Override + public String getSPNameForLogging() { + return ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAssertionSigned() + */ + @Override + public boolean wantAssertionSigned() { + return true; + + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAuthnRequestSigned() + */ + @Override + public boolean wantAuthnRequestSigned() { + return true; + + } +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java new file mode 100644 index 000000000..b67d263fc --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java @@ -0,0 +1,303 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.config; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.opensaml.Configuration; +import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; +import org.opensaml.saml2.core.NameID; +import org.opensaml.saml2.core.SubjectConfirmation; +import org.opensaml.saml2.core.SubjectConfirmationData; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.xml.io.Marshaller; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.credential.Credential; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class ELGAMandatesRequestBuilderConfiguration implements IPVPAuthnRequestBuilderConfiguruation { + + private boolean isPassive = false; + private String SPEntityID = null; + private String QAA_Level = null; + private EntityDescriptor idpEntity = null; + private Credential signCred = null; + private String subjectNameID = null; + private String subjectNameIDQualifier = null; + private String requestID = null; + private Element subjectConformationDate = null; + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#isPassivRequest() + */ + @Override + public Boolean isPassivRequest() { + return this.isPassive; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getAssertionConsumerServiceId() + */ + @Override + public Integer getAssertionConsumerServiceId() { + return 0; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getEntityID() + */ + @Override + public String getSPEntityID() { + return this.SPEntityID; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getNameIDPolicy() + */ + @Override + public String getNameIDPolicyFormat() { + return NameID.PERSISTENT; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getNameIDPolicy() + */ + @Override + public boolean getNameIDPolicyAllowCreation() { + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getAuthnContextClassRef() + */ + @Override + public String getAuthnContextClassRef() { + return this.QAA_Level; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getAuthnContextComparison() + */ + @Override + public AuthnContextComparisonTypeEnumeration getAuthnContextComparison() { + return AuthnContextComparisonTypeEnumeration.MINIMUM; + } + + /** + * @param isPassive the isPassive to set + */ + public void setPassive(boolean isPassive) { + this.isPassive = isPassive; + } + + /** + * @param sPEntityID the sPEntityID to set + */ + public void setSPEntityID(String sPEntityID) { + SPEntityID = sPEntityID; + } + + /** + * @param qAA_Level the qAA_Level to set + */ + public void setQAA_Level(String qAA_Level) { + QAA_Level = qAA_Level; + } + + /** + * @param idpEntity the idpEntity to set + */ + public void setIdpEntity(EntityDescriptor idpEntity) { + this.idpEntity = idpEntity; + } + + /** + * @param signCred the signCred to set + */ + public void setSignCred(Credential signCred) { + this.signCred = signCred; + } + + + /** + * @param subjectNameID the subjectNameID to set + */ + public void setSubjectNameID(String subjectNameID) { + this.subjectNameID = subjectNameID; + } + + + + /** + * @param requestID the requestID to set + */ + public void setRequestID(String requestID) { + this.requestID = requestID; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getAuthnRequestSigningCredential() + */ + @Override + public Credential getAuthnRequestSigningCredential() { + return this.signCred; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getIDPEntityDescriptor() + */ + @Override + public EntityDescriptor getIDPEntityDescriptor() { + return this.idpEntity; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectNameID() + */ + @Override + public String getSubjectNameID() { + return this.subjectNameID; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSPNameForLogging() + */ + @Override + public String getSPNameForLogging() { + return ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectNameIDFormat() + */ + @Override + public String getSubjectNameIDFormat() { + return NameID.PERSISTENT; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getRequestID() + */ + @Override + public String getRequestID() { + return this.requestID; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectNameIDQualifier() + */ + @Override + public String getSubjectNameIDQualifier() { + return this.subjectNameIDQualifier; + } + + /** + * @param subjectNameIDQualifier the subjectNameIDQualifier to set + */ + public void setSubjectNameIDQualifier(String subjectNameIDQualifier) { + this.subjectNameIDQualifier = subjectNameIDQualifier; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationMethode() + */ + @Override + public String getSubjectConformationMethode() { + return SubjectConfirmation.METHOD_BEARER; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationDate() + */ + @Override + public Element getSubjectConformationDate() { + return subjectConformationDate; + } + + /** + * @param subjectConformationDate the subjectConformationDate to set + */ + public void setSubjectConformationDate(String givenName, String familyName, String dateOfBirth) { + try { + Logger.trace("Build 'SubjectConfirmationData' for ELGA Mandate-Service request ..."); + //build empty 'SubjectConfirmationData' element + SubjectConfirmationData subjectConformDate = SAML2Utils.createSAMLObject(SubjectConfirmationData.class); + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setNamespaceAware(true); + DocumentBuilder builder = dbf.newDocumentBuilder(); + Document doc = builder.newDocument(); + + Marshaller out = Configuration.getMarshallerFactory() + .getMarshaller(subjectConformDate); + out.marshall(subjectConformDate, doc); + + //build root element for personal information + Element rootDom = doc.createElementNS( + ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI, + ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_ROOT); + rootDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE); + rootDom.setAttributeNS("http://www.w3.org/2000/xmlns/", + "xmlns:" + ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE, + ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI); + + //build personal information + Element familyNameDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_FAMILYNAME); + Element givenNameDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_GIVENNAME); + Element dateOfBirthDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_DATEOFBIRTH); + familyNameDom.setTextContent(familyName); + givenNameDom.setTextContent(givenName); + dateOfBirthDom.setTextContent(dateOfBirth); + + //add personal information to 'SubjectConfirmationData' element + doc.getFirstChild().appendChild(rootDom); + rootDom.appendChild(givenNameDom); + rootDom.appendChild(familyNameDom); + rootDom.appendChild(dateOfBirthDom); + + this.subjectConformationDate = doc.getDocumentElement(); + Logger.trace("'SubjectConfirmationData' for ELGA Mandate-Service is complete"); + + } catch (ParserConfigurationException | MarshallingException e) { + Logger.error("Can not generate 'SubjectConformationDate' for " + + ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING); + + } + + + } + + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java new file mode 100644 index 000000000..29bc5ee12 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java @@ -0,0 +1,97 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.controller; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.config.ELGAMandatesMetadataConfiguration; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandatesCredentialProvider; +import at.gv.egovernment.moa.id.auth.servlet.AbstractController; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPMetadataBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Controller +public class ELGAMandateMetadataController extends AbstractController { + + @Autowired PVPMetadataBuilder metadatabuilder; + @Autowired AuthConfiguration authConfig; + @Autowired ELGAMandatesCredentialProvider credentialProvider; + + public ELGAMandateMetadataController() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '" + ELGAMandatesAuthConstants.ENDPOINT_METADATA + + "'."); + + } + + @RequestMapping(value = "/sp/elga_mandate/metadata", + method = {RequestMethod.GET}) + public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException { + //check PublicURL prefix + try { + String authURL = HTTPUtils.extractAuthURLFromRequest(req); + if (!authConfig.getPublicURLPrefix().contains(authURL)) { + resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL"); + return; + + } else { + //initialize metadata builder configuration + IPVPMetadataBuilderConfiguration metadataConfig = + new ELGAMandatesMetadataConfiguration(authURL, credentialProvider); + + //build metadata + String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig); + + //write response + resp.setContentType("text/xml"); + resp.getOutputStream().write(xmlMetadata.getBytes("UTF-8")); + resp.getOutputStream().close(); + + } + + } catch (Exception e) { + Logger.warn("Build federated-authentication PVP metadata FAILED.", e); + handleErrorNoRedirect(e, req, resp, false); + + } + + } + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java new file mode 100644 index 000000000..585e72c2f --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java @@ -0,0 +1,67 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.controller; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.StringEscapeUtils; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.auth.servlet.AbstractProcessEngineSignalController; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Controller +public class ELGAMandateSignalController extends AbstractProcessEngineSignalController { + + public ELGAMandateSignalController() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '" + ELGAMandatesAuthConstants.ENDPOINT_POST + + "' and '" + ELGAMandatesAuthConstants.ENDPOINT_REDIRECT + "'."); + + } + + @RequestMapping(value = { "/sp/elga_mandate/post", + "/sp/elga_mandate/redirect" + }, + method = {RequestMethod.POST, RequestMethod.GET}) + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + signalProcessManagement(req, resp); + + } + + public String getPendingRequestId(HttpServletRequest request) { + return StringEscapeUtils.escapeHtml4(request.getParameter("RelayState")); + + } +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/exceptions/ELGAMetadataException.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/exceptions/ELGAMetadataException.java new file mode 100644 index 000000000..d27353809 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/exceptions/ELGAMetadataException.java @@ -0,0 +1,49 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.exceptions; + +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; + +/** + * @author tlenz + * + */ +public class ELGAMetadataException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 1L; + + /** + * @param messageId + * @param parameters + */ + public ELGAMetadataException(String messageId, Object[] parameters) { + super(messageId, parameters); + } + + public ELGAMetadataException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + } +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java new file mode 100644 index 000000000..f05446771 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java @@ -0,0 +1,126 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateUtils; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Component("EvaluateMandateServiceTask") +public class EvaluateMandateServiceTask extends AbstractAuthServletTask { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try { + boolean useMIS = getUserConfermationFromRequest(request, MOAIDAuthConstants.PARAM_USEMISMANDATE); + boolean useELGA = getUserConfermationFromRequest(request, MOAIDAuthConstants.PARAM_USEELGAMANDATE); + + //check if both mandate Services are requested + if ( useMIS && useELGA ) { + Logger.error("Can not use MIS-MandateService and ELGA-MandateService twince"); + throw new MOAIDException("validator.73", null); + + } + + //select next process step + if (useELGA) { + //validate service-provider again + if (!ELGAMandateUtils.checkServiceProviderAgainstELGAModulConfigration(authConfig, pendingReq)) { + Logger.info("Service-Provider: " + pendingReq.getOnlineApplicationConfiguration().getPublicURLPrefix() + + " does not fulfill requirements to use ELGA-MandateService."); + throw new MOAIDException("service.10", new Object[]{ + ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, + "No valid mandate-profile defined"}); + + } + + executionContext.put(MOAIDAuthConstants.PARAM_USEELGAMANDATE, useELGA); + Logger.debug("ELGA Mandate-Service is selected. Initialize service communication ... "); + + } else if(useMIS) { + executionContext.put(MOAIDAuthConstants.PARAM_USEMISMANDATE, useMIS); + Logger.debug("MIS Mandate-Service is selected. Initialize service communication ... "); + + + } else { + //mark pending-request as aborted + Logger.info("No Mandate-Service is selected. Abort authentication process ... "); + pendingReq.setAbortedByUser(true); + pendingReq.setAuthenticated(false); + + //store pending-request + requestStoreage.storePendingRequest(pendingReq); + + //redirect to protocol finalization + performRedirectToProtocolFinialization(pendingReq, response); + + } + + } catch (MOAIDException e) { + Logger.info("Evaluation of Mandate-Service selection FAILED. Reason:" + e.getMessage()); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (Exception e) { + Logger.info("Mandate-Service selection evaluation: General Exception. Msg:" + e.getMessage()); + throw new TaskExecutionException(pendingReq, "ELGA mandate-service: General Exception.", e); + + } + + } + + private boolean getUserConfermationFromRequest(HttpServletRequest httpReq, String paramName) throws WrongParametersException { + String paramString = httpReq.getParameter(paramName); + paramString = StringEscapeUtils.escapeHtml(paramString); + if (!ParamValidatorUtils.isValidUseMandate(paramString)) + throw new WrongParametersException("Mandate-Service selection-evaluation", paramName, null); + + if (MiscUtil.isNotEmpty(paramString)) + return Boolean.parseBoolean(paramString); + + else + return false; + + } +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java new file mode 100644 index 000000000..5604b7640 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java @@ -0,0 +1,306 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks; + +import java.io.IOException; +import java.util.Set; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.transform.TransformerException; + +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.ws.message.decoder.MessageDecodingException; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; +import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateServiceMetadataProvider; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandatesCredentialProvider; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnResponseValidationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; +import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Component("ReceiveElgaMandateResponseTask") +public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask { + + @Autowired SAMLVerificationEngineSP samlVerificationEngine; + @Autowired ELGAMandatesCredentialProvider credentialProvider; + @Autowired ELGAMandateServiceMetadataProvider metadataProvider; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + InboundMessage msg = null; + + try { + IDecoder decoder = null; + MOAURICompare comperator = null; + //select Response Binding + if (request.getMethod().equalsIgnoreCase("POST")) { + decoder = new PostBinding(); + comperator = new MOAURICompare(pendingReq.getAuthURL() + + ELGAMandatesAuthConstants.ENDPOINT_POST); + Logger.debug("Receive PVP Response from ELGA mandate-service, by using POST-Binding."); + + } else if (request.getMethod().equalsIgnoreCase("GET")) { + decoder = new RedirectBinding(); + comperator = new MOAURICompare(pendingReq.getAuthURL() + + ELGAMandatesAuthConstants.ENDPOINT_REDIRECT); + Logger.debug("Receive PVP Response from ELGA mandate-service, by using Redirect-Binding."); + + } else { + Logger.warn("Receive PVP Response, but Binding (" + + request.getMethod() + ") is not supported."); + throw new AuthnResponseValidationException("sp.pvp2.03", + new Object[] {ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING}); + + } + + //decode PVP response object + msg = (InboundMessage) decoder.decode(request, response, metadataProvider, true, + comperator); + + if (MiscUtil.isEmpty(msg.getEntityID())) { + throw new InvalidProtocolRequestException("sp.pvp2.04", + new Object[] {ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING}); + + } + + //validate response signature + if(!msg.isVerified()) { + samlVerificationEngine.verify(msg, + TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider)); + msg.setVerified(true); + + } + + Logger.debug("PVP Response from ELGA mandate-service is cryptographically valid."); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_RECEIVED_IP, request.getRemoteAddr()); + + + //validate assertion + MOAResponse processedMsg = preProcessAuthResponse((MOAResponse) msg); + + //write ELGA mandate information into MOASession + AssertionAttributeExtractor extractor = + new AssertionAttributeExtractor(processedMsg.getResponse()); + + //check if all attributes are include + if (!extractor.containsAllRequiredAttributes( + ELGAMandatesAuthConstants.getRequiredAttributeNames())) { + Logger.warn("PVP Response from ELGA mandate-service contains not all requested attributes."); + throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING}); + + } + + + + //load MOASession object + defaultTaskInitialization(request, executionContext); + + //validate receive mandate reference-value + //TODO: update if ReferenceValue Discussion is finished + String responseRefValue = extractor.getSingleAttributeValue(PVPConstants.MANDATE_REFERENCE_VALUE_NAME); + if (!moasession.getMandateReferenceValue().equals(responseRefValue)) { + Logger.warn("PVP Response from ELGA mandate-service contains a not valid MandateReferenceValue."); + throw new AssertionValidationExeption("sp.pvp2.07", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, + PVPConstants.MANDATE_REFERENCE_VALUE_FRIENDLY_NAME}); + + } + + Logger.debug("Validation of PVP Response from ELGA mandate-service is complete."); + + Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames(); + for (String el : includedAttrNames) { + moasession.setGenericDataToSession(el, extractor.getSingleAttributeValue(el)); + Logger.debug("Add PVP-attribute " + el + " into MOASession"); + + } + + //store MOASession + authenticatedSessionStorage.storeSession(moasession); + + //write revisions log entry + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_RECEIVED, + extractor.getSingleAttributeValue(PVPConstants.MANDATE_REFERENCE_VALUE_NAME)); + + //write mandate info's to revisions log + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_TYPE, + extractor.getSingleAttributeValue(PVPConstants.MANDATE_TYPE_NAME)); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_TYPE, + MOAReversionLogger.NAT_PERSON); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_HASH, + revisionsLogger.buildPersonInformationHash( + extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME), + extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME), + extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME))); + + Logger.info("Receive a valid assertion from ELGA mandate-service " + msg.getEntityID()); + + } catch (MessageDecodingException | SecurityException e) { + String samlRequest = request.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID PVP Response from ELGA mandate-service: " + samlRequest, e); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_ERROR_RECEIVED); + throw new TaskExecutionException(pendingReq, + "Receive INVALID PVP Response from ELGA mandate-service", + new AuthnResponseValidationException("sp.pvp2.12", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, e.getMessage()}, + e)); + + } catch (IOException | MarshallingException | TransformerException e) { + Logger.warn("Processing PVP response from ELGA mandate-service FAILED.", e); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_ERROR_RECEIVED); + throw new TaskExecutionException(pendingReq, + "Processing PVP response from ELGA mandate-service FAILED.", + new AuthnResponseValidationException("sp.pvp2.12", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, e.getMessage()}, + e)); + + } catch (CredentialsNotAvailableException e) { + Logger.error("ELGA mandate-service: PVP response decrytion FAILED. No credential found.", e); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_ERROR_RECEIVED); + throw new TaskExecutionException(pendingReq, "ELGA mandate-service: PVP response decrytion FAILED. No credential found.", e); + + } catch (AssertionValidationExeption | AuthnResponseValidationException e) { + Logger.info("ELGA mandate-service: PVP response validation FAILED. Msg:" + e.getMessage()); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_ERROR_RECEIVED, e.getMessageId()); + throw new TaskExecutionException(pendingReq, "ELGA mandate-service: PVP response validation FAILED.", e); + + } catch (Exception e) { + Logger.info("ELGA mandate-service: General Exception. Msg:" + e.getMessage()); + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_ERROR_RECEIVED); + throw new TaskExecutionException(pendingReq, "ELGA mandate-service: General Exception.", e); + + } + + } + + /** + * PreProcess AuthResponse and Assertion + * @param msg + * @throws TransformerException + * @throws MarshallingException + * @throws IOException + * @throws CredentialsNotAvailableException + * @throws AssertionValidationExeption + * @throws AuthnResponseValidationException + */ + private MOAResponse preProcessAuthResponse(MOAResponse msg) throws IOException, MarshallingException, TransformerException, AssertionValidationExeption, CredentialsNotAvailableException, AuthnResponseValidationException { + Logger.debug("Start PVP-2.1 assertion processing... "); + Response samlResp = (Response) msg.getResponse(); + + //validate 'inResponseTo' attribute + String authnReqID = pendingReq.getGenericData( + PVPTargetConfiguration.DATAID_INTERFEDERATION_REQUESTID, String.class); + String inResponseTo = samlResp.getInResponseTo(); + + if (MiscUtil.isEmpty(authnReqID) || MiscUtil.isEmpty(inResponseTo) || + !authnReqID.equals(inResponseTo)) { + Logger.info("Validation of request/response IDs FAILED." + + " ReqID:" + authnReqID + " InRespTo:" + inResponseTo); + throw new AuthnResponseValidationException("sp.pvp2.07", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, + "'InResponseTo'"}); + + } + + // check SAML2 response status-code + if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { + //validate PVP 2.1 assertion + samlVerificationEngine.validateAssertion(samlResp, true, + credentialProvider.getIDPAssertionEncryptionCredential(), + pendingReq.getAuthURL() + ELGAMandatesAuthConstants.ENDPOINT_METADATA, + ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING); + + msg.setSAMLMessage(SAML2Utils.asDOMDocument(samlResp).getDocumentElement()); + return msg; + + } else { + String errorMsg = "No error message"; + StatusCode firstCode = samlResp.getStatus().getStatusCode(); + + //get errormessage from response + if (samlResp.getStatus().getStatusMessage() != null && + MiscUtil.isNotEmpty(samlResp.getStatus().getStatusMessage().getMessage())) + errorMsg = samlResp.getStatus().getStatusMessage().getMessage(); + + //extract response status-codes + if (firstCode.getStatusCode() == null) { + Logger.info("Receive StatusCode:" + firstCode.getValue() + " | Msg:" + errorMsg + + " from federated IDP."); + throw new AuthnResponseValidationException("sp.pvp2.05", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, + samlResp.getIssuer().getValue(), + firstCode.getValue(), + samlResp.getStatus().getStatusMessage().getMessage()}); + + } else { + StatusCode secondCode = firstCode.getStatusCode(); + Logger.info("Receive StatusCode:" + firstCode.getValue() + " -> StatusCode:" + secondCode.getValue() + + " | Msg:" + errorMsg + " from federated IDP."); + throw new AuthnResponseValidationException("sp.pvp2.09", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, + samlResp.getIssuer().getValue(), + firstCode.getValue(), + secondCode.getValue(), + samlResp.getStatus().getStatusMessage().getMessage()}); + + } + + } + + } + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java new file mode 100644 index 000000000..6a7858575 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java @@ -0,0 +1,196 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks; + +import java.security.NoSuchAlgorithmException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.provider.MetadataProviderException; +import org.opensaml.ws.message.encoder.MessageEncodingException; +import org.opensaml.xml.security.SecurityException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.config.ELGAMandatesRequestBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.exceptions.ELGAMetadataException; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateServiceMetadataProvider; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandatesCredentialProvider; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAuthnRequestBuilder; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Component("RequestELGAMandateTask") +public class RequestELGAMandateTask extends AbstractAuthServletTask { + + @Autowired PVPAuthnRequestBuilder authnReqBuilder; + @Autowired ELGAMandatesCredentialProvider credential; + @Autowired AuthConfiguration authConfig; + @Autowired ELGAMandateServiceMetadataProvider metadataService; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try{ + // get IDP entityID + String elgaMandateServiceEntityID = authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_ENTITYID); + + if (MiscUtil.isEmpty(elgaMandateServiceEntityID)) { + Logger.info("Connect ELGA Mandate-Service FAILED -> not EntityID found!"); + throw new TaskExecutionException(pendingReq, "Connect ELGA Mandate-Service FAILED", + new MOAIDException("service.10", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, "Not EntityID found"})); + + } + + //load metadata with metadataURL, as backup + String metadataURL = authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_METADATAURL); + if (MiscUtil.isNotEmpty(metadataURL)) { + Logger.warn("Use not recommended metadata-provider initialization!" + + " SAML2 'Well-Known-Location' is the preferred methode."); + Logger.info("Initialize ELGA Mandate-Service metadata-provider with URL:" + metadataURL); + metadataService.initialize(metadataURL); + + } + + //load IDP SAML2 entitydescriptor + EntityDescriptor entityDesc = metadataService.getEntityDescriptor(elgaMandateServiceEntityID); + + //load MOASession from database + defaultTaskInitialization(request, executionContext); + + //setup AuthnRequestBuilder configuration + ELGAMandatesRequestBuilderConfiguration authnReqConfig = new ELGAMandatesRequestBuilderConfiguration(); + authnReqConfig.setIdpEntity(entityDesc); + authnReqConfig.setPassive(false); + authnReqConfig.setSignCred(credential.getIDPAssertionSigningCredential()); + authnReqConfig.setSPEntityID(pendingReq.getAuthURL() + ELGAMandatesAuthConstants.ENDPOINT_METADATA); + + //set bPK of representative + String representativeBPK = null; + + String configTarget = authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_SUBJECTNAMEID_TARGET); + if (MiscUtil.isEmpty(configTarget)) { + Logger.warn("Connect ELGA Mandate-Service FAILED -> No bPK-Type for SubjectNameID found."); + throw new MOAIDException("service.10", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, "No bPK-Type for SubjectNameID found in configuration."}); + + } else { + if (!configTarget.startsWith(Constants.URN_PREFIX_CDID)) { + Logger.warn("Connect ELGA Mandate-Service FAILED -> bPK-Type for SubjectNameID has wrong format."); + throw new MOAIDException("service.10", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, "bPK-Type for SubjectNameID has wrong format."}); + + } + } + + //check if identityLink exists in moaSession DAO + if (moasession.getIdentityLink() == null) { + Logger.error("Connect ELGA Mandate-Service FAILED -> NO identityLink in moaSession DAO"); + throw new MOAIDException("service.10", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, "NO identityLink in moaSession DAO."}); + + } + + String sourcePinType = moasession.getIdentityLink().getIdentificationType(); + String sourcePinValue = moasession.getIdentityLink().getIdentificationValue(); + if (sourcePinType.startsWith(Constants.URN_PREFIX_BASEID)) { + representativeBPK = new BPKBuilder().buildBPK(sourcePinValue, configTarget); + + } else { + Logger.debug("No 'SourcePin' found for representative. " + + "Check sourcePinType against target from configuration."); + if (!configTarget.equals(sourcePinType)) { + Logger.warn("Connect ELGA Mandate-Service FAILED -> Generate bPK for configurated bPK-Type is not possible."); + throw new MOAIDException("service.10", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, "Generate bPK for configurated bPK-Type is not possible."}); + + } else { + representativeBPK = sourcePinValue; + + } + } + + //set bPK of representative as SAML2 subjectNameID + authnReqConfig.setSubjectNameID(representativeBPK ); + authnReqConfig.setSubjectNameIDQualifier(configTarget); + + //set MandateReferenceValue as RequestID + authnReqConfig.setRequestID(moasession.getMandateReferenceValue()); + pendingReq.setGenericDataToSession( + PVPTargetConfiguration.DATAID_INTERFEDERATION_REQUESTID, + authnReqConfig.getRequestID()); + + //set SubjectConformationDate + authnReqConfig.setSubjectConformationDate( + moasession.getIdentityLink().getGivenName(), + moasession.getIdentityLink().getFamilyName(), + moasession.getIdentityLink().getDateOfBirth()); + + //store pending-request + requestStoreage.storePendingRequest(pendingReq); + + //build and transmit AuthnRequest + authnReqBuilder.buildAuthnRequest(pendingReq, authnReqConfig , response); + + //write revisions log entry + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_ELGA_MANDATE_SERVICE_REQUESTED, moasession.getMandateReferenceValue()); + + } catch (MetadataProviderException e) { + throw new TaskExecutionException(pendingReq, "ELGA Mandate-Service metadata problem", new ELGAMetadataException("service.10", + new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, e.getMessage()}, e)); + + } catch (MOAIDException e) { + throw new TaskExecutionException(pendingReq, "Build PVP2.1 AuthnRequest for ELGA Mandate-Service FAILED.", e); + + } catch (MessageEncodingException | NoSuchAlgorithmException | SecurityException e) { + Logger.error("Build PVP2.1 AuthnRequest for ELGA Mandate-Service FAILED", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (Exception e) { + Logger.error("Build PVP2.1 AuthnRequest for ELGA Mandate-Service FAILED", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + } + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java new file mode 100644 index 000000000..8d6ac1762 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java @@ -0,0 +1,95 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.frontend.builder.ServiceProviderSpecificGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateUtils; +import at.gv.egovernment.moa.id.auth.servlet.GeneralProcessEngineSignalController; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Component("SelectMandateServiceTask") +public class SelectMandateServiceTask extends AbstractAuthServletTask { + + @Autowired IGUIFormBuilder guiBuilder; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try { + //check if Service-Provider allows ELGA-mandates + if (ELGAMandateUtils.checkServiceProviderAgainstELGAModulConfigration(authConfig, pendingReq)) { + Logger.trace("Build GUI for mandate-service selection ..."); + + IGUIBuilderConfiguration config = new ServiceProviderSpecificGUIFormBuilderConfiguration( + pendingReq, + ELGAMandatesAuthConstants.TEMPLATE_MANDATE_SERVICE_SELECTION, + GeneralProcessEngineSignalController.ENDPOINT_GENERIC); + + guiBuilder.build(response, config, "Mandate-Service selection"); + + Logger.debug("GUI for mandate-service selection is generated. Wait for user interaction ... "); + + } else { + //service-provider does not allow ELGA-mandates --> switch to MIS mandate-service + Logger.debug("Service-Provider does not allow ELGA Mandate-Service. --> Select MIS Mandate-Service as Default."); + executionContext.put(MOAIDAuthConstants.PARAM_USEMISMANDATE, true); + + } + + } catch (GUIBuildException e) { + Logger.warn("Can not build GUI:'Mandate-Service selection'. Msg:" + e.getMessage()); + throw new TaskExecutionException(pendingReq, + "Can not build GUI. Msg:" + e.getMessage(), + new MOAIDException("builder.09", new Object[]{e.getMessage()}, e)); + + } catch (Exception e) { + Logger.info("Mandate-Service selection: General Exception. Msg:" + e.getMessage()); + throw new TaskExecutionException(pendingReq, "ELGA mandate-service: General Exception.", e); + + } + + } + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java new file mode 100644 index 000000000..c9485104b --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java @@ -0,0 +1,223 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.utils; + +import java.util.List; + +import javax.xml.namespace.QName; + +import org.opensaml.saml2.metadata.EntitiesDescriptor; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.RoleDescriptor; +import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.saml2.metadata.provider.MetadataProviderException; +import org.opensaml.xml.XMLObject; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.SimpleMOAMetadataProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MOASPMetadataSignatureFilter; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter; +import at.gv.egovernment.moa.id.saml2.MetadataFilterChain; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ + +@Service("ELGAMandate_MetadataProvider") +public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvider { + + @Autowired AuthConfiguration authConfig; + + private HTTPMetadataProvider metadataProvider = null; + + + public void initialize(String metadataURL) throws MetadataProviderException { + if (metadataProvider == null) { + internalInitialize(metadataURL); + + } else { + Logger.info("ELGA Mandate-Service metadata-provider is already initialized."); + + } + + } + + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#requireValidMetadata() + */ + @Override + public boolean requireValidMetadata() { + if (metadataProvider == null) { + Logger.fatal("ELGA Mandate-Service metadata-provider is not initialized"); + return false; + + } else + return metadataProvider.requireValidMetadata(); + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#setRequireValidMetadata(boolean) + */ + @Override + public void setRequireValidMetadata(boolean requireValidMetadata) { + if (metadataProvider == null) { + Logger.fatal("ELGA Mandate-Service metadata-provider is not initialized"); + + } else + metadataProvider.setRequireValidMetadata(requireValidMetadata);; + + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getMetadataFilter() + */ + @Override + public MetadataFilter getMetadataFilter() { + if (metadataProvider == null) { + Logger.fatal("ELGA Mandate-Service metadata-provider is not initialized"); + return null; + + } else + return metadataProvider.getMetadataFilter(); + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#setMetadataFilter(org.opensaml.saml2.metadata.provider.MetadataFilter) + */ + @Override + public void setMetadataFilter(MetadataFilter newFilter) throws MetadataProviderException { + Logger.fatal("Set Metadata Filter is not implemented her!"); + + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getMetadata() + */ + @Override + public XMLObject getMetadata() throws MetadataProviderException { + if (metadataProvider == null) { + Logger.error("ELGA Mandate-Service metadata-provider is not initialized"); + throw new MetadataProviderException("ELGA Mandate-Service metadata-provider is not initialized"); + + } + + return metadataProvider.getMetadata(); + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getEntitiesDescriptor(java.lang.String) + */ + @Override + public EntitiesDescriptor getEntitiesDescriptor(String name) throws MetadataProviderException { + if (metadataProvider == null) { + Logger.fatal("ELGA Mandate-Service metadata-provider is not initialized"); + throw new MetadataProviderException("ELGA Mandate-Service metadata-provider is not initialized"); + + } else + return metadataProvider.getEntitiesDescriptor(name); + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getEntityDescriptor(java.lang.String) + */ + @Override + public EntityDescriptor getEntityDescriptor(String entityID) throws MetadataProviderException { + if (metadataProvider == null) + internalInitialize(entityID); + + try { + EntityDescriptor entityDesc = metadataProvider.getEntityDescriptor(entityID); + if (entityDesc == null) { + Logger.error("ELGA Mandate-Service Client ERROR: No EntityID with "+ entityID); + throw new MetadataProviderException("No EntityID with "+ entityID); + } + + return entityDesc; + + } catch (MetadataProviderException e) { + Logger.error("ELGA Mandate-Service Client ERROR: Metadata extraction FAILED.", e); + throw new MetadataProviderException("Metadata extraction FAILED", e); + + } + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getRole(java.lang.String, javax.xml.namespace.QName) + */ + @Override + public List<RoleDescriptor> getRole(String entityID, QName roleName) throws MetadataProviderException { + if (metadataProvider == null) + internalInitialize(entityID); + + return metadataProvider.getRole(entityID, roleName); + } + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getRole(java.lang.String, javax.xml.namespace.QName, java.lang.String) + */ + @Override + public RoleDescriptor getRole(String entityID, QName roleName, String supportedProtocol) + throws MetadataProviderException { + if (metadataProvider == null) + internalInitialize(entityID); + + return metadataProvider.getRole(entityID, roleName, supportedProtocol); + } + + private synchronized void internalInitialize(String metdataURL) throws MetadataProviderException { + if (metadataProvider == null) { + Logger.info("Initialize PVP MetadataProvider to connect ELGA Mandate-Service"); + + String trustProfileID = authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_METADATA_TRUSTPROFILE); + if (MiscUtil.isEmpty(trustProfileID)) { + Logger.error("Create ELGA Mandate-Service Client FAILED: No trustProfileID to verify PVP metadata." ); + throw new MetadataProviderException("No trustProfileID to verify PVP metadata."); + } + + //create metadata validation filter chain + MetadataFilterChain filter = new MetadataFilterChain(); + filter.addFilter(new SchemaValidationFilter(true)); + filter.addFilter(new MOASPMetadataSignatureFilter(trustProfileID)); + + metadataProvider = createNewHTTPMetaDataProvider(metdataURL, + filter, + ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING); + + if (metadataProvider == null) { + Logger.error("Create ELGA Mandate-Service Client FAILED."); + throw new MetadataProviderException("Can not initialize ELGA Mandate-Service metadaa provider."); + + } + + metadataProvider.setRequireValidMetadata(true); + } + } +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateUtils.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateUtils.java new file mode 100644 index 000000000..03f8fa195 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateUtils.java @@ -0,0 +1,59 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.utils; + +import java.util.List; + +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; + +/** + * @author tlenz + * + */ +public class ELGAMandateUtils { + /** + * Check Service-Provider mandate-profiles against allowed mandate-profiles for ELGA MandateService. + * + * @return true, if ELGA mandateservice is allowed, otherwise false + */ + public static boolean checkServiceProviderAgainstELGAModulConfigration(AuthConfiguration authConfig, IRequest pendingReq) { + String allowedMandateTypesCSV = + authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_ALLOWED_MANDATE_TYPES); + List<String> allowedMandateTypes = KeyValueUtils.getListOfCSVValues(allowedMandateTypesCSV); + List<String> spMandateProfiles = pendingReq.getOnlineApplicationConfiguration().getMandateProfiles(); + + boolean isELGAMandateServiceAllowed = false; + if (spMandateProfiles != null) { + for (String el : allowedMandateTypes) { + if (spMandateProfiles.contains(el)) + isELGAMandateServiceAllowed = true; + + } + } + + return isELGAMandateServiceAllowed; + } +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandatesCredentialProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandatesCredentialProvider.java new file mode 100644 index 000000000..f5bcdb70b --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandatesCredentialProvider.java @@ -0,0 +1,123 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.elgamandates.utils; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider; +import at.gv.egovernment.moa.util.FileUtils; + +/** + * @author tlenz + * + */ +@Service("ELGAMandatesCredentialProvider") +public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider { + + @Autowired AuthConfiguration authConfig; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getKeyStoreFilePath() + */ + @Override + public String getKeyStoreFilePath() { + return FileUtils.makeAbsoluteURL( + authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_KEYSTORE), + authConfig.getRootConfigFileDir()); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getKeyStorePassword() + */ + @Override + public String getKeyStorePassword() { + return authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_KEYSTOREPASSWORD).trim(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getMetadataKeyAlias() + */ + @Override + public String getMetadataKeyAlias() { + return authConfig.getBasicMOAIDConfiguration( + ELGAMandatesAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getMetadataKeyPassword() + */ + @Override + public String getMetadataKeyPassword() { + return authConfig.getBasicMOAIDConfiguration( + ELGAMandatesAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getSignatureKeyAlias() + */ + @Override + public String getSignatureKeyAlias() { + return authConfig.getBasicMOAIDConfiguration( + ELGAMandatesAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getSignatureKeyPassword() + */ + @Override + public String getSignatureKeyPassword() { + return authConfig.getBasicMOAIDConfiguration( + ELGAMandatesAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getEncryptionKeyAlias() + */ + @Override + public String getEncryptionKeyAlias() { + return authConfig.getBasicMOAIDConfiguration( + ELGAMandatesAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getEncryptionKeyPassword() + */ + @Override + public String getEncryptionKeyPassword() { + return authConfig.getBasicMOAIDConfiguration( + ELGAMandatesAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getCredentialName() + */ + @Override + public String getFriendlyName() { + return "FederatedAuth-SP"; + } + +} diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..1ebc153ce --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/at/gv/egovernment/moa/id/auth/modules/elgamandates/DefaultAuth_with_ELGA_mandates.process.xml b/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/at/gv/egovernment/moa/id/auth/modules/elgamandates/DefaultAuth_with_ELGA_mandates.process.xml new file mode 100644 index 000000000..4dee1160e --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/at/gv/egovernment/moa/id/auth/modules/elgamandates/DefaultAuth_with_ELGA_mandates.process.xml @@ -0,0 +1,71 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="DefaultAuthenticationWithELGAMandates" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + +<!-- + - National authentication with Austrian Citizen Card and mobile signature with our without mandate. + - Legacy authentication for foreign citizens using MOCCA supported signature cards. +--> + <pd:Task id="initializeBKUAuthentication" class="InitializeBKUAuthenticationTask" /> + <pd:Task id="createIdentityLinkForm" class="CreateIdentityLinkFormTask" /> + <pd:Task id="verifyIdentityLink" class="VerifyIdentityLinkTask" async="true" /> + <pd:Task id="verifyAuthBlock" class="VerifyAuthenticationBlockTask" async="true" /> + <pd:Task id="verifyCertificate" class="VerifyCertificateTask" async="true" /> + <pd:Task id="getMISMandate" class="GetMISSessionIDTask" async="true" /> + <pd:Task id="certificateReadRequest" class="CertificateReadRequestTask" /> + <pd:Task id="prepareAuthBlockSignature" class="PrepareAuthBlockSignatureTask" /> + <pd:Task id="prepareGetMISMandate" class="PrepareGetMISMandateTask" /> + <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" /> + <pd:Task id="getForeignID" class="GetForeignIDTask" async="true" /> + + <!-- ELGA Mandate-Service Tasks --> + <pd:Task id="selectMandateServiceTask" class="SelectMandateServiceTask" /> + <pd:Task id="evaluateMandateServiceTask" class="EvaluateMandateServiceTask" async="true"/> + <pd:Task id="requestELGAMandateTask" class="RequestELGAMandateTask" /> + <pd:Task id="receiveElgaMandateResponseTask" class="ReceiveElgaMandateResponseTask" async="true"/> + + + <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. --> + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="initializeBKUAuthentication" /> + + <pd:Transition from="initializeBKUAuthentication" to="createIdentityLinkForm" /> + + <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" /> + + <pd:Transition from="verifyIdentityLink" to="certificateReadRequest" conditionExpression="!ctx['identityLinkAvailable'] || ctx['useMandate']" /> + <pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" /> + + <pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" /> + <!-- Note: verifyAuthBlock still creates a MIS session and redirects the user to the MIS gui. This should be separated from the auth block verification. --> + + <pd:Transition from="certificateReadRequest" to="verifyCertificate" /> + <!-- Note: verifyCertificate still creates the auth block to be signed which should be separated from certificat verification. --> + + <pd:Transition from="verifyCertificate" to="verifyAuthBlock" conditionExpression="ctx['useMandate']" /> + <pd:Transition from="verifyCertificate" to="getForeignID" /> + + <pd:Transition from="verifyAuthBlock" to="selectMandateServiceTask" conditionExpression="ctx['useMandate']" /> + <pd:Transition from="verifyAuthBlock" to="finalizeAuthentication" /> + + <pd:Transition from="selectMandateServiceTask" to="prepareGetMISMandate" conditionExpression="ctx['useMISMandate']" /> + <pd:Transition from="selectMandateServiceTask" to="evaluateMandateServiceTask" /> + + <pd:Transition from="evaluateMandateServiceTask" to="prepareGetMISMandate" conditionExpression="ctx['useMISMandate']" /> + <pd:Transition from="evaluateMandateServiceTask" to="requestELGAMandateTask" conditionExpression="ctx['useELGAMandate']" /> + <pd:Transition from="evaluateMandateServiceTask" to="end" /> + + + <pd:Transition from="requestELGAMandateTask" to="receiveElgaMandateResponseTask" /> + <pd:Transition from="receiveElgaMandateResponseTask" to="finalizeAuthentication" /> + + <pd:Transition from="prepareGetMISMandate" to="getMISMandate" /> + <pd:Transition from="getMISMandate" to="finalizeAuthentication" /> + + <pd:Transition from="getForeignID" to="finalizeAuthentication" /> + + <pd:Transition from="finalizeAuthentication" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/moaid_elga_mandate_client_auth.beans.xml b/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/moaid_elga_mandate_client_auth.beans.xml new file mode 100644 index 000000000..cbc4e65c1 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/moaid_elga_mandate_client_auth.beans.xml @@ -0,0 +1,46 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + +<!-- ELGA mandate-service client beans --> + <bean id="elgaMandatesAuthModule" class="at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthModuleImpl"> + <property name="priority" value="1" /> + </bean> + + <bean id="ELGAMandate_MetadataProvider" + class="at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateServiceMetadataProvider"/> + + <bean id="ELGAMandatesCredentialProvider" + class="at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandatesCredentialProvider"/> + + <bean id="ELGAMandateMetadataController" + class="at.gv.egovernment.moa.id.auth.modules.elgamandates.controller.ELGAMandateMetadataController"/> + + <bean id="ELGAMandateSignalController" + class="at.gv.egovernment.moa.id.auth.modules.elgamandates.controller.ELGAMandateSignalController"/> + +<!-- ELGA-MandateService communication Process Tasks --> + <bean id="SelectMandateServiceTask" + class="at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks.SelectMandateServiceTask" + scope="prototype"/> + + <bean id="EvaluateMandateServiceTask" + class="at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks.EvaluateMandateServiceTask" + scope="prototype"/> + + <bean id="RequestELGAMandateTask" + class="at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks.RequestELGAMandateTask" + scope="prototype"/> + + <bean id="ReceiveElgaMandateResponseTask" + class="at.gv.egovernment.moa.id.auth.modules.elgamandates.tasks.ReceiveElgaMandateResponseTask" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/templates/mandate-service-selection.html b/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/templates/mandate-service-selection.html new file mode 100644 index 000000000..b0be4a475 --- /dev/null +++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/resources/templates/mandate-service-selection.html @@ -0,0 +1,76 @@ +<!DOCTYPE html> +<html> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=#ID#" /> + + <title>Anmeldung an Online-Applikation</title> +</head> + + +<body> + <div id="page"> + + <div id="page1" class="case selected-case" role="main"> + +<!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> --> + + <div id="main"> + <!--div id="leftcontent" class="hell"--> + <div id=processContent> + <div id="bku_header" class="dunkel"> + <h2 id="tabheader" class="dunkel" role="heading"> + Anmeldeinformationen: + </h2> + </div> + + <div id="selectArea" class="hell" role="application"> + <h3>Anmeldung an: $OAName</h3> + + + <div id="processInfoArea"> + <p>Für die Anmeldung 'in Vertretung' stehen Ihnen zwei Systeme zur Vollmachtenauswahl zur Verfügung. Bitte wählen Sie das gewünschte Service.</p> + </div> + + <div id="processSelectionArea"> + <div id="elgaMandateButton" class="processSelectionButtonArea"> + <form method="post" id="moaidform_yes" action="$contextPath$submitEndpoint"> + <input type="hidden" name="useELGAMandate" value="true"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Eltern-Kind Vertretung" class="processSelectionButton" role="button"> + </form> + <div class="buttonDescription"> + <p>Eltern-Kind Vertretung</p> + </div> + </div> + <div id="misMandateButton" class="processSelectionButtonArea"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> + <input type="hidden" name="useMISMandate" value="true"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="allgemeine Vertretung" class="processSelectionButton" role="button"> + </form> + <div class="buttonDescription"> + <p>Vollmachtenservice der Österreichischen Datenschutzbehörde <a href="https://mms.stammzahlenregister.gv.at/mms/moaid.do">(MMS Service)</a></p> + </div> + </div> + <div id="abortButton" class="processSelectionButtonArea"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Abbrechen" class="processSelectionButton" role="button"> + </form> + <div class="buttonDescription"> + <p>Den Anmeldevorgang abbrechen</p> + </div> + </div> + </div> + + </div> + </div> + + <!--/div--> + </div> + </div> + </div> +</body> +</html> diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml index 080d5ae0b..4684c8032 100644 --- a/id/server/modules/moa-id-module-openID/pom.xml +++ b/id/server/modules/moa-id-module-openID/pom.xml @@ -73,11 +73,11 @@ </exclusions> </dependency> -<!-- <dependency> + <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>19.0</version> - </dependency> --> + </dependency> <!-- TestNG --> <dependency> diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java index e2ac97535..9060f35c5 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.protocols.oauth20; import java.util.Properties; -import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.util.FileUtils; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/Pair.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/Pair.java deleted file mode 100644 index eb3cfcccb..000000000 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/Pair.java +++ /dev/null @@ -1,45 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.oauth20; - -public class Pair<P1, P2> { - private final P1 first; - private final P2 second; - - private Pair(final P1 newFirst, final P2 newSecond) { - this.first = newFirst; - this.second = newSecond; - } - - public P1 getFirst() { - return this.first; - } - - public P2 getSecond() { - return this.second; - } - - public static <P1, P2> Pair<P1, P2> newInstance(final P1 newFirst, final P2 newSecond) { - return new Pair<P1, P2>(newFirst, newSecond); - } -} diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java index bb180d8e9..9b19e0a4d 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java @@ -27,14 +27,13 @@ import java.util.List; import org.apache.commons.lang.StringUtils; -import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; -import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator; +import com.google.gson.JsonObject; +import com.google.gson.JsonPrimitive; import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.oauth20.Pair; -import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest; +import at.gv.egovernment.moa.id.data.Pair; import at.gv.egovernment.moa.id.protocols.builder.attributes.BPKAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDAuthBlock; import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDCcsURL; @@ -46,6 +45,8 @@ import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSectorForIDAttri import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSignerCertificate; import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSourcePIN; import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDSourcePINType; +import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonFullNameAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinTypeAttributeBuilder; @@ -59,13 +60,11 @@ import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateProfRepDescA import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateProfRepOIDAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateReferenceValueAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateTypeAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.logging.Logger; -import com.google.gson.JsonObject; -import com.google.gson.JsonPrimitive; - public final class OAuth20AttributeBuilder { private OAuth20AttributeBuilder() { @@ -207,7 +206,7 @@ public final class OAuth20AttributeBuilder { } private static void addAttibutes(final List<IAttributeBuilder> builders, final JsonObject jsonObject, - final OAAuthParameter oaParam, final IAuthData authData, OAuth20AuthRequest oAuthRequest) { + final IOAAuthParameters oaParam, final IAuthData authData, OAuth20AuthRequest oAuthRequest) { for (IAttributeBuilder b : builders) { try { //TODO: better solution requires more refactoring :( @@ -230,33 +229,33 @@ public final class OAuth20AttributeBuilder { } public static void addScopeOpenId(final JsonObject jsonObject, - final OAAuthParameter oaParam, final IAuthData authData, + final IOAAuthParameters oaParam, final IAuthData authData, final OAuth20AuthRequest oAuthRequest) { addAttibutes(buildersOpenId, jsonObject, oaParam, authData, oAuthRequest); } public static void addScopeProfile(final JsonObject jsonObject, - final OAAuthParameter oaParam, final IAuthData authData) { + final IOAAuthParameters oaParam, final IAuthData authData) { addAttibutes(buildersProfile, jsonObject, oaParam, authData, null); } public static void addScopeEID(final JsonObject jsonObject, - final OAAuthParameter oaParam, final IAuthData authData) { + final IOAAuthParameters oaParam, final IAuthData authData) { addAttibutes(buildersEID, jsonObject, oaParam, authData, null); } public static void addScopeEIDGov(final JsonObject jsonObject, - final OAAuthParameter oaParam, final IAuthData authData) { + final IOAAuthParameters oaParam, final IAuthData authData) { addAttibutes(buildersEIDGov, jsonObject, oaParam, authData, null); } public static void addScopeMandate(final JsonObject jsonObject, - final OAAuthParameter oaParam, final IAuthData authData) { + final IOAAuthParameters oaParam, final IAuthData authData) { addAttibutes(buildersMandate, jsonObject, oaParam, authData, null); } public static void addScopeSTORK(final JsonObject jsonObject, - final OAAuthParameter oaParam, final IAuthData authData) { + final IOAAuthParameters oaParam, final IAuthData authData) { addAttibutes(buildersSTORK, jsonObject, oaParam, authData, null); } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java index e81132ca7..a43c8fce9 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAudiencesAttribute.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java index c4260db82..c6775b692 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdAuthenticationTimeAttribute.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java index 6008eede1..5f32e32a2 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdExpirationTimeAttribute.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; import java.util.Date; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java index ad7fe68b9..04f38faf6 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssueInstantAttribute.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; import java.util.Date; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java index 5c4fe02df..ff19a618a 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdIssuerAttribute.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java index d2636c259..eda276df2 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java @@ -22,12 +22,11 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator; +import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; import at.gv.egovernment.moa.util.MiscUtil; @@ -42,7 +41,7 @@ public class OpenIdNonceAttribute implements IAttributeBuilder { return g.buildStringAttribute(this.getName(), "", null); } - public <ATT> ATT build(OAAuthParameter oaParam, IAuthData authData, OAuth20AuthRequest oAuthRequest, + public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, OAuth20AuthRequest oAuthRequest, IAttributeGenerator<ATT> g) throws AttributeException { if (MiscUtil.isNotEmpty(oAuthRequest.getNonce())) return g.buildStringAttribute(this.getName(), "", oAuthRequest.getNonce()); diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java index 10af9cc32..7de90e98e 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdSubjectIdentifierAttribute.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java index 4262d6bb3..3ebadba52 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileDateOfBirthAttribute.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java index da4f76e2d..89209b062 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileFamilyNameAttribute.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java index 04a6ec60b..895037b2e 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/ProfileGivenNameAttribute.java @@ -22,7 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.attributes; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/exceptions/OAuth20Exception.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/exceptions/OAuth20Exception.java index 307615fbd..5dc36868b 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/exceptions/OAuth20Exception.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/exceptions/OAuth20Exception.java @@ -22,9 +22,9 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.exceptions; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -public class OAuth20Exception extends RuntimeException { +public class OAuth20Exception extends MOAIDException { private static final long serialVersionUID = 1L; @@ -33,7 +33,7 @@ public class OAuth20Exception extends RuntimeException { private String errorCode; public OAuth20Exception(final String errorCode, final String messageId, final Object[] parameters) { - super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters)); + super(messageId, parameters); this.errorCode = errorCode; this.messageId = messageId; } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java index 88e26da76..803ae388f 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java @@ -30,19 +30,21 @@ import java.util.UUID; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.Pair; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject; -import at.gv.egovernment.moa.id.protocols.oauth20.Pair; import at.gv.egovernment.moa.id.protocols.oauth20.attributes.OAuth20AttributeBuilder; import at.gv.egovernment.moa.id.protocols.oauth20.attributes.OpenIdExpirationTimeAttribute; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; @@ -51,28 +53,31 @@ import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ServerErrorE import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SignatureUtil; import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuthJsonToken; import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuthSigner; -import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; +@Service("OAuth20AuthAction") class OAuth20AuthAction implements IAction { + @Autowired protected MOAReversionLogger revisionsLogger; + @Autowired protected ITransactionStorage transactionStorage; + public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { OAuth20AuthRequest oAuthRequest = (OAuth20AuthRequest) req; String responseType = oAuthRequest.getResponseType(); - MOAReversionLogger.getInstance().logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_OPENIDCONNECT_AUTHREQUEST); + revisionsLogger.logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_OPENIDCONNECT_AUTHREQUEST); String code = Random.nextRandom(); try { String accessToken = UUID.randomUUID().toString(); - - Logger.debug("Stored session with id: " + code); + + Logger.debug("Build OAuth20SessionObject from authenticationData."); OAuth20SessionObject o = new OAuth20SessionObject(); if (responseType.equals(OAuth20Constants.RESPONSE_CODE)) { o.setScope(oAuthRequest.getScope()); @@ -86,8 +91,9 @@ class OAuth20AuthAction implements IAction { throw new OAuth20ResponseTypeException(); } - // store data in oath session - AssertionStorage.getInstance().put(code, o); + // store data in oath session + + transactionStorage.put(code, o); Logger.debug("Saved OAuth20SessionObject in session with id: " + code); @@ -105,7 +111,7 @@ class OAuth20AuthAction implements IAction { //TODO: maybe add bPK / wbPK to SLO information - SLOInformationInterface sloInformation = new SLOInformationImpl(req.getAuthURL(), accessToken, null, null, req.requestedModule()); + SLOInformationInterface sloInformation = new SLOInformationImpl(req.getAuthURL(), req.getOnlineApplicationConfiguration().getPublicURLPrefix(), accessToken, null, null, req.requestedModule()); return sloInformation; } @@ -113,8 +119,8 @@ class OAuth20AuthAction implements IAction { Logger.warn("An error occur during OpenID-Connect idToken generation.", e); //remove OAuthSessionObject if it already exists - if (AssertionStorage.getInstance().containsKey(code)) { - AssertionStorage.getInstance().remove(code); + if (transactionStorage.containsKey(code)) { + transactionStorage.remove(code); } if (e instanceof OAuth20Exception) { @@ -147,7 +153,7 @@ class OAuth20AuthAction implements IAction { private Pair<String, String> buildIdToken(String scope, OAuth20AuthRequest oAuthRequest, IAuthData authData) throws MOAIDException, SignatureException { - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oAuthRequest.getOAURL()); + IOAAuthParameters oaParam = oAuthRequest.getOnlineApplicationConfiguration(); OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getIssuer()); OAuthJsonToken token = new OAuthJsonToken(signer); diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java index e5d8db873..98fcdc8dc 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java @@ -22,18 +22,21 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.protocol; +import java.util.Collection; import java.util.HashMap; -import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; -import org.opensaml.saml2.core.Attribute; +import org.springframework.beans.factory.config.BeanDefinition; +import org.springframework.context.annotation.Scope; +import org.springframework.stereotype.Component; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; import at.gv.egovernment.moa.id.protocols.oauth20.attributes.OAuth20AttributeBuilder; @@ -42,19 +45,24 @@ import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ResponseTypeException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; -import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder; import at.gv.egovernment.moa.logging.Logger; +@Component("OAuth20AuthRequest") +@Scope(value = BeanDefinition.SCOPE_PROTOTYPE) public class OAuth20AuthRequest extends OAuth20BaseRequest { /** * @param req * @throws ConfigurationException */ - public OAuth20AuthRequest(HttpServletRequest req) - throws ConfigurationException { - super(req); + public OAuth20AuthRequest() { + super(); + + //AuthnRequest needs authentication + this.setNeedAuthentication(true); + + //set protocol action, which should be executed after authentication + this.setAction(OAuth20AuthAction.class.getName()); } private static final long serialVersionUID = 1L; @@ -179,7 +187,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest { // check if client id and redirect uri are ok try { // OAOAUTH20 cannot be null at this point. check was done in base request - OAAuthParameter oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()); + IOAAuthParameters oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()); if (!this.getClientID().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID)) @@ -201,43 +209,36 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest { * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public List<Attribute> getRequestedAttributes() { + public Collection<String> getRequestedAttributes() { Map<String, String> reqAttr = new HashMap<String, String>(); for (String el : PVP2XProtocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION) reqAttr.put(el, ""); - try { - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); - - for (String s : scope.split(" ")) { - if (s.equalsIgnoreCase("profile")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersprofile()) - reqAttr.put(el.getName(), ""); + for (String s : scope.split(" ")) { + if (s.equalsIgnoreCase("profile")) { + for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersprofile()) + reqAttr.put(el.getName(), ""); - } else if (s.equalsIgnoreCase("eID")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseid()) - reqAttr.put(el.getName(), ""); - - } else if (s.equalsIgnoreCase("eID_gov")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseidgov()) - reqAttr.put(el.getName(), ""); - - } else if (s.equalsIgnoreCase("mandate")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersmandate()) - reqAttr.put(el.getName(), ""); - - } else if (s.equalsIgnoreCase("stork")) { - for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersstork()) - reqAttr.put(el.getName(), ""); - - } + } else if (s.equalsIgnoreCase("eID")) { + for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseid()) + reqAttr.put(el.getName(), ""); + + } else if (s.equalsIgnoreCase("eID_gov")) { + for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseidgov()) + reqAttr.put(el.getName(), ""); + + } else if (s.equalsIgnoreCase("mandate")) { + for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersmandate()) + reqAttr.put(el.getName(), ""); + + } else if (s.equalsIgnoreCase("stork")) { + for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersstork()) + reqAttr.put(el.getName(), ""); + } - - return AttributQueryBuilder.buildSAML2AttributeList(oa, reqAttr.keySet().iterator()); - - } catch (ConfigurationException e) { - Logger.error("Load configuration for OA " + getOAURL() + " FAILED", e); - return null; } + + //return attributQueryBuilder.buildSAML2AttributeList(this.getOnlineApplicationConfiguration(), reqAttr.keySet().iterator()); + return reqAttr.keySet(); } } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java index 5fcac0b2f..3ab283db5 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java @@ -31,14 +31,13 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang.StringUtils; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidRequestException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20OANotSupportedException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; @@ -49,11 +48,7 @@ abstract class OAuth20BaseRequest extends RequestImpl { private static final long serialVersionUID = 1L; protected Set<String> allowedParameters = new HashSet<String>(); - - public OAuth20BaseRequest(HttpServletRequest req) throws ConfigurationException { - super(req); - } - + protected String getParam(final HttpServletRequest request, final String name, final boolean isNeeded) throws OAuth20Exception { String param = request.getParameter(name); Logger.debug("Reading param " + name + " from HttpServletRequest with value " + param); @@ -76,12 +71,11 @@ abstract class OAuth20BaseRequest extends RequestImpl { throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID); } this.setOAURL(oaURL); - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaURL); + IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaURL); if (oaParam == null) { throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID); } - this.setTarget(oaParam.getTarget()); if (StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET)) || StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID)) @@ -100,7 +94,7 @@ abstract class OAuth20BaseRequest extends RequestImpl { this.checkAllowedParameters(request); } - private void checkAllowedParameters(final HttpServletRequest request) { + private void checkAllowedParameters(final HttpServletRequest request) throws OAuth20WrongParameterException { Logger.debug("Going to check for allowed parameters"); this.allowedParameters.add(OAuth20Constants.PARAM_MOA_ACTION); this.allowedParameters.add(OAuth20Constants.PARAM_MOA_MOD); @@ -120,29 +114,4 @@ abstract class OAuth20BaseRequest extends RequestImpl { protected abstract void populateSpecialParameters(final HttpServletRequest request) throws OAuth20Exception; - public static OAuth20BaseRequest newInstance(final String action, final HttpServletRequest request, String sessionId, String transactionId) throws OAuth20Exception { - OAuth20BaseRequest res; - try { - if (action.equals(OAuth20Protocol.AUTH_ACTION)) { - res = new OAuth20AuthRequest(request); - - } else if (action.equals(OAuth20Protocol.TOKEN_ACTION)) { - res = new OAuth20TokenRequest(request); - - } else { - throw new OAuth20InvalidRequestException(); - } - - } catch (ConfigurationException e) { - Logger.warn(e.getMessage()); - throw new OAuth20InvalidRequestException(); - - } - - res.setAction(action); - res.setModule(OAuth20Protocol.NAME); - - res.populateParameters(request); - return res; - } } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java index 70c29359e..e6ccc67b7 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java @@ -1,6 +1,8 @@ package at.gv.egovernment.moa.id.protocols.oauth20.protocol; +import java.io.IOException; import java.net.URLEncoder; +import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -9,12 +11,19 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import com.google.gson.JsonObject; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IModulInfo; -import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; +import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; @@ -23,11 +32,8 @@ import at.gv.egovernment.moa.id.util.ErrorResponseUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import com.google.gson.JsonObject; - -import java.util.Arrays; - -public class OAuth20Protocol implements IModulInfo { +@Controller +public class OAuth20Protocol extends AbstractAuthProtocolModulController { public static final String NAME = OAuth20Protocol.class.getName(); public static final String PATH = "id_oauth20"; @@ -40,14 +46,7 @@ public class OAuth20Protocol implements IModulInfo { PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, PVPConstants.BPK_NAME }); - - private static HashMap<String, IAction> actions = new HashMap<String, IAction>(); - - static { - actions.put(AUTH_ACTION, new OAuth20AuthAction()); - actions.put(TOKEN_ACTION, new OAuth20TokenAction()); - } - + public String getName() { return NAME; } @@ -56,42 +55,83 @@ public class OAuth20Protocol implements IModulInfo { return PATH; } - public IAction getAction(String action) { - return actions.get(action); - } - - /* - * (non-Javadoc) - * @see - * at.gv.egovernment.moa.id.moduls.IModulInfo#preProcess(javax.servlet.http.HttpServletRequest, - * javax.servlet.http.HttpServletResponse, java.lang.String) + /** + * */ - public IRequest preProcess(HttpServletRequest request, HttpServletResponse resp, String action, - String sessionId, String transactionId) throws MOAIDException { - // validation is done inside creation - OAuth20BaseRequest res = OAuth20BaseRequest.newInstance(action, request, sessionId, transactionId); - Logger.debug("Created: " + res); - return res; + public OAuth20Protocol() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '/oauth2/auth' and '/oauth2/token'."); } - /* - * (non-Javadoc) - * @see - * at.gv.egovernment.moa.id.moduls.IModulInfo#canHandleRequest(javax.servlet.http.HttpServletRequest - * , javax.servlet.http.HttpServletResponse) - */ - public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { - if (!StringUtils.isEmpty(request.getParameter("action"))) { - if (request.getParameter("action").equals(AUTH_ACTION)) { - return getAction(AUTH_ACTION); - } else if (request.getParameter("action").equals(TOKEN_ACTION)) { - return getAction(TOKEN_ACTION); - } + //OpenID Connect auth request + @RequestMapping(value = "/oauth2/auth", method = {RequestMethod.POST, RequestMethod.GET}) + public void openIDConnectAuthRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException { + if (!authConfig.getAllowedProtocols().isOAUTHActive()) { + Logger.info("OpenID-Connect is deaktivated!"); + throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }); + + } + + OAuth20AuthRequest pendingReq = applicationContext.getBean(OAuth20AuthRequest.class); + try { + pendingReq.initialize(req); + pendingReq.setModule(OAuth20Protocol.NAME); + pendingReq.populateParameters(req); + + } catch (OAuth20Exception e) { + Logger.info("OpenID-Connect request has a validation error: " + e.getMessage()); + throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters(), e); + } - return null;// getAction(AUTH_ACTION); + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier()); + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier()); + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); + + //process request + performAuthentication(req, resp, (RequestImpl)pendingReq); + } + //openID Connect tokken request + @RequestMapping(value = "/oauth2/token", method = {RequestMethod.POST, RequestMethod.GET}) + public void OpenIDConnectTokkenRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException { + if (!authConfig.getAllowedProtocols().isOAUTHActive()) { + Logger.info("OpenID-Connect is deaktivated!"); + throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }); + + } + + OAuth20TokenRequest pendingReq = applicationContext.getBean(OAuth20TokenRequest.class); + try { + pendingReq.initialize(req); + pendingReq.setModule(OAuth20Protocol.NAME); + pendingReq.populateParameters(req); + + } catch (OAuth20Exception e) { + Logger.info("OpenID-Connect request has a validation error: " + e.getMessage()); + throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters(), e); + + } + + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier()); + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier()); + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); + + //process request + performAuthentication(req, resp, (RequestImpl)pendingReq); + + } + /* * (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IModulInfo#generateErrorMessage(java.lang.Throwable, diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java index 2238a25e1..9d78418cd 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java @@ -26,25 +26,32 @@ package at.gv.egovernment.moa.id.protocols.oauth20.protocol; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import com.google.gson.JsonObject; + import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ServerErrorException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20UnauthorizedClientException; -import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.logging.Logger; -import com.google.gson.JsonObject; - +@Service("OAuth20TokenAction") class OAuth20TokenAction implements IAction { + @Autowired protected MOAReversionLogger revisionsLogger; + @Autowired protected ITransactionStorage transactionStorage; + public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { @@ -53,13 +60,13 @@ class OAuth20TokenAction implements IAction { try { OAuth20TokenRequest oAuthRequest = (OAuth20TokenRequest) req; - MOAReversionLogger.getInstance().logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_OPENIDCONNECT_TOKENREQUEST); + revisionsLogger.logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_OPENIDCONNECT_TOKENREQUEST); try { Logger.debug("Loaded OAuth20SessionObject from session: " + oAuthRequest.getCode()); auth20SessionObject = - AssertionStorage.getInstance().get(oAuthRequest.getCode(), OAuth20SessionObject.class); + transactionStorage.get(oAuthRequest.getCode(), OAuth20SessionObject.class); } catch (MOADatabaseException e) { throw new OAuth20UnauthorizedClientException(); @@ -97,7 +104,7 @@ class OAuth20TokenAction implements IAction { // destroy session for clean up Logger.debug("Going to destroy session: " + auth20SessionObject.getCode()); - AssertionStorage.getInstance().remove(auth20SessionObject.getCode()); + transactionStorage.remove(auth20SessionObject.getCode()); } } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java index abfe4ce15..f35de9c58 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java @@ -22,16 +22,18 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.oauth20.protocol; -import java.util.List; +import java.util.Collection; import javax.servlet.http.HttpServletRequest; -import org.opensaml.saml2.core.Attribute; +import org.springframework.beans.factory.config.BeanDefinition; +import org.springframework.context.annotation.Scope; +import org.springframework.stereotype.Component; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; @@ -39,15 +41,21 @@ import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidGrant import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException; import at.gv.egovernment.moa.logging.Logger; +@Component("OAuth20TokenRequest") +@Scope(value = BeanDefinition.SCOPE_PROTOTYPE) class OAuth20TokenRequest extends OAuth20BaseRequest { /** * @param req * @throws ConfigurationException */ - public OAuth20TokenRequest(HttpServletRequest req) - throws ConfigurationException { - super(req); + public OAuth20TokenRequest() { + super(); + //AuthnRequest needs authentication + this.setNeedAuthentication(false); + + //set protocol action, which should be executed after authentication + this.setAction(OAuth20TokenAction.class.getName()); } private static final long serialVersionUID = 1L; @@ -132,7 +140,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest { // check if client id and secret are ok try { // OAOAUTH20 cannot be null at this point. check was done in base request - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()); + IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()); if (!this.getClientID().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))) { throw new OAuth20AccessDeniedException(); @@ -160,7 +168,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest { * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public List<Attribute> getRequestedAttributes() { + public Collection<String> getRequestedAttributes() { return null; } } diff --git a/id/server/modules/moa-id-module-openID/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo b/id/server/modules/moa-id-module-openID/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo deleted file mode 100644 index b653c91c3..000000000 --- a/id/server/modules/moa-id-module-openID/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo +++ /dev/null @@ -1 +0,0 @@ -at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20Protocol
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-pvp2/.gitignore b/id/server/modules/moa-id-module-pvp2/.gitignore new file mode 100644 index 000000000..b83d22266 --- /dev/null +++ b/id/server/modules/moa-id-module-pvp2/.gitignore @@ -0,0 +1 @@ +/target/ diff --git a/id/server/modules/moa-id-module-pvp2/pom.xml b/id/server/modules/moa-id-module-pvp2/pom.xml new file mode 100644 index 000000000..0a71e27ce --- /dev/null +++ b/id/server/modules/moa-id-module-pvp2/pom.xml @@ -0,0 +1,11 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>${moa-id-version}</version> + </parent> + <artifactId>moa-id-module-pvp2</artifactId> + <name>PVP2 Module</name> + <description>PVP2.x authentication modul for MOA-ID-Auth</description> +</project>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml new file mode 100644 index 000000000..b15d7dc85 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml @@ -0,0 +1,56 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>${moa-id-version}</version> + </parent> + <artifactId>moa-id-module-ssoTransfer</artifactId> + <name>MOA-ID_SSO_Transfer_modul</name> + <description>MOA-ID modul to transfer Single Sign-On sessions to other devices</description> + + <dependencies> + <dependency> + <groupId>net.glxn</groupId> + <artifactId>qrgen</artifactId> + <version>1.4</version> + </dependency> + + <!-- JSON JWT implementation --> + <dependency> + <groupId>com.googlecode.jsontoken</groupId> + <artifactId>jsontoken</artifactId> + <version>1.1</version> + <exclusions> + <exclusion> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + </exclusion> + <exclusion> + <artifactId>google-collections</artifactId> + <groupId>com.google.collections</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>1.52</version> + <!-- <scope>provided</scope> --> + </dependency> + + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcpkix-jdk15on</artifactId> + <version>1.52</version> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-frontend-resources</artifactId> + </dependency> + + </dependencies> + +</project>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java new file mode 100644 index 000000000..2a2b7bf80 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java @@ -0,0 +1,76 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer; + +import at.gv.egovernment.moa.id.auth.modules.AuthModule; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; + +/** + * @author tlenz + * + */ +public class SSOTransferAuthModuleImpl implements AuthModule{ + + private int priority = 1; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() + */ + @Override + public int getPriority() { + return priority; + } + + /** + * Sets the priority of this module. Default value is {@code 0}. + * @param priority The priority. + */ + public void setPriority(int priority) { + this.priority = priority; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext) + */ + @Override + public String selectProcess(ExecutionContext context) { + Object restoreSSOSessionObj = context.get("restoreSSOSession"); + if (restoreSSOSessionObj != null && restoreSSOSessionObj instanceof String) { + boolean restoreSSOSession = (boolean) Boolean.parseBoolean((String)restoreSSOSessionObj); + if (restoreSSOSession) + return "SSOTransferAuthentication"; + + } + + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthentication.process.xml" }; + } + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferConstants.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferConstants.java new file mode 100644 index 000000000..1a4356653 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferConstants.java @@ -0,0 +1,76 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer; + +/** + * @author tlenz + * + */ +public class SSOTransferConstants { + + public static final String MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE = "holderofkey_cert"; + + public static final String DH_PRIME_BASE64 = "AO672PgS9gv0vLTDDISxnZ61aroRrvj53F4CX1ffNNdU+PYPv6ff3pkmuaw3av41tpD/Y0ypcCEPLh39GemNDUnehwBfi6PocHdDGPhTvhan5kYgDoWPWebA9P3Qy3eUdslwU+Eusr0SBhN+Cssw7XZ0nue5IiOjBxdzdijJiojH"; + public static final String DH_GENERATOR_BASE64 = "NuuDqMxQa7T3XP4H6OFR30imozmM0Eho0na9gXak+Qs+J9uE/3xgHspz9PYO/6Lk2wgeOk42Pk4MHamKVPCLdqztlmEFgKPwHiAwNdNr4PklonLWk5zPSEYDVUt/8IFmK+cu0cPomACo0AfSCSZqdexq0FnFey/5mBjOGPimOJQ="; + + public static final String SERVLET_SSOTRANSFER_GUI = "/TransferSSOSession"; + public static final String SERVLET_SSOTRANSFER_TO_SMARTPHONE = "/TransmitSSOSession"; + public static final String SERVLET_SSOTRANSFER_FROM_SMARTPHONE = "/SSOTransferSignalEndpoint"; + + public static final String REQ_PARAM_GENERATE_QR = "createQR"; + public static final String REQ_PARAM_TOKEN = "token"; + + public static final String SSOCONTAINER_KEY_TYPE = "type"; + public static final String SSOCONTAINER_VALUE_TYPE_TRANSER = "TRANSFER"; + public static final String SSOCONTAINER_VALUE_TYPE_PERSIST = "PERSIST"; + public static final String SSOCONTAINER_VALUE_TYPE_SSO = "SSO"; + + public static final String SSOCONTAINER_KEY_URL = "url"; + + public static final String SSOCONTAINER_KEY_DH_PUBKEY = "pubKey"; + public static final String SSOCONTAINER_KEY_DH_PRIME = "prime"; + public static final String SSOCONTAINER_KEY_DH_GENERATOR = "generator"; + + public static final String SSOCONTAINER_KEY_CSR = "certificate"; + + public static final String SSOCONTAINER_KEY_VALIDTO = "validTo"; + public static final String SSOCONTAINER_KEY_ENTITYID = "entityID"; + public static final String SSOCONTAINER_KEY_USERID = "userID"; + public static final String SSOCONTAINER_KEY_SESSION = "session"; + public static final String SSOCONTAINER_KEY_RESULTENDPOINT = "resultEndPoint"; + public static final String SSOCONTAINER_KEY_NONCE = "nonce"; + public static final String SSOCONTAINER_KEY_BLOB = "blob"; + public static final String SSOCONTAINER_KEY_SIGNATURE = "signature"; + public static final String SSOCONTAINER_KEY_UNIQUEUSERID = "bPK"; + + public static final String SSOCONTAINER_KEY_STATUS = "status"; + + public static final String FLAG_SSO_SESSION_RESTORED = "ssoRestoredFlag"; + public static final long CERT_VALIDITY = 700; //2 years + + public static final String PENDINGREQ_DH = "dhparams"; + public static final String PENDINGREQ_NONCE = "nonce"; + + + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferSpringResourceProvider.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferSpringResourceProvider.java new file mode 100644 index 000000000..1c7a9f124 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferSpringResourceProvider.java @@ -0,0 +1,62 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +/** + * @author tlenz + * + */ +public class SSOTransferSpringResourceProvider implements SpringResourceProvider { + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() + */ + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource ssoTransferAuthConfig = new ClassPathResource("/moaid_ssotransfer_auth.beans.xml", SSOTransferSpringResourceProvider.class); + return new Resource[] {ssoTransferAuthConfig}; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan() + */ + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName() + */ + @Override + public String getName() { + return "SSO Transfer Module"; + } + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/Pair.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/Pair.java new file mode 100644 index 000000000..47351b2bd --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/Pair.java @@ -0,0 +1,21 @@ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.data; + +import java.io.Serializable; + +public class Pair<F,S> implements Serializable { + /** + * + */ + private static final long serialVersionUID = -1677989418252218345L; + + private F l; + private S r; + public Pair(F l, S r){ + this.l = l; + this.r = r; + } + public F getF(){ return l; } + public S getS(){ return r; } + public void setF(F l){ this.l = l; } + public void setS(S r){ this.r = r; } +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java new file mode 100644 index 000000000..78cbd788d --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java @@ -0,0 +1,365 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.data; + +import java.security.cert.CertificateEncodingException; +import java.util.Date; +import java.util.List; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.data.AuthenticationRole; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.MISMandate; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class SSOTransferAuthenticationData implements IAuthData { + + private AuthenticationSession authSession = null; + boolean isIDPPrivateService = true; + + public SSOTransferAuthenticationData(AuthConfiguration authConfig, AuthenticationSession authSession) throws ConfigurationException { + this.authSession = authSession; + String domainIdentifier = authConfig.getSSOTagetIdentifier(); + if (domainIdentifier != null) + isIDPPrivateService = domainIdentifier.startsWith(MOAIDAuthConstants.PREFIX_WPBK); + + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getIssueInstant() + */ + @Override + public Date getIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getIssuer() + */ + @Override + public String getIssuer() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#isBusinessService() + */ + @Override + public boolean isBusinessService() { + return this.isIDPPrivateService; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#isSsoSession() + */ + @Override + public boolean isSsoSession() { + return true; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#isUseMandate() + */ + @Override + public boolean isUseMandate() { + return this.authSession.isMandateUsed(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getFamilyName() + */ + @Override + public String getFamilyName() { + return this.authSession.getIdentityLink().getFamilyName(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getGivenName() + */ + @Override + public String getGivenName() { + return this.authSession.getIdentityLink().getGivenName(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getDateOfBirth() + */ + @Override + public Date getDateOfBirth() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getFormatedDateOfBirth() + */ + @Override + public String getFormatedDateOfBirth() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getBPK() + */ + @Override + public String getBPK() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getBPKType() + */ + @Override + public String getBPKType() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getSsoSessionValidTo() + */ + @Override + public Date getSsoSessionValidTo() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getIdentificationValue() + */ + @Override + public String getIdentificationValue() { + return this.authSession.getIdentityLink().getIdentificationValue(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getIdentificationType() + */ + @Override + public String getIdentificationType() { + return this.authSession.getIdentityLink().getIdentificationType(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getBkuURL() + */ + @Override + public String getBkuURL() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getEncbPKList() + */ + @Override + public List<String> getEncbPKList() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getIdentityLink() + */ + @Override + public IdentityLink getIdentityLink() { + return this.authSession.getIdentityLink(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getSignerCertificate() + */ + @Override + public byte[] getSignerCertificate() { + try { + return this.authSession.getSignerCertificate().getEncoded(); + + } catch (CertificateEncodingException e) { + Logger.error("SSO-Transfer: SignerCertificate encoding FAILED.", e); + return null; + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getAuthBlock() + */ + @Override + public String getAuthBlock() { + return this.authSession.getAuthBlock(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getPvpAttribute_OU() + */ + @Override + public String getPvpAttribute_OU() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getAuthenticationRoles() + */ + @Override + public List<AuthenticationRole> getAuthenticationRoles() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#isPublicAuthority() + */ + @Override + public boolean isPublicAuthority() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getPublicAuthorityCode() + */ + @Override + public String getPublicAuthorityCode() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#isQualifiedCertificate() + */ + @Override + public boolean isQualifiedCertificate() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getMISMandate() + */ + @Override + public MISMandate getMISMandate() { + return this.authSession.getMISMandate(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getMandate() + */ + @Override + public Element getMandate() { + return this.authSession.getMISMandate().getMandateDOM(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getMandateReferenceValue() + */ + @Override + public String getMandateReferenceValue() { + return this.authSession.getMandateReferenceValue(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getQAALevel() + */ + @Override + public String getQAALevel() { + return this.authSession.getQAALevel(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getSessionIndex() + */ + @Override + public String getSessionIndex() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getNameID() + */ + @Override + public String getNameID() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getNameIDFormat() + */ + @Override + public String getNameIDFormat() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#isForeigner() + */ + @Override + public boolean isForeigner() { + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getCcc() + */ + @Override + public String getCcc() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getEIDASQAALevel() + */ + @Override + public String getEIDASQAALevel() { + // TODO Auto-generated method stub + return null; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.data.IAuthData#getGenericData(java.lang.String, java.lang.Class) + */ + @Override + public <T> T getGenericData(String key, Class<T> clazz) { + return this.authSession.getGenericDataFromSession(key, clazz); + } + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferContainer.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferContainer.java new file mode 100644 index 000000000..eecf03b71 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferContainer.java @@ -0,0 +1,107 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.data; + +import java.io.Serializable; +import java.math.BigInteger; +import java.security.PrivateKey; + +import javax.crypto.spec.DHPublicKeySpec; + +/** + * @author tlenz + * + */ +public class SSOTransferContainer implements Serializable { + + private static final long serialVersionUID = 3762458954168085854L; + + private String authURL = null; + private String tokkenID = null; + private String moaSessionID = null; + + //DH parameters + private PrivateKey dh_privKey; + private BigInteger dh_pubKey; + private BigInteger dh_prime; + private BigInteger dh_generator; + + + /** + * @return the authURL + */ + public String getAuthURL() { + return authURL; + } + /** + * @param authURL the authURL to set + */ + public void setAuthURL(String authURL) { + this.authURL = authURL; + } + /** + * @return the tokkenID + */ + public String getTokkenID() { + return tokkenID; + } + /** + * @param tokkenID the tokkenID to set + */ + public void setTokkenID(String tokkenID) { + this.tokkenID = tokkenID; + } + /** + * @return the moaSessionID + */ + public String getMoaSessionID() { + return moaSessionID; + } + /** + * @param moaSessionID the moaSessionID to set + */ + public void setMoaSessionID(String moaSessionID) { + this.moaSessionID = moaSessionID; + } + /** + * @return the dhParams + */ + public Pair<DHPublicKeySpec, PrivateKey> getDhParams() { + return new Pair<DHPublicKeySpec, PrivateKey>(new DHPublicKeySpec(this.dh_pubKey, + this.dh_prime, + this.dh_generator), this.dh_privKey); + } + /** + * @param dhParams the dhParams to set + */ + public void setDhParams(Pair<DHPublicKeySpec, PrivateKey> dhParams) { + this.dh_privKey = dhParams.getS(); + + this.dh_pubKey = dhParams.getF().getY(); + this.dh_prime = dhParams.getF().getP(); + this.dh_generator = dhParams.getF().getG(); + } + + + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java new file mode 100644 index 000000000..af180ff10 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java @@ -0,0 +1,444 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.data; + +import java.security.PrivateKey; +import java.util.Collection; +import java.util.List; +import java.util.Map; + +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.data.CPEPS; +import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute; +import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin; + +/** + * @author tlenz + * + */ +public class SSOTransferOnlineApplication implements IOAAuthParameters { + + public SSOTransferOnlineApplication() { + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBusinessService() + */ + @Override + public boolean getBusinessService() { + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#useSSO() + */ + @Override + public boolean useSSO() { + return true; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBKUURL() + */ + @Override + public List<String> getBKUURL() { + // TODO Auto-generated method stub + return null; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFullConfiguration() + */ + @Override + public Map<String, String> getFullConfiguration() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getConfigurationValue(java.lang.String) + */ + @Override + public String getConfigurationValue(String key) { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFriendlyName() + */ + @Override + public String getFriendlyName() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPublicURLPrefix() + */ + @Override + public String getPublicURLPrefix() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getOaType() + */ + @Override + public String getOaType() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTarget() + */ + @Override + public String getTarget() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTargetFriendlyName() + */ + @Override + public String getTargetFriendlyName() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isInderfederationIDP() + */ + @Override + public boolean isInderfederationIDP() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isSTORKPVPGateway() + */ + @Override + public boolean isSTORKPVPGateway() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIdentityLinkDomainIdentifier() + */ + @Override + public String getIdentityLinkDomainIdentifier() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getKeyBoxIdentifier() + */ + @Override + public String getKeyBoxIdentifier() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSAML1Parameter() + */ + @Override + public SAML1ConfigurationParameters getSAML1Parameter() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTemplateURL() + */ + @Override + public List<String> getTemplateURL() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getAditionalAuthBlockText() + */ + @Override + public String getAditionalAuthBlockText() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBKUURL(java.lang.String) + */ + @Override + public String getBKUURL(String bkutype) { + // TODO Auto-generated method stub + return null; + } + + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#useSSOQuestion() + */ + @Override + public boolean useSSOQuestion() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getMandateProfiles() + */ + @Override + public List<String> getMandateProfiles() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIdentityLinkDomainIdentifierType() + */ + @Override + public String getIdentityLinkDomainIdentifierType() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isShowMandateCheckBox() + */ + @Override + public boolean isShowMandateCheckBox() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isOnlyMandateAllowed() + */ + @Override + public boolean isOnlyMandateAllowed() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isShowStorkLogin() + */ + @Override + public boolean isShowStorkLogin() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getQaaLevel() + */ + @Override + public Integer getQaaLevel() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isRequireConsentForStorkAttributes() + */ + @Override + public boolean isRequireConsentForStorkAttributes() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getRequestedSTORKAttributes() + */ + @Override + public Collection<StorkAttribute> getRequestedSTORKAttributes() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBKUSelectionTemplate() + */ + @Override + public byte[] getBKUSelectionTemplate() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSendAssertionTemplate() + */ + @Override + public byte[] getSendAssertionTemplate() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPepsList() + */ + @Override + public Collection<CPEPS> getPepsList() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIDPAttributQueryServiceURL() + */ + @Override + public String getIDPAttributQueryServiceURL() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isInboundSSOInterfederationAllowed() + */ + @Override + public boolean isInboundSSOInterfederationAllowed() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isInterfederationSSOStorageAllowed() + */ + @Override + public boolean isInterfederationSSOStorageAllowed() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isOutboundSSOInterfederationAllowed() + */ + @Override + public boolean isOutboundSSOInterfederationAllowed() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isTestCredentialEnabled() + */ + @Override + public boolean isTestCredentialEnabled() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTestCredentialOIDs() + */ + @Override + public List<String> getTestCredentialOIDs() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isUseIDLTestTrustStore() + */ + @Override + public boolean isUseIDLTestTrustStore() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isUseAuthBlockTestTestStore() + */ + @Override + public boolean isUseAuthBlockTestTestStore() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBPKDecBpkDecryptionKey() + */ + @Override + public PrivateKey getBPKDecBpkDecryptionKey() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isPassivRequestUsedForInterfederation() + */ + @Override + public boolean isPassivRequestUsedForInterfederation() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isPerformLocalAuthenticationOnInterfederationError() + */ + @Override + public boolean isPerformLocalAuthenticationOnInterfederationError() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getStorkAPs() + */ + @Override + public Collection<StorkAttributeProviderPlugin> getStorkAPs() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getReversionsLoggingEventCodes() + */ + @Override + public List<Integer> getReversionsLoggingEventCodes() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isRemovePBKFromAuthBlock() + */ + @Override + public boolean isRemovePBKFromAuthBlock() { + // TODO Auto-generated method stub + return false; + } + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java new file mode 100644 index 000000000..b18425839 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java @@ -0,0 +1,634 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.servlet; + +import java.io.BufferedReader; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.PrintWriter; +import java.math.BigInteger; +import java.net.URL; +import java.security.InvalidKeyException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.SecureRandom; +import java.security.Security; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.InvalidParameterSpecException; +import java.util.Date; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.DHParameterSpec; +import javax.crypto.spec.DHPublicKeySpec; +import javax.security.cert.CertificateException; +import javax.security.cert.X509Certificate; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x509.BasicConstraints; +import org.bouncycastle.asn1.x509.Extension; +import org.bouncycastle.cert.X509CertificateHolder; +import org.bouncycastle.cert.X509v3CertificateBuilder; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.operator.ContentSigner; +import org.bouncycastle.operator.ContentVerifierProvider; +import org.bouncycastle.operator.OperatorCreationException; +import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; +import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder; +import org.bouncycastle.pkcs.PKCS10CertificationRequest; +import org.bouncycastle.pkcs.PKCSException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.Pair; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContainer; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.moduls.SSOManager; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; +import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.MiscUtil; +import net.glxn.qrgen.QRCode; +import net.glxn.qrgen.image.ImageType; + + + +/** + * @author tlenz + * + */ +//@WebServlet(name = "SSOTransferGUI", value = "/TransferSSOSession") +@Controller +public class SSOTransferServlet{ + + private static final long transmisionTimeOut = 90 * 1000; // default 90 secundes + + @Autowired SSOManager ssomanager; + @Autowired IAuthenticationSessionStoreage authenticationSessionStorage; + @Autowired SSOContainerUtils ssoTransferUtils; + @Autowired ITransactionStorage transactionStorage; + @Autowired IDPCredentialProvider idpCredentials; + @Autowired AuthConfiguration authConfig; + @Autowired IGUIFormBuilder guiBuilder; + + public SSOTransferServlet() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mapping {'/TransferSSOSession','/TransmitSSOSession'}" + + " Development-EndPoints: {'/TestTransferSSOSession','/TestTransmitSSOSession'}."); + } + + /** + * Only for development and debugging + * This methode create template QR and for the template service + * + * @param req + * @param resp + * @throws IOException + */ + @RequestMapping(value = { "/TestTransferSSOSession" + }, + method = {RequestMethod.GET}) + public void testTransferSSOSessionGUIWithoutAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + try { + //create first step of SSO Transfer GUI + String authURL = HTTPUtils.extractAuthURLFromRequest(req); + if (!AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().contains(authURL)) { + Logger.warn("Requested URL is not allowed.");; + resp.sendError(500, "Requested URL is not allowed."); + + } + + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, + null); + + internalCreateQRCodeForTransfer(resp, authURL, + "123456", "/TestTransmitSSOSession", config); + + } catch (MOAIDException | MOADatabaseException e) { + e.printStackTrace(); + resp.sendError(500, e.getMessage()); + + } catch (NoSuchAlgorithmException | InvalidParameterSpecException e) { + e.printStackTrace(); + resp.sendError(500, e.getMessage()); + + } catch (Exception e) { + e.printStackTrace(); + resp.sendError(500, e.getMessage()); + } + } + + /** + * Only for development and debugging + * This methode transfer personal information to smartphone + * + * @param req + * @param resp + * @throws IOException + */ + @RequestMapping(value = { "/TestTransmitSSOSession" + }, + method = {RequestMethod.GET, RequestMethod.POST}) + public void testTransferToPhone(HttpServletRequest req, HttpServletResponse resp) throws IOException { + Logger.debug("Receive " + this.getClass().getName() + " request"); + Object tokenObj = req.getParameter(SSOTransferConstants.REQ_PARAM_TOKEN); + if (tokenObj != null && tokenObj instanceof String) { + String token = (String)tokenObj; + try { + Logger.debug("Load token:" + token + " from storage."); + SSOTransferContainer container = transactionStorage.get(token, SSOTransferContainer.class, transmisionTimeOut * 1000); + if (container != null) { + AuthenticationSession moaSession = new AuthenticationSession("123456", new Date()); + + URL idlURL = new URL(FileUtils.makeAbsoluteURL( + authConfig.getMonitoringTestIdentityLinkURL(), + authConfig.getRootConfigFileDir())); + InputStream idlstream = idlURL.openStream(); + moaSession.setIdentityLink(new IdentityLinkAssertionParser(idlstream).parseIdentityLink()); + internalTransferPersonalInformation(req, resp, container, moaSession, true); + + } else { + Logger.info("Servlet " + getClass().getName() + " receive a token:" + + token + ", which references an empty data object."); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Empty data object."); + + } + + } catch (MOADatabaseException e) { + Logger.info("Servlet " + getClass().getName() + " receive a token:" + + token + ", which is UNKNOWN."); + resp.sendError(HttpServletResponse.SC_NOT_FOUND, "Transfer token is UNKOWN:"); + + + } catch (AuthenticationException e) { + Logger.info("Servlet " + getClass().getName() + " receive a token:" + + token + ", which has a timeout."); + resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Single Sign-On session transfer token is not valid any more."); + + } catch (OperatorCreationException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (CredentialsNotAvailableException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (PKCSException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (CertificateException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (InvalidKeyException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (NoSuchAlgorithmException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (InvalidKeySpecException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (SessionDataStorageException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (ParseException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (IllegalBlockSizeException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (BadPaddingException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (NoSuchPaddingException e) { + Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } + + } else { + Logger.info("Servlet " + getClass().getName() + " receive a NOT valid request."); + resp.sendError(HttpServletResponse.SC_NOT_FOUND, "Request not valid."); + + } + + } + + + @RequestMapping(value = { "/TransmitSSOSession" + }, + method = {RequestMethod.GET, RequestMethod.POST}) + public void transferToPhone(HttpServletRequest req, HttpServletResponse resp) throws IOException { + Logger.debug("Receive " + this.getClass().getName() + " request"); + + Object tokenObj = req.getParameter(SSOTransferConstants.REQ_PARAM_TOKEN); + if (tokenObj != null && tokenObj instanceof String) { + String token = (String)tokenObj; + try { + SSOTransferContainer container = transactionStorage.get(token, SSOTransferContainer.class, transmisionTimeOut); + if (container != null) { + AuthenticationSession moaSession = authenticationSessionStorage.getSession(container.getMoaSessionID()); + if (moaSession != null) { + internalTransferPersonalInformation(req, resp, container, moaSession, false); + + + } else { + Logger.info("Servlet " + getClass().getName() + " receive a token:" + + token + ", but the corresponding MOASession is empty"); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "No MOASession."); + + } + + } else { + Logger.info("Servlet " + getClass().getName() + " receive a token:" + + token + ", which references an empty data object."); + resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Empty data object."); + + } + + } catch (MOADatabaseException e) { + Logger.info("Servlet " + getClass().getName() + " receive a token:" + + token + ", which is UNKNOWN."); + resp.sendError(HttpServletResponse.SC_NOT_FOUND, "Transfer token is UNKOWN:"); + + + } catch (AuthenticationException e) { + Logger.info("Servlet " + getClass().getName() + " receive a token:" + + token + ", which has a timeout."); + resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Single Sign-On session transfer token is not valid any more."); + + } catch (OperatorCreationException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (CredentialsNotAvailableException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (PKCSException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (InvalidKeyException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (NoSuchAlgorithmException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (InvalidKeySpecException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + + } catch (SessionDataStorageException e) { + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + } catch (IllegalBlockSizeException e) { + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + } catch (BadPaddingException e) { + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + } catch (NoSuchPaddingException e) { + e.printStackTrace(); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + } + + + + } else { + Logger.info("Servlet " + getClass().getName() + " receive a NOT valid request."); + resp.sendError(HttpServletResponse.SC_NOT_FOUND, "Request not valid."); + + } + + + } + + + @RequestMapping(value = { "/TransferSSOSession" + }, + method = {RequestMethod.GET, RequestMethod.POST}) + public void transferSSOSessionGUI(HttpServletRequest req, HttpServletResponse resp) throws IOException { + //search SSO session + String ssoid = ssomanager.getSSOSessionID(req); + + try { + String authURL = HTTPUtils.extractAuthURLFromRequest(req); + if (!AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(). + contains(authURL)) { + Logger.warn("Requested URL is not allowed.");; + resp.sendError(500, "Requested URL is not allowed."); + + } + + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, + null); + + if (ssomanager.isValidSSOSession(ssoid, null)) { + //Object createQRObj = req.getParameter(SSOTransferConstants.REQ_PARAM_GENERATE_QR); + + //create first step of SSO Transfer GUI + + String moaSessionID = authenticationSessionStorage.getMOASessionSSOID(ssoid); + if (MiscUtil.isNotEmpty(moaSessionID)) { + AuthenticationSession authSession = authenticationSessionStorage.getSession(moaSessionID); + if(authSession != null) { + internalCreateQRCodeForTransfer(resp, authURL, + authSession.getSessionID(), + SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config); + + return; + } + } + + } + + config.putCustomParameter("errorMsg", + "No active Single Sign-On session found! SSO Session transfer is not possible."); + + guiBuilder.build(resp, config, "SSO-Transfer-Module"); + + } catch (MOAIDException | MOADatabaseException e) { + e.printStackTrace(); + resp.sendError(500, e.getMessage()); + + } catch (NoSuchAlgorithmException | InvalidParameterSpecException e) { + e.printStackTrace(); + resp.sendError(500, e.getMessage()); + + } catch (Exception e) { + e.printStackTrace(); + resp.sendError(500, e.getMessage()); + } + } + + private void internalTransferPersonalInformation(HttpServletRequest req, HttpServletResponse resp, + SSOTransferContainer container, AuthenticationSession moaSession, boolean developmentMode) throws IOException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, OperatorCreationException, CredentialsNotAvailableException, PKCSException, CertificateException, SessionDataStorageException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException { + Logger.debug(""); + JsonObject receivedData = getJSONObjectFromPostMessage(req, developmentMode); + + if (receivedData == null) { + Logger.warn("No data received"); + throw new IOException("No data received"); + + } + + String mobilePubKeyBase64 = receivedData.get( + SSOTransferConstants.SSOCONTAINER_KEY_DH_PUBKEY).getAsString(); + String mobileCSRBase64 = receivedData.get( + SSOTransferConstants.SSOCONTAINER_KEY_CSR).getAsString(); + + Logger.debug("Receive PubKey:" +mobilePubKeyBase64 + " | CSR:" + mobileCSRBase64); + + //finish DH key agreement + BigInteger mobilePubKey = new BigInteger(Base64Utils.decode(mobilePubKeyBase64, true)); + DHPublicKeySpec mobilePubKeySpec = new DHPublicKeySpec(mobilePubKey, + container.getDhParams().getF().getP(), + container.getDhParams().getF().getG()); + byte[] sharedSecret = ssoTransferUtils.getSecret(mobilePubKeySpec, container.getDhParams().getS()); + + //build ASE256 key + MessageDigest digest = MessageDigest.getInstance("SHA-256"); + digest.reset(); + byte[] hashedSecret = digest.digest(sharedSecret); + + //decrypt CSR + Logger.debug("Finished Diffie-Hellman key exchange. --> Starting CSR decryption ..."); + byte[] encryptedCSR = Base64Utils.decode(mobileCSRBase64, true); + Logger.debug("EncCSR:" + Base64Utils.encode(encryptedCSR) + " | Key:" + Base64Utils.encode(hashedSecret)); + + byte[] decryptedCSR = ssoTransferUtils.enOrDeCryptCSR(encryptedCSR, hashedSecret, Cipher.DECRYPT_MODE); + Logger.debug("DecCSR:" + Base64Utils.encode(decryptedCSR)); + Logger.debug("CSR decryption finished. --> Starting CSR validation and signing ..."); + + //generate certificate from CSR + X509Certificate mobileCert = signCSRWithMOAKey(decryptedCSR); + + Logger.debug("CSR validation finished. --> Starting personData generation ... "); + + moaSession.setGenericDataToSession( + SSOTransferConstants.MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE, + mobileCert.getEncoded()); + + //generate assertion + Date now = new Date(); + String personInformationToTransfer = + ssoTransferUtils.generateSignedAndEncryptedSSOContainer( + container.getAuthURL(), moaSession, now, hashedSecret); + Logger.debug("PersonData:" + personInformationToTransfer); + + //encrypt personal information + Logger.debug("PersonData generation finished. --> Starting personData encryption ... "); + + Logger.debug("Encrypt personData finished. --> Send token to device."); + resp.setContentType("text/html;charset=UTF-8"); + PrintWriter out = new PrintWriter(resp.getOutputStream()); + out.print(personInformationToTransfer); + out.flush(); + return; + + } + + private void internalCreateQRCodeForTransfer(HttpServletResponse resp, String authURL, + String moaSessionID, String servletEndPoint, DefaultGUIFormBuilderConfiguration config) throws Exception { + SSOTransferContainer container = new SSOTransferContainer(); + String token = Random.nextRandom(); + + container.setAuthURL(authURL); + container.setTokkenID(token); + container.setMoaSessionID(moaSessionID); + + //build Diffie-Hellman parameter for Data transfer + Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); + + //TODO: implement worker-thread to generate new parameters every day + //generate new DH parameters + //SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG-SP80090", "IAIK"); + //AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator.getInstance("DiffieHellman", "BC"); + //paramGen.init(1024, secureRandom ); // number of bits + //AlgorithmParameters params = paramGen.generateParameters(); + //DHParameterSpec dhSpec = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class); + //DHParameterSpec dhSpec = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class); + + //use predefined parameters + BigInteger prime = new BigInteger(Base64Utils.decode(SSOTransferConstants.DH_PRIME_BASE64, false)); + BigInteger generator = new BigInteger(Base64Utils.decode(SSOTransferConstants.DH_GENERATOR_BASE64, false)); + DHParameterSpec dhSpec = new DHParameterSpec(prime, generator, 1024); + + Pair<DHPublicKeySpec, PrivateKey> dhKeyIDP = ssoTransferUtils.createSpecificKey(dhSpec.getP(), dhSpec.getG()); + container.setDhParams(dhKeyIDP); + + //store container + transactionStorage.put(token, container); + + //build QR code + String containerURL = authURL + + servletEndPoint + + "?"+ SSOTransferConstants.REQ_PARAM_TOKEN + "=" + token; + + JsonObject qrResult = new JsonObject(); + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_TYPE, + SSOTransferConstants.SSOCONTAINER_VALUE_TYPE_PERSIST); + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_URL, + containerURL); + + //add DH parameters + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_DH_PUBKEY, + Base64Utils.encode(dhKeyIDP.getF().getY().toByteArray())); + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_DH_PRIME, + Base64Utils.encode(dhKeyIDP.getF().getP().toByteArray())); + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_DH_GENERATOR, + Base64Utils.encode(dhKeyIDP.getF().getG().toByteArray())); + + ByteArrayOutputStream qrStream = + QRCode.from(qrResult.toString()).to(ImageType.GIF).withSize(350, 350).stream(); + String base64EncodedImage = Base64Utils.encode(qrStream.toByteArray()); + config.putCustomParameter("QRImage", base64EncodedImage); + + config.putCustomParameter("successMsg", "Scan the QR-Code with your <i>SSO-Transfer App</i> to start the transfer operation."); + + + guiBuilder.build(resp, config, "SSO-Session Transfer-Module"); + + } + + private X509Certificate signCSRWithMOAKey(byte[] inputCSR) throws IOException, OperatorCreationException, PKCSException, CredentialsNotAvailableException, CertificateException { + PKCS10CertificationRequest csr = new PKCS10CertificationRequest(inputCSR); + + //validate CSR request + ContentVerifierProvider verifier = new JcaContentVerifierProviderBuilder().setProvider( + new BouncyCastleProvider()).build(csr.getSubjectPublicKeyInfo()); + csr.isSignatureValid(verifier); + + //build certificate with CSR + X500Name issuer = new X500Name("CN=IDP"); + BigInteger serial = new BigInteger(32, new SecureRandom()); + Date from = new Date(); + Date to = new Date(System.currentTimeMillis() + (SSOTransferConstants.CERT_VALIDITY * 86400000L)); + X509v3CertificateBuilder certgen = new X509v3CertificateBuilder(issuer, serial, from, to, csr.getSubject(), csr.getSubjectPublicKeyInfo()); + certgen.addExtension(Extension.basicConstraints, false, new BasicConstraints(false)); + //certgen.addExtension(Extension.subjectKeyIdentifier, false, SubjectKeyIdentifier.getInstance(csr.getSubjectPublicKeyInfo())); + + //build signer + ContentSigner sigGen = new JcaContentSignerBuilder("SHA1withRSA").build(idpCredentials.getIDPAssertionSigningCredential().getPrivateKey()); + + //sign certificate + X509CertificateHolder x509CertificateHolder = certgen.build(sigGen); + + return X509Certificate.getInstance(x509CertificateHolder.getEncoded()); + + + } + + private JsonObject getJSONObjectFromPostMessage(HttpServletRequest req, boolean developmentMode) { + //read POST request + StringBuffer sb = new StringBuffer(); + String receivedPostMessage = null; + + try { + BufferedReader reader = req.getReader(); + String line = null; + while ((line = reader.readLine()) != null) { + sb.append(line); + } + + receivedPostMessage = sb.toString(); + + } catch (IOException e) { + Logger.warn("Received POST-message produce an ERROR.", e); + Logger.info("Msg: " + receivedPostMessage); + + } + + JsonParser parser = new JsonParser(); + JsonObject receivedData = null; + Logger.debug("JSON POST msg: " + sb.toString()); + if (MiscUtil.isNotEmpty(receivedPostMessage)) { + receivedData = (JsonObject) parser.parse(sb.toString()); + + } else if (developmentMode && MiscUtil.isNotEmpty(req.getParameter("blob"))) { + receivedData = (JsonObject) parser.parse(req.getParameter("blob")); + + } + + return receivedData; + + } + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java new file mode 100644 index 000000000..e92925dfb --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java @@ -0,0 +1,101 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.servlet; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.advancedlogging.TransactionIDUtils; +import at.gv.egovernment.moa.id.auth.servlet.AbstractProcessEngineSignalController; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Controller +public class SSOTransferSignalServlet extends AbstractProcessEngineSignalController { + public SSOTransferSignalServlet() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + " with mappings '/SSOTransferEndpoint'."); + + } + + @RequestMapping(value = { "/SSOTransferSignalEndpoint" + }, + method = {RequestMethod.POST, RequestMethod.GET}) + public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException { + signalProcessManagement(req, resp); + + } + + @Override + protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException { + String pendingRequestID = StringEscapeUtils.escapeHtml(getPendingRequestId(req)); + IRequest pendingReq = null; + try { + if (pendingRequestID == null) { + throw new IllegalStateException("Unable to determine MOA pending-request id."); + } + + pendingReq = requestStorage.getPendingRequest(pendingRequestID); + if (pendingReq == null) { + Logger.info("No PendingRequest with Id: " + pendingRequestID + " Maybe, a transaction timeout occure."); + throw new MOAIDException("auth.28", new Object[]{pendingRequestID}); + + } + + //add transactionID and unique sessionID to Logger + TransactionIDUtils.setSessionId(pendingReq.getUniqueSessionIdentifier()); + TransactionIDUtils.setTransactionId(pendingReq.getUniqueTransactionIdentifier()); + + // process instance is mandatory + if (pendingReq.getProcessInstanceId() == null) { + throw new IllegalStateException("MOA session does not provide process instance id."); + } + + // wake up next task + processEngine.signal(pendingReq); + + } catch (Exception ex) { + handleError(null, ex, req, resp, pendingReq); + + } finally { + //MOASessionDBUtils.closeSession(); + TransactionIDUtils.removeTransactionId(); + TransactionIDUtils.removeSessionId(); + + } + + + } +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java new file mode 100644 index 000000000..be27de9a1 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java @@ -0,0 +1,115 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.task; + +import java.math.BigInteger; +import java.security.PrivateKey; + +import javax.crypto.spec.DHParameterSpec; +import javax.crypto.spec.DHPublicKeySpec; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.Pair; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContainer; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; + +/** + * @author tlenz + * + */ +@Component("InitializeRestoreSSOSessionTask") +public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask { + + @Autowired IGUIFormBuilder guiBuilder; + @Autowired SSOContainerUtils ssoTransferUtils; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, + HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + + try { + //create first step of SSO Transfer GUI + String authURL = HTTPUtils.extractAuthURLFromRequest(request); + if (!AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(). + contains(authURL)) { + Logger.warn("Requested URL is not allowed.");; + response.sendError(500, "Requested URL is not allowed."); + + } + + //use predefined parameters + BigInteger prime = new BigInteger(Base64Utils.decode(SSOTransferConstants.DH_PRIME_BASE64, false)); + BigInteger generator = new BigInteger(Base64Utils.decode(SSOTransferConstants.DH_GENERATOR_BASE64, false)); + DHParameterSpec dhSpec = new DHParameterSpec(prime, generator, 1024); + + Pair<DHPublicKeySpec, PrivateKey> dhKeyIDP = ssoTransferUtils.createSpecificKey(dhSpec.getP(), dhSpec.getG()); + String nonce = Random.nextLongRandom(); + + GUIUtils.buildSSOTransferGUI(guiBuilder, response, authURL, + pendingReq.getRequestID(), nonce, dhKeyIDP.getF()); + + //store DH params and nonce to pending-request + SSOTransferContainer container = new SSOTransferContainer(); + container.setDhParams(dhKeyIDP); + pendingReq.setGenericDataToSession(SSOTransferConstants.PENDINGREQ_DH, container); + pendingReq.setGenericDataToSession(SSOTransferConstants.PENDINGREQ_NONCE, nonce); + + //store pending-request + requestStoreage.storePendingRequest(pendingReq); + + //set flag + executionContext.put("sessionRestoreFinished", false); + + } catch (MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (Exception e) { + Logger.error(this.getClass().getName() + " has an interal Error.", e); + throw new TaskExecutionException(pendingReq, this.getClass().getName() + " has an interal Error.", e); + + } + + + } + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java new file mode 100644 index 000000000..dd133e4fb --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java @@ -0,0 +1,306 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.task; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.PrintWriter; +import java.math.BigInteger; +import java.security.MessageDigest; + +import javax.crypto.Cipher; +import javax.crypto.spec.DHPublicKeySpec; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.BooleanUtils; +import org.joda.time.DateTime; +import org.opensaml.saml2.core.Response; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; + +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContainer; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; +import iaik.x509.X509Certificate; + +/** + * @author tlenz + * + */ +@Component("RestoreSSOSessionTask") +public class RestoreSSOSessionTask extends AbstractAuthServletTask { + + @Autowired SSOContainerUtils ssoTransferUtils; + @Autowired IGUIFormBuilder guiBuilder; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, + HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + + Logger.debug("Receive " + this.getClass().getName() + " request"); + + StringBuffer sb = new StringBuffer(); + String receivedPostMessage = null; + String authURL =null; + try { + BufferedReader reader = request.getReader(); + String line = null; + while ((line = reader.readLine()) != null) { + sb.append(line); + } + + receivedPostMessage = sb.toString(); + + } catch (IOException e) { + Logger.warn("Received POST-message produce an ERROR.", e); + + } + + String nonce = pendingReq.getGenericData(SSOTransferConstants.PENDINGREQ_NONCE, String.class); + SSOTransferContainer container = pendingReq.getGenericData( + SSOTransferConstants.PENDINGREQ_DH, SSOTransferContainer.class); + if (container == null) { + throw new TaskExecutionException(pendingReq, "NO DH-Params in pending-request", + new MOAIDException("NO DH-Params in pending-request", null)); + + } + + + if (MiscUtil.isNotEmpty(receivedPostMessage)) { + Logger.debug("Receive POST-Message data. Start data-validation process ... "); + JsonObject responseMsg = new JsonObject(); + try { + Logger.debug("Unformated Msg:" + receivedPostMessage); + + JsonParser parser = new JsonParser(); + JsonObject receivedData = (JsonObject) parser.parse(sb.toString()); + + JsonObject receivedSession = receivedData.get( + SSOTransferConstants.SSOCONTAINER_KEY_SESSION).getAsJsonObject(); + + Logger.debug("Received Session-Object:"+ receivedSession.toString()); + + String signature = receivedData.get( + SSOTransferConstants.SSOCONTAINER_KEY_SIGNATURE).getAsString(); + String mobilePubKeyBase64 = receivedData.get( + SSOTransferConstants.SSOCONTAINER_KEY_DH_PUBKEY).getAsString(); + + String respNonce = receivedSession.get( + SSOTransferConstants.PENDINGREQ_NONCE).getAsString(); + String encSessionBlobBase64 = receivedSession.get( + SSOTransferConstants.SSOCONTAINER_KEY_BLOB).getAsString(); + + Logger.debug("Receive PubKey:" +mobilePubKeyBase64 + + " | SessionBlob:" + encSessionBlobBase64 + + " | Nonce:" + respNonce + + " | Signature:" + signature + + " | SignedData:" + receivedSession.toString()); + + if (MiscUtil.isEmpty(respNonce) || !respNonce.equals(nonce)) { + Logger.warn("Received 'nonce':" + respNonce + + " does not match to stored 'nonce':" + nonce); + throw new TaskExecutionException(pendingReq, "Received 'nonce':" + respNonce + + " does not match to stored 'nonce':" + nonce, + new MOAIDException("Received 'nonce':" + respNonce + " does not match to stored 'nonce':" + nonce, null)); + + } + + + //finish DH key agreement + BigInteger mobilePubKey = new BigInteger(Base64Utils.decode(mobilePubKeyBase64, true)); + DHPublicKeySpec mobilePubKeySpec = new DHPublicKeySpec(mobilePubKey, + container.getDhParams().getF().getP(), + container.getDhParams().getF().getG()); + byte[] sharedSecret = ssoTransferUtils.getSecret(mobilePubKeySpec, container.getDhParams().getS()); + + //build ASE256 key + MessageDigest digest = MessageDigest.getInstance("SHA-256"); + digest.reset(); + byte[] hashedSecret = digest.digest(sharedSecret); + + //decrypt CSR + Logger.debug("Finished Diffie-Hellman key exchange. --> Starting SessionBlob decryption ..."); + byte[] encryptedSessionBlob = Base64Utils.decode(encSessionBlobBase64, true); + Logger.debug("EncSessionBlob:" + Base64Utils.encode(encryptedSessionBlob) + " | Key:" + Base64Utils.encode(hashedSecret)); + + byte[] sessionBlobArray = ssoTransferUtils.enOrDeCryptCSR(encryptedSessionBlob, hashedSecret, Cipher.DECRYPT_MODE); + String sessionBlob = new String(sessionBlobArray, "UTF-8"); + Logger.debug("DecSessionBlob:" + sessionBlob); + + //parse SAML2 assertion + Response ssoInformation = ssoTransferUtils.validateReceivedSSOContainer(sessionBlob); + + //validate signature + AssertionAttributeExtractor attributeExtractor = new AssertionAttributeExtractor(ssoInformation); + String holderOfKeyCertBase64 = attributeExtractor.getSingleAttributeValue(PVPConstants.PVP_HOLDEROFKEY_NAME); + byte[] holderOfKeyCertEncoded = Base64Utils.decode(holderOfKeyCertBase64, false); + X509Certificate holderOfKeyCert = new X509Certificate(holderOfKeyCertEncoded); + Logger.debug("Found HolderOfKey Certificate:" + holderOfKeyCert.getSubjectDN().toString()); + + + //TODO: implement Signature validation + + Logger.debug("MobileDevice is valid. --> Starting session reconstruction ..."); + + + //session is valid --> load MOASession object + try { + defaultTaskInitialization(request, executionContext); + + } catch (MOAIDException | MOADatabaseException e1) { + Logger.error("Database Error! MOASession is not stored!"); + throw new TaskExecutionException(pendingReq, "Load MOASession FAILED.", e1); + + } + + //transfer SSO Assertion into MOA-Session + ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moasession, attributeExtractor); + + // store MOASession into database + try { + authenticatedSessionStorage.storeSession(moasession); + + } catch (MOADatabaseException e) { + Logger.error("Database Error! MOASession is not stored!"); + throw new MOAIDException("init.04", new Object[] { + moasession.getSessionID()}); + } + + executionContext.put(SSOTransferConstants.FLAG_SSO_SESSION_RESTORED, true); + executionContext.put("sessionRestoreFinished", false); + + + responseMsg.addProperty( + SSOTransferConstants.SSOCONTAINER_KEY_STATUS, + "OK"); + response.setStatus(HttpServletResponse.SC_OK); + response.setContentType("text/html;charset=UTF-8"); + PrintWriter out = new PrintWriter(response.getOutputStream()); + out.print(responseMsg.toString()); + out.flush(); + + +// Logger.info("Received SSO session-data is from IDP: " + entityID +// + ". Start inderfederation process to restore SSO session ... "); +// //change to inderfederated session reconstruction +// +// Logger.warn("Device Session Transfer with interfederation is not implemented, yet!!!!"); + + + + } catch (Exception e) { + Logger.error("Parse reveived JSON data-object " + sb.toString() + " FAILED!", e); + //throw new TaskExecutionException(pendingReq, "JSON data is not parseable.", e); + try { + responseMsg.addProperty( + SSOTransferConstants.SSOCONTAINER_KEY_STATUS, + "FAILED"); + response.setStatus(HttpServletResponse.SC_OK); + response.setContentType("text/html;charset=UTF-8"); + PrintWriter out = new PrintWriter(response.getOutputStream()); + out.print(responseMsg.toString()); + out.flush(); + } catch (IOException e1) { + e1.printStackTrace(); + + } + } + + } else { + Logger.debug("Reveive NO POST-message data. Start check-session process ... "); + + boolean isSSOSessionRestored = + BooleanUtils.isTrue((Boolean) executionContext.get(SSOTransferConstants.FLAG_SSO_SESSION_RESTORED)); + + if (isSSOSessionRestored) { + Logger.info("Found restored SSO session. Resume authentication process ..."); + executionContext.remove(SSOTransferConstants.FLAG_SSO_SESSION_RESTORED); + executionContext.put("sessionRestoreFinished", true); + + } else { + //session is valid --> load MOASession object + try { + defaultTaskInitialization(request, executionContext); + + } catch (MOAIDException | MOADatabaseException e1) { + Logger.error("Database Error! MOASession is not stored!"); + throw new TaskExecutionException(pendingReq, "Load MOASession FAILED.", e1); + + } + + DateTime moaSessionCreated = new DateTime(moasession.getSessionCreated().getTime()); + if (moaSessionCreated.plusMinutes(1).isBeforeNow()) { + Logger.warn("No SSO session-container received. Stop authentication process after time-out."); + throw new TaskExecutionException(pendingReq, "No SSO container received from smartphone app.", + new MOAIDException("No SSO container received from smartphone app.", null)); + + } else { + Logger.debug("No restored SSO session found --> Wait a few minutes and check again."); + executionContext.put("sessionRestoreFinished", false); + + try { + //create first step of SSO Transfer GUI + authURL = HTTPUtils.extractAuthURLFromRequest(request); + if (!AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(). + contains(authURL)) { + Logger.warn("Requested URL is not allowed.");; + response.sendError(500, "Requested URL is not allowed."); + + } + + GUIUtils.buildSSOTransferGUI(guiBuilder, response, + authURL, pendingReq.getRequestID(), nonce, container.getDhParams().getF()); + + } catch (IOException | MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + + } + } + } + } + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java new file mode 100644 index 000000000..13a278d1d --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java @@ -0,0 +1,120 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; + +import javax.crypto.spec.DHPublicKeySpec; +import javax.servlet.http.HttpServletResponse; + +import com.google.gson.JsonObject; + +import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIFormBuilder; +import at.gv.egovernment.moa.id.auth.frontend.exception.GUIBuildException; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; +import net.glxn.qrgen.QRCode; +import net.glxn.qrgen.image.ImageType; + +/** + * @author tlenz + * + */ +public class GUIUtils { + public static final int REFESH_TIMEOUT = 5 * 1000; //5 sec + + public static void buildSSOTransferGUI( + IGUIFormBuilder guiBuilder, HttpServletResponse httpResp, + String authURL, String pendingReqID) throws ConfigurationException, IOException { + buildSSOTransferGUI(guiBuilder, httpResp, authURL, pendingReqID, null, null); + + } + + /** + * @param guiBuilder + * @param response + * @param authURL + * @param requestID + * @param nonce + * @param dhKeyIDP + * @throws ConfigurationException + * @throws IOException + */ + public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletResponse response, String authURL, + String requestID, String nonce, DHPublicKeySpec dhKeyIDP) throws ConfigurationException, IOException { + try { + String containerURL = authURL + + SSOTransferConstants.SERVLET_SSOTRANSFER_FROM_SMARTPHONE + + "?" + MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID + "=" + requestID; + + + + + JsonObject qrResult = new JsonObject(); + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_TYPE, + SSOTransferConstants.SSOCONTAINER_VALUE_TYPE_TRANSER); + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_URL, containerURL); + + if (MiscUtil.isNotEmpty(nonce)) + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_NONCE, nonce); + + if (dhKeyIDP != null) { + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_DH_PUBKEY, + Base64Utils.encode(dhKeyIDP.getY().toByteArray())); + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_DH_PRIME, + Base64Utils.encode(dhKeyIDP.getP().toByteArray())); + qrResult.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_DH_GENERATOR, + Base64Utils.encode(dhKeyIDP.getG().toByteArray())); + + } + + ByteArrayOutputStream qrStream = + QRCode.from(qrResult.toString()).to(ImageType.GIF).withSize(350, 350).stream(); + String base64EncodedImage = Base64Utils.encode(qrStream.toByteArray()); + + DefaultGUIFormBuilderConfiguration config = new DefaultGUIFormBuilderConfiguration( + authURL, + DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, + null); + + config.putCustomParameter("QRImage", base64EncodedImage); + config.putCustomParameter("successMsg", "Select the SSO Session in your <i>SSO-Transfer App</i> and scan the QR-Code to start the process."); + config.putCustomParameter("timeoutURL", containerURL); + config.putCustomParameter("timeout", REFESH_TIMEOUT); + + guiBuilder.build(response, config, "SSO-Transfer-Module"); + + } catch (GUIBuildException e) { + Logger.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage(), e); + throw new ConfigurationException("builder.09", new Object[]{e.getMessage()}, e); + + } + + } +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java new file mode 100644 index 000000000..0785f767b --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java @@ -0,0 +1,553 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.StringWriter; +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.KeyFactory; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.cert.CertificateException; +import java.security.spec.InvalidKeySpecException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.List; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.KeyAgreement; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.DHParameterSpec; +import javax.crypto.spec.DHPublicKeySpec; +import javax.crypto.spec.SecretKeySpec; +import javax.xml.XMLConstants; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.TransformerFactoryConfigurationError; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.joda.time.DateTime; +import org.opensaml.Configuration; +import org.opensaml.saml2.core.Assertion; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.AuthnContextClassRef; +import org.opensaml.saml2.core.Issuer; +import org.opensaml.saml2.core.NameID; +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.saml2.core.SubjectConfirmationData; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.encryption.EncryptionException; +import org.opensaml.xml.io.Marshaller; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.io.Unmarshaller; +import org.opensaml.xml.io.UnmarshallerFactory; +import org.opensaml.xml.io.UnmarshallingException; +import org.opensaml.xml.parse.BasicParserPool; +import org.opensaml.xml.parse.XMLParserException; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.SecurityHelper; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureException; +import org.opensaml.xml.signature.SignatureValidator; +import org.opensaml.xml.signature.Signer; +import org.opensaml.xml.validation.ValidationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; + +import com.google.gson.JsonObject; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.Pair; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferAuthenticationData; +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferOnlineApplication; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.data.MISMandate; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.util.BpkUtil; +import iaik.x509.X509Certificate; + +/** + * @author tlenz + * + */ +@Service("SSOContainerUtils") +public class SSOContainerUtils { + + private static final String PVP_HOLDEROFKEY_NAME = PVPConstants.URN_OID_PREFIX + + "1.2.40.0.10.2.1.1.261.xx.xx"; + + public static final List<String> REQUIRED_ATTRIBUTES; + static { + List<String> tmp = new ArrayList<String>(); + tmp.add(PVPConstants.EID_AUTH_BLOCK_NAME); + tmp.add(PVPConstants.EID_IDENTITY_LINK_NAME); + tmp.add(PVPConstants.EID_ISSUING_NATION_NAME); + tmp.add(PVPConstants.EID_SIGNER_CERTIFICATE_NAME); + tmp.add(PVPConstants.EID_SOURCE_PIN_NAME); + tmp.add(PVPConstants.EID_SOURCE_PIN_TYPE_NAME); + tmp.add(PVPConstants.MANDATE_REFERENCE_VALUE_NAME); + tmp.add(PVPConstants.MANDATE_FULL_MANDATE_NAME); + tmp.add(PVPConstants.MANDATE_TYPE_NAME); + tmp.add(PVPConstants.MANDATE_PROF_REP_OID_NAME); + tmp.add(PVPConstants.MANDATE_PROF_REP_DESC_NAME); + tmp.add(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME); + + //TODO: change to final definition + tmp.add(PVP_HOLDEROFKEY_NAME); + + REQUIRED_ATTRIBUTES = Collections.unmodifiableList(tmp); + } + + @Autowired IDPCredentialProvider credentials; + @Autowired SAMLVerificationEngineSP samlVerificationEngine; + @Autowired AuthConfiguration authConfig; + + public void parseSSOContainerToMOASessionDataObject(IRequest pendingReq, AuthenticationSession moasession, AssertionAttributeExtractor attributeExtractor) throws AssertionAttributeExtractorExeption, ConfigurationException { +// AssertionAttributeExtractor attributeExtractor = new AssertionAttributeExtractor(ssoInformation); + + //TODO: maybe change to correct URL + //set dummy BKU URLx + moasession.setBkuURL("http://egiz.gv.at/sso_session-transfer_app"); + + + String qaaLevel = attributeExtractor.getSingleAttributeValue(PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME); + if (MiscUtil.isNotEmpty(qaaLevel)) { + if (qaaLevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) + moasession.setQAALevel(qaaLevel); + else + moasession.setQAALevel(PVPConstants.STORK_QAA_PREFIX + qaaLevel); + + + } else { + Logger.warn("SSO session-container contains NO QAA-level"); + + } + + String authBlock = attributeExtractor.getSingleAttributeValue(PVPConstants.EID_AUTH_BLOCK_NAME); + if (MiscUtil.isNotEmpty(authBlock)) + moasession.setAuthBlock(authBlock); + else + Logger.warn("SSO session-container contains NO AuthBlock"); + + try { + String signerCert = attributeExtractor.getSingleAttributeValue(PVPConstants.EID_SIGNER_CERTIFICATE_NAME); + if (MiscUtil.isNotEmpty(signerCert)) + moasession.setSignerCertificate(new X509Certificate(Base64Utils.decode(signerCert, false))); + else + Logger.warn("SSO session-container contains NO SignerCertificate"); + + } catch (CertificateException | IOException e) { + Logger.error("SignerCertificate is not parseable.", e); + + } + + String idlStr = attributeExtractor.getSingleAttributeValue(PVPConstants.EID_IDENTITY_LINK_NAME); + try { + if (MiscUtil.isNotEmpty(idlStr)) { + IdentityLinkAssertionParser idlParser = new IdentityLinkAssertionParser(Base64Utils.decodeToStream(idlStr, false)); + moasession.setIdentityLink(idlParser.parseIdentityLink()); + + } else { + Logger.warn("SSO session-container contains NO IdentityLink"); + throw new AssertionAttributeExtractorExeption("SSO session-container contains NO IdentityLink"); + + } + + } catch (ParseException e) { + Logger.error("IdentityLink is not parseable.", e); + throw new AssertionAttributeExtractorExeption("IdentityLink is not parseable."); + + } + + + String mandateRefValue = attributeExtractor.getSingleAttributeValue(PVPConstants.MANDATE_REFERENCE_VALUE_NAME); + if (MiscUtil.isNotEmpty(mandateRefValue)) { + moasession.setMandateReferenceValue(mandateRefValue); + moasession.setUseMandate("true"); + Logger.info("Found mandate information in SSO session-container."); + + try { + MISMandate mandate = new MISMandate(); + + String mandateFull = attributeExtractor.getSingleAttributeValue(PVPConstants.MANDATE_FULL_MANDATE_NAME); + if (MiscUtil.isNotEmpty(mandateFull)) { + mandate.setMandate(Base64Utils.decode(mandateFull, false)); + + } else { + Logger.warn("No Full-Mandate information found in SSO session-container."); + + } + + String oid = attributeExtractor.getSingleAttributeValue(PVPConstants.MANDATE_PROF_REP_OID_NAME); + if (MiscUtil.isNotEmpty(oid)) + mandate.setProfRep(oid ); + + NodeList mandateElements = mandate.getMandateDOM().getChildNodes(); + for (int i=0; i<mandateElements.getLength(); i++) { + Element mandateEl = (Element) mandateElements.item(i); + if (mandateEl.hasAttribute("OWbPK")) { + mandate.setOWbPK(mandateEl.getAttribute("OWbPK")); + } + } + + moasession.setMISMandate(mandate); + + } catch (IOException e) { + Logger.error("Full-Mandate information is not parseable.", e); + + } + } + + + + + + } + + public Response validateReceivedSSOContainer(String signedEncryptedContainer) throws IOException, XMLParserException, UnmarshallingException, MOAIDException { + final BasicParserPool ppMgr = new BasicParserPool(); + final HashMap<String, Boolean> features = new HashMap<String, Boolean>(); + features.put(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); + ppMgr.setBuilderFeatures(features); + ppMgr.setNamespaceAware(true); + + Document document = ppMgr.parse(new ByteArrayInputStream(signedEncryptedContainer.getBytes())); + Element domElement = document.getDocumentElement(); + + UnmarshallerFactory saml2UnmarshallerFactory = Configuration.getUnmarshallerFactory(); + Unmarshaller saml2Unmarshaller = saml2UnmarshallerFactory.getUnmarshaller(domElement); + XMLObject responseXMLObj = saml2Unmarshaller.unmarshall(domElement); + + if (responseXMLObj instanceof Response) { + Response ssoContainer = (Response) responseXMLObj; + + try { + SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator(); + sigValidator.validate(ssoContainer.getSignature()); + + } catch (ValidationException e) { + Logger.error("Failed to validate Signature", e); + throw new SAMLRequestNotSignedException(e); + } + + Credential credential = credentials.getIDPAssertionSigningCredential(); + if (credential == null) { + throw new NoCredentialsException("moaID IDP"); + } + + SignatureValidator sigValidator = new SignatureValidator(credential); + try { + sigValidator.validate(ssoContainer.getSignature()); + + } catch (ValidationException e) { + Logger.error("Failed to verfiy Signature", e); + throw new SAMLRequestNotSignedException(e); + } + + if (ssoContainer.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { + + //validate PVP 2.1 assertion + samlVerificationEngine.validateAssertion(ssoContainer, false, + credentials.getIDPAssertionEncryptionCredential(), + ssoContainer.getIssuer().getValue(), + "SSO-Session Transfer module", + false); + return ssoContainer; + + } else { + Logger.debug("Receive StatusCode " + ssoContainer.getStatus().getStatusCode().getValue() + + " from interfederated IDP."); + throw new MOAIDException("SSO Container has a not valid Status Code", null); + + } + + } else { + Logger.warn("SSO Container is not of type SAML2 Response"); + throw new MOAIDException("SSO Container is not of type SAML2 Response", null); + + } + } + + + public String generateSignedAndEncryptedSSOContainer(String authURL, + AuthenticationSession authSession, Date date, byte[] hashedSecret) { + try { + String entityID = PVPConfiguration.getInstance().getIDPSSOMetadataService(authURL); + AuthnContextClassRef authnContextClassRef = SAML2Utils + .createSAMLObject(AuthnContextClassRef.class); + authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel()); + + NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class); + String random = Random.nextLongRandom(); + try { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] hash = md.digest((random).getBytes("ISO-8859-1")); + subjectNameID.setValue(Base64Utils.encode(hash)); + subjectNameID.setNameQualifier(null); + subjectNameID.setFormat(NameID.TRANSIENT); + + } catch (Exception e) { + Logger.warn("PVP2 subjectNameID error", e); + + } + + SubjectConfirmationData subjectConfirmationData = SAML2Utils + .createSAMLObject(SubjectConfirmationData.class); + long maxSSOSessionTime = AuthConfigurationProviderFactory.getInstance().getSSOCreatedTimeOut() * 1000; + Date ssoSessionValidTo = new Date(authSession.getSessionCreated().getTime() + maxSSOSessionTime); + subjectConfirmationData.setNotOnOrAfter(new DateTime(ssoSessionValidTo.getTime())); + + String sessionIndex = SAML2Utils.getSecureIdentifier(); + + IAuthData authData = new SSOTransferAuthenticationData(authConfig, authSession); + + Assertion assertion = PVP2AssertionBuilder.buildGenericAssertion( + entityID, + entityID, + new DateTime(date.getTime()), + authnContextClassRef, + buildSSOAttributeForTransfer(authSession, authData), + subjectNameID, + subjectConfirmationData, + sessionIndex, + subjectConfirmationData.getNotOnOrAfter()); + + //build blob with signed session information + String ssoDataBlob = buildSSOContainerObject(entityID, assertion, new DateTime(date.getTime())); + Logger.debug("Unencrypted SessionBlob:" + ssoDataBlob); + + //encrypt session information with ephemeral key + byte[] encPersonData = enOrDeCryptCSR(ssoDataBlob.getBytes(), hashedSecret, Cipher.ENCRYPT_MODE); + String encAndEncodedPersonalData = Base64Utils.encode(encPersonData); + Logger.debug("Encrypted SessionBlob:" + encAndEncodedPersonalData); + + //build JSON response + JsonObject container = new JsonObject(); + container.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_TYPE, SSOTransferConstants.SSOCONTAINER_VALUE_TYPE_SSO); + container.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_VALIDTO, subjectConfirmationData.getNotOnOrAfter().toString()); + container.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_ENTITYID, entityID); + container.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_USERID, authData.getGivenName() + " " + authData.getFamilyName()); + + container.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_SESSION, encAndEncodedPersonalData); + container.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_UNIQUEUSERID, + BpkUtil.calcBPK(authData.getIdentificationValue(), "AB")); + + //TODO + container.addProperty(SSOTransferConstants.SSOCONTAINER_KEY_RESULTENDPOINT, "https://demo.egiz.gv.at"); + + return container.toString(); + + } catch (ConfigurationException | EncryptionException | CredentialsNotAvailableException | SecurityException | ParserConfigurationException | MarshallingException | SignatureException | TransformerFactoryConfigurationError | TransformerException | IOException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) { + Logger.warn("SSO container generation FAILED.", e); + } + + return null; + } + + public byte[] enOrDeCryptCSR(byte[] binBlob, byte[] binSecret, int mode) throws IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException { + byte[] decrypted = null; + SecretKeySpec skeySpec = new SecretKeySpec(binSecret, "AES"); + Cipher cipher = Cipher.getInstance("AES"); + cipher.init(mode, skeySpec); + decrypted = cipher.doFinal(binBlob); + + return decrypted; + } + + public Pair<DHPublicKeySpec, PrivateKey> createSpecificKey(BigInteger p, BigInteger g) throws Exception { + KeyPairGenerator kpg = KeyPairGenerator.getInstance("DiffieHellman"); + + DHParameterSpec param = new DHParameterSpec(p, g); + kpg.initialize(param); + KeyPair kp = kpg.generateKeyPair(); + + KeyFactory kfactory = KeyFactory.getInstance("DiffieHellman"); + + Pair<DHPublicKeySpec, PrivateKey> pair = new Pair<DHPublicKeySpec, PrivateKey>( + (DHPublicKeySpec) kfactory.getKeySpec(kp.getPublic(), DHPublicKeySpec.class), kp.getPrivate()); + return pair; + + } + + public byte[] getSecret(DHPublicKeySpec kspectrans, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException { + KeyAgreement aKeyAgree = KeyAgreement.getInstance("DiffieHellman"); + aKeyAgree.init(privateKey); + + KeyFactory kfactory = KeyFactory.getInstance("DiffieHellman"); + PublicKey pub = kfactory.generatePublic(kspectrans); + aKeyAgree.doPhase(pub, true); + + byte[] secretKey = aKeyAgree.generateSecret(); + return secretKey; + + } + + private String buildSSOContainerObject(String entityID, Assertion assertion, DateTime date) throws ConfigurationException, EncryptionException, CredentialsNotAvailableException, SecurityException, ParserConfigurationException, MarshallingException, SignatureException, TransformerFactoryConfigurationError, TransformerException, IOException { + Response authResponse = SAML2Utils.createSAMLObject(Response.class); + + Issuer nissuer = SAML2Utils.createSAMLObject(Issuer.class); + + //change to entity value from entity name to IDP EntityID (URL) + nissuer.setValue(entityID); + nissuer.setFormat(NameID.ENTITY); + authResponse.setIssuer(nissuer); + + //set responseID + String remoteSessionID = SAML2Utils.getSecureIdentifier(); + authResponse.setID(remoteSessionID); + + + //SAML2 response required IssueInstant + authResponse.setIssueInstant(date); + authResponse.setStatus(SAML2Utils.getSuccessStatus()); + + //encrypt container +// X509Credential encryptionCredentials = credentials.getIDPAssertionEncryptionCredential(); +// EncryptionParameters dataEncParams = new EncryptionParameters(); +// dataEncParams.setAlgorithm(PVPConstants.DEFAULT_SYM_ENCRYPTION_METHODE); +// +// List<KeyEncryptionParameters> keyEncParamList = new ArrayList<KeyEncryptionParameters>(); +// KeyEncryptionParameters keyEncParam = new KeyEncryptionParameters(); +// +// keyEncParam.setEncryptionCredential(encryptionCredentials); +// keyEncParam.setAlgorithm(PVPConstants.DEFAULT_ASYM_ENCRYPTION_METHODE); +// KeyInfoGeneratorFactory kigf = Configuration.getGlobalSecurityConfiguration() +// .getKeyInfoGeneratorManager().getDefaultManager() +// .getFactory(encryptionCredentials); +// keyEncParam.setKeyInfoGenerator(kigf.newInstance()); +// keyEncParamList.add(keyEncParam); +// +// Encrypter samlEncrypter = new Encrypter(dataEncParams, keyEncParamList); +// //samlEncrypter.setKeyPlacement(KeyPlacement.INLINE); +// samlEncrypter.setKeyPlacement(KeyPlacement.PEER); +// +// EncryptedAssertion encryptAssertion = null; +// +// encryptAssertion = samlEncrypter.encrypt(assertion); +// authResponse.getEncryptedAssertions().add(encryptAssertion); + + //add unencrypted assertion + authResponse.getAssertions().add(assertion); + + //sign container + Credential signingCredential = credentials.getIDPAssertionSigningCredential(); + Signature signature = AbstractCredentialProvider.getIDPSignature(signingCredential); + + SecurityHelper.prepareSignatureParams(signature, signingCredential, null, null); + authResponse.setSignature(signature); + + DocumentBuilder builder; + DocumentBuilderFactory factory = DocumentBuilderFactory + .newInstance(); + + builder = factory.newDocumentBuilder(); + Document document = builder.newDocument(); + Marshaller out = Configuration.getMarshallerFactory() + .getMarshaller(authResponse); + out.marshall(authResponse, document); + + Signer.signObject(signature); + + Transformer transformer = TransformerFactory.newInstance() + .newTransformer(); + + StringWriter sw = new StringWriter(); + StreamResult sr = new StreamResult(sw); + DOMSource source = new DOMSource(document); + transformer.transform(source, sr); + sw.close(); + + return sw.toString(); + + } + + private static List<Attribute> buildSSOAttributeForTransfer(AuthenticationSession authSession, IAuthData authData) { + List<Attribute> attrList = new ArrayList<Attribute>(); + + IOAAuthParameters oaParam = new SSOTransferOnlineApplication(); + + for (String el : REQUIRED_ATTRIBUTES) { + try { + Attribute attr = PVPAttributeBuilder.buildAttribute( + el, oaParam, authData); + if (attr != null) + attrList.add(attr); + else + Logger.info("SSO-Transfer attribute " + el + " is empty!"); + + } catch (Exception e) { + Logger.info("Build SSO-Transfer attribute " + el + " FAILED:" + e.getMessage()); + + } + } + + return attrList; + } + +} diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..b0744b49b --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransfer.authmodule.beans.xml b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransfer.authmodule.beans.xml new file mode 100644 index 000000000..1a8709e15 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransfer.authmodule.beans.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"> + + <context:annotation-config /> + + <bean id="ssoTransferAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferAuthModuleImpl"> + <property name="priority" value="1" /> + </bean> + +</beans> diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthentication.process.xml b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthentication.process.xml new file mode 100644 index 000000000..e7d98c8c8 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthentication.process.xml @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="SSOTransferAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + +<!-- + STORK authentication both with C-PEPS supporting xml signatures and with C-PEPS not supporting xml signatures. +--> + <pd:Task id="initializeRestoreSSOSessionTask" class="InitializeRestoreSSOSessionTask" /> + <pd:Task id="restoreSSOSessionTask" class="RestoreSSOSessionTask" async="true" /> + <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" /> + + <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. --> + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="initializeRestoreSSOSessionTask" /> + <pd:Transition from="initializeRestoreSSOSessionTask" to="restoreSSOSessionTask"/> + + <pd:Transition from="restoreSSOSessionTask" to="restoreSSOSessionTask" conditionExpression="!ctx['sessionRestoreFinished']"/> + <pd:Transition from="restoreSSOSessionTask" to="finalizeAuthentication" /> + + <pd:Transition from="finalizeAuthentication" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/moaid_ssotransfer_auth.beans.xml b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/moaid_ssotransfer_auth.beans.xml new file mode 100644 index 000000000..4a4af4ac5 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/moaid_ssotransfer_auth.beans.xml @@ -0,0 +1,34 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + + <bean id="SSOContainerUtils" + class="at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils"/> + + + <bean id="SSOTransferSignalServlet" + class="at.gv.egovernment.moa.id.auth.modules.ssotransfer.servlet.SSOTransferSignalServlet"/> + + + <bean id="SSOTransferServlet" + class="at.gv.egovernment.moa.id.auth.modules.ssotransfer.servlet.SSOTransferServlet"/> + + +<!-- Federated Authentication Process Tasks --> + <bean id="RestoreSSOSessionTask" + class="at.gv.egovernment.moa.id.auth.modules.ssotransfer.task.RestoreSSOSessionTask" + scope="prototype"/> + + <bean id="InitializeRestoreSSOSessionTask" + class="at.gv.egovernment.moa.id.auth.modules.ssotransfer.task.InitializeRestoreSSOSessionTask" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/sso_transfer_template.html b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/sso_transfer_template.html new file mode 100644 index 000000000..962faa58f --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/resources/sso_transfer_template.html @@ -0,0 +1,447 @@ +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <style type="text/css"> + @media screen and (min-width: 650px) { + + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: center; + background-color: #6B7B8B; + } + + #page { + display: block; + border: 2px solid rgb(0,0,0); + width: 650px; + height: 460px; + margin: 0 auto; + margin-top: 5%; + position: relative; + border-radius: 25px; + background: rgb(255,255,255); + } + + #page1 { + text-align: center; + } + + #main { + /* clear:both; */ + position:relative; + margin: 0 auto; + width: 250px; + text-align: center; + } + + .OA_header { + /* background-color: white;*/ + font-size: 20pt; + margin-bottom: 25px; + margin-top: 25px; + } + + #leftcontent { + /*float:left; */ + width:250px; + margin-bottom: 25px; + text-align: left; + /*border: 1px solid rgb(0,0,0);*/ + } + + #leftcontent { + width: 300px; + margin-top: 30px; + } + + h2#tabheader{ + font-size: 1.1em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 100px; + height: 30px + } + + #leftbutton { + width: 30%; + float:left; + margin-left: 40px; + } + + #rightbutton { + width: 30%; + float:right; + margin-right: 45px; + text-align: right; + } + + button { + height: 25px; + width: 75px; + margin-bottom: 10px; + } + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } + + } + + @media screen and (max-width: 205px) { + #localBKU p { + font-size: 0.6em; + } + + #localBKU input { + font-size: 0.6em; + min-width: 60px; + /* max-width: 65px; */ + min-height: 1.0em; + /* border-radius: 5px; */ + } + + } + + @media screen and (max-width: 249px) and (min-width: 206px) { + #localBKU p { + font-size: 0.7em; + } + + #localBKU input { + font-size: 0.7em; + min-width: 70px; + /* max-width: 75px; */ + min-height: 0.95em; + /* border-radius: 6px; */ + } + + } + + @media screen and (max-width: 299px) and (min-width: 250px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 75px; */ + /* border-radius: 6px; */ + } + + } + + @media screen and (max-width: 399px) and (min-width: 300px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 75px; */ + /* border-radius: 6px; */ + } + + } + + @media screen and (max-width: 649px) and (min-width: 400px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 80px; */ + /* border-radius: 6px; */ + } + + } + + + + @media screen and (max-width: 649px) { + + body { + margin:0; + padding:0; + color : #000; + text-align: center; + font-size: 100%; + background-color: #MAIN_BACKGOUNDCOLOR#; + } + + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; + display: none; + } + + .OA_header { + margin-bottom: 0px; + margin-top: 0px; + font-size: 0pt; + visibility: hidden; + } + + #leftcontent { + visibility: visible; + margin-bottom: 0px; + text-align: left; + border:none; + vertical-align: middle; + min-height: 173px; + min-width: 204px; + + } + + input[type=button] { +/* height: 11%; */ + width: 70%; + } + } + + * { + margin: 0; + padding: 0; + font-family: #FONTTYPE#; + } + + #selectArea { + padding-top: 10px; + padding-bottom: 55px; + padding-left: 10px; + } + + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + #leftbutton { + width: 35%; + float:left; + margin-left: 15px; + } + + #rightbutton { + width: 35%; + float:right; + margin-right: 25px; + text-align: right; + } + +/* input[type=button], .sendButton { + background: #BUTTON_BACKGROUNDCOLOR#; + color: #BUTTON_COLOR#; +/* border:1px solid #000; */ +/* cursor: pointer; +/* box-shadow: 3px 3px 3px #222222; */ +/* } + +/* button:hover, button:focus, button:active, + .sendButton:hover , .sendButton:focus, .sendButton:active, + #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { + background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; + color: #BUTTON_COLOR#; +/* border:1px solid #000; */ +/* cursor: pointer; +/* box-shadow: -1px -1px 3px #222222; */ +/* } + +*/ + input { + /*border:1px solid #000;*/ + cursor: pointer; + } + + #localBKU input { +/* color: #BUTTON_COLOR#; */ + border: 0px; + display: inline-block; + + } + + #localBKU input:hover, #localBKU input:focus, #localBKU input:active { + text-decoration: underline; + } + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + + .selectText{ + + } + + .selectTextHeader{ + + } + + .sendButton { + width: 30%; + margin-bottom: 1%; + } + + #leftcontent a { + text-decoration:none; + color: #000; + /* display:block;*/ + padding:4px; + } + + #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { + text-decoration:underline; + color: #000; + } + + .infobutton { + background-color: #005a00; + color: white; + font-family: serif; + text-decoration: none; + padding-top: 2px; + padding-right: 4px; + padding-bottom: 2px; + padding-left: 4px; + font-weight: bold; + } + + .hell { + background-color : #MAIN_BACKGOUNDCOLOR#; + color: #MAIN_COLOR#; + } + + .dunkel { + background-color: #HEADER_BACKGROUNDCOLOR#; + color: #HEADER_COLOR#; + } + + .main_header { + color: black; + font-size: 32pt; + position: absolute; + right: 10%; + top: 40px; + + } + + #alert { + margin: 100px 250px; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 14px; + font-weight: normal; + color: red; + } + + .reqframe { + /*display: none;*/ + visibility: hidden; + + } + + </style> + + #if($timeoutURL) + <script type="text/javascript"> + function sloTimeOut() { + window.location.href="$timeoutURL"; + + } + + </script> + #end + + + <title>Single Sign-On Session Transfer</title> +</head> + +#if($timeoutURL) + <body onload='setTimeout(sloTimeOut, $timeout);'> +#else + <body> +#end + <noscript> + <p> + <strong>Note:</strong> Since your browser does not support + JavaScript, you must press the Continue button to resume + the authentication process after the SSO session transfer from smartphone to application is complete. + </p> + + <a href="$timeoutURL">Press this link to resume</a> + </noscript> + + <div id="page"> + <div id="page1" class="case selected-case" role="main"> + <h2 class="OA_header" role="heading">MOA-ID Single Sign-On Session Transfer Service</h2> + <div id="main"> + <div id="leftcontent" class="hell" role="application"> + + #if($errorMsg) + <div class="alert"> + <p>$errorMsg</p> + </div> + #end + + #if($successMsg) + <div> + <p>$successMsg</p> + </div> + #end + + #if($QRImage) + <div> + <img src="data:image/gif;base64,$QRImage"> + </div> + #end + + </div> + </div> + </div> + <div id="validation"> + <a href="http://validator.w3.org/check?uri="> <img + style="border: 0; width: 88px; height: 31px" + src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> + </a> <a href="http://jigsaw.w3.org/css-validator/"> <img + style="border: 0; width: 88px; height: 31px" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" + alt="CSS ist valide!" /> + </a> + </div> + </div> + +</body> +</html>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/test/java/at/gv/egiz/tests/Tests.java b/id/server/modules/moa-id-module-ssoTransfer/src/test/java/at/gv/egiz/tests/Tests.java new file mode 100644 index 000000000..0eb71ec92 --- /dev/null +++ b/id/server/modules/moa-id-module-ssoTransfer/src/test/java/at/gv/egiz/tests/Tests.java @@ -0,0 +1,83 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the \"Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egiz.tests; + +import com.google.gson.JsonObject; + +import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; + +/** + * @author tlenz + * + */ +public class Tests { + + /** + * @param args + */ + public static void main(String[] args) { +// String json = +// "{\"data\":{\"session\":{\"validTo\":\"2015-10-09T10:55:34.738Z\",\"entityID\":\"https://demo.egiz.gv.at/demoportal_moaid-2.0\",\"userID\":\"Thomas Georg Lenz\",\"sessionBlob\":\"PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJl\\u000ac3BvbnNlIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4w\\u000aOnByb3RvY29sIiBJRD0iXzQ5ZjgzMDIyZjRkZjFjODMyMDNlZGU1NTQxZDY1ODU4\\u000aIiBJc3N1ZUluc3RhbnQ9IjIwMTUtMTAtMDlUMTA6MzU6NTEuMDI0WiIgVmVyc2lv\\u000abj0iMi4wIj48c2FtbDI6SXNzdWVyIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFt\\u000aZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBGb3JtYXQ9InVybjpvYXNpczpuYW1l\\u000aczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSI+aHR0cHM6Ly9kZW1v\\u000aLmVnaXouZ3YuYXQvZGVtb3BvcnRhbF9tb2FpZC0yLjA8L3NhbWwyOklzc3Vlcj48\\u000aZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5\\u000aL3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1l\\u000adGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4\\u000aYy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8v\\u000ad3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRz\\u000aOlJlZmVyZW5jZSBVUkk9IiNfNDlmODMwMjJmNGRmMWM4MzIwM2VkZTU1NDFkNjU4\\u000aNTgiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRw\\u000aOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVy\\u000aZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8y\\u000aMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2Vz\\u000adE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1s\\u000aZW5jI3NoYTI1NiIvPjxkczpEaWdlc3RWYWx1ZT44eE9qNmlYVzhIQzk5UGhETEZ0\\u000aOVp0M205VWliaVdrdHMzaWVQTS9CZlFZPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpS\\u000aZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5mNjM2\\u000aYjVBeGx6THdUL0I1SmdLdnhNN0haK1lEZGVldUdaRUlxc05KdHdiN05TVFhlbVFC\\u000aTExObDlJTk1aUW1Ybkx3ektCc0pra0tGTXl3MkpsNXVYcWlHWVBzMExTWTNiWTdj\\u000aTTZoeHpDaGdVVHRMWXlPcE9qemxxbE5CN2FKTVpZWU10Q2phcWNqSmxVM0wxTjBv\\u000aYUJ5QlRjaTRHdjd5TUJkdE9nRElHNVVpVEppVmVNOURZcUowZFVaZDNRcG1BK0Zm\\u000aUm10WFVzaVRzU0N0b3lWVHlXYTJWemJweTZxcDMwWkZSTU03LzU0Q0NWZHIvaDZW\\u000aTnZCQ1YydkFEMWdZaUg5VG41aTRSRmRWMFBKNTkrNS9HYXVUMm1HSVRUVmNreVk2\\u000aRlJQSjI2MUV0bmdScE8xK1FYRDZwQVZBM2V6Rm9ZbkkyQ2dYdHQ2K2EyTkV3cnBO\\u000aaHc9PTwvZHM6U2lnbmF0dXJlVmFsdWU+PGRzOktleUluZm8+PGRzOlg1MDlEYXRh\\u000aPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJREZUQ0NBZjBDQkZVQm5MNHdEUVlKS29a\\u000aSWh2Y05BUUVMQlFBd1R6RUxNQWtHQTFVRUJoTUNRVlF4RFRBTEJnTlZCQWNNQkVk\\u000aeQpZWG94RFRBTEJnTlZCQW9NQkVWSFNWb3hJakFnQmdOVkJBTU1HVTFQUVMxSlJD\\u000aQkpSRkFnS0ZSbGMzUXRWbVZ5YzJsdmJpa3dIaGNOCk1UVXdNekV5TVRRd016UXlX\\u000aaGNOTVRjeE1qQTFNVFF3TXpReVdqQlBNUXN3Q1FZRFZRUUdFd0pCVkRFTk1Bc0dB\\u000aMVVFQnd3RVIzSmgKZWpFTk1Bc0dBMVVFQ2d3RVJVZEpXakVpTUNBR0ExVUVBd3da\\u000aVFU5QkxVbEVJRWxFVUNBb1ZHVnpkQzFXWlhKemFXOXVLVENDQVNJdwpEUVlKS29a\\u000aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSUp2MHFlOVVkdkZZU0w1STAy\\u000aR29rd0VWZnNJR2M3STdFaFZOT3hZCjltdFVlbm1ocU5yTHNMQkZnMUlpUGJrMElT\\u000aV2hPUndQeVZwL1AzK0d5R1AzMzlxWjY4VUNHVjM2MUUwUW03Y2pQZS9PMytyM0hB\\u000aTTIKWkJOOG9BWm9IbXBock5TNmZLZlk1OGt5Z3RyVWErWnlNellXVFRpUzMyU0NN\\u000aOEg1NWJsdUVGYmVaa3NuYlAwWTk0SWprZkpkZ3Z6bApNeHpybFN5b1YyeW1XQmp2\\u000aUzV3ZWxESGdiQ0t5anNqSWhUUmpKdS9vbEdKeWVuMDEvRXBJVnRTeURYTy8ySVMy\\u000adjJPOVVpRndBb3lCCllBalBubDNIeEsyQTU3N25SNjNNeGxnUDAvcytyODR1QnFP\\u000aQWxiNHFuYnBVN2x1NUd4bENQa1ptcFJvb0NRWVVSaW9DK3dqUzZsTUMKQXdFQUFU\\u000aQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFCcU83a2txL2dSYWhBdnBzUWc1TExa\\u000aUk9HRnI5cElQcnlOOXhtSkdnUG83agpLTmw3cnM3Z05TMGxtdWx1WVdXbkpjd0FQ\\u000aYndGZWI5NTRWTUI5eDlwOVFFdzVSblhhbVVZOXFhMExnY1MvdC9XWDZ2SmtaUE5o\\u000aV3BoCjhiWHdoME12bHNiZnJ2RFRKcjhjakgzcWZ4SVRwN3BhM3hiMXFFN3N1UmZm\\u000aVlVkRFhhd2lYWG5XSi9XSnIrdHdWVkhIRXFuWnoxbEEKclNETHhNOHNDakc4RGVK\\u000adzh2blF5NW1QR3JHVlRCYmE0dXBjOFVUWTFuUFY5VTJHQkpWWXVBa29WUmpiVGxO\\u000adnJMNUpxTnF5cEtjRwpiZWpqV3hncnpaa2VRZVUyaEZjanVubWd3R1ordWcyZnE0\\u000aa0trUWZ0d2NxZUpUenl6Qm9vMitPbzRUbWZic2gvb254UFdBPT08L2RzOlg1MDlD\\u000aZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25h\\u000adHVyZT48c2FtbDJwOlN0YXR1cz48c2FtbDJwOlN0YXR1c0NvZGUgVmFsdWU9InVy\\u000abjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2Ft\\u000abDJwOlN0YXR1cz48c2FtbDI6RW5jcnlwdGVkQXNzZXJ0aW9uIHhtbG5zOnNhbWwy\\u000aPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48eGVuYzpF\\u000abmNyeXB0ZWREYXRhIHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEv\\u000aMDQveG1sZW5jIyIgSWQ9Il8zZmQzNTg5MmU5YThlYWNiOGUwOGYyODBhODNmY2I3\\u000aNCIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjRWxlbWVu\\u000adCI+PHhlbmM6RW5jcnlwdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cu\\u000adzMub3JnLzIwMDEvMDQveG1sZW5jI2FlczEyOC1jYmMiIHhtbG5zOnhlbmM9Imh0\\u000adHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIvPjxkczpLZXlJbmZvIHht\\u000abG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6\\u000aUmV0cmlldmFsTWV0aG9kIFR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQv\\u000aeG1sZW5jI0VuY3J5cHRlZEtleSIgVVJJPSIjX2E3NDBjZjA5MTViZDE1MmRiNzRk\\u000aMDNjZDQ1NzUyMTM3Ii8+PC9kczpLZXlJbmZvPjx4ZW5jOkNpcGhlckRhdGEgeG1s\\u000abnM6eGVuYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjIj48eGVu\\u000aYzpDaXBoZXJWYWx1ZT43R0hKY0NYYXlzME1pY2ZvYXc3cnFNeTZ1bUQyd0FEQmtH\\u000aOThKclJ2UUdMczJneTBOSWFvSlM2SWM1Z254RXBNcUZHZ2ZLNHBBWGxRUVh3K1h6\\u000aY0RNaURhY2tqS1c5ckptNTh0b3dxNmFEbWVIU2doTTRDVzhVb1RaQlFlazVvY1dU\\u000aNmRIT3hPVzFFOFUrTXprTEg1NjVXUWxLYkdHamVSSGNzb3V3MXFuNk1XS01EU0V4\\u000aRzQrZERzSVliMk1uaEc3OEh6TDNZK0VMVG40TWd1cXF4bmpTVC9rRkpTK2dSMm93\\u000aL2tHVHN2ZnlLWmdMZUVYTzRpVHlNM2RzRk1Ma05rM0tHSHVHRmhGeUxycUR3Sko2\\u000aTmY5OVZRTmlDZDlrUnpxOE1qWklpNWQ0SjlhSmgvRk93NFI0TXAveCsvaC9hYVhk\\u000acDVyQ09CcUVaZ3FZUXlqT2FIMlAxRHR0VkU5SU5xS2w1OXh5ZTJaR0tDd1p5TTgr\\u000adWdSRnVDbTJ2RFlRSUx1T1RTaVNpbkJsNnBpLzFYRktNL1lVbTRJMXA0N21LNDlE\\u000aeW9Ia0lBaUk0NjQ2ejNJZ0tMZTBnaFlQYUlvTHhNcDE1ZE83RHRDQzhsZnYwb3Qx\\u000aYVdvTy9TcGpXaVJiOEhCaXdleGxTdHV4dVorUGVqZDlzUS9neTNFOFp1MWJXRmsv\\u000aTDVrNTZqUTAxZStIcEdORW5FSml1c1RHWldMRTZBY1lvd1NCeEZidC9RUHhGTlhh\\u000aRFBmcmlGRGZMK1RuMngyc2Rwb1RlMVpZM1JnZXo5b1Y2QUtJQWZZWC8zMllsT0NK\\u000aTlV5Myt4OU5teHljOFdKNTBjQ2RTd3ZuNTRBc1Z2U0xYRi9sbHIwQmh2cWRWQ0dP\\u000aTy82WGQvdEtpblFPWHdmeEJBMDVJZSs5MFZhU1J2NGFrRXJ4dHhrekVIeXB3R01j\\u000aVStieTYybDh5Q2Qya01vMnpQK0hmZ3NkTU9Ba2hrbDUvRXB2NVdiZGMzeElKRUhK\\u000aOVptbitUdGNWR2FiOHNPeSsyblIwQWNwZDJxeVIvNkNUd3dodk5nbXF1TldiLy9P\\u000aaGNxdDMvR1dPZkt0NGhrRnQxeGE2allTSXVoNHVWMHJqcENvK21ISFk4ZFZaTGZ6\\u000aNE9oR3dpNGd4bDBlV3hYUWF3UGpMWlI5RzdpQ1NCT2ZPV0d5bkdydklKSFF2VUJD\\u000aUVUwLzh3eFNxRmkxcVdQVXN2ZWtxV012SFpYTGdMMGZNYUJEa1ZZTm5YT2FlalJU\\u000aVHNZeENZc1AxYlRCNDY5ZytjRkQ1bEd0VDErTi95S3dKOUJTTGhaenhzRVhVWkhG\\u000aQ1NJTk1vTTlnaVF4TzI2L0VLUENMdXp2bnkyN3orNWdxcURkVzhlVUFCUmEyeFpp\\u000aZ204YmFkSllGWE12dkdDUVBjcmhiN3c1c3dSL2I1TXNiZXV4L3F0RFQ4R3VWcUNG\\u000ac3JDL3E4MlZpOUd5b3VCWDdGRk50UWhWRDFFVWtCQWZTYWE2UDhKU2VPdE01TVYr\\u000aV21OcGJrQ0U2M2hZS2g4cHN5MUdMdlRZRVA3Slh3TmNIWXlmS3FtdXk5S1dOVmUv\\u000aT2JPZTM5azhCWE5tWE9DejRJay93ajZqaU1DWEsrblhwdTBZQ1Z2ODJXM1BMeGlR\\u000ab1liRURMMjNHV05sNFFHQzQ1dE45WUpwK29CSGZjRStmUHk4S1FrOFBDK0s4SFFr\\u000aK21HV3NkTVUxUitTaTExY0VYdzBKTTRTczJzTWpZb05tQXd6a2RvRHliVkdnK3B3\\u000aSnUrUmFmaEJrSmpIU0FMeVQ3Y1R3dncrOW56S1BIdUhvWW5wSTRLQSt6U2xrYkUr\\u000aQ0dSbzd1MUxXVFl0cGZTYnFtd1NjYVlxU01WaTZ5QVdkRnoyS001LzlkVHB6alBY\\u000aNGhOZW82ZE96eVRHUkFMVnVUZi9Ma0RqaElqWGJ0Z2J6ZnU0aWdrWXg3Q2d1RnZ0\\u000abVlkTEhNSE4yRnFOTkN1UWk2bTJLUGYyUG5HdmVrSFVwMEJYZ3NEOUhkZFJtNHBF\\u000aYnE1VEsvV05RTzBuS0g0M1owOU9NcWZZbHEybk5mTi84ZnMyTjc1c2h5NmtheElK\\u000aL0FZUlNkOUU5M1VjOWJmV2FIeUwraWNNTE1GelU5MytMZlhpREkyWDVScEVtSnFB\\u000aSUMwVlJ0NWtXdnlVNGVlWnhOdE8zWUtxUnN2YVo0dzhnZ0I3dkxheFFKUWtnMWhs\\u000acVAzQzhDQW5HWnkrdDR5alRVejA1LzlpQi9HRk1DdDNteEpPajUvaVdTOTZRRW54\\u000aVm8wdVYvYzhDRFd6OERHYzYvLzFBQzBWS0VmaGRsSmFGOHg1NzVHNTI2dHoxTVln\\u000aMHBaaitNRzlsRUxkNm12d011cVE3VEVZdEYyN0Y4Vk5iQ29ZWXUraDhJTCs1Y0Vr\\u000acnBjakUzMm9MbWx4ZjBjNnpZaDhwa3FsVTR2RHlQeGJJcm50WkFPcThMUzk5Vktr\\u000aUjdFL0w5OXNoZUxqd3I0bTJtQ21CZ2tGZVZhVG1Ca00vSFd4MUNEYjlIcVM0N25Z\\u000aSWJaQW94ampIK0QzR1EweXlES1R3aG1iSXNHMFQ4Ry96eStRR0pmNkg2MXg0M1ZJ\\u000abkNwRkxmQjNiQUNJay9OanhCeFdheGVwMXRMMTRBSlRMZlROTnA3K3dCT016THhm\\u000aSHBjSUlWT2dOeXJ6UVk2Q0x6eXlDM2hub212a0hadFJ2WmpBYmExMmJSZ3VoTUJX\\u000aOFZiaHNKMmZaekZ3TXp0amxzSEkwREc2OGs1R0JDemFDQVRPZlBBWnFPN2lEQ2JC\\u000aMW1KSEgzTmxvQ2xuL1pTY01rOUVqTERyTndIWHZ4ZEFTRFMwS1RrZVNxS21TZm54\\u000aUWlSQ3lLNjhrSEZNc0trUTRYS3JKZjZGMWRreVYrL3NFdzRsS1FFYW52VkVVSTJx\\u000aUExDSVZnVWVkQVFaeFAxeVp0dDA1V2ptSUdhZnhQMldWNE9PYm8vTGFaamo0YW9H\\u000aNjNxWkdGdGJyWUt4TVc1Ny9RL0ZkbjN5TUpmUlkxVGU0UCtpTTNHUjNRcU1QeVMr\\u000aZWZDMlRDNk9pYithOHZ2SVcxTFI4OGV0V2t4SHJzMEpVcVRpM1ZEY1lXNEcwUHVn\\u000aTFhsZEYwWVVod1RLaTlOUjZmWTNXMXBTQUlNRGYvbk5hcVBIUnNLVWU4Z3pwcll3\\u000aOUdWLytXWjkrNUxEQnYzWmNKVGlLcllOcG1TUHl2MDdvNWx2Mmo2MXJtaEdsQVJ6\\u000aODJzWlhDUzA5K0lyaUpmVUg4bko0NFRFUk8wb1pBd2RxZWhEVmQ2YzZIV044dlJI\\u000aeEVJZWhmeXJhUVZ5Q3FlQkU3d3VPcXZFSmI2R0Urc1czNlBMNGFwT2ZMcCtISU5V\\u000aMkRhbVBrWHJWdVV6Q1dWZWlXaGIzSVBPNk81WkNENVp5RHlQc0liV3RuMnc2bnpI\\u000aU3EyUDhOdmZZRHhTcmM2YlU1aThoQ0FOZFdudTliMWJia0tXTXhUazhjamQ2bk8w\\u000aN1FtZnJFZGJCQ1ptWmh6blJ2cmRYMDdHSXo0YXhtM0Z2UHBtazBvZ1FaUzBieDd1\\u000aSWhFTDhGR2ozQW9lSllpOFB0dFA3NmFKaTRPYndlUmhlWVE2L1p0NHlPcXhabUph\\u000aMEFnTjJieTlpT1kyZ2tLclg2RTY1UWMzM2Q0Wlh6aXdDc1BsNVlGQmY1bG9ndGFE\\u000acXFVU0p1TEQyUEMyZEZNeDAzaGkrcUpSNmxPZ3ozYjJrM3dUTjhGTjJBMnQycHo2\\u000aNjJSS3IyQVRuSklrZkdndHVTcFlicGdab05VL0pheS9qMERWMXRaMkFmODdsUU43\\u000ablphdmF0YjVvbWx1Vi8yU3ZVYk5rbW1HdUhrTmFjQnNuTjIza3FOTEFrMmZvQ0xZ\\u000aT1FZaG5uQm1ZTUdYdS9tOG9haXdmUzhxRlZyYllTc0tKSWpLU1ptaFZBU3hXa01t\\u000aT3lSVUcrYkhlQ3RuT3ljWmlhb25XZElvbFUzT2hJMi9JTkpDSUNzQjJNWGhtNkpa\\u000aOEFtcUlqSGQxR1JvVElRTDlFNlBUbGF1MVB5dDhmbnl0aERac2R5L1dmMGU2SGRy\\u000abXJleXBiaE5PYTh4NUF4ckhaRGxjemttaUJyOHEzU0dYU1JVWUt0YndGUk5DZjFX\\u000aYkVyci9uN3duVmlZOENiS0wxZGJzMzlDNmtaVGlUVE16b1NCaFVKcW0xeUpHZUM3\\u000aT2pLRC9VNUFUK2NmOXV3c2hVNDhKZHNUNDVOWjJnOFNkL21xODlyTFBRVTAxNG9h\\u000aNUhRbzV4bEkvaldPUE1MM0R3MmtFVkkyZ3R0eG5HamExVk9aZVlJSGM1amJWenBx\\u000aSDMxZ2ZNYkZLTTNqNHRyaFVKVmFyM29ZWndZWnR6c1IyNmg5NWxIVlNNQzJ2MGZH\\u000aZ29nRFBMYzROejFtelNUNzQ2OFFTeVJJTzZtOTVTOTV3UWxiWXFoRzhMLzJsZW13\\u000aS1JNMUNUSGVUeVFjQlRNb1lrdU9wNFRZaVlXZzAwMjlXelNyMkhCUlFXZm9zNzc0\\u000abWlBbjBEQWtxcysybzFOdUtjTmU3cVFmY1Vnd2lHNzZJK1FZcEZPbkJSeUh1d1px\\u000acHR1WmpKTWV5amtZWC9wRE5VRkxYMmNWRGgrT0FSRUFaT3NBSVlPbnU1OWZnRHVB\\u000aM2RrOVNHMGVIclNXVkR2dU5yTDJiWm1hUXJxQmZ4bXRaall2Q0lmdDFXcmQvUkFo\\u000aeUs4bEFMNWFJZ1pZajV4WjBtV2hXd2hHTFBKNXBnMXpCeHFmZ2hyNzhRSVBQNGEr\\u000aT3YwU21qTmdwbVNQQzc4d2RPNVh6N3NzeU1mUC9uWkhVZEVJbUNqUGVMM2lJalhn\\u000aVVY1SjRnckc1cWY3WHZJQzBpNGZBdktnZ01LYXFYWGRZclBCZzFWQm5vR3BNVWZm\\u000aUU9Wa29pcjNjL2hYNWxlN1BoQlp3OVlWaEN3UDg2VU1oeGFmclp6blQzbnVUV0lL\\u000aRUMxOWVXNDJSak0wU3V2dWlreFY0L1o1UUhxcUtvNmRPamJZL1NKR1FQU1VWczdx\\u000aU3owNks1bTF4Q3Mybk51QWR2V0lVS25leE1oRUxsRTVGbGJQVkZ0Nkc3d0dLNUxv\\u000aNkV0bVZPWnE3bXpxWS84RHdUMnpUbm1UbW1lZEdIZDlUUWRCM1gxU2orUHlFRDFr\\u000aT01kYUkvVlVOWCt4bFlmUkd4RHF1Rlp2YmdTVSsxaDJHSjQ5M3VsYk9KVmJjeXpP\\u000acFFmTks5UTNNNEp2V1hPRVUzT2NPVkMwbkZGUUVEbDFEZ2h2Wldoeit6dy9sZkg1\\u000ab3UvV0kvOUpmKzB6ajJNNDE2YytTbkpneCtaSVZUd0lTQlhDc1NicW5tbG54ZE9a\\u000aSnhrbElrWXlwMGVNZ0RkTzZscHdTbXlLc21KMFVaM3ZPUFRuQXBxdTROeUxLOXUw\\u000aNzFZRVB5WUhWWnRXOUdITm5LM3RvZm5TVVZpMSsrVEx5bDY4aWRqS0RCa2hFVWNy\\u000aeWU5QkFhak1VR3VSc00zQ0RNZGlrSEd6eDVwM2RoeGIwczJTcGhxREhFLzJMSlBj\\u000aU2kyQkFVWTA1WXNDUytiWDgzb3VESDRXSmozZDM0NFFTcnFwQnk0ek11UHJPdWdT\\u000aRWo1a1Z1MjhMT1RKcnZPL09jbmxoTUYvWndielBRVVI5TmhUV21GOFV4WEE0Vjd0\\u000aK2RQNDVnTFFvYnNnVHY4MXkrUDVuTnZ2alNtL2I3aVpzZXJhV0VaSHlwNGo0bis0\\u000aSWJJTmZrcXVYVG9pcTlyVHFvZFdyemN4TkJCdDBOMTFtRWpwM2ZvYjJiVFU5QkVn\\u000aalZlTHRFSGxqVFJJV1ovK1IvTHpTaXRJL241MlNvTUI4RlVZc2lXQzF3WVBOY2lR\\u000aeEJYdFRNZ2xLY3NiVkUyN0dxSEtueDVkMlVHSE9iQVVIOGpKdmVaZUNRYVExWEZu\\u000aZ1ROdXVNcVBzdERaSFNPQ1pWVXhJajkyQTFUNkVTaFo3cTY1VjhadFEwNmdYb3dB\\u000ab1ZDc2xjaUJEZHZwUEZCL2FlV3hjbHc3cFZBQ2xBQ0ltVmhMRG5YNEtGWUNIUE5n\\u000ac2FLYU9ua05SVVZSc0Vad1pad2x2bklRdXpBRW9KTmtremd3Z2dtdHgyL09EK0NY\\u000aaVlLdE5pT3hHWDlKZEUveVovUk9qbHlSNUo5Q09CL3JNMmdlY0FWZ2dmcXQ4RUc5\\u000aQUJNVHZhN3RpVHF0M2Q4V2NjREV5S1F0aTlySXhoNWZVWGkwbTFrNlJGblNEajZN\\u000aRXZBNjBULzRJY1hPUERtYTJ2WU9EZ0NBS21IMWtnNzY1dDI4MFNtcFNnMFlnQUpV\\u000adkphSXlsdGY4VWhPWE9DdE1RaXdEVlVjSCtDTHBiSXh4a25Pa2Q5K1hYNDU3bm1j\\u000adjc5S0FMbzRjbEp0RWpqS3h1aUIrK1ZwNGxzRVlENkI2RVkzMjJiNmk4ZExkQkJu\\u000aZ0JKdXUwMDFBSjlWUFlIWlJBeDNRNDh4UU11dUp3WWdZNmlEV3hzY3lheDdENkxu\\u000aS2czbnBaYmhmVzRlc1l2NjBqdkhTNDZwem1lSlVKVmNmVUFFeWQ4azFXK3huWHFi\\u000aN1dxRFRGNXhaTHgrZHRlQk90UmR5U1NIR2cvcUhQNEFvZ3VSc2JvVFU5OEJqOWIy\\u000aSysvSEU0ZTIveDk2bkg3VzRlU0tGRGsxaWxoNk9EckE5SE1uQ3h1QWFxZXB5VTFo\\u000aRGNsZjNEVXdGamdRR3Vnb29TNHpITElvbnpxVFVjcTRzcC9SZ0YzRk00TGxpL2NC\\u000aTDdSbTYxMHZBYUprcmZWRG1JZGZ0NHd0SVVTVysyRGtoQ2lyb21LL3RLckZUbC96\\u000aTk5HMGpBTmo3SjllRWhQaE9kdzFVMHRlN3ZlakVwMGRLb09NRkRTSTNaWWJieWNs\\u000aUHJ3bkw2ZW5ocmlrWHBzNXVMVDRqT2p2NFVJSVRQSjJLN2NjWUZmQzJqZlJKMDJt\\u000aRk1wRkc0MGplcEdHblJ3cTNRZzQ5NEVhVGN2dG13SVdjbEtlVmJ5MW04N3ppc3hV\\u000aT1JWQXlnUlljU3ZvVXdxdWMzakx3MGJYVzBmUkFYVTMyaFlWUWZJUTFwY01pSDRW\\u000aRStyL3AvRGpJWS9zYngzVm1Hc1dCTGhNOFIweElVWm5YSnJyejk3S09GQkE3NGdu\\u000abVluSXJQa3lmT2hQUGVFSDQyL2VpRHUybWRWL2U0UGEzS1VLZFhjeUo4cm85MjZC\\u000aSTF3aGk4Q2h4SVVtZzZNaDQrOHg4YjhjS3VpZWtFaWZ2cU52aG1KQ3hlaThTYSty\\u000aUVpQMEx2aHAvekEwRWIxY1d0ek1VTUlFdUhJcDREa1hhY1dNZ2NuV3U0L2d4Q3Vi\\u000aMXhHaE5xWDI5U2p4SUhHeFdJRkNvQU9lVkNkL2xiSlFPS3V4R3BnMmR2RjdDUUhM\\u000adGYxQVRQaEQxRVNsNnR5dTg0dndWcTk3U3lTcktweWJxenZydHdSTFhwb0kyUHA5\\u000aWEd6S3BtaXIrT1Fva1dwSUhZTElzU0hmditDWjJDaW5aaUpEWWdtL3ZyOUZWdFpv\\u000aU0JKN2puYlA2TkpKYTlidGd0QzBFZnRTcGxPSHpicm1nMVR4M3gvNytTRlRGc1Yz\\u000ac29yejcwTWxIZE43M1ZjK3B2a080LzM4ZVF6SEFqdkhlTVgybGFMT1Ntb2Z5Nmpw\\u000aOVBWV1RMWFJmSi9kOTRNbmhaK1lvQ04vSVl2cWsyTzlPcDlzWnY3SGNHdHBMYlFr\\u000aUkh3WG9od1VpSFRxVkhEQVVxbEszUkdHdDk3ZHZJY1owSUdlRFJROGtULytCUTZ4\\u000aVGpxN3pvQmpMaGwxT2M1cUxkYldUM2FLbVNoL09Tb1BPWlR1OG5QYXROdjFIektB\\u000aOUE1UGovaDlRTCtGeldrMXM1MzZYRzJHaXRwckdiMERQaUF6MzVaU3dCdVpGbFBs\\u000acmpZbVhONWdsOEpwSVh5c3R0SFdqNTVDSWlJbHYrSnhGOXBGaSs3M0pHNkNUVkNa\\u000acVEzM2p0SmVWLzVsTnFJcGhUUUQzcS9rbDlGNTNPMGRQa0UwM01lWDJkS3p2VkV3\\u000aYldDbnNQMm5rVEhDMDloVDdkSjhVU3NMaElCZnZ4dFJ3VG1nbnRoSE5seVZrR1pK\\u000aWmxVa21QMXFHZU9tdmU4RjgzYlpSMTBNK1dyZmV1ZEJYbVJZUHgzRW5FVHkvK3B4\\u000ad1d1cVczd21WV2JxM3BsRnJCNFd3eUZuc2NNUkNuSjNuQlJQK3ZCYXprb0hpVXk0\\u000aOEJPVkJvMm0zWFRUVmRVcWRmbksvUlpXc0RhaEZKYnpWQ3cvSTlJM0lySkFRa1N2\\u000aSG1qUkRsMW5aeDdCaHU2WTR2ODZKa2dmSk5UMzRocHlYQkRaUW1YNEh0NXZacnlj\\u000aVTE0cTJ4SWVoUGNVRmMyZmQxMmNkWERvazVrSi94ZWF4Zi9RbDMxRUFzQ0xDR0x6\\u000aWFI1b24zL1VaMGtGNEx2Y3IvTVJ0VjhJWWdjbDUxcHlMbjhnbnh0ZmErVmZpMStD\\u000aQ1kySXFJUkpTeGtmWGgvTlhWam5MeFZaem42d1pGWFZ4UXBBUE03TjR5V1pkT242\\u000aMFlXK3ZCTmRGVExKZkxnTVA2UDBZWFZNRlpUVFRtVE04eWRGd2tFZDF2OUUrcysx\\u000abDRzNU50Z01yaEZVTkwxOVo0VVdSNVE5YTQwSXhhK3hBbVdPTElDQjFuUmxkZHll\\u000aeDdmVmtYSDE2WUV3RnZDVlpTWGRZODdaK3JENmZCbEtKL2lvandRbnZPV1hPS1dj\\u000aTmdEemc2bFoyYnVtREJpM1FlSllkNnU1Vk1ybGIxYk81dGZMa0xvM25ZMXROL2ZO\\u000aWmF2NDY1MnM3K3dRaFh4eVZ5bzMzQmY5d0VxaGxwN2pmcnRmY011MS9zcEhwQ1ls\\u000aOWF0MFdVbTR4UytaN3gybkgxUWtJanh4U3RaUVNmQ21LbzdiN0pGUFloVGg4QktR\\u000aQ2U2VnYzemYrUlloMkVNR0d5RXFMdWIvdG1Od2FnRGdGYXk3L3NEaTNTNnUzSmpy\\u000aQlE2b2R2ZkNrU240cytaYUdqb1I2VkNtUHF3VlorTXZQRXBKQURRUm5HS1ludlhs\\u000aUVU4dUo2MWpZNXpUUE0rUExaYytCNmdpdzZlZmNIenp6ejJJUmRPWEJGNFE0RVFO\\u000aek55ZVFrYTNoUUk5TWtFbnc0SDlZV2ljTkV4NVpKazR2NmJzeVl6T0Y3dVdiMi84\\u000ab09NNnRhWHdOWWFTSWRyQ1JxVGl3MFZOR3hVOFgvNGNwU05lSmNsRGRxVXg4TEli\\u000aazdxaCtXYkkwSnNLdHE4d3c0VDlvN3Q5MExpSTl6RWdjUisrbGVvajhxV2Z1aDZp\\u000aL0tzRGtTNFBHMmw1VFBqUWhWMHJaY1FhdW1hRzU3dXc1eUl0RnM4QVVlbTF6VWxN\\u000adjcydDhSalNnTWdBOWdWdGNCcUNlWjIwZzk4ZThWc1FwQ1Y2SDlpSWRIalZTZkFK\\u000aMG5MbnJud1BucWJPZFdvL2xJYXR4dnFSb2hwWFhyR2loSjBPMEpNNkw4Y0JJQlFl\\u000adkZxSE9qVlRIVGFpSVhxL2dQcThVUzZtcTNIS0U0S2tUR09zMXdzV0ZFRmpKei9m\\u000aeUxmYk5sVklIQ0tRTjhjb1lKdFNlSEZUMTNZdm8reTNBa1VRb2hWTno4RXg1TUJ4\\u000aMkYyeGtoZ1BLdDl2aUlLWXdGRlpOQVU5ZzZDWVRjOVY3WmtHTFRBT1JqQ0IwNTVm\\u000aTnBkSGVvRWpydElMU1lTMjZhV3Q1TmtnVVJsV2dEalpTN0t1UWZuY1dXMjQrOVND\\u000ab0xCV1VzSXhVTWVsZTEwZDhwbGxsZ01YRUR6aWEyc0NEemxvOFdOa2h2M3hZZjFT\\u000aYXBjMk8wTnVmS1p2NEVWMXhzMy8wblIrMHc1b3ZHa1UyY0ZXMnpBVUcwaGU2azhZ\\u000aTjR6QVJRallUem4wajNVa3F3Vkl5dGZuUlRYUzZEODZkTVAxaG9ETWY3N0duMzI1\\u000aRUpKM1lGanpFbEFjaURlRkgvMS93Wm4ybm1ST3hDU0p5SUxXNnJiTUdyV1JDSjc0\\u000acFNyNkZUcXRsVFdNWkExL01ZeEk4a0JlWThHaEQwWGZ4bWdPaTI5NjcxSHI4SFVL\\u000admNLYk8zWUxHemhqaEtCWklEWkNwanlUY3p6VkN0MzVOcXpGUnMzM1Z6Y0VDU0I0\\u000aWmVZSCtxS1RDZEhPK0J6VE9HOVh1am5HazJVb3BkdldldkovdVh0SDlmTGhUQjJn\\u000abUQ4azZSa3FSTnUzUjZlN1NJTlhpejFuc3pqMmo3QTlDNXE1c1VkNThjVTdNRlg3\\u000aMGkzVHJ0NUh0MloyaFNQY1hPNTU3Sk1LRVdVcFZxS1l0WmhQTWN1a2hHb0hVekJJ\\u000aTUV1bDlSYXo5c3M2RndsZHo1QmFvWDZJcW5yd2pGaXRnTjVnWUZpaHJEbmlXUVhx\\u000aaXQyTWtETmFROTIvWUlHRlJGMm5iaUdPWDFUamxqQ0VDMU1DQUwvSWxqRU4vM0ZZ\\u000aOEJLWElpdkU0RTNNRGt0eXJzWC8zOGxUZjN0YXZOVk5aVnFESHMxUmxuRUM4WEZI\\u000aUVFNZXdXWjF1RlZVM3pGOVVlcXYzcTRxZUVQREZ5R2lFN2dEV2tNbW5xYnZURiti\\u000aVysyMVJzTHBpbUphS3dqclRMTWtoaCt4Z3hvK0paWml4c1NxNXgrK0NCdEtOQ3BC\\u000aNkUwTnc1SUlnUnVzL1kwMmxQMWZ5OFVsdjU4eHBNUjVETWRmeHZ1cjlPd05BTTY4\\u000aNi9zeUwrbHVwVDZhNnRhOC82YlNPVWphNGRtMXgxWHBhWkZ1Qy9EMGxkU3ZPdTZv\\u000aQmhVVUtuYXhCalpIeXl1UkNQVlpwY0tFZDFkemE4THdJcjY0Q09CeDl5OVJSZTlV\\u000abmN0L1dIanlQSnZsWWx5OTBLZ3JFOWYzMUdkeEFoK2hHVjZrbWhIUUhpRnB2ckRi\\u000ad05tRWdhNzZlTHRLdHpGNDh2cDdZYWdOaERjZlBCbzVJMW5pOGxZcFFDeW50WVB1\\u000aWnRIZWNyNWFDQS9RSWpGZGdUSkRXaGJkVW5rbzgwa1RGRTZ1czByVUNuLzNrcUhK\\u000aeC9Lc2R3S0VxQ2ZzNUVhWW5LbVhvQW5HZWZYYVdoNkU4Mm96Tk5qVzhBSUpJcENJ\\u000aTTZrbkFjWi9mVGVjL255azZmTisyeXltaWFXWkN1ai9lS0piMWZFK1MybWxpbjEw\\u000aM05oWmtNTkJHUDNqTUF2K0l6dGVuMFFDazdySmJ6cmlTeUFGYml2aFB4bjZqQnlx\\u000aaTJKRU4xd29KOU9MYWwvaURBSXNoRXUwQ0dwQ1JMRnUralI5WE9zdktjNTdGVVo0\\u000aSHo2Z0ZBYjEvNkszWnNWSXRGZElvL2tmbHJ3Ukttc0hTN2VuZ1phOVdYSVFHb3FR\\u000ablVaYXVjb1JRVWEwa0haN0UwK0szNVpZa1lZVFRwUHJuQWhQbTJBaXdmRUpzVmQy\\u000aM0tnWUx6QW9tQ0J4Wm41RkFFd3lMVUZSTFAzOGRZR0hlZnhyR1FiemNzOUtpS3I2\\u000aQUFVRTVSM09yMHdDTUpLV1Jmbk9QZjZQdmtIdlcrSFZhZStBeEV6ZXF4TzFwOVVU\\u000ab1hoVlcra3NoRzZ3QTIvL2NkR3Y0MHJrVEh1RFE1c0Y3Q0ZGckNodlJZb0MwMzJJ\\u000aS01qa1Rzc2FKS3dqSEZlSVMzc0tjbmdEL05WR3pTK2xOcGNwSDg2RkJGQTd5SzNq\\u000aVzBrZHRmblRaLzlSSkNXblV0YXFpM3BFaWFlak0rbEs2cXRuVzdVcHhVV2o2K21x\\u000aZzNtb1FCUjZ2Yk4vS0xrSkpsUjhsUWNnQzVLamJLOUd4YXpGZlErbGprcGhKRHBi\\u000adERUZThEZ3dBSmlraGlZT1YzYjU4aTA5MXo1V0JZSmFtQmxodS80MzF2TWIwNFJw\\u000aVVdOSlphSEdySWdCNXNwdFV2SVNxSDRBYm9xN0ZNMVZjZS9pOXpMcXlGVVhXZEhl\\u000aaDBmTWFKUVp1S3NPNDFmQUtsNHhLWE9icUF6eXo5ampGTnJjZDQ4MlNZVzhrVGlW\\u000aZklEUHN3eFc2aEVhd1psaUxRYUtIa1pSU1JYempUVE4wc1draXhmU0dPTDRYNXNy\\u000adXVuajQxNDJyRW80L0NYRzhwODRWTnBrVmRXYk1USEIwT3JmcDdvQWdiLzFRUlZt\\u000aUmpyaUhMZ0Jzb25sWUJvQmNKaVpjb1ljNFJoVmROSnVGdldUaUg5MWM5dXZkdUsz\\u000aeHhoMDNlUCtTRld3Wm44NDZjZ2lGL1pDZTY0d0tVemNPT0JvbkoyVm1JZlFWYUdq\\u000aTmUyY1ZDZVNhM0IwUi9PZXBBRk1ZQmozTTM4djdabFJRUXJMVnRzVXZXMEtjbnRJ\\u000aaHZWa2NYVkpZM3RRYkFKWm44aVUzWnhiN2VvUnF0MjFGem9raVVWbzV6d0FuNDV6\\u000aZVVWUUEwaFhaN0s2K2RmUnJCSGFaMkRob0RLc3FaYkFjVDhTTExxY3dJTlBsdHha\\u000aWkUrUUdMSGc2SXhHdWZmT1VEaEtmdUtoVUlOQ0dwSisycjJqSEZrZGJRaTl1R0Ux\\u000acWh5WmtrcGhEcDRnZ2Z4RjB6QkNQZWJDOHBXRDAxaEdSUFdDVkNzRjBMdGlQV1Mv\\u000aSnU2Q09MWXZKeWhlWURYeWNFLy8wOUkxYTdYRGFaLzBLSWlhNjY5YWNZQ3pGWnEv\\u000aYkxkZjZoWWg1UHp6RlZYNjI4eUJuRnRvbm9MMGlSdlo3eEkvbXQ1alBFc05CYXgx\\u000abGhhdXZJVXlNVEdvM0xGcHZrYStiN2dYZmFPZXgyajZwb0FDdVVZKzJtZmY5Und2\\u000aWitVQThheFB1N3NydUdCaEpJZ2JyeUx0QlNwL09ZZlIzZ0ZSdjA0a3l2bVdkL2w5\\u000aTGxRanVwQ2JvUm81RjFVb09Lb28vQ2l2dWp4WmVDd09QSmdEYndNVWZ1ZUZLazcr\\u000acjFCcktGdWNzbVlhc1dYYUNua0I2TUxOVDdoeHFqYk1hM3JXcVVFa1JyNXJzWWZq\\u000aSFo3SloxdGZacHVyK1Y4M2c5V01rSkFFclhaQnRibFJMM0UxamNicmdBRXQ5MzZP\\u000aR2U3MndPTUg4akNMU2FSSzVUSHlWZmdiUDluYlcxeWdsNHdIQ0tmQlh6RVZ3bWpa\\u000aSmdKWWxtbHp0SnBNcTZJNWJBc2Y2aWlKNFJyQUJmV1VKbkdGNEhuL1RoYTBVZi9p\\u000aMEQrSi9ZUE1RNWIrTmRvajNuSU15UFk3blJ5WWNNVEpaa1lFSWJ1dzd2MXhxUGJz\\u000aTmlSZkczMmJ3dll3QlBVNTduN2lLZXJFTmpnQll6RFVSZWtmVWVxYWZtUHBPWFU2\\u000aZDBBRDJTcjM4M1BnekhsdW0wWmhEUUlnaThycmkyNVU1eDEvdmEyK1YwZWlCdnhH\\u000aTE40b0dZQjZ4a2ZFa3NNTkV4ZlpYU1dCdzlzVnBMeEVxclVqV1NGdk4xbjV5c2Nk\\u000aTi9JY3EzTDhvWDZ6WmR6bFFqWFN4amZ0L0hMR3FrSTVZTTM2K0V0MStXUFFLcG5t\\u000acEpVVnFWemJ1ei9VK0dpcUhSVGVqRDY2a01lUUJnWHB1djFRY3FBU21Tcmtyd21E\\u000aRmVCbXA0amxHV1NCM0R6djBHb2tvK1VrRWxENmRhSGtjQkJCeTlPWEdCTXhKemt5\\u000admNhQkpOY1E5KzN0SjNnVUI2c2QzR3l6ZGNienhMcWFPcFh0bkkyRVZjYXlLekRL\\u000aZ0E5RGRUNHpva3hTTzhObVFOTVMrdFprQ0hJK2ErQW5iSFRvNlJQZ3JpRVg0TG0y\\u000aTGJsUy9UZjRKbjlHaVh0V2V0UWNpbU12UXJxd0UrbTRmTEpURGgxb0ViRFhXL3Vw\\u000aSDdFTktQV3F5bEhwTFZTV2ZJcjR0QVJMaEl4NlhLeXNwYTJvY1h1UWpzRXkvVmZ3\\u000aQUlyMi9NNVZOR3JDcEdmY2Y5U3U4NTBEWFMzVUg1Ri9KM1ZEWlYwL2tiOXNVT09s\\u000aa3dnZ3VGYXR0T3l2QmZFTnNOeklUd2V2VC9mOXgzMjlyL1MxYlhJbmRvM3NHRmNk\\u000aQnlKWUFROGM4OXFaaDJsSHkrWmRvWlRiTXZESFhKOTdJVERwb2dHOExrYU1EUWhv\\u000aaExjOUhHRFluVnkrRGsxWE56d1RlajJmWS9qZWRXcUxXVDcvNm1kSmlUL1NmZW55\\u000aQ0lzQ01TU0tTZ2pVenY0TmY3SUVyeUpvYXhET1UvRGRpOTBXWjlBZ29MUi9JK0F5\\u000acDZ4ZERMV1BUZGpsa0RYbHRaQlp5MXRmV3N0QWpqM0Y0Sm5xMHBHcDBqTVJNUXg3\\u000aQWtHMGpycVFpamh6NCsvd1lrNFhLUGtsZDlQQXQ3b1lQbHdWRERMSGtIVTBOeXBs\\u000aMTVNa1lvRks5TWhNVWdJZWpoTU1UZER0eHV5Q05PVWkzUHVrdmFFVmN6SWI2RXpM\\u000ad0JyYUpzNjN0VmhPQ3lMdXBuZ2VOajNLNHltSWxhVlpHVUdxWDlrRERzbG5oZmpi\\u000aeU1Gd3lVUERtUFM3VlpJdDFVRjJZTWE1ODBjNXFpZnF2YWxFZktlQmFXdUMvOStX\\u000aREgyM3VvYjRiazMxT1JxUjRvbTNrdzZRSzhkaDZETHllNTRoSFVhdnIwNkZ6SWF5\\u000aNkZNcDZhMUljbnpGT0tremtDeWk2OW8vdFZyWHg0alVnYnNtcDlQaFUweVpKRHFH\\u000aYWFINjJyeEcwZEpkNUh3ZkZkUnpXbnBSV0JEajlFbkFkaE5VYnpLNVRJaWZaZE5h\\u000aNnJ2aXBsUk1ZK2N6ZW9CSTU0VHd5d2FPZ0dCcjJIaUVqRUhCY3pvWXdkSXNrY3Rt\\u000aRjZtZTA1N3U1RS9uMFVkTmMzbENJZXNqZml5SVdDTUxkeFNnQktXalBjSnRDSjRR\\u000aTmFFK2p2bUpCbk13cFI3enhOMU85b2tCWHFZWnozWUFUY1ZtdTgvY3V0NWs1Rk12\\u000aZTkxUlF3MysyL0FTVnRmdU91L1JOMTBYWm40ZldiWEZjcDI3NG02OUs2RkRYOVcz\\u000aNXVSWEhZeHp6OHl1L1k2TitVNzBoOStXL0psRi8zTFh4S3FveVlwZUtXdlVWRG1r\\u000aT1ArMUhhNmxNbm1BQm1Cdy9KYVg2WWN3bk1ibkZuekFVWTJvRE9lT2o0dkt6cWly\\u000aMkZMQXVUSWo1Q0VWZStHa3ZHRU4wTFNkNlZzTzIrNXBVRHc3b0FmU0IrUXd6bzFx\\u000aN2Urbm8vWWtuancwOVdEeEtpVWxoWHRqN2s5K1p1VjVWYWhmczR2bExLaVBPbmhI\\u000aQTFlRHdXRFlVdDdRSDRQUWUrZjhaV2dtcTFaTnhVUzE2Q2d0ZU9MYjFJZXVucERN\\u000aeFZUSFZaVy9sQmlzakFCaEJpY2x6a3cvWTkrcTlEdU1hbGQvU3plVHZVaXpvaUVi\\u000aM1RTVGluVUozUUt6a2lJWityOFJrdnB0WDlnZks4VWdva1BFa0tleGd3bFdmTjRr\\u000aRzMrdDlsaGw4Mm1oZzQ3bTk3Z252Qnc0L1JtOGlaNXJXRzhqOWlEbHJaMkJWVzRz\\u000aMGNmdmZsaUFTVjMzRElNenJveWFFaXBFdlZMTW96a0loTm9OdkZpRXp3NWpUdWgv\\u000aWXB3c0NtaVJ0NDVnUURyUzF2WE9lRzNSdmdPdC9rMXdhUWZIQ0ZjNkFlWVRKdXd4\\u000aWENMOU1laDFhd05qd3BFZThBbU9oK1dkYk92ZklvVXRVcXRXb1pkR0NXdWZoY0d6\\u000aNldESUxpYmUrZ1Rsem1sTitEQml3ZXRNMGt0N2V4eGg5ank5MTA0a2pkdTMydkIz\\u000aa054WWtOaUVsWUNSMnBBSHNhWC9mczE4YjJzdTRUUlRUSG1MWFVrbXdwcmhSUXpG\\u000aMkpVOWlWV3NmbEVqN2d6SlBMNGRyckxsKzkrUUdGUG44VHZFY2U2TTdLRGZUWkNP\\u000aV3o4Y0FjcW9ibVJjNGZDVFRNN0ZKRXVGUklIcXdvaERRYXZlOFJSUG5BZk1XckZy\\u000aTUJOekpUTWllY3lpWWZIcGE2U2NseExoaU9aYm8wbWo4OGpLN2FXVXdqdng2THRJ\\u000aQ3RqbTk1LzZQcjV1L05lUDJORFZ5dXVBK1pCRjl0YXNhOVBLbVY5K25uMUg5bU11\\u000aR2pndlQvUHJmMS9RUGFMUEltUjhOTFlPamdhb3crRUEzWVBZMytIT0RDQzVlRnZF\\u000aOC9PNVg2QmRpTElzVU9uL21ReUZSS0JHNEpySThkSzRyZlJXTmgvYXg3a0h5amFB\\u000aVkNGV2pQdGp4TDJjaFZ5UjBUMDE5eWdGUGwrRVZUcDFML2UxWGo0RjhRTFZzZGYz\\u000aUXNaM2g0ZGpvREVUZ3V0OFZTOTFuSDRnMzJPYjJndnEzOWtQRjNERzRjUU1kRzha\\u000aeFZEaWtIbTJrU0RjMThaTE82RkFqeXpncmp4ZWVaeFhvVzc3QWZGM1YyaWt1Yi94\\u000aamQvOFhJZzFNZHkwVHNEbGorVEpBUVVwOVBOZkN4MmxUNlBuN0dZMVNBUGptSS9a\\u000aUkVJSEdncEx4cUcrSkdBVXlROTR6b1ZnM3ZYOTNkZStXV1JEWWpxaXRXYjlvbU9R\\u000aYXhmVDF5Mk5yeWtib1pXaWNTb3lMWnhZVFU2bktrbTdUb3lMU2F5ZFo2MWhzUlB6\\u000aZXNlcDA3S3NxTU1Zc2lRT0J4VHN5a1EwcHhVenRqczRJeVkxWWtmcUdvaXZPQW9E\\u000aVStxN1dOTEpuRDZnd2x3bklSSUR3aVpuREJrckNZc0JFK3c4QUNoaTBiN3RqR3Qy\\u000aaG4zVmRjd0FabmQzOWo2RlF2Z0JtWGZERzlJRi9SUTBTNWN1OFh4OTNFaGhoOE9B\\u000aK1hTNlkyci9rbTZwTm9NaVA3TERJSk02SmRrVlRGT1h6VWszdzVrS1liQVZwRy9r\\u000aandjRGJnZVlHUkNxVHBmMFBXeG1YTU4zWjZtS2J6MVFaNnd0TGx4L0FNYTA1Tkgx\\u000aYk1zbE14TE1WWlEwdHNsdVVqSWNVamRNdGlTb3BaYzBOOWZDY3pmN3VBMUl4Skc4\\u000adFIwdnltdkVQSGdKVXVSYXhxZ1crSHV5eDd4ZVAvNVJGS2VBZmdNcTBzaS85OHVS\\u000aSFlZZFVORUZSUmQ4WXluR2lqZFlxZ1lZZkNnZnM4bmcyWDlsdnUzaFNIMkdQM2Z0\\u000aVUdMS295L24ybE43ekdjMFdxQWxDYXh0WWdNMFVwMmpQWDd2N2ZySUlTc0sxYmdX\\u000aSnZXN0xEQThJMjVEVDZaVkdOY244WkZ6RWV3VGJSdlBFNk9oeDdSc1ZBL2JwbVBP\\u000aR3prQ3N1V3A5OVhSa2tQQTNaQmluejJ1RXIzQ0NTRU04eitIeTZrV2RRTExSTlpO\\u000aZnQyV3dBWFVwc25tL0YwNmpVZXU4Nk4yWnNMeEN4S28xYnNYYlorKzNCM0NTMFYz\\u000aYXVBYXN5aGwwa1NWczI4eTdYaTFSajFZV1VabHNmQVYvR282SXZyNE5YTklpK1hY\\u000aWVJtaXNRVGI0UzNHUXRvRmhvcXdOZ1p1L3A1dzBmc2lVTDBFK1BDMjRvVkIzNzlj\\u000aUG1pUXUzdTZ5eE0vUVVCVW4vNlQ1U215MEszaUFGdTJEVU5ZRkg5NllEdFNZK0RV\\u000aVDJJVTByK1F2K24rYUJ2SC9xRmVLWXhNZTZMVlF4KzRNTk8xZzh5M0ZvYTNzckZV\\u000aT0R5azM3YlVrQUZWUXNPUWNEV2d4S2l0TU1kbWdpc0JwQXNNeTRXQTAvTnVqVGZy\\u000aUmZWVFRWVjFxWFJZL2dMVVNGbmMxMjNkbW11WEF4UjM1cFVzWERwbk0vallRcHRM\\u000aSmtNcHpPWnZmTEhNVmpVQU05WUtSOUhxSFBxaWVoN1ZZT0t4ZnlTL21ZbnpVWE1T\\u000ad3l1VHdRL0VLaEFkaVo1bHdhYnBhcEYwb1RCWWN3ZkVnejRRZDZjZVgvOWh0S0xx\\u000ab3o3RGpMVVlqRThPK1JxanpVeGJTbThvMnpHWG5yL1B3Mm5COEw4bE1yQlpTaUN4\\u000aUkJuK3lkeHZ0UnRGSm4yMWZMVmlqYzVOVFpDUVZ1bThGUlpTa2FLc2JkQmVERFNJ\\u000aaVJ3NGErY09mc3FPZjNQa2ZScTNraDJ6TUd6Ylk5b1MzWnFxSTJHdGowUmJaMFZ5\\u000ac1VTVWJnVU5uQ0lSR1RtOHE0T3J0Skp6Rk1oYm5Yc0R1MUxJbFY4b3ZTaW9VanZr\\u000aU2I3bnhQUTQxMGljZEt2NkczNmx0VFhVVkhnM0RzMFFrK2Vha3ErUk85clhBYkxD\\u000aYzBxTDhkOUFELys5NFZ0eEZ3a1M4NzltUmhGZDlZQ1FPVU9HYWRXbzJUYnoxM0hs\\u000aRDNUUUVvQ3JkQ0lwdGdhVTZ3WURjZzRtbi9IcW1aK1RuMzFJTERDejlvb2pPM2dl\\u000aYVE2aUR2eTlhVEl2TUdrKy9GR1B1emRHYmhRWmorSFFvbWNDaVMvYWxES3h0c0Nx\\u000aU3RkaWRQTmZwa3ZVSHA5UmNERHorVmlMMUlKRGcwVkg4N1N6VmNjd3Bva0NIaW9B\\u000aZGsyLy9SQ1lwbHFQWGdHbFZSV05jK0w1M3BhVFpPT3IrQXpFNUI5dVNFRDI4c0lw\\u000aVnZIb0lBbGhpZFNDT3M5UzJjdGhqYTk5WlQzREFMbFRYcFd3NDdpZmhkZ09aVkZU\\u000aNFJEYUlpMm9TMVp0SStkNXJSQ21PN1lEa3liNjhkc201UGlLZUVGdHJNYm1mcUNV\\u000adDhSWUNEd0dnNHF1UEI3Z3V3bExhNnhHczNJQTV3VVNJN0FUWC9CME9Jc1NsSFRO\\u000aZU1TYjlVbTdQTGhieUc3T1JKaXNLUjMwWEtkVFVRUjJGMzZWdzErZDVHMTBUWisz\\u000aaE9XSEc2bWlHU2hPZkFJY1hBN205VkFNWXhJM2lSUFBqLzE2STRGeExTdVFDYmFa\\u000aUmptb1hDRGRidHRYNXFqS0NXRDBBTEl3RmZ1VEFMNlVQV0NDYzRKOHpnMnJpc2pm\\u000aZ09tU015RUJ6UHVBRkc1Uk1lZi9DNGJzdHVGd1JDaUc1WkZlNmhyMUE0RkxLODAw\\u000aemw2ZDVjYkQzN3Q3amxXNmIwVHZpaVFrUS81K2dqak5QaXdPTGxPRU8vWHhXN1gv\\u000ac00zWm1EZlovZUhLMDM3VXd0QkRpNTBGaURXSHJON2svNXladnZFL2lUcUh4OHBW\\u000aSjZ4UXF2QWdLRlpFamE1Y0hEcE5MdWFTb0RIMjBzelNNL0NmU3g1SyttZ2c4L2ht\\u000aRHlBbXVPT3RJVnk4N2RQY1phUWcyZ1d0K05vbnN5eXgwR2k0eGNuNWZEZzVPQ0xT\\u000aeC81dm95REJNQnltZFp3aS9QSEtBZlRMWlBlaGlvemRDb21vS01nQ21JQ2tJS0hl\\u000aM2M0TkFTN1B2S1hSWDI3V2gwbk1aNFo5TUQxVzlVeUIvMFVoVjJQUHdLVnpvY09w\\u000aT3NEZk1WWXI0TXdxZjlXTEtFME9BQ0E2T1ppZFJYRnBKN0lUNW8wMFNzNStXZTNh\\u000aa3dER0hRRVhPN1JQc0U5SzloVmJDUDBuUk1YUDU3bFZ4WXBPRG5pRS9lK21MekFT\\u000aVm5rVlYvWUM2N0ovM1E5ZXpQdlE5VzJYcDFRTzlRUjRkVGpnTTEyRVBmUEpyTDV3\\u000aaUxaeW0zeitVNlNpUFFXQTNMSDVOdzVCQlRGMGlGRGxOaEExTVorUlIzRXU5eEQ4\\u000aWkVaV0VMMkIySGR1L1JGcDRkaFI2VE9FZDNTTDhIaDJYcm9pRE1YVnBnWU5FS1lG\\u000abENQMnlDTUNsQkFEcnNuQWVRR1Q0bVh0Rm5aMmVCSGtHNEhTUVRtQkM1NVgzRjMv\\u000aYTAxRmtNcTBtelYwSWVzUGM2UTRVc1lMWHZIQkl4L1lrT2hhTnVMMmprWnRGejdL\\u000aTDFQblRESEt5bWJJcFc1RFZuVDlFU3pHbUlDSG0xZ0lleVRMN0x5MldSTCtBTFdw\\u000aOW1aaHhJS2FxdmdmK29jNWFGaGlQellEaDFjS3ZxVDdHakxBTHk1amJrbDI4QzhO\\u000aSlFXZU9QR0hFVjRsUXJmNy9oejEzK0VrTGRaUHJuM2tJOGVzVStURXVST3pkSXN4\\u000aWUgrU1hpOGhxeGt1ZVByN0Z2aEF6bXk1WWFXYTZJT3JHNkM1RTZNTndCcmhVYXNF\\u000aMlQ5bE5OcG05a0Ywc0o5aTFud2o3WW93S3BnTVR2cWJFWUszTE05SGUzMnhRN3ZI\\u000aN2dncHloVmhBYk85cCtBZHQzT0lsanVrTC9NUGxRM3dnWDNyS1lBM205RWlyaDJ4\\u000adHhQVWR6cTI2NzNabjMwaU9vcWRBQzhVaGZFN1R2RUdMS2dZb0FlSGlqMS8wekRC\\u000aUEJNUVkyaWNwblpyK2dNV2huRlBtN1dXUmNkQ00yOFhsZTVBa3ZoSGtmM25tOU9P\\u000aV0RESStERkRPOHJhQ0N5SzI0QVhMNWxMZWwySTRlTW8zNU5kT1dRaWtidU0vWlNW\\u000aM3Y1WUdSMjB1OHlSajdrZ2Uva2FvSXk5ck8xaFA1MDFxV0xOd2owUFpIZTZ3TDhI\\u000aT1d5WHhnMmZweFRlbjRpUVFRcDJqRmEzR3hJbDk5U042emJvcEVZL3FGa0hjR2t3\\u000aeFk5S3EyOE01Rzc0ek1xK1JaTFYxVFVRV1h0Sk9lOHZWUDFkMDZPRHFSMlZrOUla\\u000aaTRwSGd5Zk9XNlBWT01WcVRGRkpJWU53cW04alJCakV2OUZ3dUluajA3ekpXRUp2\\u000aMC9sdXdaRFQ4R3pEY0RoaHdyWVFFR3BaVkl1ZVlXbkRoZnRxVkloS25zTW5KREFG\\u000aQ04zSEhFTG1VbjdJRVpIdU9Sa3A0alpSc0x6dTliK1RmSDhGYmU1d0pJVHBiSDhB\\u000adzhweUx6VTdqMk5xd28vYU5oZ0FUUmcxL3BERWpOWlArcEJ1T3hIRy9ldVM4YTBz\\u000aeEVETXFTclUxSG5jaWxFSkpMRU9yZ0tURkx2ZDB0eE8wamRGUGFLOGttRWtmWVVn\\u000aSDdJbTNudVQxSjVScDEvRXR1d0E1Mmg3YTVHWEhaTmduR2hzbE9kN1ZRLzBCQ1dL\\u000aNG9OaHBTY0FybUZibEhVMDRLY1V4dlAzV2MwNGZJOEV5ZHdZczFDbm1iLzQ1TXU3\\u000abnRCM1RkUDJOdXVoZlZHQUJyOEF5eS9UTDBSYytZdTcyQUxFZ0w2MkNtekNyOG9R\\u000aaExEVkQ2RnRDM29PQ3lMNXJhbVNKTzVXZ2d4bTA1WlE1UFN0TWx2RmVrNnhnd216\\u000aeUNBSTRzUkc1SUV3NTQvM2N0TjZxUzRYTEFVVWNlRUg0eUQ3N1VyZEdmdWw0dU91\\u000aOGNJZEk3alFkcGZQMW5XSjZRZUgvRDFCUEZOREtwQkhCY3hRbjd3aTBGckZOSTZw\\u000aTFpEeTFZYjhYNHQxaVkvVzE1b0NQUGw1a0hoOGpyeXpUb2tRN3NSbWcvaHh0UEpv\\u000aaHNqM3dSeW9OS2ZWSHMzbzg4dExWTlpQYUNPKzhUWGxlRm5ycGU0N01QZE9ldU5n\\u000ac0luaWk4a0s4bDJ0UUVpMlVpTmtER1pGdGliR2pxdXE5cm9nUWpSMXZMNDF2czBy\\u000aaGdXL1I5OHp4RDgzUzV3c29qQndEWXpPTzBtNDB2WVFFUEVoV0NXV043SlRaWEN4\\u000aMXR2U0hDMmZUSDREa3RjaHkya29CZ28zUDdYTXZPUnYyU0w3ZGkrajlKdkVqVWxx\\u000aVkRFTWRQRDc2b1RYYXh5T3lLUzVVbE4xTDJYbWk3QlRYMmlxL2xueGwyd2VONEx6\\u000aWFBsTmdEaHN0KzRSS1VtYVB4a1QrdlJpdTZ6b3dEV0ZlNGQwUHE2azhRZU1HT1My\\u000aUFFETnhuWHNXUXZoc0UvWGJ1SEl2Y1ptUVlKTjh2bHdGSjBzdnFkV05URWlDNGdJ\\u000aWlJxWHJ1MnUybG03b2RCSVZrdjUwcVVnRENLVG9xS2tkdkYwOVhnKzZsOUNiZjJy\\u000aQWE3d1RjMlU0ZEVtR3VxZ1pyR3VYRnhVZmlKYVR5TFE5KzFLcDNnZFRJQTVFVVRZ\\u000aOUs4cWhnS2lHdjNlQmdIamU1VXhITUMvMGFwWGhiNkFySEM3RW5yOHhEbmN5YU5v\\u000aOXJmSTBjT3RCT1g1QVZsS0xZcVdnWEp1bDZTNmZSWWpvdVVjaVF2UHpBRU1iUERV\\u000aaU95ZVVTQzd6SHpHcTZ4LzlBQXFySEZrbkIxS1lYdFJYWk5zQlNJRCtTV2NNMEZG\\u000aK1B5amxJbVQ0K2pYOFJBVjVGdTNpL09hcjBJNk1NVldSZzhNQ1RsRzVWWDd3cmt4\\u000aQ2pGUW5scGs4U2NrbzlRZkNjb1FsTlhyK1Fuay9rcFROOHJHQktvQ0xZVkpNWS83\\u000aa2RYZlluOXBOWTJXejlYSlJXcXh1dFRoMXU0K0ZZUzcrY2h5b3g0Q3ZHTTZjR1BP\\u000adDFZY1BJMjl3cnlYOTFiMks1MWdOQkNzSThPQlJXTkdkdXhMUzA3aDh3eDFSOHVS\\u000aY2dETm9kWnJQQ0pnQ3ovYjd5R0EyMDFManUySEFqeUR4N0pnOUJzTmJ3dTZnZW1z\\u000ackNnOHpJQjdZOFdsQWZueUhuOWRma1dhNFRZMGx6VEZoUStOZUtEM1RaUklrV21J\\u000aQkpUcitwaW1FWmJUSFIxSk5PeUh4L0M0cFlTem94MXhGYmMxbndMck5rd1lyRElN\\u000aM3YxaDQ4eldub3Zad2hIUmk5d1kxdngzQ3RiVXVOMVYwZnVGU0U4K1pvYmNaYzd4\\u000aZDVNdUJ4RW1rYUFneWJSQ2JSRlZvUFgxdjdGMklkZGd3TFRYM1ozSGNZdG85eWJM\\u000acWowZ0FNbUpadTJGM3pYUkkxUFczc25STFpubTd6TnBCYVUrL1luQzRjSUlYL0Er\\u000aMy9zZ0tYeDR1U2tqTGlwN2lTU2xoTTRmZFQwcFBSaUVoTkRyTG16UzErWmM1UXpN\\u000aaVVFVGM5L3Q4bFJDa0E1UXhYZkdmZmJvTFNGT2VMNTV5NWEzYXhNMUtZK0VzOFBx\\u000aRnk0cGhYY0dLVHZ6dDcrdXRlOEVUdWJKUUR2cStFUnhTeWkwWm9kK2RyTC9zSmty\\u000aa2tMRnU0ZGEzOTlkS3VobGRMekM3MlZxS3VDTUN6eGtOU2NOT3ZRSlRYVHlEblkz\\u000aa3pXRnFKK2l6SXRvTm9ydVRNUEJTNkpOMEJWQmlBOFF2bjhWd1dyOXEySDBzWlJ2\\u000aNWxsUkZZZnM1bEZ5TkI5bkpONnVPZ2JMU0pNSm02ZGc2NHlITDdFOXE4OE5rZDVx\\u000aMXVhY21pd0VUN0VzVGpSUXdLMm5oN05lMC96VGVpSzdiVG1RMW1KUGpwZEEycXp6\\u000aZ3lIRGoxRVlNenhoZFZIb3lHQW4wWlhDak96T21SR0F3U05pY3VhR1I3aERpRzNU\\u000aZllxSkxLWUorUHBnYTh4NlRha0xwcnZyK2F4c01wSWNPWkFpQy9jQUV0REFQV1lN\\u000aQmZaeEI3cFdSR2NqVThPbDhzUnlwTXZ4ZDByWlpoZDR6K2NSQ0p4aEM2RDl4blMv\\u000aVHd5MWVxOFd5TmNLdDYyRkVaU0dMWXFCaWVUSUp6ODRLMnpTWFdYVzBDZnhrcDVu\\u000aZXlnbTc2eFlyWmJLUndPcmxuRVFwaEVUbVl1SzB6RjdtOERKOVBtNlBNeVl3SVVP\\u000aL2t5aVYwU0R3WW5CM05HMFdSNEtFN01jOUZOMWFtM3l2N2IvOFBPRWlNVDBpK2o5\\u000aWm5lajRMT2ZVcnVVTDBqc1UyRkxSLy9RVXpaZUpxL2NaenBKc1VEY2ZvcW1qNERI\\u000abTk1YW5IQXNPdnZJZXBqdDJsQ0dLZVExRm1yb1h1NzQyc1BQMndySmtyMDd1SThM\\u000abnN0R2xucFNPNzZ2ZnRDa2kvYjc4THJOc0VIRm42ZDgzM1JXbzUrWVhaUXllWWUw\\u000aUEovWUpad0c4bFkyRS9YZWFrTjAxSjJpT2tNK0lmVkhnYWsvUG5PRVhhOFFqOXdu\\u000aejBNKzY5eVFGVksyVDJxRW5PUmtEZmtacFJtM2x0WXdqcFhCbDJrdDVKUE5qVStH\\u000ad1A5SjJHdExWR2IyNmJleCs1QmlVNWtxbUQzaGdHUlRsVmp1WXFkS3pYL3Z5bVJP\\u000acm9MZWhHMEZtMjFpYXFvZitQd1I3ZmlOUHh4WitLa1Axb2JGb2xDalo3S2o0OWdj\\u000aR1JNSnE5U3lya3BWcVkwS21YMGw1SnpERE9QUWdiRDhlRlQ1ckhjbFc2SHVCZFdB\\u000aOHAyckhQNG5BaXhiazIrSGRsMG5Rd3QwalNwUHNsSmJrYkpYQWtaZnZJNVVwU0RY\\u000aZGpRQmlXOFNJRWY1QXhPaUFveEdGQksxKzZzS2xJMzMzNCtKYmlSOVZDQlE1akQx\\u000acjM0MnlPcDlzc2VjZEFGVmRNQXZOQk1jQlQ3Nmx1ZmVlRkNCUFRQOC9sZFF4dmxy\\u000ac1Z0SEZoRHBHa2FYSk9hck5TVlV6d25uU0djTTZUMEM3ZTJLV3l3VUpLb1pYdmwv\\u000ac3czdG5KaFhTaDE5SUJxS3BLYjBTV1piTTZFaHlPTmZHc0hqSkhuR28rVHlBQlRu\\u000abWtNY25tTkxPSjcxYzNnMjJKdk8zS0diMGRQZTNYMTEyS09LNmpEdFZPVjRIS1Ax\\u000aK3UzRkRCT2pqYWU2SC8vYjN4RVNXWTB0VmlNSEN2YUVVYkhKL0dyQXpNWElwNTNB\\u000aYVRoSXEzVlVOckJlTDVraFFjbDl3ejcxM3JLRHkzSG0wRWxnQUpYSEt2cHpYS3BC\\u000aUm1pUDFJVHdRQ1F6L3lTREF5ZldpK2pxT0hNdUxaR1oxcW9qT3V1UnhIdWFTeU95\\u000aQWFwU3F3TUtFQTlIeGlZeFB3UUEvcHFySENJS0JDRWtSUnRrNDloQlY2VXdsOVdv\\u000aMnlJQm11cC93UE9rRVVRRW9NckxKL1FMSlZyUzd0N3BaRkNXdmdwV3RoZXcwMjBj\\u000aNTQ4QmkreEl5UjdFeVFmaXB4NmFtM3JzUUNLdDdMTXIwTXkvNVBkL2d4bWVNRjlG\\u000aUmNCdUtEQ3FlWEwzeWZWZmhwMjZQQzZTenFBdmJsbzh2ZG9EWXZKenFkWGVlMXFw\\u000aYzJmeHF6bFBkMXpicEJzeTh5NjRMM2V6M1NqWDBubnMwU2NvaVVuQkozci9hUG1E\\u000aR2tzUU1UaFBlbzVOcWpVTmc2d3FUQXlDMThqc1ByNkd0VXFMQ3lSOU9UZW5RaDdM\\u000aNXVSK0FMTVRscC81N1pMMjJkc2liUUJEdmVhNEtISGhzWjZzbDBGKy9YdmR5a1gr\\u000aZWU1eExVMnFES1RlRVkwNmt3elNQSTVxWkYrTXRtVVJTUWtoYVRuRGJYRy9kd1Ir\\u000aaHdRb1RQcXpBeURLRi9ITmRZVDdzM0lxYS9zQkEyTjJZVXFJbElId3Y1TUFGclE5\\u000abXYwbFhrc0FHbzF6TUpKdVRNUFY4alFmdDh0NFB4aUY1Uml6b0s4cWI4TjBLK3RQ\\u000aTGRJdWJtcnlJRitYSXhkV0t6NDhvMWR5MWYyalFIV0V5eVJNZTNvM2NTSCtDRU5S\\u000aanM2aDdPUjhyekd3ZFJxVmlEeHRtR3FMc3lhYVZYWUoreVZ4Zm5kNmg1RGNTNlI2\\u000aclAzOS96WEtSS0dYU05zd0EyMjBjTy9ER3VsYVdtT0pLand1TkNFRHpFM01sWHc2\\u000aLzB1cllNUktsVUVVTmpDTVVxbEFPSUJ1Y3g5YnhEYmpzU0lHN0wrSDUzSFFXZnI4\\u000abVlaOXhjYnFidXc2Yk1PQi94Z28xK0RyZkQ3VzJ3YVdoOGpKUW03NFN1L1ltQldT\\u000aUjBOVEQyNXd5R21zTVJOYmZvS3VTbUZNM05pVXdOcU40eVNQa1FOaTZod1ErNmVC\\u000aT2lPcmY3aDJqdE1VUU1HVFk2dEYyZzhzUVRRZVRVa0NqRkordExVVXBlR3BRaTE2\\u000aKytHa0UwV1dJWlBzeGtuT2Q0U1lXdHZBUWxBWTV3RXlTejFYQVNLNU45cmx3TldX\\u000aWE4vSjVIaVZacE5tVDUycjkvSTlzRlhpeWN4d3NPL1prd3lMeWFnaUw1cE9hQ1g5\\u000aUzJuNmVDcmk0cjBpcUtSWTE0QlhaZEdrNGlnbHpQR2tPMU1zc3JEU2FsejZIdGJY\\u000aMWgyd1VSMHdTZGlETHpUc3o1QmR6USs1ZlVwOHMxNkFicWlxQU82Y2Y3WlpPRWFs\\u000aOFBVZlI1bzZQZ2llZVFqN1lQUjdqcmVtT1RwUDZqaXZZLzFyQzBJYThLQ2pyNzF1\\u000adVBEa3VVVlZ0MXJiZzNZaCtWVE00aWU5VS95U3lXSFUwejZIbU1icHZCZ3AzUTV5\\u000aaXN2azdtVFFDdE1uNkR5VTlKSWlDRHBhZWVGUGpaVWJiSXRqbytiWFV2SW5ZbUxu\\u000aankwaUVJYW80YmhOcERGSjAzcnltQ3NMeTRSb1ZZczQ4NWxMd3hEcEFLbG4vMWFY\\u000abUFiK0p2VFFlTE1xNmMrRUtqR1FITXJycmU2T3VaamxiKzRDVVlBYkdLclA3b2Mz\\u000aL0tVL0JrTGVpdm9lQjFXaUgvSHBncDZSNVh3VTNvUXBXTUtlc244UkhMU0NsYWUz\\u000aaW5ic2FsNUpGK25KUDFSaXZldnNya0IyMWU0OXcxU2NIbmJVdDgrZEJJc1ZqOGhD\\u000aT1p2SjdqTVR1YUJteDV6UnJGUk9OSHJuTjdOMlFPQklpUmxDVFRmSUJTci8zdkwr\\u000admxObm9GLzlMcTU5c1gxY0JrVk9qQmI5cEFJRm85TnFRMHFLdGw1YXZiSkxXdG02\\u000aa21lei9xcG9HT0FRWnF3VE4xeHpwTWtSRTBpVExPQk50TkcyazM1RUJwUUI4WmQr\\u000aekFJM3d2ZGFPV3FsRk1oSHVQTHVTejliaHhEa1RicTVwSzhMWGxNVldURFVUM29L\\u000aM0g5d1M4bTE4aW9IRnpPUUtSMnVXc0FrZ09yMEt5b0Iyb1pEN0cxejJOYWNLTmgr\\u000aOFlyZXdOanVnZTBSbDJaWmVSVkNLc015UTRqT0diSmV5K1hQWkVyWHRGNWtsMC8w\\u000aZDdMT3BVQjRUcWM2NVp3NmpBOTFRK0c0dURuN0xicXY5LzVoUFllblBHeHM2Snhl\\u000aQVNhTW41OVR4L2JYUlEyQVIrbnpyNDRMTG9xVEN2dzJCRzJ5ZlBzb3pwZlpITlIv\\u000aMWE3cGRRdjdvVzhwdWV2WjYrb1p5R3p1NDhPRmRTZjFjWnNVMUhXdnUxd2J0blgx\\u000aSGdFWU1hNm10MWR4WjlNMktzMWpMc252eDdyTjJBMHlUeXA3WndadTZCQlRTeHVS\\u000aSjJiYjY4THJFZDlSbU9FN0VKZkhpZjB1a0tKWnIwZndJM2o5bkNnWk1hMml2Yzk0\\u000ac0NSMXV5c2pWcGc3d2FoOGUyRkg5cFN4U2VZa3RqVzBnY3ZvVndLNmZiRThiWVp5\\u000aQU1DL1A0Z2JxSlRIWkZzeVA3dVVIaVhQdXoxTEhnNXdOSk5BdXYxSFEvVTlLQlBF\\u000ac1lKd1R3YmxEa0RqK0RCbE4yZEVtVHpaVkpWbGU4SGlINGhzT1NoNDQ1Q2xHREFn\\u000aL2hZTE1kYTBqSDJaS2NneVZSMnhNMVlYd3NMZTR3QnNBNUdLRkJTWERFQjZmMkIv\\u000adDJIU3VZczFmNldpbEFEaDBqaU1JcllTTnM0Z2tOTFJYU3IxbkxpaGxMV1FWNzZk\\u000aU09YOW55MTJONFFwZ2wxTzVSSzUwWjB4SktNNE0xN09xZldHcVVFNnlSYWx5V29D\\u000aakFjZzhSdE5TZzViSjhDUnRQaFJFcnNZeE51VzRVZHJSaEk5dThxU3dERTl5QmNQ\\u000aUWoyUzhodm9FYlRMbXV0SW9zRXdvdFFOeXVvU1NuN2lVQXJwSWpuVzhLc1U2VTAy\\u000aeCtzd2NYSDl4VU92ZE9ZczhCWE1tSC84bXFxV0UzMkpVcGJGNUlaWEw3TUIzMEc1\\u000aTTg2NFZmWG5HK1FUbmkzbFlSWEhyd0Z4R1FPUTY0M2hzVkZDSVVvYVhiczRkM2RE\\u000aajZPUVZhVGxtM0k4R0ttYVNNSSszR0pYNWZFVHNOYkdGcCs0ZStNZEZkak1Yb1hR\\u000abjZjSFVGN3NYd2FIVVRtekphNDZaZDBLSjVVeEdicU1oMUo5cWJLamUvWWJzNjNZ\\u000aTjAzanNWNGljZy9qNngzb1VvRWdnd2lDSW1td3pIbDZVd20zNGNmZ3g2WEFJM3BW\\u000aaTIxMHhBTll3K2M4WDNPbGxnbHlEWjlaOHE1bTZOMnV6UUZMTFRDYzVIUVU2eWkx\\u000aU2g5d2pjOUdkakJSSDErdFZ2cVVDbnUrZXZNanBZL1A4R1hDZXRIdEhGa2xER3dF\\u000aMnNQRUI1WkZVZFkvcm9WeDdRczVSWVpkMVdOVEovRkMxRk1YTkVtTkNqRFNUUk9X\\u000aVUZlaHF2d3RjUmVQVHdkdEdjVWdONmVqSXBOdTlzSWNoUFI3UkVOYWtRRWR2UERF\\u000adWl0dWpQc1g5a2ptV3A3TnB6MU1XQzV3MGlEOXdLVkhHc01jWGF1SlBwVFVCdzUz\\u000aS2M5RTNGc3F3Q0J1cGNscDRZMWpzRk94WkYrbTBweFlnSUxPS2JSTjBjZHFGT2ll\\u000aRzhKcVJidXBpaGovOEpwaVg2RlI4dWxXSXZzZ3RSU21pSVZodlo5L3V5cjVXbkxJ\\u000aNklDV1hWVHRWYVY0clF0QUFSV1VlY0JYY0FXRHcwOEhzL0sydGpNQ0t3WXIxYzg4\\u000aSU4veXdaVnBuT0lveHdxNU9wczg3cnBqS2hvaHlCMk9ORUlNZlBEM0hYZG9OQWRY\\u000aTlF0SysreG4xN05XNHF0WHFxQitFeFRDNWRGQVpvT0I3QnpiVFdKbjV4NGMvUTNw\\u000aeEMxY3Q4L291ZERnQ1drTGZpT0NYWEwxbzlqRjN4SEsvL3hhMEducFh3Nm1IRndw\\u000aNW5XZk5UMFFDSmRJcWRrM05WbklIcTJwRmhSTDFwSUptdHBTOUNuSlFiNWZLVkcr\\u000aNXFTM2pXMkNzdTZTTWFiSkpNQm5vT2l0cWpTRzJxL0pIMENKaElCZk5IeXVxK1NF\\u000aN3FhaEJmZ2dtNlRQUkMzWXFjc2V1R2Zqa1N2RnBXN3hNU3c2QlNvZWljdktVTUNp\\u000aQW1GQVB1MXBNam5MMUp3VkpFUkxHcVZrVFdZanZqanduY0pWZWhJQTFNeHNHWWsv\\u000ab0ZpbnF5TDVsSVUySmNYMi9kcXlKclB1dzR6eWxIU0ZXT0FPSWtsSEN6eVFSN0lr\\u000aeFphbGJDYmpjWGRFVFZFV1YxSnJsZzVaMHhNbG5jYnZjQnUyNWtUMC9oYmh0alNK\\u000aUnJMU0dqOGx0Vm9ONCtCWmt4Y1ZTVUtLVGhSTGtKeENBdlQwV0RkQjM4aDh3eWtD\\u000aODVib0ZmU092UWsvdXFWalczK3ZzY283V2NzRmE2OEVKdWN1Y1Y1QzhiOEJ2dFV4\\u000aRWRiUXZuMlNkcjNUTEFqazlsQ2ZtcUM2Mm05VEpHOXVxdi9Fc1BxNmxtWFNLdHpv\\u000aWmo2Z1Z5ZGd2T2FXajZLMnF2R20xSGZiOTlpWkdhWEV3Y1U1bUZGNVBZYlMrdVVl\\u000aTlRPODgwdTl1dVJlYzJlR2dBMVR4SlZTVHY3N3ZuRTI4cnBzQUZycWl0ZklwTXll\\u000aUW10RzAvQU05bTNMelJmT3dLNTRBeEdDRk5CV2txYmpRUll0bUlaa0hWdDVkQS9Z\\u000aaXF3KytQQjkxaWJIQ0l3WnAwdWYvL1AzdHRzVDRHUy9KNjBoZ2pWNEJwek5FVVJJ\\u000aODNkSEo2SGZHM2dlaXlNeGYwd0ZuNjVpd1loc2s0bng2WjlleDVEN0J6Y0U5K24z\\u000aWFVBVkJmcXV1V3d2Qitxb0RBK1RpMVRDQ1gzTElteVM2RkhJZU50Y0lOQTc0UldO\\u000ac3ZtY01mZTlYUi9IQ1RERzMydXk3QzhiR29RQ3JFcllreTRXTVlhSGZScXN2cjRa\\u000aWGV6TGpENTJkbHkrV3UxQVd0YmtxbzU4am9pNzgrYjhhaEREVG5ib2ZFOXdoeGxW\\u000abTdGYXB0Z2NET3E1TER1WDlNTHdZRmM2WGludDZIUGtHMUhoeE1rMGdIRk1xTzJs\\u000acm1lQ09nb2t2MndwYk1MZ0txRUxZR252amNzR3R3WDZQMzlWNnlFRmcrOCtFZzFP\\u000aR2tRUmkvbzRScTRjSm1QZ0x6ajZKVC9FK1VZV2NjQitLaXc4S29NOEJBVGVsNEsz\\u000aVFlhcHlBeUVyYW13d1NGWldKOGJDdUx6WWNRODVEWkxCRy9UaWtDUHA2RmZzQy9V\\u000aNDBCWGdzZ2IvOERKS3U4SnNQRWZ5WEhFR1I2cEZSVHoyVmE0YXRiL1hCc3NMcmpm\\u000aTUsrTVJ3dXZnTTZmQjBjbUh5eXRkbjVrdVBCUitSa0FnLzgwMVRhR3RJUml5UnlQ\\u000aYmU2aXZSa21tY29idTVGc3F4eFlCa3V0VUxoZm1JaE5Ma3EvQUhvWGZZTzdpZnRW\\u000aMkljTmE2QkZQU0NaajZ1SlY2MDBKN2swRjRnZ292UmVWZmlTMFFoSk5TeEZ2YUQ4\\u000aZVRuUHlVc21SWjY3blMvenp4QVFyN0FrTXN1S2xLVlBReVlVOTAwcFZsaGRlNEVH\\u000aalRTREcxTjYvV0crdWN0SFo3Mm1DM3VYQTdoUUVLZEdxbUs5WER6Qmp2MU1UWDQ1\\u000aakhFR3JWbU5GaytKVHJFSkVsdEdRTmJqRE96UklORklxMVgzalRtN1pZTWQ4MVNv\\u000aOS91Tk14Y2hDcXExUzkybHMrUkl0elJJSVRjZVVDMkp5NVdtQjUzUHNqdDNWYW4x\\u000aSThBaTN1OUxUa2djaGk4N2QyNXVRbEhFd0RGMWZydjgrb3NubUZBQy9GbXQ0YXA3\\u000abjRKenFzVUhDV0RucVU4RjNEVVBTRXBsSEY2UFFNc04wd0JnaEdDNmdpTDFVU2ti\\u000aci81UUlhNlZWV1B1MHE5OFdyVlNCT2dnMUxHVVZvUFVXOHdlaWdRelpXYW1PU1hs\\u000aY0FkL2lrQmVaSW9iVlY5VDlDZytWbUN4Ynk2eGhBL2kvRzZDSmVjc0c4UnpTM1dN\\u000aY1did3RyeFZicy82bVhoWGtRZWhCckhTSDZyUTdvckdMakljQk52WXRyR3FJeFF4\\u000aNDRKQjJIdUdyTUR2QW9rSEJCYXMvWlBsOGdOTVZ0L2ZqQm1ZbFdRSi84WFdBT0Rm\\u000aa0JHMG5HLzRBUldUanpkM1lsb2xKQW10Qnp0YkNGWWkvNTlaWFZvV1hBbVg2b0g3\\u000aNUhvZmcrRHdmQW1nalYzR0VvKzhUR3VnQ1BqMFRJRERvUEUzV0IvR0wvUlAyRHRz\\u000aZVZ3c0pxak1UM0tWYjVTTHZkdjNLWFJXdVF4K2JNaVZCckZQSy9uKzhZNTJENjJi\\u000aT1NPZHVka01jQVVnaHpuRUpNWUJPZGtZNnplUjRLbnljVW5wc2xiTXhVRUtsMGht\\u000aL0JiM0FCUWdzMXVGZmg5QUVEUjJ0ZmJKNEd5RE5lZSswVEVYbDlTRHFRazB1eFAv\\u000aTEFMTUp2Z1ZPdHZqaVg1bjQ5a21icVdQbldWRGo2OUxPNGgxN05IWFNhQU9uNHk4\\u000acnVrSnh0akw4VTZLdTNST0tjMnlEZVpwNUc0V1dUNVVndjJQSUdyencyM2FqMWNj\\u000abE0ycmpqeFF2V1RQS0cvaDl5bm9GWjMzWm5LNkdGSnRYUTJFQ21VTGZ4OVZ3UDZj\\u000adWpzdVNwRVQwUlo5NXk4Tzc1dmNBRnhXNnpubnZSNkkvRlBxbHE3MzM5UnBJRUFH\\u000aTFRuaUQvZkJLSi9hS1RyMXlaM0IveldiVmlsYkdYWlp3UW9uZnptYy9qS1orVTl6\\u000aWXlTMTZ2Yy9TV0k0aytiQmpNM2hoS1pKaWJFeGpGalpIQStVU2lQS2Z1VDV3T0tx\\u000aU2lsbWJLcWJNbWtNLzNKelZCTlJtSnZwNkxHdnRJdDVJMkYyRS9DTXlPMjRHQ3RQ\\u000aajdlYjlYNlA4cUd3SG81VHlmWm9Vb2VPaXNMVFFmZXpISHhXUHFGeVdKY2VmSE9B\\u000aM0VjVTgwWHhPdlhyUWlKR2laUlRWWVB6dnAzU1ovYnJRRk51bHM2Rm5FYW1hRER2\\u000aNDJqSTRyVi9TYVFPZ3dRTHdYMEd0MCtvdGRRbjd4S1diZVNHNWhNbzFXMkdFRC9r\\u000aelpJRGM5ay8vZXdkMXg0UGhGekRFcjMzSDVtQ09mYTcvTi9KR2wvYXpFUnl3Qm1j\\u000aTDZ1enBFQWd0YXRrSjViQytnVy9objM3WDRRZml6cnZzQURXVU5uMTljK3ZzZG9M\\u000aelNwUmVzNDB2azQxUk9SakZ6eFEraUZnRTluVXZLSEx2ZnpwSHVkeGZKRzlRZGQ3\\u000aTk9mU2NRaisvTzBHbnhOZDgySnBXZ1p0SnZHRzBGWkZ6Z29aaXhBcWorLzIrRHJJ\\u000aUjRYeUdQa29aVDJLVGYxU0RNbTR1dEhuRkYyRldtV0hxWVYxSjdwMkwxZ01kYW8z\\u000aeVA5TDFFME8xMWNBSVVNaGIvMWhvSEFIbldBYlF2OEJQUnNVTE9SdUI2dENWTGNj\\u000aenlEY3UrR01nYWU3bUdPWERaTmczM0gyTnNmV1RJMWpCd0JSYUhYaGoxUHhJc0tQ\\u000aOVdnWENNQkxlWHdHV0s0WUpDdmNUTjZoUlIzZWZ6aHd2UzZjM0k5clVDc05HaTBk\\u000aWEdIc0QyRWV5RjdtYm96cm9Zb0tSWDhXL0Ntejh4TnI2eitNS1RwSWZmb3QrZ0NP\\u000aaTN4QkJxQ2pLdmg5eTdLMVQ2MkdEVElqUjdOaXEwUkwxTEU0cVFSbDFmNkNWMGJI\\u000aMzQvMzMraERCWnJmREVmekRSNlpSTGhycmI0c01DU0ZiaUYyaXlqY1QycVJTZkVH\\u000aZENwanlHcVZQZWpWT3VvK0JZUkhoZURqVHZwNHUwV0NBS0cyNHViM0VQWnYwS3Ey\\u000aNHZGOEhQclJIcFBSVkNqdUZHa0dNK3NqWWlkeHh4VnBDa2hsZmxZZnJFUjJSMGtM\\u000aTW9Hamkway9wYnlRdEd1dnk3RDFQZ0V6UEhCUUVHSzZhaTc2U2pWNU9HUUdzMzFz\\u000aYzJKMFlRME14Ky9wNEZtb3hvek02bkxrVkNObUxWMStPSXZHaFV3cEFUd25XZTZP\\u000aUFBHeUVyVFpvalZlZXVqa3Q2ejFzNUtVdEo2YVRpMWZxRlRiY2tmUGpaaGt0K2Ru\\u000aTUdmNHVxdXhza0VDYmJTOEVEUm1DUlM4Z0poM05GQ3VGR0pzWW94OVBvWk5BaHhK\\u000abEYzaDhFNk1UWkxNUFRrWHhHS3B0VndqR3IxTmx0VGRycVNKRVFtSUZTWDQ4cUwx\\u000aeWtudXY3WEV0TWxxUGxVUVBrd1l2THhpeHNqTHJEV1R5UG5MY3RRR3EvVDJ0cFp1\\u000aYjc4cXM3Y0NoSFNMVWV5OEt3ejVxS0ZpS3ZBTjBBOEhvalhzOElZa0F0NDFJdVZm\\u000aYW9oTHVEcER2Nk5wTmtLaUV5ckZyclVuZjY4cFNybHNiTHpSTmgyek9DTitDaXZ0\\u000aOTB5S0JXbjlUeXkrdHhIcy9EL25qMzl3Y3ExWXc2VDhlR0txVDR1OExOUGJ3L05o\\u000aMm1ramxQaE5SR0R1SUZON3MyKzlmYjhlYmJQRG5LL2ozdUtieWRjNEM1QWhDbUFk\\u000aYWpzVXA0Q3dpNTVGTjJreXRZZkZ6TTlyZk95T0VlZ084bzdDOFB6WDVjcENIbHdo\\u000aZmtMWHFwMDBPUktXZ0RQQlZnaVkyT2JFaU1CeUFOZFVOK2k0dVJqUjZJUnBMMXlU\\u000aY1F4Z3JlWmVkK1hWK3BwWEtWb1dVMEowR3o1cE94MDRYY244UUh2Zno3MjdtN1NL\\u000aWDdKaVVwY1dJc1g5UmZjdFlJb1FxSkY1endSN0s0WDJYV252NVBtTk9YLzVGU2Qy\\u000abXcyN240WlFqRjZYdFRUbzZZeTF5d2dzOUpELzdnSmIwTkczMjhQcU5Hd3FFUzBo\\u000aUnBYR2RydHY5S21hbzFjWFNGN2drVHZ5RFRScXRYcHYzeER5bXROSW1pUlNOOXlk\\u000abHV4aFUydG50dXVUVlN1WEUrTkJ1QXovQXdPSU05cnNOL1F6QzZXT2hGWkNjd1lF\\u000aK3pGa0FLVUJLUzBvSG4xbmR5dVQ5d1ZqbnVDL3ZhbWNTVmwwWnhJODlpcTc1Tzd1\\u000aS0V1dGt3Wlhnei9YekdVS01NZmo4Qi9oYW40WlE3MFRidHZDNkszYUpLWXB5RlQ5\\u000aby9OazZkMzQ5MFV4Z3AyclZVQnprV3JucmtZUy8rRkV2VUd1cW51V3BrZzZra2Y2\\u000aWmFtbTVidVk2Rmx3WTJIODVxQkV5a0haWGc4RU5tWVBtc09QOFM1TU10bEZYbXgz\\u000adnJUVUlRY2RtUHV4V1RYNlArSEtvOWZyandLMkxFTmhYUXN0aldZbW5VWW93TUZH\\u000aY3l1NlR2TTdWZDUrb2VOU0tGaldQNGgxbUFMNVYyTHZWU0JSYTYxb29mQ3VPODZI\\u000aWmNQbzRPNEZoVlFXeFkrYzBLT0tFbzVlSjZiemlneTVvclM5WmY3OTlQTXdRbVJy\\u000aZmVjWDF6R3ZYMEZTeE9KdzZEM0FVZ1VhR3dSb3M3d1FlREd3QWdmUGJ3bTJLcFda\\u000aK3pGK204cTJXOHlUbitGR3J5czJ2bXJKczRTZ1YybU4yN28wRFRQV1p0a3h6Y3gx\\u000aU1JoUjM3Z3d1NUdreGVpL3A5NVdTeHNVdEozUUd4Rk91dnQ3T284V09rRjNlN3FK\\u000aSnQ5U2tYSVVpMVNGYzVRblZ6Mno1MmYzVStabzlwdlBVVnN2UlkwelFuSU1xVTFE\\u000aN2FwTEdhWGltMm84MWszQ1gwVmRJQXlaYmlGUHVEcGtZOWdvcE1FcjgrclFIQWRB\\u000aMlRZalpwQlhCV3NyNDg2Z202Um5tc1luVXlRRnFTSkNFcWhCUnhXekhBQk5GdVZS\\u000abEF6ZE5DV1Z2L1RLVXV4WmV2bTVCTWNyL3V4ZmgyTDNpUmh4Zm96cU5HMnh1RXFS\\u000adTFSR1pTRWFkVmUwaUdUVlhWcnQ1WHU5QXMxdXY0QlJGcm1GY0FpbWkxQ1ZqbUJq\\u000ad1pPNTVmeUdrL1haNGgrQklkaXJyK2Vxdm01ZmhZV1JKMmk1YmNUUE9WYTFpeXlm\\u000aZUlaNkppMC8wMk1BTVdlSzB4L0puWW90clJXblA1MGJFOC9XT3hTZ2VMRFNaLy90\\u000ad2pGaUpSTlpEQkdZcCszZGFrZ0R5VHo3Q1hWV1FRTFlGL0NLOGpXRXI4RE9ySUFp\\u000aVjNheFBaNG96YVlqWGVXNHNxQkpkTkdkZ1VzV203bmJnMDRNcCtIL2dDbmQva0py\\u000aOVNmSklaaXdtbnpJR1hXVHV6ZjlTV1ljYU5DK3dzTVBpQURPNjJsUDhoN29xWk5F\\u000ac1dpQmRTTEZ6ak9zdm5rM0Rvak1GeFFxTzlGaHF4ZWtFbmtiS0xoTFQ1d0hhZ1V6\\u000aNE43Vmk5ejNRMFI0VUoxV1pHVGF5dDVkVElYZVppWkpyc0dVc3BiVEFQTElndnM0\\u000aais4aXFwL2pGZWNpclpDRUpuOEo0V3R3UWYxYXROWC8yMlpQWWpZb2lqYXVWTm1l\\u000ac3lTUXRIbzNFYVZmVmljRzUrcHQxYm1ReE5rNlh2ZHUvbVlkVUpMSFZ6VHVpcDVO\\u000aYjdId2VYTFo5WjZwSnZMeEdJSndmR21HZjY5a3Ara2RZODhHN3JvQnN0bk9lMVZU\\u000aUjVuR0lyblhJRDlqcXdQZWF2RlAzV3BjWXRsdzJVQStZdUVVRkJkUkpDRiszdkx0\\u000aQ1pyUm4xNnlYU2tRN1FpSmdHeXV2V0p4QUdZRzYxZGJ4bG41d1ArejlWcUlyMUVr\\u000aY0pXcjZtME9takNJOCswL3lFNXdGbjdEbHlWRWxVRW5ZNzdyOGh6QXFJTUMwSTI5\\u000aNUpnc3BGY2lSaTI1eWRLMzE5c3dLc1dHVFEwZ0xFWlVnNDVxWjAyalBqRWRsM2ZJ\\u000aTm90VGl6TVBVWkdHeTlmK2JpOE9UYld6NlF1K2YxNFk5UkltbWx6N1BmUmltRzVJ\\u000aZ254ZUljRkpxcDBacW9WZ3NpeWtyTVdIaUdDVUMzejZ0d2FnT2lFZlU1bXJ0RGJn\\u000aVkU4NkFROVhWZ3hhZitpRzhYb1JVNmhIVkpNM2dhWk9EVmFYY0tiQkg5L1NaN3p4\\u000aZlI3UjBwVnJyc0U1UHE5cGJ0VUphRmRvK2hpQnpxdGRLdEJrUDdjYkFEVER2eHU4\\u000aYjhkSDdhYVMzUzlxS0dmaHUzMW0xK0hVSjZHYmhTRW9sYnlGcTJySVkyV1p1K3FX\\u000aUHVxU3NtV3NEeVRDSGJ0d2N6RVkvOCtUdEhUa1pFYmpkN0F0RGZ6dmlJRW1aazRh\\u000aRFpCdEdYMTc1NlFIb2hJT21KdGVPTWlqSEtqdk1VNHlYZVh3VkkwcFVwc09JZVhZ\\u000aNStSOWVGQVFFZUJTTG9FOU93ekpOYm1idFJvSHMyQVJWUFlaN0lZMUxOM1oxdnNI\\u000aYVY4czZVbnB6TXZNRjBMdGw1UmEycmxwa0NsOHR0a3p3bDF0T0NVYmRmc0d2UVhu\\u000aZktjVllNN3d3bXFQakFRdWJpK2dEcHZrcnVFZTFxekd1NlA4cFlsY28yN1o3WUFE\\u000aL2dzL0s2ZittSGI0VXlpeXI3cklaampSb2c5UWN4NDR3TXF3RWZvbWQwQXFlbWo0\\u000aQTZ3Q1ZVSjFUN1ZwVmYyc0FSWWVnLzAzbWMvTzZySTZtSTVTQ0tKZ0J2UWhvNEN2\\u000aWVYrNzNNbVg3Z1dNUHRkUExydE9vbk13M1V5aEtxODNuV05nSUFhbDZySlhaV1Bl\\u000aYXVVbjVVdm5jeElNZFMzWjFjRndsRHhVd0ltRytGWnJrTGpqWm1XaDRjdzVGOGNj\\u000aOXhSZk93WW5aaTJJMVRUeExLcTlDOUgrak1sOUxna2hoemtWZDFSZUFkcFpZYUdw\\u000aZnlSUzZsWlBWaDZiNlA3a0lsdlhremplcDhkZUprNm5ycWlQL2ZBdFNTQVNUcTdY\\u000aVVVQUEhnSW0rNTR4UWcrdlQ2MHVHY2ZPaHljN0owd29ia1lYMDJ1Q3p0c2lranRa\\u000aRW03WTEvOWRjekx2c2xodUZ0d1UzTWF5Q0QwakRmRkhKbVJCMmVLWmxRZHZmU1A0\\u000acmJ6SGdwMEpzQUJlNndTMlkzdDd2VTJDdklqM3djTlZRTkZCQnZYbmk5SWNxQVNm\\u000aREVWMGhYc3F4YWtQNFAvRTVDMCtkNVR6eDBIRlF6czk2ajNEcnlHNjl4eTByRzBV\\u000adGZLRDBmK3VMc3NQVERybWNhU1ppVXh0WmJqbGtpR0hDU2R5YVo2RlNSYWhMcXpH\\u000aWVJ3YW9wRENDVHhQNXh6WnZaMGIxWDlveWE5c2JRZWFEVEtJZmdmMnc3RVEyZEZn\\u000aLzdCN25lZUxJSVdWTXZvK1pzMUpsR0RuWWpvVUdRYU9ITWI4ZFlIWUJnbEZ6UjJp\\u000aZUN4SjFhU3haQkFQNGFtalErQWp2RDE0MXk3WWsrVnNMeG9jdHcrbzVCRndHOU5m\\u000aVHJzT3MyQ09IckRoZW43TzYwMFNuNWh6MVNhclJHbzBTQjZBOUxJdnc3OUwxZFJ1\\u000aeUc4aWVjaURhRmVVb0M3OERCTjFGRFJyNEpxYmlHTjdXZ0JLQUpyRmd0L1dZMjNV\\u000aSEJPTFpOSHBGZ2lwNnFmNEtTNENRWFFuL1o1MUx3MXhHQUFRSWc0RUxGbjlDcitz\\u000aME94czZkWXZmeVhMWVhiOXkwa3ZyTnZXZDVZUkFWWHZENkFpVTRtOUJZNmZEWFNa\\u000aWm9ma0w5em1BU3Q4anpVZnRPWU94OWVqNzRJeDRQdmRyYmdVV2MyV3hvOWc0U092\\u000aTy9jVlFjd1RPYmFxNkFuVjZIVkl4dGtpakRkeG96dDhYTEJCdVBncFlZWnRWcHJ4\\u000aTGlVb3g3ZGpDRml3cVVYZEo4Mzg1a1gvcXdVNXlYZWwyMnM2c1BHSU95RlI4REw1\\u000ac2ZacW1Qei95bDA1RGJMaTBoTjlBaU9jQStVQ1ExT1ByVllNZ3ZqUjl3ODIwemZh\\u000aTStmOTgvNC9FNW5mVWoxdXlwU3RpbC9tWTJqeWZxd2hnaUpjcFdhWWNZenFQYkY5\\u000aMDVsUkJpa0hNQTBzSGxyeVJpUVdBc1Baa0lxclN1SHg2aGpHSDNGeGpTSnYxZzhp\\u000aVHllL1V4MDBucGVYV1c2ZFg5cGJHYWlOcmZDeGZlOHQzWDcvc3dPTUJyR0VEdEhr\\u000aZWhoWWNybm16U01yZVY4dTV5dDVFL3dmUzJKejNTeGVoTmp5cHhEQUNFSDk4dTFJ\\u000aUUg2d0ZaanlHYVhSQWNqTnVqTTNPbk12NHFKSThzVTdHcE02VHZFcXdrSG0zUjF5\\u000aY3ZhSTRDd0l3d3FzUFlFdUQ4dkIrNks0WGIzQXJzTnd3Qm45ZjZqZzYzZlFvbERL\\u000aZG1zbEJiUGhkdXY3QzJYM21qVnJBUnl4bWdKZGhKckNmbG1hU05rTTIzTWxCZzRQ\\u000aSVR2ZTNhSGFxVnVFVy9jUHVPMTR3alBGdzNDa2RzSWtuancvWTNkOWJiQzl0UHVC\\u000abG0zcXRMQWhSWVJtT1dvWE9malFCUG93WldlMm1RQnJ1TFV1VzhhRG5WU0NTVUNw\\u000ab2lWWnVNYXhuVWpscTAzZ3V1OUcrOVRPZU8xMnJFQkY4cDhtWVA1STU3aWF2enVP\\u000aUjZQa3BWSU5ERVRrQWxqNjZOMDA3T1Zid0IzUk80bDJYTHV5emQxWDI2b1VFUTVl\\u000aamp4LzY1RUdZd0E5ajZpMFE0YTZkZzkxbDBMTndiaGhVbk4wM3dvM3BTRmoraU9F\\u000acUpMc2RUY3pkalllazFlMFlDYU1wVW9ITDlzVkFlcStld1A3VU9wdisxTlF1SnM3\\u000aTWQzUVJnNW9RSzN1NzhYdXNzaGpTZHFpd3RkQTcvVm5SQzN3Mk01bWJLd0VlVGNT\\u000abjl3Ri9GZXBGcTkwQ29wL0hGc1hxeXNVRU51NWtTY3E5dHpESmhnOGJpSmJkVXN4\\u000acU54NFRYWmExZnA2ZU52ZGFzdjVsOUo1bnBmWDZvbjA2MG9CelZvMk9JNXhRMTBH\\u000ac0J0MW5YNWIrQ2UySjk0ekVObXQrYnFLZ0VoNUlzWlZ0YTlhNnYzcWhtYmQvNGJK\\u000admdhTzVmNmd1Y1BRL3JxcjFVbGtDa2dQdnZyWm1zWWVyUDlzeWE2YWhBbDJHaGo0\\u000aekh6eTBDSytEdkxBU0s4MEhCN0tWZFc0dUpxRDYycGlLYkxKVUU5aUhoVTRRVVpu\\u000aeG14eGtNZmJnQS9pdVR0NG9vdy9LOWtIcDkrUWJVazlFUGc5Rno0TVE3bDNiTUxo\\u000aZzdVMjR1N1hTdlR4TUxuMis4ODB6TDNudUJhRUhkYTRic2VDYzBwaDdOS2s5YUFl\\u000aTWF0cWZycjNTSVpycklDZHVETkNhMmRVZXl1d0x1Lzd1Zi92Wm1oVEpaV3c2MjlG\\u000ad2thdjdhaGJRYU1NZ042NXBhL29BR2IwMXJrc1NYZ1hkRjdhc3JVR3YzSGM5ajhu\\u000aSXh1NThqWHh6TGM1d2l1WmIxRFB0OE9mSmdXYTBGeVJKajZBSEY1SEdicWFGTTlV\\u000aRU15SXU5Q3I4c3BGNHJURTVBNjRrb3hqZTNtWGZIVVNVanBUemtLMlllMkpLaFk2\\u000aY0dYc0t2aE4xbHlBblNQTEZ4Tm9sc2k2cHJDWTFaeUdQdVl2bm8ybDdQbFRGblAx\\u000aM1orMCtRMGxCdG02eHZCQm4rUGl5bWxtOWV2TUpoeHNOeGlaN2NZMzNPQnl3NGJ4\\u000aRlQvN2RmUngyUWxxT09BTHI2a1c2ZXI2WUVuQ21CNWdGWDVsSEZML3UzQTRPUFAz\\u000aZ3k2aUdjQ1pPVnJrOTdUQ0NZZDJ6UTVkZVFKSWlKeFFQQnlGbVlQTzg5eU40QlVI\\u000aOWtRVFNDZUdvbVYveWNIYVpkSGwyQ2JIVFd2aGdCcWFiTWJYSnhWRVdac1MrLzJN\\u000aaGttZE5aSThaV0VnYm5odFlXVHUybjhtOGZBREYwMll4UjFjTG9Fa25FN3p0TkpZ\\u000aZE1MZWUyOEMxRk5kbDNtUzVyRlYvclhXVUdtQXAzZ09Lb1NXUmJMRDNlSi9ybE9U\\u000aL1NwVGJFUDVJNGdsQ3AwOHYxOXBMK2krTDlpSkVhWmp3dHd2M1BXRElBekkrWWlr\\u000aZGJnR01uYitYeWwyUDk0R2c0cVk1RTRQN2ZTcFllaVZiVEJleUpRMG9JUzhuUDlI\\u000aUHpwV2NSRjNFOGkyVmhCSU1aYjdSNWtJSVdxa0lMbXJwNnBrejA2NUNKQlNDay9U\\u000aYkYzaVhadU1kcE9udFhMYk5Wc3VGdVJud2FYZkpwVE5LT3U2K2VTcC9rSDE1cFda\\u000adjVJMlFSN0FGaElXSHFCYXo4Z3k0QzdVcS9uVWVqN2ZHM0V2c2ozTVJ4YlNTUjhG\\u000aSnFGZDB4MSt4SzgxTnM4QmlqYUVPV2xBRDFvMU05WEFGTXFWM3pVNEVuQjIwaUl3\\u000aYW5DclBGemJidWNUcVU4RHMzb2k3Yy83emU5Z3ByRHFtK2hKcXRTYXEyNkIxeXZp\\u000acXl6VTd4UVZEczU5VCt0VGkvdDFwalZkclJIVWNWZVZSQ3h6NFl1N1k5TFVaWDA3\\u000aM2o4eXk1MktLZXk3dk95VzBkNWxKVHpkWEpmZkhlQlNhQ2ltMnVwZWZaeTZKeTla\\u000aZWkydDBOMENIUUtzRnkyQk90bTl0MnNUUXFQREJFR0dDdGVRTFB1Y1BOL1doZS93\\u000aZC9Ma0cyNXFOTit2MTJybUNWTE9CM1JiRFpOYnB2Yldxcks5azR0UFF4MkM3M0d4\\u000aeXNIMjNzNWhJOEtvWVVJSEgrQnUvMWF6SDVZTjVhanVXcTNKV1hZVHk1S1crOE4y\\u000aamdvNk9qTENIVzBzUzU5TXcrQU1MajFCaWl2WG5Uc0xTeHBTSVByb21Dei80c2Ri\\u000aM0N3a296akZSOUxLRUJTS0NNK3RxMXA4ZUtTZ3NqUzVuaCtwU2NNRkpxWjdhekRB\\u000aeEhXYVoyNTQ1bWpEdVJOV0Z2M1lsTEhXczZBM24xSExCdnVOUWs1ek05RnYzT2tm\\u000aTzBqOVlVUWFnWjdCMTlUVjVCNDhwQnAxNGdYNS9TR1VmOTZOaWQwWmdURVhQRU8x\\u000aM1JnRU45cWVsazRPQk1icXJQNlZ0d1FPT3BjNXVEWHgzcEdWQkhTejZrb2JRNDV5\\u000aU2l5SUI2L3BiUGlsbjlDdmhNSWVyNWp2YlZneEtCdkFyajB4RFRWWVpGcVVYZVhz\\u000abHRlSE5WN0czd0E2dG9DWU1ZZ3R5UHRtWjd6MDMxZGVEemtwQnBBV21HOW85OVEw\\u000aSC8yV0EwaXNQdVVhbU8zbjFFUG9BRFZQZHF6UFpUOThPeDRjS3kyQmdBWmJBZVgr\\u000aR3lRTzgyblhudE1hWmUwbVV3cnFPbE13clZZNGhlaXY0aFEwOG1VekdkVXRSY0lL\\u000aTGpITm1OcXZvdTdlY2ZHdVhTcnhvMXVJdkdIbzNuVlVZTWc2ZEFRRlpnWUh2ejdZ\\u000aREFKWTBEWGYzTHVFZTR6bVh1azhlNm4vVU5BbE1ZQUlvdEsxY2Z2TDV0bnQ0akVD\\u000aRFFjb3lZaDRjUlVFei9XUXdudEE4Wm5sQUxRMlJOUDY0NXhjU0JOMEVCYUkyb2tB\\u000aNXI5TEYzK1h2UjdxQTB4b3VoNEMrNWZRTnpHdTdwTjFUck9WblYvQXBsMlNaMmtD\\u000aTEJQN0hjWWt2b3ZBYWFick8zeGtrUmtsdFRCd01rR3RmRC9NTm13WW14NTN3U0RL\\u000aUjE3NG1uckRCRDdOb2d0S3NTNG03Yk5iZUZyTE1hdDYwYmZVWWsweFp0YWxuSDdP\\u000aU0xqcURHdmhYQlBDaVFLNzNNVXppdU1qWFZXMTVUWWJDempuMHV0Q3d4Szk4TVlv\\u000aY1lNV0o1UGQ3WG0zejRva2prNDVFTU9DZVRGRmdZclpVNzlWYmdERVFpbUd4a0Ni\\u000aOGR4ejRMZkh4N1NGUXVhSEpNSjh4SUxZTWFSL3doQ2F4ODUydlNRaElJWG0zZ05n\\u000aWHNyeTZ3M3EzLzQ1WDd4OHVPd0p1T29GUGd1NEtNVDBTUkUwSmZRaFhQUDdpTXVJ\\u000aYnRrd0ZXeWxGQno1SmhVMzhzZ2JGdjlaVnczQzcvbnFZVUVDMXZRWHRnbEs4bGJj\\u000aazlUMzU5YVFpclBkcHF3NjA5OFFGVktyNmliTlMySk0wTHFlM21neTBYQ1RTYXUx\\u000aVE4xeXN2SHBpdU1jSW5BZWFyL3d5b1lsek5BZU1kbUQxUTduaWNBK0pWTWM4elJn\\u000aZ1NKcnRoZDZ0emd4NTFFTUNoQUpFaGR6UkpjRG03Z2c5eE9TTzNPTGpRdW05K29k\\u000adjY0b3NZNVNtbDJHSkgzZ0pzRmdyc2d0TXpTMCt1dnYwdGlZY1BoY0VsL040Vlh6\\u000aV1FTNjByZERQMTlUMFFYREMxc1luSS9rZFREcG40WnNyNFZOUzRkM0cwaEQ2Rnh3\\u000aZzlVdXBzN3k0MjRzcmlOWDgzZS9CWFhZTzNBWlZCS3czUlBVWnl1RFRZY0V4cnFM\\u000ad1RPWnJNQUJrVTBuNnBpYVRqMWZhRDJpZUZxcEFycGxIZzdrTW5ZdVN2MVFDekl3\\u000aL21GR0VEWVFqSWFiWXNRelZMRzd4YjJxbkkvTWdTbUdGUFN1VkhKNDBMNzRPYTh5\\u000aSklyeUxvV29ZSDZYZGo2WkdqZXlpT25YcEJFOUgwT2RlMUJJMkJTTjVwWFFZc0hH\\u000abFUzQ1preHdHdUZ5WnVzamVDRW9kZURPQ2lveUJha2kwSzB0cE4wTWZYS0Zubjd0\\u000aVitWb2FXV0dQSEtBa2c0eGJIcjJnYWltWW43UlN5cVcvcUVkdzFVTEgrR1RMQVds\\u000aS0F0eG1LR0ZnNkhtNzFtY2kzNXBGTW1QakROeER0RktZWm40Y3RMZURIR2ZVSEI3\\u000aZlBEOHRjZ0c0VmxTSktwTWVYR2RRT21qMkJubFQrTFYvN2JLbFQ3aSsxTWk2QnVZ\\u000aUmNBbW1GZnU3ZGF2Z2IyVFRvMVM4aTNPdkNieTgyMW16OXNjZllyVjd1bWhYWTJU\\u000aU2ZIQllyeXFtTzlHOXBuSGpTejlsTko0aEdpdU1hR3hNSWhOYUE1Q0trNTd5OEE2\\u000aSW9hWjFWL01BRmJyNXB6RXNlckx4VzdLbld3cjB5WGE2U2hCSDVwSGFXR3hRRlBS\\u000aNEs2bEJKZXpjUlM1ZUcwdjV1SHBQWTYrR2J3dFBUNHBDcENIdHBKNk56dlNVNlFP\\u000aNGVHYUY4b1NEV3pPRXRJVEJCdlBuUWFxa010L2V3Vi9qZldMNVhJbll1aHV2RGtu\\u000aNnZhbTRzenBONWs2WFRYVjh1QXNWY3VaQ3dLRXBKZldSQ0V4dGZqZVIzZ2E4U28x\\u000aeWg4Qm1QSFNBd2FxOUVHc3pBcmdScm40QllKZ1B3VWZ2WkY2c0pIV0pKSm54YUdI\\u000adUNBK1dHejBrcFRpVlJLYVM0SkUvODBHOUxKZjcvTTlvWEVULzFTbWRUaWEzM3lY\\u000abFVSb0xGdVE2OWZuTzhDUzVNM0IxM01HTHN4Wll4aUdTUkpYYkxHVWQ2bnNsQzJ0\\u000aNlh5SUZNdVFtSFcvQVJSNXVNL0o0VStWSUdUZlFPTlowVnZoQStuNlUxNDRtR3Jk\\u000aU251dWROWEpXRk83N0JzZWp2dHMvRWJXNHFOcHE1NWNQQmY0MzFEQ0NoMVJNdTJ3\\u000aNnZUZUJRNitJcllOMGo3aTllcng1UFEvYXN1NkRvMnNRWFZhNTZHVXFNUmJKVUNs\\u000aaFBNM0F0SDFmZ3VucnAvODU3a290UEhkUURBM05hOURNT2lvTEpSM3puN0tiSWlU\\u000aNEo3THFtbUpET05WcW10LzdpeGwwTVlDTDh3azFHOXlnWUhxR0ZsWGoxUXpxTlVS\\u000acHhUU0pualYyTjZOejZmYy9MVW9NR1E5OE5yb1Q5YjhhclNBcVN1TmhCaGwvbEto\\u000aNDJ4QXp0UVdDNkZEY3Nmd2FrUUpGeGs4OEdWWk9hMHJ3UFNEM29LcUMxc05sc2VW\\u000adzVzMWRjK2dodzJKTGRmeUcwWk1yZ3NaQm5uV3RHanhEdFg1WmUxZ0VKbUo3cnN3\\u000aTGsvWW80S1VuWkZ2REF5d2t5VllMY2hwMVJ2ejJKeTNGcHVpWU5sRXRkMHZKRjlX\\u000aR2dkeUd2L1JpN1pEd2tybzYxS3lMallvMVhaelBmUTlscEVqMGRTKzBCZllZUjcv\\u000ac0crcW1qZEZFb2YybmJLRWVaU1N0K010UTdnR1ZGUy9ENmtvWmZNSlM3c0svSTBh\\u000aekVrdkxRR0hTWDN0QW13YXB6K284VDlEYUZxTDFDYjZSNXluUUNucjZ2Vk1QMG1F\\u000aRm5GbURxWVMzY2c4cldyeEdrQmFUcTFDTDZKblhzb0x4dHMxV2N3QmVmR3NyM2Yy\\u000adEZMcXN2TjFHOG9nYm1pN0JDSWthcFdEK3FzRUI2UmtNeStGRVQxaEhuMEZyNEk4\\u000ad2l2YnE0cVpsd0NncHZ4Ui9tYU9iRTZiTjBjK093a1dxcEpRTUl5aDZJcXZsTUtP\\u000aR1d5YmR2aWEzemJMNk5XY05IUnk5aWl0bERzdjJSNy9QMXNqR1I1ZmI1NGRkbXhO\\u000aMmlFVzZLdEFZRU5Bb2VwSUtrWkVDNUJ3QUNYajZrM1Y5dXBNYzcrZnlOSEFBbmZr\\u000aaTZ5amRVa1BZMzVsbmNhcTJRcDd6Q3BWdk1qbTlTK1dtWHV2ZlNwc3EwZlVxWlN3\\u000aNmluZnpncjhlNy9zZDhIc1hVL1BmSDY3S0ZzWElOQlpMVm41QXF5b01YTVVNY3dV\\u000aVCs3RjhnSGl3NUpRcnhELzhvcVhUL3dvLzIxcFJObXF2ZDQreG5hcGtDZnBpOUlv\\u000adFNjd054ZlpmelkrdDZyRmJyU3VWMXZQVHJaSWNrT2ZXNmt5MHp2UmRCL2hna2Ur\\u000aNVBvVGRnd0diSnp0Ylo5R1pYSGpGZFVLWFFKVWxscmJWRGhUTkNoakhxNGE2QzhH\\u000aWWRMV1hxNzZxWlEwWnhvRjJxdUtkM3NjazEvaUxIY3owMEVuRGExK3BXd2VTMVhU\\u000adUZaR1lFTXNGeUptWSt5QmdRK3Z4aHQ2bFArKzZzSW9pbUF4cUMweWU1SC9McHFM\\u000aaFBTQlVpZHppcnlTblZ2SjZmcjI3TVRQUTBoci9JYUFXRlZnUG1yNEdqd3gxdWh0\\u000ad1J4aVU3K0lwUUxNSVVZYU1nVldnaTZvbU5aM25mcHZyYUdwWWxvaE84Z3ZXK0lL\\u000aWFJNWEJBR0Y4TlQ5UG1ZazNXa3NPVU8rVS9XKzlOL1d2algzc2haZWpGd21GYVg1\\u000aWVhyREE1MS9icDRvQWlIMzd2TmZqTGxzd1piZ2o4NVFsbXBydlhuY1dnS1RZN1pP\\u000aSmMxcmhmQnA5ZUhuUm1nQkVyNHZXOGROdkxibVFSa1dhTmxrTFBSeGd5NHU3d1p3\\u000aN1dmZnYvOG5uWEhsbWoxNDVWQ0NxOHlJR2FiM2tqQ1dvQnFQbnh0Vko5VVFNME9D\\u000aSVFhay9mWjJvdDV6Vk92dGhJeE1pK0MzNVAwRjVkUi80RVBaS3g4a1AyVnZ6RkZy\\u000aN3hFUlBSZFJnbjRqWDlFREVZQTJoWVlwRWRLRUdGai9aZTlKRlJrNmxQZjlVY05Y\\u000aRkgxd0srMW5HZi83WnZzd3dSYnNzalZjRXlMODVQU2F5eVl1ZXQrMUZ5UFpKRk9J\\u000aRnVSRm9vMWhaYUp1cGlTdm5yL1VSSXlGWEhMQ1B2Sld5MnZQVzBibVphR1NRVEJZ\\u000aYlRMcVl0UzBvdTJxOHVBd01vZUYyT25FVDdaTENjMVhTV3lFWWErWFJ0MkduMHBl\\u000aUEkxUW91NGduby8yRGlrN3NxTERydnFRbVpTOFNISlFSQVJaSnh1UUJBWDUrNzgy\\u000aYU9uaWN1aUtTbmwyeHFkM2pYRTRuUS82S2phbmhlVXpzdVRrWHFQcG4xbWlPQi9H\\u000aTFNUQ3VaWHRXcjdlSFpFb3RhZ0pOQm9OSlBYdG5KSElQb1VTdHpGTG9HM01Vc3dY\\u000aeFlCMG0xc2FjaTdaRlJ5cU1sMGtvKytlN1VCSEZOMi9UNS9ybXdsbEhaZ3A3Mm8r\\u000aWjZzWERyVXdxMW8zSVVocnRYNkJPYzJKOWladTVaenVRNkxNNkRhY0Z4bEdtcXRh\\u000aeDB3SlQyZkxpblRRU1ZIeDZDeWRMU3dTcDREOHlPd00zUEc5Zks5VklSRm05S2VY\\u000aaEd3dWxyMXBHVTAwTDU4QUVBb2ZxRmt6eEZneE0vRlRBTVZ1NWxCd29QNDYycSt6\\u000aM3pHQXkyemFTcndJKzdiWnd2OHVTMnpKOEtPajU4MHpKb2JOdU9YdC8vVHlMOGFV\\u000aZ1BtVFB2aTV3eDJGMHRVUGlzL0tUemZoZkR1NTExQXJOS2szZXIva1BrUTVmL1BC\\u000aTVBBSEpPQ3crLzh6NEVDdE9tL3g0UkliR3VIbDExNzdhQkh2WDc1TzloYnBaSkhV\\u000ac1ZlWGJOa3VUQjU2YWVoVkl3T3hHQitDeTR5eGZDb1JJRENXdy9oa1FVNjlZUUhL\\u000aQ1dhUXYydE16eVRkOXFsMFlRc3VBR0h3TDJTWTVKeDJ3RjZ6elMwRUVCMGtCU281\\u000aNlhYZmVwRGZnclVleUlzV2Rwc2hrQUQ2T1NsVDVaQTFHMWtpZHMzRUZiSFlxbmJh\\u000aVzFTZUtoc05QamVBcWErWE4zNnFYQ0NVclIrNlJDK01xTVc5a29XWjFqSzZqMkNq\\u000abHNWVjhkVGI5OXY4alVuSEgrbCtrbituaWo1MllRRzk3eCsrQkVMZ0FZVWQ5Ykxi\\u000aMmI3OWYwSnJYc2s4V1psajZ4Q0l4VXI5ZnZ0c05aa3NEWTI2NXl1VGtoNzE3Smho\\u000aaXFaUHowVi9HcGdVaHJDSmdhbVR1WEo1SmdMdEtJZ1Y4WFVQWXd5QWFUdGpvcGJT\\u000aSmx0MDVJVGtka25LVEZidjNxd28xNWllS1ZBUHhvNVVoZEN6a0xUZ1hyWStjMldo\\u000aOGd1R0JPbFlSVGVRbUlHK1Qram0zRGpyMHVLSEx1U2lmQ3JlMXdyaHp6dUF6MTd4\\u000aaXVkbFczR1I2UGVmbDZOdUt5WG1VU25LL1F6MXJNZVVjT2p1UzBmTkdlWVQ5bHNz\\u000adGt0Mm5TVVdKZnBaQzhZRGlPWDd2TUZSUFZOSXo2Vk9lbHJDS0hHMXlTc3Vkc2JP\\u000aVTRiMEg2KzVPVWphYlJuOSt2YnQ4T1BNbE9BVDBEcDJ1TnMxNlBSYjJPMGp6NWlo\\u000aL3FwYjVZMENnK0VlYWFPMGdxdXN0WGdDUHJPbktYM3JLcU4wUG5lMXpmYkZqVklJ\\u000abWk4NjcvRGUyYmt0RThtdTQrWTJIeUg1K3JUVnBkMlRxWExaOUhEaUFMaWZ5NjJL\\u000aWFVjQ3NEanJEMGhyWTdYZzdTNnVjSW00ejNqSDV0amtOczZxMEFqMnhscG5zbi9D\\u000aejVmd2FPUS93ZEpPSjB5aTVtanRjOFBRdnJ6UFhNQ0tIZU9hUGJmVHZ1SmFwOC9Z\\u000aVmpTNkw2NjNxNVVkaFlGcTJlblp5ek1LYUwvU0RmYVhyZzZrREw4d1podXZuRlJx\\u000aYmthVmp5S0FQYlFFUGhvdmJCYW5DajVwUGh1MHJoeFh4T05rbkhmaDhneGxudWlx\\u000aKzdzTmxoeXBSUXk2N3NNSVluMmdnS3dRL0ZCVlZ4SXBRNG5oMUw0ZldOS29MY0tX\\u000aZFBCSktHUUQxNCtPUXRXcVEydDRKYS9KVlpxZVlQRFJxSUtPNStEeUdLemRPK2Q4\\u000adTJhNUZkaUo5UG9SUmJqekszbnhYa1A1TTgvYytCWkdMK1lURmtVOGREZW83L3I1\\u000aeDVVOWk2TEhpT1FhMDZMWlpGQWttSEdMbjhtNVRPbllWbGhzdUVlZUdWU1hscVVh\\u000aV1dhSFppc3FrWVl6am1Cako5T3JsUU55aEhRR3Q1cXFNM0FTandMQitoQ3dwaXZH\\u000aRXZ0aStHdy9IbDZiQlpFa3FoaDlCUlh0TU0zT2d4Rm9kd25nTmpHSUpDak1xZGhk\\u000aTkFjNWpBQWlsUlJ5dWRQdFFsQ2tObHpCV3gyZjhCMDBDVmZQNkwvd1J6WFRFOEhR\\u000aK2JiL0F6SkhCYnM0YjR4M2o1ZnpOS1doOFJZc0x2VklmVkdBUjJEcjlJTUp5NkpP\\u000aTzIzdlRmbWVPcFBudmpvdlhkbTI3WlcrdzdGSElrdU1peENqckh3NTgvQjkvWUx4\\u000aVGRoSzlFY1dOcXMvclA0TEYvMEJVSS8xdVdsa05pdTBJNjk5UHRkWTdzQThNVUdO\\u000aT3VhTTYveGNZN25DMGRjVXRCcjBXSmoyZmRtYmlTM0Nld0VrT2c2L2tQQkNHVHVi\\u000adVNSdUVLYUNWNXRFZktlZEtERStIaTFuK3g0U3h6U09KanhYZUJTb2hEWTdlNVVu\\u000aN2ZRcHdvVEdiTUVHUjZJc0pOaUNzR0dSbkR6ajd0aDFSOE94ckVLRWx1dXQ0Ym9u\\u000aOEo5ejlxWGRVSUtlQ09va0dQNStrWW5BbHBrNWVQNzltM1gwS2dSUW9kSGN1N1pP\\u000aeTRBdm9GTXpYd0pFVDdzYnNaQVB4Z21VeXZFbDVRdzNBQzhBaXRybmFBWm40Sml6\\u000aZTdKSEtFdXpHczlBa0IyVG9hWXcwRE5zbWdzSncwWElTSzFsSzBUWjVDUTlPQ1VN\\u000aeHFZYWNPRTEwa3VTVUtQTUpoTHo5UHhrRDhnbE0vZEV2OWFLc2VqczFXMkF1VytU\\u000adldzM0crZ0cwRkNHajljeEJBa3VRSDZNb0tOMG96VWExUTBxcU9JRjRiRFZJZFFI\\u000aTHE1ODRvbTluU1IvV0ZIRHY1dWxSeTZteWpIMU0xUFB6azJ6K1drQW84TFhRaXpM\\u000aWjZmblFpTEZ6OFVzZGQvTzVIM2xCcUFUZUpvRzRVdTRCMjVuRjhOK2JabEdoM2d6\\u000aK2xTZG16YVlUR0oxWFZPNTdNR0hla0dyZjJRZndoeU1zZFlsZFpQZXBNQnB5YU5R\\u000aOXpvR3ZNQ0ZnYlR4c0JFRmN4aWM5TmdZUWNDVk5xcTBnS1F6SmtxUHZtV2o3WnpP\\u000aMWZJS3Rnb1FmZ1k4a2JSSFRPMGJIRXlsNm5EcldRR2RXbkQ4d2ErNGNLSnU2bkpH\\u000aWng2QWVGdXI5QzJsZzBWdWZGNGlqVGVrcWlEb3U2Y2x3czkzRHdWa2VPNmxsQzJm\\u000acUpUcm1zQy9DTC9oYzZuckZ0RERsV3Buc0Jkc29ydEtxN2lVTGF1ekRIRnA5MVI3\\u000aaTdCanBuMTNWcXlZMjVUVXlSWUovYlN0NWVGR0FINnpQZHE5RkhqTWhyeGZpTURC\\u000aK3NTRUxqd2FJR2ZxWDBQSG82UmZ1Ky9tOWlpRWwzRWxrSWJpYVMycmdFWHkxZFgr\\u000admdBZkYzOWQzWEFTdmI5aElrNXg0OGltcHRtaDBPaHgwWENOMThtNnpvQndKajNw\\u000acmNnK2ZNWHE0UzZMdlJjQTdtV0MwRzcrdVdXdi9GblkxYUg0a3NPcHRmeWkydU16\\u000aS3kwQTJFbWNad3YyZktYdmljcnQ0Ry9yWU1ZZnlic2loQS8rcXhReTlERmlEek9n\\u000aZXZzZTZ2NnFTUE5TY1lYLzlYRUxKMzh2dmpMTTNjZHlQNEJOMVF3UENtRmFrVm1K\\u000aRTNKRzU0RXhycHRUdGdKTERaNW5FYTY4Mjc4dnRJL3JVR3k2OFFuNTJyMHVXc0ZX\\u000abk5obFRPR2RxYzZzdjdNTGdTYkQ3RUVmNWNiVHNKV3JQZ1ZHbUQ1Q2o5Y3ZmRjlR\\u000aakMvM1RiSXFWVE5QSkhhbXpnbUJsSFJZSGJQN1p0a3ZUZDBnTkF2SXllZGY1MkdY\\u000aUzhESkQwTStrSS8xNmF4dm0zSlB4RC9BVHE1Ri9xdmtIWFRUVStCSEtUTWk2dnk1\\u000aMkNEUmh0YkQ1dVNNa1YyQmROK0c5Y0xnL3hTeTc3TjBnTEc4WDZ6ODM1cllYbE0r\\u000aaGloeGx2UWtiSHR0eE9EN3VBYnpFcExEaC95NFFtZVRSK1FaQU9QeUc3azhGdENG\\u000aam5TM0lLWkFTVldFTVVFODlGTG1hdFhMNERvaHlXWnViSDJPVXlGUHp5ZnNvNWNF\\u000aNEpLVnBIb21NVWZWcjk5bUZnVk1ESUdyUEdFcFRmU2NqZ01wRmlDaEFxU1djUWFH\\u000aU2cwdlBrRkdlWXFIek15SENqMndxc3VDV3BIZWlyU25ncHNXa1RLMjFLRG42TDVx\\u000aaENpRk5wM3JWNUJFMkwwcEhqQnZEVmFrZXdqcnF0a1puZ3FKcHhZalhyV0dxUjVP\\u000aV3IraWhxZ0VJZ011WGhkdUxqR2wrWVZkU1d5ZTlER05OS29DN2FlUGhJMTJQRmg3\\u000aSlJoZjdIYWVlQUNPaGZaTndDWitXMndRb3hCZHpwYzltVCtDVlpxOUo2NkNyTlFI\\u000adTBtaStlaVRTdXNEVHR2b3RmQi9IQ20wMXVaZmgxbE1JQWdMNXozSTFHRVcvREpX\\u000aMk8wdWZBKzVPV2pnWFlzOG9aUlRCMnhYOWhmSW81eDREVXNiTFM1ZzgvbFBUVndF\\u000aamYxQlg2dU9vaTVvV2lJWVJqQmpmSWdVTEVURnhMTGtBUnJQTzJETzU1ekJnMi9Q\\u000adE9mdG00SzFjeWI3V0h2QkdrcmRYanlQUXlYYzRJVXU0SzR0aTlPSlE1eVRmWUN0\\u000aY2o1OWMya05BNHlOWmdwd3kxVnAvSytGdHVlZ0xsd2l4ZTRwakR5ekNJSnBnU0ZD\\u000acmtxREV1K0hqOFZWNXMweFFXc1d5ZWdOUUpldVBheWVSY0RGMzBoMWc2WmZGQjNa\\u000adE9RWWpFQnFyVWVZNkJndk5OWU42TWFrUndnRDBja2NDbEoyMUhZNGpvU2twcE9Z\\u000aZ3NUeTNrR1laNHFUelJNY0lsQ0REaXQ4ZENHZm9Cb3JKQ2t5NTUvNDFiV3FtbTdt\\u000aTElRVzJBTG9kdktQbVVXeFhibzN5WGNnSTRKdnFjZlAzRVVXTytjV3VIZEFSN2VF\\u000aOTc3MytSVUV2TXROdnMzWWxqeERrTmFNNzZ0VjhqanhRcFJZNEc0RWRSaUs0MTN3\\u000aWUkyWTE3UWE2ZEs4K2FhaHRad0JtVWpBSVkvREdZa2VOY2wzWjdxaWpJMTMvUnpn\\u000aNXlWcjl4VUsvSUFGUVlhNDlXQ1RRYTlzVWYzeEgzZUYvTW9HN0ZmMTdrOC8xMURx\\u000aTE5YQzUvSGhOeDJ2S09CTmx1RXJodURjYjNMZmJ5TGlRVllEMkhYeGRyTkc5M1E0\\u000aNGJPajRWb0xZV0hndTI5UG9sL0htRHhUSDFwdHBQVmM5K0U0R2RwN21yVmF1bHU1\\u000acXhDOWliRzlKV3ljUUdkMUJuMG9RMjluSGlMcGd4K25HOFlkZHdPVWRkRzRndkpq\\u000aS21iUTl5aTAwYXdUamhOUE9GZXEvejVuVFJHQ3liSDZsWW9MVGtueE9UQiszMkpy\\u000aQ2pBbDVMRG90amtDZWtBUllwbVVxOWhSY2I3c3l0ME1RY1BBZUg0VlBHNmhFMUpN\\u000aYkxpTXdUWVdKNWtTM3F1elp1SkZQSUl4SFp3UmtJUzFjTnBjL0FtSUpwZm04RCtL\\u000aYUEvVmdoRkJpdnZzZnlUNndoNVRybENBcE9DcHNOTlNWbWRLRHF5QVBFTENuaURj\\u000adTRwcmpZRU5JU2tKdExUTVdBSzVCWWdRZ1ZQOVcrekJyMjNuSGlZVnhLWWhjdm9M\\u000aYTh6dUdLYlJtY2xpL3o0cXpmWnk5RGlJNmoxdWFUT1FMQzEvMzIwT2xBRGtSOVUy\\u000aT3hYZFVuSTFaSzFyY0hRZnllS3BsbUFsRTJDM3MzYkFkR3V5bXRKTDQ2M1dqZm9P\\u000aUkhHWWpvZnZNQTI0cHhnY3hFRnU5YVRFamdFVVBNeHBzN2Y4TVMyaVJvL3dxU3pX\\u000aZ0lwN1EvZHVYY1FQb0dSS2JrR0FySnNJVGdVT3BSQ3hxTFlXbk5UUy8xbmxCeXk3\\u000aQVBjcGRaRmk1WjRqM1IvbGJ0T2Era1ZiYmo4ZC8wazMwTnlDVjJGRVZGV2tPbG9z\\u000aNTFQNUNOUiswNUh6QkhQM3V3N3VyODRZYkRGdHd2UjhNM29UMXNtbXljYUsxMkpE\\u000aZGNBOUQ2YWErY2k5Wmh0UWNhbUw0Z1pjZmVpZllHNEt6NWsyT3lpMlpUNkZKOUV4\\u000aMHQ1T1d5MjZUSjllQmlCcGRaV25XZDB3bzZOMU5ST0xLdFY5L052d3R1WlZSRkxS\\u000aRUg1WGNLMnRMcTFWczFaVkg4MXM4R29UOUQ4VkFEaGFwVDBCU0xsR3A4TkNZdUdK\\u000aeXI1YVVwODdPZEl4RCt3S244NTRteVlKaXlVZnIwWmtGNGhoOEtkTXcvemg3RVQv\\u000aYkxIWlVxUXozdUV3QkcvODRuR1E9PTwveGVuYzpDaXBoZXJWYWx1ZT48L3hlbmM6\\u000aQ2lwaGVyRGF0YT48L3hlbmM6RW5jcnlwdGVkRGF0YT48eGVuYzpFbmNyeXB0ZWRL\\u000aZXkgeG1sbnM6eGVuYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMj\\u000aIiBJZD0iX2E3NDBjZjA5MTViZDE1MmRiNzRkMDNjZDQ1NzUyMTM3Ij48eGVuYzpF\\u000abmNyeXB0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAw\\u000aMS8wNC94bWxlbmMjcnNhLW9hZXAtbWdmMXAiIHhtbG5zOnhlbmM9Imh0dHA6Ly93\\u000ad3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyI+PGRzOkRpZ2VzdE1ldGhvZCB4bWxu\\u000aczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyIgQWxnb3Jp\\u000adGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjwv\\u000aeGVuYzpFbmNyeXB0aW9uTWV0aG9kPjxkczpLZXlJbmZvIHhtbG5zOmRzPSJodHRw\\u000aOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6WDUwOURhdGE+PGRz\\u000aOlg1MDlDZXJ0aWZpY2F0ZT5NSUlERlRDQ0FmMENCRlVCbkw0d0RRWUpLb1pJaHZj\\u000aTkFRRUxCUUF3VHpFTE1Ba0dBMVVFQmhNQ1FWUXhEVEFMQmdOVkJBY01CRWR5CllY\\u000ab3hEVEFMQmdOVkJBb01CRVZIU1ZveElqQWdCZ05WQkFNTUdVMVBRUzFKUkNCSlJG\\u000aQWdLRlJsYzNRdFZtVnljMmx2Ymlrd0hoY04KTVRVd016RXlNVFF3TXpReVdoY05N\\u000aVGN4TWpBMU1UUXdNelF5V2pCUE1Rc3dDUVlEVlFRR0V3SkJWREVOTUFzR0ExVUVC\\u000ad3dFUjNKaAplakVOTUFzR0ExVUVDZ3dFUlVkSldqRWlNQ0FHQTFVRUF3d1pUVTlC\\u000aTFVsRUlFbEVVQ0FvVkdWemRDMVdaWEp6YVc5dUtUQ0NBU0l3CkRRWUpLb1pJaHZj\\u000aTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFJSnYwcWU5VWR2RllTTDVJMDJHb2t3\\u000aRVZmc0lHYzdJN0VoVk5PeFkKOW10VWVubWhxTnJMc0xCRmcxSWlQYmswSVNXaE9S\\u000ad1B5VnAvUDMrR3lHUDMzOXFaNjhVQ0dWMzYxRTBRbTdjalBlL08zK3IzSEFNMgpa\\u000aQk44b0Fab0htcGhyTlM2ZktmWTU4a3lndHJVYStaeU16WVdUVGlTMzJTQ004SDU1\\u000aYmx1RUZiZVprc25iUDBZOTRJamtmSmRndnpsCk14enJsU3lvVjJ5bVdCanZTNXdl\\u000abERIZ2JDS3lqc2pJaFRSakp1L29sR0p5ZW4wMS9FcElWdFN5RFhPLzJJUzJ2Mk85\\u000aVWlGd0FveUIKWUFqUG5sM0h4SzJBNTc3blI2M014bGdQMC9zK3I4NHVCcU9BbGI0\\u000acW5icFU3bHU1R3hsQ1BrWm1wUm9vQ1FZVVJpb0Mrd2pTNmxNQwpBd0VBQVRBTkJn\\u000aa3Foa2lHOXcwQkFRc0ZBQU9DQVFFQUJxTzdra3EvZ1JhaEF2cHNRZzVMTFpST0dG\\u000acjlwSVByeU45eG1KR2dQbzdqCktObDdyczdnTlMwbG11bHVZV1duSmN3QVBid0Zl\\u000aYjk1NFZNQjl4OXA5UUV3NVJuWGFtVVk5cWEwTGdjUy90L1dYNnZKa1pQTmhXcGgK\\u000aOGJYd2gwTXZsc2JmcnZEVEpyOGNqSDNxZnhJVHA3cGEzeGIxcUU3c3VSZmZWVWRE\\u000aWGF3aVhYbldKL1dKcit0d1ZWSEhFcW5aejFsQQpyU0RMeE04c0NqRzhEZUp3OHZu\\u000aUXk1bVBHckdWVEJiYTR1cGM4VVRZMW5QVjlVMkdCSlZZdUFrb1ZSamJUbE52ckw1\\u000aSnFOcXlwS2NHCmJlampXeGdyelprZVFlVTJoRmNqdW5tZ3dHWit1ZzJmcTRrS2tR\\u000aZnR3Y3FlSlR6eXpCb28yK09vNFRtZmJzaC9vbnhQV0E9PTwvZHM6WDUwOUNlcnRp\\u000aZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjx4ZW5jOkNpcGhlckRh\\u000adGEgeG1sbnM6eGVuYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMj\\u000aIj48eGVuYzpDaXBoZXJWYWx1ZT5Sb1NHTGFDbDN3ZkRXdDlXMm9JSDNUQ3JPTVN4\\u000aL3Y1S0pQV2hndmhWNml2RmZXSWFJeDB5RnV2NVZTME5VZ2FUVGIwVjhUYnNGN1Vz\\u000aRllzQ0xldkVUa2lWbG5OeWE4dlVoL2lYTDYzT0JmdzR3T3pSNVZheVBuaWFwWFdM\\u000aa0RHTmQ5Y3E2QU8zR1JoTWJaZDdma2NhRWNJVTB2bGtZeUJJNmE0Yms4bHM3Mm0v\\u000aZkxKQS8vaWl5L2piODkzQkZ4dk9EMk5hT1pabXhzSlI4YlFmWWpBMHdXa1pBcW56\\u000aN0EzY3lhcHV3aXVTc01wc1hYSnFjVXp2TS9GS090dE1wTnhSUVprdk1RZlNnMCtM\\u000aUVM5M0IxN0ZUZFE2OHNRL3dZQmhubFBEZXFZK0NnY1VjeVYzOVdjTjAwcUtVYmNQ\\u000aM2kzSWRWUVRkcEJQUTdRS01HR2JmS1Y0RlE9PTwveGVuYzpDaXBoZXJWYWx1ZT48\\u000aL3hlbmM6Q2lwaGVyRGF0YT48eGVuYzpSZWZlcmVuY2VMaXN0Pjx4ZW5jOkRhdGFS\\u000aZWZlcmVuY2UgVVJJPSIjXzNmZDM1ODkyZTlhOGVhY2I4ZTA4ZjI4MGE4M2ZjYjc0\\u000aIi8+PC94ZW5jOlJlZmVyZW5jZUxpc3Q+PC94ZW5jOkVuY3J5cHRlZEtleT48L3Nh\\u000abWwyOkVuY3J5cHRlZEFzc2VydGlvbj48L3NhbWwycDpSZXNwb25zZT4=\",\"dateTimeCreated\":\"2015-10-09T10:36:02.075Z\",\"id\":1}}}"; +// +// try { +// java.util.Map test1 = new ObjectMapper().readValue(json, java.util.Map.class); +// +// JsonParser parser = new JsonParser(); +// JsonObject reveivedSession = null; +// reveivedSession = (JsonObject) parser.parse(json); +// +// +// +// JsonObject test = reveivedSession.get("data").getAsJsonObject(); +// JsonObject test2 = test.get("session").getAsJsonObject(); +// JsonElement validTo = test2.get("validTo"); +// JsonElement entityID = test2.get("entityID"); +// JsonElement sessionBlob = test2.get("sessionBlob"); + + + + + JsonObject responseMsg = new JsonObject(); + responseMsg.addProperty( + SSOTransferConstants.SSOCONTAINER_KEY_STATUS, + "OK"); + + + JsonObject levelTwo = new JsonObject(); + levelTwo.addProperty("test", "12345"); + + responseMsg.add("levelTwo", levelTwo ); + + + System.out.println(responseMsg.toString()); + +// } catch (IOException e) { +// // TODO Auto-generated catch block +// e.printStackTrace(); +// } + + + + } + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml new file mode 100644 index 000000000..7e8ac86af --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml @@ -0,0 +1,24 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>${moa-id-version}</version> + </parent> + <artifactId>moa-id-modules-federated_authentication</artifactId> + <description>PVP2 ServiceProvider implementation for federated authentication</description> + + <name>MOA ID-Module Federated-Authentication</name> + + <properties> + <repositoryPath>${basedir}/../../../../repository</repositoryPath> + </properties> + + <dependencies> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + </dependency> + </dependencies> + +</project>
\ No newline at end of file diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthConstants.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthConstants.java new file mode 100644 index 000000000..1f7f27617 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthConstants.java @@ -0,0 +1,52 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth; + +/** + * @author tlenz + * + */ +public class FederatedAuthConstants { + + public static final String MODULE_NAME_FOR_LOGGING = "federated IDP"; + + public static final int METADATA_VALIDUNTIL_IN_HOURS = 24; + + public static final String ENDPOINT_POST = "/sp/federated/post"; + public static final String ENDPOINT_REDIRECT = "/sp/federated/redirect"; + public static final String ENDPOINT_METADATA = "/sp/federated/metadata"; + + public static final String CONFIG_PROPS_PREFIX = "modules.federatedAuth."; + public static final String CONFIG_PROPS_KEYSTORE = CONFIG_PROPS_PREFIX + "keystore.path"; + public static final String CONFIG_PROPS_KEYSTOREPASSWORD = CONFIG_PROPS_PREFIX + "keystore.password"; + public static final String CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD = CONFIG_PROPS_PREFIX + "metadata.sign.password"; + public static final String CONFIG_PROPS_SIGN_METADATA_ALIAS_PASSWORD = CONFIG_PROPS_PREFIX + "metadata.sign.alias"; + public static final String CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD = CONFIG_PROPS_PREFIX + "request.sign.password"; + public static final String CONFIG_PROPS_SIGN_SIGNING_ALIAS_PASSWORD = CONFIG_PROPS_PREFIX + "request.sign.alias"; + public static final String CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD = CONFIG_PROPS_PREFIX + "response.encryption.password"; + public static final String CONFIG_PROPS_ENCRYPTION_ALIAS_PASSWORD = CONFIG_PROPS_PREFIX + "response.encryption.alias"; + + public static final String CONFIG_DEFAULT_QAA_STORK_LEVEL = "http://www.stork.gov.eu/1.0/citizenQAALevel/4"; + public static final String CONFIG_DEFAULT_QAA_SECCLASS_LEVEL = "http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3"; + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java new file mode 100644 index 000000000..49275c6eb --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java @@ -0,0 +1,68 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth; + +import at.gv.egovernment.moa.id.auth.modules.AuthModule; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; + +/** + * @author tlenz + * + */ +public class FederatedAuthenticationModuleImpl implements AuthModule { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() + */ + @Override + public int getPriority() { + // TODO Auto-generated method stub + return 0; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext) + */ + @Override + public String selectProcess(ExecutionContext context) { + //select interfederation authentication if PERFORM_INTERFEDERATION_AUTH flag is set + Object performfedAuthObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH); + if (performfedAuthObj != null && performfedAuthObj instanceof Boolean) { + if ((boolean) performfedAuthObj) + return "SSOfederationAuthentication"; + + } + + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/federatedauth/federated.Authentication.process.xml" }; + } + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationSpringResourceProvider.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationSpringResourceProvider.java new file mode 100644 index 000000000..91d56ebed --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationSpringResourceProvider.java @@ -0,0 +1,63 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +/** + * @author tlenz + * + */ +public class FederatedAuthenticationSpringResourceProvider implements SpringResourceProvider { + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() + */ + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource federationAuthConfig = new ClassPathResource("/moaid_federated_auth.beans.xml", FederatedAuthenticationSpringResourceProvider.class); + + return new Resource[] {federationAuthConfig}; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan() + */ + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName() + */ + @Override + public String getName() { + return "MOA-ID Auth-module 'SSO Interfederation'"; + } + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthMetadataConfiguration.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthMetadataConfiguration.java new file mode 100644 index 000000000..c3d5e8032 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthMetadataConfiguration.java @@ -0,0 +1,307 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth.config; + +import java.util.Arrays; +import java.util.List; + +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.NameIDType; +import org.opensaml.saml2.metadata.ContactPerson; +import org.opensaml.saml2.metadata.Organization; +import org.opensaml.saml2.metadata.RequestedAttribute; +import org.opensaml.xml.security.credential.Credential; + +import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.federatedauth.utils.FederatedAuthCredentialProvider; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class FederatedAuthMetadataConfiguration implements IPVPMetadataBuilderConfiguration { + + + private static final int VALIDUNTIL_IN_HOURS = 24; + + private String authURL; + private FederatedAuthCredentialProvider credentialProvider; + + public FederatedAuthMetadataConfiguration(String authURL, FederatedAuthCredentialProvider credentialProvider) { + this.authURL = authURL; + this.credentialProvider = credentialProvider; + + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getMetadataValidUntil() + */ + @Override + public int getMetadataValidUntil() { + return FederatedAuthConstants.METADATA_VALIDUNTIL_IN_HOURS; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildEntitiesDescriptorAsRootElement() + */ + @Override + public boolean buildEntitiesDescriptorAsRootElement() { + return false; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildIDPSSODescriptor() + */ + @Override + public boolean buildIDPSSODescriptor() { + return false; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#buildSPSSODescriptor() + */ + @Override + public boolean buildSPSSODescriptor() { + return true; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEntityIDPostfix() + */ + @Override + public String getEntityID() { + return authURL + FederatedAuthConstants.ENDPOINT_METADATA; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEntityFriendlyName() + */ + @Override + public String getEntityFriendlyName() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getContactPersonInformation() + */ + @Override + public List<ContactPerson> getContactPersonInformation() { + try { + return PVPConfiguration.getInstance().getIDPContacts(); + + } catch (ConfigurationException e) { + Logger.warn("Can not load Metadata entry: Contect Person", e); + return null; + + } + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getOrgansiationInformation() + */ + @Override + public Organization getOrgansiationInformation() { + try { + return PVPConfiguration.getInstance().getIDPOrganisation(); + + } catch (ConfigurationException e) { + Logger.warn("Can not load Metadata entry: Organisation", e); + return null; + + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getMetadataSigningCredentials() + */ + @Override + public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPMetaDataSigningCredential(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getRequestorResponseSigningCredentials() + */ + @Override + public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPAssertionSigningCredential(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getEncryptionCredentials() + */ + @Override + public Credential getEncryptionCredentials() throws CredentialsNotAvailableException { + return credentialProvider.getIDPAssertionEncryptionCredential(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPWebSSOPostBindingURL() + */ + @Override + public String getIDPWebSSOPostBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPWebSSORedirectBindingURL() + */ + @Override + public String getIDPWebSSORedirectBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPSLOPostBindingURL() + */ + @Override + public String getIDPSLOPostBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPSLORedirectBindingURL() + */ + @Override + public String getIDPSLORedirectBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAssertionConsumerServicePostBindingURL() + */ + @Override + public String getSPAssertionConsumerServicePostBindingURL() { + return authURL + FederatedAuthConstants.ENDPOINT_POST; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAssertionConsumerServiceRedirectBindingURL() + */ + @Override + public String getSPAssertionConsumerServiceRedirectBindingURL() { + return authURL + FederatedAuthConstants.ENDPOINT_REDIRECT; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLOPostBindingURL() + */ + @Override + public String getSPSLOPostBindingURL() { + return authURL + FederatedAuthConstants.ENDPOINT_POST; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLORedirectBindingURL() + */ + @Override + public String getSPSLORedirectBindingURL() { + return authURL + FederatedAuthConstants.ENDPOINT_REDIRECT; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPSLOSOAPBindingURL() + */ + @Override + public String getSPSLOSOAPBindingURL() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPPossibleAttributes() + */ + @Override + public List<Attribute> getIDPPossibleAttributes() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getIDPPossibleNameITTypes() + */ + @Override + public List<String> getIDPPossibleNameITTypes() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPRequiredAttributes() + */ + @Override + public List<RequestedAttribute> getSPRequiredAttributes() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.builder.AbstractPVPMetadataBuilder#getSPAllowedNameITTypes() + */ + @Override + public List<String> getSPAllowedNameITTypes() { + return Arrays.asList(NameIDType.PERSISTENT, + NameIDType.TRANSIENT, + NameIDType.UNSPECIFIED); + + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#getSPNameForLogging() + */ + @Override + public String getSPNameForLogging() { + return FederatedAuthConstants.MODULE_NAME_FOR_LOGGING; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAssertionSigned() + */ + @Override + public boolean wantAssertionSigned() { + return false; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAuthnRequestSigned() + */ + @Override + public boolean wantAuthnRequestSigned() { + return true; + } + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthnRequestBuilderConfiguration.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthnRequestBuilderConfiguration.java new file mode 100644 index 000000000..000590923 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthnRequestBuilderConfiguration.java @@ -0,0 +1,211 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth.config; + +import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration; +import org.opensaml.saml2.core.NameID; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.xml.security.credential.Credential; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation; + +/** + * @author tlenz + * + */ +public class FederatedAuthnRequestBuilderConfiguration implements IPVPAuthnRequestBuilderConfiguruation { + + private boolean isPassive; + private String SPEntityID; + private String QAA_Level; + private EntityDescriptor idpEntity; + private Credential signCred; + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#isPassivRequest() + */ + @Override + public Boolean isPassivRequest() { + return this.isPassive; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getAssertionConsumerServiceId() + */ + @Override + public Integer getAssertionConsumerServiceId() { + return 0; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getEntityID() + */ + @Override + public String getSPEntityID() { + return this.SPEntityID; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getNameIDPolicy() + */ + @Override + public String getNameIDPolicyFormat() { + return NameID.TRANSIENT; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getNameIDPolicy() + */ + @Override + public boolean getNameIDPolicyAllowCreation() { + return true; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getAuthnContextClassRef() + */ + @Override + public String getAuthnContextClassRef() { + return this.QAA_Level; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getAuthnContextComparison() + */ + @Override + public AuthnContextComparisonTypeEnumeration getAuthnContextComparison() { + return AuthnContextComparisonTypeEnumeration.MINIMUM; + } + + /** + * @param isPassive the isPassive to set + */ + public void setPassive(boolean isPassive) { + this.isPassive = isPassive; + } + + /** + * @param sPEntityID the sPEntityID to set + */ + public void setSPEntityID(String sPEntityID) { + SPEntityID = sPEntityID; + } + + /** + * @param qAA_Level the qAA_Level to set + */ + public void setQAA_Level(String qAA_Level) { + QAA_Level = qAA_Level; + } + + /** + * @param idpEntity the idpEntity to set + */ + public void setIdpEntity(EntityDescriptor idpEntity) { + this.idpEntity = idpEntity; + } + + /** + * @param signCred the signCred to set + */ + public void setSignCred(Credential signCred) { + this.signCred = signCred; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getAuthnRequestSigningCredential() + */ + @Override + public Credential getAuthnRequestSigningCredential() { + return this.signCred; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getIDPEntityDescriptor() + */ + @Override + public EntityDescriptor getIDPEntityDescriptor() { + return this.idpEntity; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectNameID() + */ + @Override + public String getSubjectNameID() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSPNameForLogging() + */ + @Override + public String getSPNameForLogging() { + return FederatedAuthConstants.MODULE_NAME_FOR_LOGGING; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectNameIDFormat() + */ + @Override + public String getSubjectNameIDFormat() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getRequestID() + */ + @Override + public String getRequestID() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectNameIDQualifier() + */ + @Override + public String getSubjectNameIDQualifier() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationMethode() + */ + @Override + public String getSubjectConformationMethode() { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationDate() + */ + @Override + public Element getSubjectConformationDate() { + return null; + } + + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java new file mode 100644 index 000000000..98240a636 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java @@ -0,0 +1,97 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth.controller; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.federatedauth.config.FederatedAuthMetadataConfiguration; +import at.gv.egovernment.moa.id.auth.modules.federatedauth.utils.FederatedAuthCredentialProvider; +import at.gv.egovernment.moa.id.auth.servlet.AbstractController; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPMetadataBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Controller +public class FederatedAuthMetadataController extends AbstractController { + + @Autowired PVPMetadataBuilder metadatabuilder; + @Autowired AuthConfiguration authConfig; + @Autowired FederatedAuthCredentialProvider credentialProvider; + + public FederatedAuthMetadataController() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '" + FederatedAuthConstants.ENDPOINT_METADATA + + "'."); + + } + + @RequestMapping(value = "/sp/federated/metadata", + method = {RequestMethod.GET}) + public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException { + //check PublicURL prefix + try { + String authURL = HTTPUtils.extractAuthURLFromRequest(req); + if (!authConfig.getPublicURLPrefix().contains(authURL)) { + resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL"); + return; + + } else { + //initialize metadata builder configuration + IPVPMetadataBuilderConfiguration metadataConfig = + new FederatedAuthMetadataConfiguration(authURL, credentialProvider); + + //build metadata + String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig); + + //write response + resp.setContentType("text/xml"); + resp.getOutputStream().write(xmlMetadata.getBytes("UTF-8")); + resp.getOutputStream().close(); + + } + + } catch (Exception e) { + Logger.warn("Build federated-authentication PVP metadata FAILED.", e); + handleErrorNoRedirect(e, req, resp, false); + + } + + } + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java new file mode 100644 index 000000000..431ed5ef1 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java @@ -0,0 +1,67 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth.controller; + +import java.io.IOException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.StringEscapeUtils; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants; +import at.gv.egovernment.moa.id.auth.servlet.AbstractProcessEngineSignalController; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Controller +public class FederatedAuthSignalController extends AbstractProcessEngineSignalController { + + public FederatedAuthSignalController() { + super(); + Logger.debug("Registering servlet " + getClass().getName() + + " with mappings '" + FederatedAuthConstants.ENDPOINT_POST + + "' and '" + FederatedAuthConstants.ENDPOINT_REDIRECT + "'."); + + } + + @RequestMapping(value = { "/sp/federated/post", + "/sp/federated/redirect" + }, + method = {RequestMethod.POST, RequestMethod.GET}) + public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException { + signalProcessManagement(req, resp); + + } + + public String getPendingRequestId(HttpServletRequest request) { + return StringEscapeUtils.escapeHtml4(request.getParameter("RelayState")); + + } +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java new file mode 100644 index 000000000..d581e7e75 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java @@ -0,0 +1,219 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth.tasks; + +import java.lang.reflect.InvocationTargetException; +import java.security.NoSuchAlgorithmException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.provider.MetadataProviderException; +import org.opensaml.ws.message.encoder.MessageEncodingException; +import org.opensaml.xml.security.SecurityException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.federatedauth.config.FederatedAuthnRequestBuilderConfiguration; +import at.gv.egovernment.moa.id.auth.modules.federatedauth.utils.FederatedAuthCredentialProvider; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAuthnRequestBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestBuildException; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; +import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Component("CreateFederatedAuthnRequestTask") +public class CreateAuthnRequestTask extends AbstractAuthServletTask { + + @Autowired PVPAuthnRequestBuilder authnReqBuilder; + @Autowired FederatedAuthCredentialProvider credential; + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + try{ + // get IDP entityID + String idpEntityID = pendingReq.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, String.class); + + if (MiscUtil.isEmpty(idpEntityID)) { + Logger.info("Interfederation not possible -> not inderfederation IDP EntityID found!"); + throw new TaskExecutionException(pendingReq, "Interfederation not possible", new MOAIDException("No inderfederation-IDP EntityID found.", null)); + + } + + //load IDP configuration from MOA-ID Configuration + IOAAuthParameters idpConfig = authConfig.getOnlineApplicationParameter(idpEntityID); + //validate IDP + if (!idpConfig.isInderfederationIDP() || !idpConfig.isInboundSSOInterfederationAllowed()) { + Logger.info("Requested interfederation IDP " + idpEntityID + " is not valid for interfederation."); + Logger.debug("isInderfederationIDP:" + String.valueOf(idpConfig.isInderfederationIDP()) + + " isInboundSSOAllowed:" + String.valueOf(idpConfig.isInboundSSOInterfederationAllowed())); + + handleAuthnRequestBuildProblem(executionContext, idpConfig, "sp.pvp2.01", new Object[]{FederatedAuthConstants.MODULE_NAME_FOR_LOGGING, idpEntityID}); + + return; + + } + + //load IDP SAML2 entitydescriptor + EntityDescriptor idpEntity = MOAMetadataProvider.getInstance(). + getEntityDescriptor(idpEntityID); + if (idpEntity == null) { + Logger.warn("Requested IDP " + idpEntityID + + " has no valid metadata or metadata is not found"); + + handleAuthnRequestBuildProblem(executionContext, idpConfig, "sp.pvp2.02", new Object[]{FederatedAuthConstants.MODULE_NAME_FOR_LOGGING, idpEntityID}); + return; + + } + + //setup AuthnRequestBuilder configuration + FederatedAuthnRequestBuilderConfiguration authnReqConfig = new FederatedAuthnRequestBuilderConfiguration(); + authnReqConfig.setIdpEntity(idpEntity); + authnReqConfig.setPassive(idpConfig.isPassivRequestUsedForInterfederation()); + authnReqConfig.setSignCred(credential.getIDPAssertionSigningCredential()); + authnReqConfig.setSPEntityID(pendingReq.getAuthURL() + FederatedAuthConstants.ENDPOINT_METADATA); + authnReqConfig.setQAA_Level(evaluateRequiredQAALevel()); + + //build and transmit AuthnRequest + authnReqBuilder.buildAuthnRequest(pendingReq, authnReqConfig , response); + + } catch (MOAIDException | MetadataProviderException e) { + throw new TaskExecutionException(pendingReq, "Build PVP2.1 AuthnRequest for SSO inderfederation FAILED.", e); + + } catch (MessageEncodingException | NoSuchAlgorithmException | SecurityException e) { + Logger.error("Build PVP2.1 AuthnRequest for SSO inderfederation FAILED", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (Exception e) { + Logger.error("Build PVP2.1 AuthnRequest for SSO inderfederation FAILED", e); + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + } + + /** + * @param executionContext + * @param idpConfig + * @param message + * @param objects + * @throws AuthnRequestBuildException + */ + private void handleAuthnRequestBuildProblem(ExecutionContext executionContext, IOAAuthParameters idpConfig, String msgCode, Object[] objects) throws AuthnRequestBuildException { + + if (idpConfig.isPerformLocalAuthenticationOnInterfederationError()) { + Logger.info("Switch to local authentication on this IDP ... "); + + executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_REQUIRELOCALAUTHENTICATION, true); + executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, true); + + executionContext.remove(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH); + + } else { + throw new AuthnRequestBuildException(msgCode, objects); + + } + + } + + private String evaluateRequiredQAALevel() { + IOAAuthParameters sp = pendingReq.getOnlineApplicationConfiguration(); + + //check if STORK protocol module is in ClassPath + Object storkRequst = null; + Integer storkSecClass = null; + try { + storkRequst = Class.forName("at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest").newInstance(); + if (storkRequst != null && + pendingReq.getClass().isInstance(storkRequst)) { + Object storkAuthnRequest = pendingReq.getClass().getMethod("getStorkAuthnRequest", null).invoke(pendingReq, null); + storkSecClass = (Integer) storkAuthnRequest.getClass().getMethod("getQaa", null).invoke(storkAuthnRequest, null); + + } + + } catch (ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) { + + + } + + if (sp != null && sp.isSTORKPVPGateway()){ + //use PVP SecClass instead of STORK QAA level + String secClass = null; + if (storkRequst != null && + pendingReq.getClass().isInstance(storkRequst)) { + + try { + secClass = PVPtoSTORKMapper.getInstance().mapToSecClass( + PVPConstants.STORK_QAA_PREFIX + String.valueOf(storkSecClass)); + + } catch (Exception e) { + Logger.warn("STORK-QAA level can not read from STORK request. Use default QAA 4", e); + + } + } + + if (MiscUtil.isNotEmpty(secClass)) + return secClass; + else + return FederatedAuthConstants.CONFIG_DEFAULT_QAA_SECCLASS_LEVEL; + + } else { + if (storkRequst != null && pendingReq.getClass().isInstance(storkRequst)) { + //use requested QAA level from STORK request + try { + String qaaLevel = PVPConstants.STORK_QAA_PREFIX + String.valueOf(storkSecClass); + Logger.debug("Use STORK-QAA level " + qaaLevel + " from STORK request"); + return qaaLevel; + + + } catch (Exception e) { + Logger.warn("Read STORK-QAA level FAILED with an exception.", e); + + } + } + Logger.warn("STORK-QAA level can not read from STORK request. Use default QAA 4"); + return FederatedAuthConstants.CONFIG_DEFAULT_QAA_STORK_LEVEL; + + } + } + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java new file mode 100644 index 000000000..1c3134b77 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java @@ -0,0 +1,367 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth.tasks; + +import java.io.IOException; +import java.util.Collection; +import java.util.List; +import java.util.Set; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.transform.TransformerException; + +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.ws.message.decoder.MessageDecodingException; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; +import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; +import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; +import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.federatedauth.utils.FederatedAuthCredentialProvider; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; +import at.gv.egovernment.moa.id.moduls.RequestImpl; +import at.gv.egovernment.moa.id.moduls.SSOManager; +import at.gv.egovernment.moa.id.process.api.ExecutionContext; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnResponseValidationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; +import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; +import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Component("ReceiveFederatedAuthnResponseTask") +public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { + + @Autowired private SAMLVerificationEngineSP samlVerificationEngine; + @Autowired private FederatedAuthCredentialProvider credentialProvider; + @Autowired private SSOManager ssoManager; + @Autowired private AttributQueryBuilder attributQueryBuilder; + @Autowired private AuthenticationDataBuilder authDataBuilder; + + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) + throws TaskExecutionException { + InboundMessage msg = null; + + try { + + IDecoder decoder = null; + MOAURICompare comperator = null; + //select Response Binding + if (request.getMethod().equalsIgnoreCase("POST")) { + decoder = new PostBinding(); + comperator = new MOAURICompare(pendingReq.getAuthURL() + FederatedAuthConstants.ENDPOINT_POST); + Logger.trace("Receive PVP Response from federated IDP, by using POST-Binding."); + + } else if (request.getMethod().equalsIgnoreCase("GET")) { + decoder = new RedirectBinding(); + comperator = new MOAURICompare(pendingReq.getAuthURL() + FederatedAuthConstants.ENDPOINT_REDIRECT); + Logger.trace("Receive PVP Response from federated IDP, by using Redirect-Binding."); + + } else { + Logger.warn("Receive PVP Response, but Binding (" + + request.getMethod() + ") is not supported."); + throw new AuthnResponseValidationException("sp.pvp2.03", new Object[] {FederatedAuthConstants.MODULE_NAME_FOR_LOGGING}); + + } + + //decode PVP response object + msg = (InboundMessage) decoder.decode( + request, response, MOAMetadataProvider.getInstance(), true, + comperator); + + if (MiscUtil.isEmpty(msg.getEntityID())) { + throw new InvalidProtocolRequestException("sp.pvp2.04", new Object[] {FederatedAuthConstants.MODULE_NAME_FOR_LOGGING}); + + } + + //validate response signature + if(!msg.isVerified()) { + samlVerificationEngine.verify(msg, TrustEngineFactory.getSignatureKnownKeysTrustEngine(MOAMetadataProvider.getInstance())); + msg.setVerified(true); + + } + + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_AUTHRESPONSE); + + //validate assertion + MOAResponse processedMsg = preProcessAuthResponse((MOAResponse) msg); + + //load IDP and SP configuration + IOAAuthParameters idpConfig = authConfig.getOnlineApplicationParameter(msg.getEntityID()); + IOAAuthParameters spConfig = pendingReq.getOnlineApplicationConfiguration(); + + //check if response Entity is valid + if (!idpConfig.isInderfederationIDP()) { + Logger.warn("Response Issuer is not a federated IDP. Stopping federated authentication ..."); + throw new AuthnResponseValidationException("sp.pvp2.08", + new Object[] {FederatedAuthConstants.MODULE_NAME_FOR_LOGGING, + msg.getEntityID()}); + + } + + //load MOASession from database + defaultTaskInitialization(request, executionContext); + + //initialize Attribute extractor + AssertionAttributeExtractor extractor = + new AssertionAttributeExtractor((Response) processedMsg.getResponse()); + + //check if SP is also a federated IDP + if (spConfig.isInderfederationIDP()) { + //SP is a federated IDP --> answer only with nameID and wait for attribute-Query + pendingReq.setGenericDataToSession( + PVPTargetConfiguration.DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP, true); + pendingReq.setGenericDataToSession( + PVPTargetConfiguration.DATAID_INTERFEDERATION_NAMEID, extractor.getNameID()); + pendingReq.setGenericDataToSession( + PVPTargetConfiguration.DATAID_INTERFEDERATION_QAALEVEL, extractor.getQAALevel()); + + authenticatedSessionStorage. + addFederatedSessionInformation(pendingReq, + idpConfig.getPublicURLPrefix(), extractor); + + } else { + //SP is real Service-Provider --> check attributes in response + // and start Attribute-Query if required + + getAuthDataFromInterfederation(extractor, pendingReq.getOnlineApplicationConfiguration(), + idpConfig); + + //store federatedIDP to MOASession + if (idpConfig.isInterfederationSSOStorageAllowed()) + authenticatedSessionStorage. + addFederatedSessionInformation(pendingReq, + idpConfig.getPublicURLPrefix(), extractor); + + //update MOASession + authenticatedSessionStorage.storeSession(moasession); + + } + + //store valid assertion into pending-request + pendingReq.setGenericDataToSession(RequestImpl.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg); + pendingReq.setGenericDataToSession(RequestImpl.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID()); + + //store pending-request + requestStoreage.storePendingRequest(pendingReq); + + //write log entries + revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_INTERFEDERATION_REVEIVED); + Logger.info("Receive a valid assertion from IDP " + msg.getEntityID()); + + } catch (MessageDecodingException | SecurityException e) { + String samlRequest = request.getParameter("SAMLRequest"); + Logger.warn("Receive INVALID PVP Response from federated IDP: " + samlRequest, e); + throw new TaskExecutionException(pendingReq, "Receive INVALID PVP Response from federated IDP", e); + + } catch (IOException | MarshallingException | TransformerException e) { + Logger.warn("Processing PVP response from federated IDP FAILED.", e); + throw new TaskExecutionException(pendingReq, "Processing PVP response from federated IDP FAILED.", e); + + } catch (CredentialsNotAvailableException e) { + Logger.error("PVP response decrytion FAILED. No credential found.", e); + throw new TaskExecutionException(pendingReq, "PVP response decrytion FAILED. No credential found.", e); + + } catch (AssertionValidationExeption | AuthnResponseValidationException e) { + Logger.info("PVP response validation FAILED. Msg:" + e.getMessage()); + if (msg != null) { + IOAAuthParameters idpConfig = authConfig.getOnlineApplicationParameter(msg.getEntityID()); + + //remove federated IDP from SSO session if exists + ssoManager.removeInterfederatedSSOIDP(msg.getEntityID(), request); + + //select next step + handleAuthnResponseValidationProblem(executionContext, idpConfig, e); + + } else + throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", e); + + } catch (Exception e) { + + + } + + } + + private void getAuthDataFromInterfederation(AssertionAttributeExtractor extractor, IOAAuthParameters spConfig, + IOAAuthParameters idpConfig) throws BuildException, ConfigurationException{ + + try { + Logger.debug("Service Provider is no federated IDP --> start Attribute validation or requesting ... "); + Collection<String> requestedAttr = pendingReq.getRequestedAttributes(); + + //check if SAML2 Assertion contains a minimal set of attributes + if (!extractor.containsAllRequiredAttributes()) { + Logger.info("Received assertion does no contain a minimum set of attributes. Starting AttributeQuery process ..."); + + //build attributQuery request + List<Attribute> attributs = + attributQueryBuilder.buildSAML2AttributeList(spConfig, requestedAttr.iterator()); + + //request IDP to get additional attributes + extractor = authDataBuilder.getAuthDataFromAttributeQuery(attributs, extractor.getNameID(), idpConfig); + + } else { + Logger.info("Interfedation response include a minimal set of attributes with are required. Skip AttributQuery request step. "); + + } + + //check if all attributes are include + if (!extractor.containsAllRequiredAttributes( + pendingReq.getRequestedAttributes())) { + Logger.warn("PVP Response from federated IDP contains not all requested attributes."); + throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{FederatedAuthConstants.MODULE_NAME_FOR_LOGGING}); + + } + + //copy attributes into MOASession + Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames(); + for (String el : includedAttrNames) { + moasession.setGenericDataToSession(el, extractor.getSingleAttributeValue(el)); + Logger.debug("Add PVP-attribute " + el + " into MOASession"); + + } + + //set validTo from this federated IDP response + moasession.setGenericDataToSession( + AuthenticationSessionStorageConstants.FEDERATION_RESPONSE_VALIDE_TO, + extractor.getAssertionNotOnOrAfter()); + + } catch (AttributQueryException e) { + throw new BuildException("builder.06", null, e); + + } catch (SessionDataStorageException e) { + throw new BuildException("builder.06", null, e); + + } catch (AssertionValidationExeption e) { + throw new BuildException("builder.06", null, e); + + } catch (AssertionAttributeExtractorExeption e) { + throw new BuildException("builder.06", null, e); + + } catch (MOAIDException e) { + throw new BuildException("builder.06", null, e); + + } + } + + /** + * @param executionContext + * @param idpConfig + * @param message + * @param objects + * @throws TaskExecutionException + * @throws Throwable + */ + private void handleAuthnResponseValidationProblem(ExecutionContext executionContext, IOAAuthParameters idpConfig, Throwable e) throws TaskExecutionException { + + if (idpConfig != null && idpConfig.isPerformLocalAuthenticationOnInterfederationError()) { + Logger.info("Switch to local authentication on this IDP ... "); + + executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_REQUIRELOCALAUTHENTICATION, true); + executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, true); + + executionContext.remove(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH); + + } else { + throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", e); + + } + + } + + /** + * PreProcess AuthResponse and Assertion + * @param msg + * @throws TransformerException + * @throws MarshallingException + * @throws IOException + * @throws CredentialsNotAvailableException + * @throws AssertionValidationExeption + * @throws AuthnResponseValidationException + */ + private MOAResponse preProcessAuthResponse(MOAResponse msg) throws IOException, MarshallingException, TransformerException, AssertionValidationExeption, CredentialsNotAvailableException, AuthnResponseValidationException { + Logger.debug("Start PVP21 assertion processing... "); + Response samlResp = (Response) msg.getResponse(); + + // check SAML2 response status-code + if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { + //validate PVP 2.1 assertion + samlVerificationEngine.validateAssertion(samlResp, true, + credentialProvider.getIDPAssertionEncryptionCredential(), + pendingReq.getAuthURL() + FederatedAuthConstants.ENDPOINT_METADATA, + FederatedAuthConstants.MODULE_NAME_FOR_LOGGING); + + msg.setSAMLMessage(SAML2Utils.asDOMDocument(samlResp).getDocumentElement()); + return msg; + + } else { + Logger.info("Receive StatusCode " + samlResp.getStatus().getStatusCode().getValue() + + " from federated IDP."); + throw new AuthnResponseValidationException("sp.pvp2.05", + new Object[]{FederatedAuthConstants.MODULE_NAME_FOR_LOGGING, samlResp.getIssuer().getValue(), samlResp.getStatus().getStatusCode().getValue()}); + + } + + } + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/utils/FederatedAuthCredentialProvider.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/utils/FederatedAuthCredentialProvider.java new file mode 100644 index 000000000..aac253083 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/utils/FederatedAuthCredentialProvider.java @@ -0,0 +1,123 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.federatedauth.utils; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider; +import at.gv.egovernment.moa.util.FileUtils; + +/** + * @author tlenz + * + */ +@Service("FederatedAuthCredentialProvider") +public class FederatedAuthCredentialProvider extends AbstractCredentialProvider { + + @Autowired AuthConfiguration authConfig; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getKeyStoreFilePath() + */ + @Override + public String getKeyStoreFilePath() { + return FileUtils.makeAbsoluteURL( + authConfig.getBasicMOAIDConfiguration(FederatedAuthConstants.CONFIG_PROPS_KEYSTORE), + authConfig.getRootConfigFileDir()); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getKeyStorePassword() + */ + @Override + public String getKeyStorePassword() { + return authConfig.getBasicMOAIDConfiguration(FederatedAuthConstants.CONFIG_PROPS_KEYSTOREPASSWORD).trim(); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getMetadataKeyAlias() + */ + @Override + public String getMetadataKeyAlias() { + return authConfig.getBasicMOAIDConfiguration( + FederatedAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getMetadataKeyPassword() + */ + @Override + public String getMetadataKeyPassword() { + return authConfig.getBasicMOAIDConfiguration( + FederatedAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getSignatureKeyAlias() + */ + @Override + public String getSignatureKeyAlias() { + return authConfig.getBasicMOAIDConfiguration( + FederatedAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getSignatureKeyPassword() + */ + @Override + public String getSignatureKeyPassword() { + return authConfig.getBasicMOAIDConfiguration( + FederatedAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getEncryptionKeyAlias() + */ + @Override + public String getEncryptionKeyAlias() { + return authConfig.getBasicMOAIDConfiguration( + FederatedAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getEncryptionKeyPassword() + */ + @Override + public String getEncryptionKeyPassword() { + return authConfig.getBasicMOAIDConfiguration( + FederatedAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD).trim(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getCredentialName() + */ + @Override + public String getFriendlyName() { + return "FederatedAuth-SP"; + } + +} diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..28e4ae944 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthenticationSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/federatedauth/federated.Authentication.process.xml b/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/federatedauth/federated.Authentication.process.xml new file mode 100644 index 000000000..c5c491ff8 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/at/gv/egovernment/moa/id/auth/modules/federatedauth/federated.Authentication.process.xml @@ -0,0 +1,26 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="SSOfederationAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + + + <pd:Task id="createInterfederationAuthnRequest" class="CreateFederatedAuthnRequestTask" /> + <pd:Task id="receiveInterfederationAuthnResponse" class="ReceiveFederatedAuthnResponseTask" async="true" /> + <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" /> + <pd:Task id="restartAuthProzessManagement" class="RestartAuthProzessManagement"/> + + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="createInterfederationAuthnRequest" /> + + <!-- Switch to local authentication --> + <pd:Transition from="createInterfederationAuthnRequest" to="restartAuthProzessManagement" conditionExpression="ctx['requireLocalAuthentication']"/> + <pd:Transition from="receiveInterfederationAuthnResponse" to="restartAuthProzessManagement" conditionExpression="ctx['requireLocalAuthentication']"/> + <pd:Transition from="restartAuthProzessManagement" to="end" /> + + <!-- Perform federated authentication --> + <pd:Transition from="createInterfederationAuthnRequest" to="receiveInterfederationAuthnResponse"/> + <pd:Transition from="receiveInterfederationAuthnResponse" to="finalizeAuthentication"/> + <pd:Transition from="finalizeAuthentication" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition>
\ No newline at end of file diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/moaid_federated_auth.beans.xml b/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/moaid_federated_auth.beans.xml new file mode 100644 index 000000000..4933504f0 --- /dev/null +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/resources/moaid_federated_auth.beans.xml @@ -0,0 +1,36 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + +<!-- Federated authentication services --> + <bean id="FederatedAuthCredentialProvider" + class="at.gv.egovernment.moa.id.auth.modules.federatedauth.utils.FederatedAuthCredentialProvider"/> + + <bean id="FederatedAuthMetadataController" + class="at.gv.egovernment.moa.id.auth.modules.federatedauth.controller.FederatedAuthMetadataController"/> + + <bean id="FederatedAuthModule" + class="at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthenticationModuleImpl"/> + + <bean id="FederatedAuthSignalController" + class="at.gv.egovernment.moa.id.auth.modules.federatedauth.controller.FederatedAuthSignalController"/> + + +<!-- Federated Authentication Process Tasks --> + <bean id="CreateFederatedAuthnRequestTask" + class="at.gv.egovernment.moa.id.auth.modules.federatedauth.tasks.CreateAuthnRequestTask" + scope="prototype"/> + + <bean id="ReceiveFederatedAuthnResponseTask" + class="at.gv.egovernment.moa.id.auth.modules.federatedauth.tasks.ReceiveAuthnResponseTask" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml index 9c43ae277..323edee8d 100644 --- a/id/server/modules/moa-id-modules-saml1/pom.xml +++ b/id/server/modules/moa-id-modules-saml1/pom.xml @@ -8,7 +8,6 @@ <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-module-saml1</artifactId> - <version>${moa-id-version}</version> <packaging>jar</packaging> <name>MOA ID-Module SAML1</name> @@ -24,20 +23,50 @@ <artifactId>moa-id-lib</artifactId> <scope>test</scope> <type>test-jar</type> - <version>3.0.3-Snapshot</version> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> </dependency> - <dependency> + <!-- Only for development to use SAML1 protocol + SAML1 is removed from official OPB release --> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-eIDAS</artifactId> + </dependency> + +<!-- <dependency> <groupId>MOA</groupId> <artifactId>moa-common</artifactId> <type>test-jar</type> <scope>test</scope> - </dependency> + </dependency> --> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> <dependency> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modul-citizencard_authentication</artifactId> </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-eIDAS</artifactId> + </dependency> + + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + </dependencies> diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index d4e73690f..c421bf8cc 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -27,22 +27,29 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.URLEncoder; +import eu.eidas.auth.commons.IPersonalAttributeList; +@Service("SAML1_GetArtifactAction") public class GetArtifactAction implements IAction { + @Autowired private SAML1AuthenticationServer saml1server; + public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData obj) throws AuthenticationException { @@ -65,14 +72,14 @@ public class GetArtifactAction implements IAction { } try { - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(oaURL); - - SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace(); - + IOAAuthParameters oaParam = req.getOnlineApplicationConfiguration(); + // add other stork attributes to MOA assertion if available - if(null != authData.getStorkAttributes()) { - List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = SAML1AuthenticationServer.addAdditionalSTORKAttributes(authData.getStorkAttributes()); + IPersonalAttributeList storkAttributes = authData.getGenericData( + AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, + IPersonalAttributeList.class); + if(null != storkAttributes) { + List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = saml1server.addAdditionalSTORKAttributes(storkAttributes); authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes); Logger.info("MOA assertion assembled and SAML Artifact generated."); } @@ -83,7 +90,8 @@ public class GetArtifactAction implements IAction { String url = req.getAuthURL() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8")); if (!oaParam.getBusinessService()) - url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); + url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, + URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8")); url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); url = httpResp.encodeRedirectURL(url); @@ -95,7 +103,7 @@ public class GetArtifactAction implements IAction { String redirectURL = oaURL; if (!oaParam.getBusinessService()) { redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_TARGET, - URLEncoder.encode(req.getTarget(), "UTF-8")); + URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8")); } @@ -109,7 +117,7 @@ public class GetArtifactAction implements IAction { } SLOInformationInterface sloInformation = - new SLOInformationImpl(req.getAuthURL(), authData.getAssertionID(), null, null, req.requestedModule()); + new SLOInformationImpl(req.getAuthURL(), oaParam.getPublicURLPrefix(), authData.getAssertionID(), null, null, req.requestedModule()); return sloInformation; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java index 2b4aaf458..b01ea666d 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java @@ -46,19 +46,39 @@ package at.gv.egovernment.moa.id.protocols.saml1; +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.StringWriter; import java.util.Calendar; -import org.apache.axis.AxisFault; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.TransformerException; + import org.apache.commons.lang3.StringEscapeUtils; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; import org.w3c.dom.Element; import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; +import at.gv.egovernment.moa.id.auth.servlet.AbstractController; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.ErrorResponseUtils; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.DateTimeUtils; @@ -67,147 +87,262 @@ import at.gv.egovernment.moa.util.XPathUtils; /** * Web service for picking up authentication data created in the MOA-ID Auth component. * - * @author Paul Ivancsics - * @version $Id: GetAuthenticationDataService.java 1233 2012-01-26 21:59:33Z kstranacher $ - * @see at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData + * This getAssertion WebService implementations a hacked solution to integrate SAML1 into + * the new Spring based MOA-ID implementation. + * + * @deprecated + * It is too bad about the time to implement a better solution, + * since SAML1 is deprecated MOA-ID >= 2.0.0 + * + * @author tlenz */ -public class GetAuthenticationDataService implements Constants { +@Controller +public class GetAuthenticationDataService extends AbstractController implements Constants { - /** - * Constructor for GetAuthenticationDataService. - */ - public GetAuthenticationDataService() { - super(); - } + @Autowired private SAML1AuthenticationServer saml1AuthServer; + + private static final String PARAM_WSDL="wsdl"; + private static final String PARAM_XSD="xsd"; + + private static final String TEMPLATE_PLAIN_INFO="plain_info.vm"; + private static final String TEMPLATE_WSDL="wsdl/MOA-ID-1.x.vm"; + private static final String TEMPLATE_XSD="wsdl/MOA-SPSS-1.2.vm"; + private static final String TEMPLATE_SOAP_ERROR="soap_error.vm"; + private static final String TEMPLATE_SOAP_SUCCESS="soap_success.vm"; + + private static final String SERVICE_ENDPOINT = "/services/GetAuthenticationData"; + + private static final String CONTEXT_ENDPOINT = "endpoint"; + private static final String CONTEXT_ERROR = "error"; + + private static final String CONTEXT_SOAP_RESPONSEID = "responseID"; + private static final String CONTEXT_SOAP_REQUESTEID = "requestID"; + private static final String CONTEXT_SOAP_ISSUEINSTANT = "issueInstant"; + private static final String CONTEXT_SOAP_ERRORMESSAGE = "errorMsg"; + private static final String CONTEXT_SOAP_STATUSCODE = "statusCode"; + private static final String CONTEXT_SOAP_ASSERTION = "assertion"; + + @RequestMapping(value = "/services/GetAuthenticationData", method = {RequestMethod.POST}) + public void getAuthenticationData(HttpServletRequest req, HttpServletResponse resp) + throws IOException { + InputStream is = null; + VelocityContext context = new VelocityContext(); + try { + is = req.getInputStream(); + Element soapReq = DOMUtils.parseXmlNonValidating(is); - /** - * Takes a <code>lt;samlp:Request></code> containing a - * <code>SAML artifact</code> and returns the corresponding - * authentication data <code>lt;saml:Assertion></code> - * (obtained from the <code>AuthenticationServer</code>), - * enclosed in a <code>lt;samlp:Response></code>. - * <br/>Bad requests are mapped into various <code>lt;samlp:StatusCode></code>s, - * possibly containing enclosed sub-<code>lt;samlp:StatusCode></code>s. - * The status codes are defined in the SAML specification. - * - * @param requests request elements of type <code>lt;samlp:Request></code>; - * only 1 request element is allowed - * @return response element of type <code>lt;samlp:Response></code>, - * packed into an <code>Element[]</code> - * @throws AxisFault thrown when an error occurs in assembling the - * <code>lt;samlp:Response></code> - */ - public Element[] Request(Element[] requests) - throws AxisFault { - - Element request = requests[0]; - Element[] responses = new Element[1]; + //process request + Element soapResp = processRequest(soapReq); + + String respString = DOMUtils.serializeNode(soapResp, true); + + resp.setContentType("text/xml;charset=UTF-8"); + context.put(CONTEXT_SOAP_ASSERTION, respString); + evaluateTemplate(context, resp, TEMPLATE_SOAP_SUCCESS); + + } catch (ParserConfigurationException | SAXException | IOException | TransformerException e) { + Logger.error("SAML1 GetAuthenticationData receive a non-valid request.", e); + resp.setContentType("text/xml;charset=UTF-8"); + + context.put(CONTEXT_SOAP_ISSUEINSTANT, DateTimeUtils.buildDateTimeUTC(Calendar.getInstance())); + context.put(CONTEXT_SOAP_RESPONSEID, Random.nextRandom()); + context.put(CONTEXT_SOAP_STATUSCODE, "samlp:Requester"); + context.put(CONTEXT_SOAP_ERRORMESSAGE, e.getMessage()); + + evaluateTemplate(context, resp, TEMPLATE_SOAP_ERROR); + + } catch (SAML1AssertionResponseBuildException e) { + Logger.error("SAML1 GetAuthenticationData response build failed..", e); + resp.setContentType("text/xml;charset=UTF-8"); + + context.put(CONTEXT_SOAP_ISSUEINSTANT, e.getIssueInstant()); + context.put(CONTEXT_SOAP_REQUESTEID, e.getRequestID()); + context.put(CONTEXT_SOAP_RESPONSEID, e.getResponseID()); + context.put(CONTEXT_SOAP_STATUSCODE, "samlp:Responder"); + context.put(CONTEXT_SOAP_ERRORMESSAGE, e.getMessage()); + + evaluateTemplate(context, resp, TEMPLATE_SOAP_ERROR); + + } finally { + try { + if (is != null) + is.close(); + + } catch (Exception e) { + + } + } + } + + @RequestMapping(value = "/services/GetAuthenticationData", method = {RequestMethod.GET}) + public void getAuthenticationDataWSDL(HttpServletRequest req, HttpServletResponse resp) + throws Exception { + String wsdl_param = req.getParameter(PARAM_WSDL); + String xsd_param = req.getParameter(PARAM_XSD); + + String fullServiceEndPoint = HTTPUtils.extractAuthURLFromRequest(req) + SERVICE_ENDPOINT; + + VelocityContext context = new VelocityContext(); + context.put(CONTEXT_ENDPOINT, fullServiceEndPoint); + + if (wsdl_param != null) { + //print wsdl + resp.setContentType("text/xml;charset=UTF-8"); + evaluateTemplate(context, resp, TEMPLATE_WSDL); + + } else if (xsd_param != null){ + //print xsd + resp.setContentType("text/xml;charset=UTF-8"); + evaluateTemplate(context, resp, TEMPLATE_XSD); + + } else { + //print plain info + resp.setContentType("text/html;charset=UTF-8"); + evaluateTemplate(context, resp, TEMPLATE_PLAIN_INFO); + + } + + } + + private Element processRequest(Element soapReq) throws ParserConfigurationException, IOException, SAXException, TransformerException, SAML1AssertionResponseBuildException { String requestID = ""; String statusCode = ""; String subStatusCode = null; String statusMessageCode = null; String statusMessage = null; String samlAssertion = ""; - if (requests.length > 1) { - // more than 1 request given as parameter - statusCode = "samlp:Requester"; - subStatusCode = "samlp:TooManyResponses"; - statusMessageCode = "1201"; - } + Element responses; + + //select soap-body element + NodeList saml1ReqList = soapReq.getElementsByTagNameNS(soapReq.getNamespaceURI(), "Body");; + if (saml1ReqList.getLength() != 1) { + saml1ReqList = soapReq.getElementsByTagNameNS(soapReq.getNamespaceURI(), "body");; + if (saml1ReqList.getLength() != 1) { + throw new SAXException("No unique 'soap-env:Body' element."); + + } + } + + //get first child from body --> should be the SAML1 Request element + Element saml1Req; + if (saml1ReqList.item(0).getFirstChild() instanceof Element) + saml1Req = (Element) saml1ReqList.item(0).getFirstChild(); + else { - try { - DOMUtils.validateElement(request, ALL_SCHEMA_LOCATIONS, null); - NodeList samlArtifactList = XPathUtils.selectNodeList(request, "samlp:AssertionArtifact"); - if (samlArtifactList.getLength() == 0) { - // no SAML artifact given in request - statusCode = "samlp:Requester"; - statusMessageCode = "1202"; - } - else if (samlArtifactList.getLength() > 1) { - // too many SAML artifacts given in request - statusCode = "samlp:Requester"; - subStatusCode = "samlp:TooManyResponses"; - statusMessageCode = "1203"; - } + throw new SAXException("First child of 'soap-env:Body' element has a wrong type."); - else { - Element samlArtifactElem = (Element)samlArtifactList.item(0); - requestID = request.getAttribute("RequestID"); - String samlArtifact = DOMUtils.getText(samlArtifactElem); - SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace(); + } + + //validate the SAML1 request element, which we selected above + DOMUtils.validateElement(saml1Req, ALL_SCHEMA_LOCATIONS, null); + + //parse inforamtion from SAML1 request + try { + NodeList samlArtifactList = XPathUtils.selectNodeList(saml1Req, "samlp:AssertionArtifact"); + if (samlArtifactList.getLength() == 0) { + // no SAML artifact given in request + statusCode = "samlp:Requester"; + statusMessageCode = "1202"; + + } else if (samlArtifactList.getLength() > 1) { + // too many SAML artifacts given in request + statusCode = "samlp:Requester"; + subStatusCode = "samlp:TooManyResponses"; + statusMessageCode = "1203"; + + } else { + Element samlArtifactElem = (Element)samlArtifactList.item(0); + requestID = saml1Req.getAttribute("RequestID"); + String samlArtifact = DOMUtils.getText(samlArtifactElem); + + try { + samlAssertion = saml1AuthServer.getSaml1AuthenticationData(samlArtifact); + + // success + statusCode = "samlp:Success"; + statusMessageCode = "1200"; + } catch (ClassCastException ex) { try { + Throwable error = saml1AuthServer.getErrorResponse(samlArtifact); + statusCode = "samlp:Responder"; + + ErrorResponseUtils errorUtils = ErrorResponseUtils.getInstance(); + + if (error instanceof MOAIDException) { + statusMessageCode = ((MOAIDException)error).getMessageId(); + statusMessage = StringEscapeUtils.escapeXml(((MOAIDException)error).getMessage()); - samlAssertion = saml1server.getSaml1AuthenticationData(samlArtifact); - - // success - statusCode = "samlp:Success"; - statusMessageCode = "1200"; - } - - catch (ClassCastException ex) { - - try { - Throwable error = saml1server.getErrorResponse(samlArtifact); - statusCode = "samlp:Responder"; - - ErrorResponseUtils errorUtils = ErrorResponseUtils.getInstance(); + } else { + statusMessage = StringEscapeUtils.escapeXml(error.getMessage()); - if (error instanceof MOAIDException) { - statusMessageCode = ((MOAIDException)error).getMessageId(); - statusMessage = StringEscapeUtils.escapeXml(((MOAIDException)error).getMessage()); - - } else { - statusMessage = StringEscapeUtils.escapeXml(error.getMessage()); - } - subStatusCode = errorUtils.getResponseErrorCode(error); - - } catch (Exception e) { - //no authentication data for given SAML artifact - statusCode = "samlp:Requester"; - subStatusCode = "samlp:ResourceNotRecognized"; - statusMessage = ex.toString(); - } - - } - - catch (AuthenticationException ex) { + } + subStatusCode = errorUtils.getResponseErrorCode(error); + + } catch (Exception e) { //no authentication data for given SAML artifact statusCode = "samlp:Requester"; subStatusCode = "samlp:ResourceNotRecognized"; statusMessage = ex.toString(); } + + } catch (AuthenticationException ex) { + //no authentication data for given SAML artifact + statusCode = "samlp:Requester"; + subStatusCode = "samlp:ResourceNotRecognized"; + statusMessage = ex.toString(); } } - catch (Throwable t) { - // invalid request format - statusCode = "samlp:Requester"; - statusMessageCode = "1204"; - } + + + } catch (Throwable t) { + // invalid request format + statusCode = "samlp:Requester"; + statusMessageCode = "1204"; + + } + + String responseID = Random.nextRandom(); + String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar.getInstance()); + + try { + if (statusMessage == null) + statusMessage = MOAIDMessageProvider.getInstance().getMessage(statusMessageCode, null); + responses = new SAMLResponseBuilder().build( + responseID, requestID, issueInstant, statusCode, subStatusCode, statusMessage, samlAssertion); + return responses; + + } catch (Throwable e) { + throw new SAML1AssertionResponseBuildException(responseID, issueInstant, + requestID, "1299", e.getMessage(), e); + + } } + + + private void evaluateTemplate(VelocityContext context, HttpServletResponse httpResp, String templateURL) throws IOException { + InputStream is = null; + try { + is = Thread.currentThread() + .getContextClassLoader() + .getResourceAsStream(templateURL); + + VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); + BufferedReader reader = new BufferedReader(new InputStreamReader(is )); + StringWriter writer = new StringWriter(); + engine.evaluate(context, writer, "SAML1 GetAuthenticationData", reader); + httpResp.getOutputStream().write(writer.toString().getBytes("UTF-8")); + + } catch (Exception e) { + Logger.error("SAML1 GetAuthenticationData has an error:", e); + throw new IOException(e); + + } finally { + if (is != null) + is.close(); + + } - try { - String responseID = Random.nextRandom(); - String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar.getInstance()); - - if (statusMessage == null) - statusMessage = MOAIDMessageProvider.getInstance().getMessage(statusMessageCode, null); - responses[0] = new SAMLResponseBuilder().build( - responseID, requestID, issueInstant, statusCode, subStatusCode, statusMessage, samlAssertion); - - } - catch (MOAIDException e) { - AxisFault fault = AxisFault.makeFault(e); - fault.setFaultDetail(new Element[] { e.toErrorResponse()}); - throw fault; - } - catch (Throwable t) { - MOAIDException e = new MOAIDException("1299", null, t); - AxisFault fault = AxisFault.makeFault(e); - fault.setFaultDetail(new Element[] { e.toErrorResponse()}); - throw fault; - } - return responses; - } - + } } + diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AssertionResponseBuildException.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AssertionResponseBuildException.java new file mode 100644 index 000000000..0c06a94df --- /dev/null +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AssertionResponseBuildException.java @@ -0,0 +1,86 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.protocols.saml1; + +/** + * @author tlenz + * + */ +public class SAML1AssertionResponseBuildException extends Exception { + + private static final long serialVersionUID = -394698807368683821L; + + private String responseID; + private String issueInstant; + private String requestID; + private String errorCode; + + /** + * @param responseID + * @param issueInstant + * @param requestID + * @param string + * @param message + */ + public SAML1AssertionResponseBuildException(String responseID, String issueInstant, String requestID, String errorCode, + String errorMsg, Throwable throwable) { + super(errorMsg, throwable); + + this.requestID = requestID; + this.issueInstant = issueInstant; + this.responseID = responseID; + this.errorCode = errorCode; + } + + /** + * @return the responseID + */ + public String getResponseID() { + return responseID; + } + + /** + * @return the issueInstant + */ + public String getIssueInstant() { + return issueInstant; + } + + /** + * @return the requestID + */ + public String getRequestID() { + return requestID; + } + + /** + * @return the errorCode + */ + public String getErrorCode() { + return errorCode; + } + + + + +} diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index eb869756e..0ec0d95a2 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -26,21 +26,25 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.util.List; import java.util.Vector; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; import javax.xml.bind.Marshaller; import javax.xml.namespace.QName; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; import org.apache.commons.lang3.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; - +import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; +import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; @@ -49,7 +53,6 @@ import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; @@ -57,14 +60,16 @@ import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -//import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; +import at.gv.egovernment.moa.id.data.IAuthData; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.storage.ITransactionStorage; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; @@ -77,20 +82,14 @@ import at.gv.util.xsd.persondata.IdentificationType.Value; import at.gv.util.xsd.persondata.PersonNameType; import at.gv.util.xsd.persondata.PersonNameType.FamilyName; import at.gv.util.xsd.persondata.PhysicalPersonType; +import eu.eidas.auth.commons.IPersonalAttributeList; +import eu.eidas.auth.commons.PersonalAttribute; +//import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; +@Service("SAML1AuthenticationServer") public class SAML1AuthenticationServer extends AuthenticationServer { - - private static SAML1AuthenticationServer instance; - - public static SAML1AuthenticationServer getInstace() { - if (instance == null) - instance = new SAML1AuthenticationServer(); - return instance; - } - - private static AssertionStorage authenticationDataStore = AssertionStorage.getInstance(); - + @Autowired private ITransactionStorage authenticationDataStore; /** * time out in milliseconds used by {@link cleanup} for authentication data @@ -108,20 +107,23 @@ public class SAML1AuthenticationServer extends AuthenticationServer { samlArtifact, ex.toString() }); } Throwable error = null; - synchronized (authenticationDataStore) { - try { - error = authenticationDataStore - .get(samlArtifact, Throwable.class); + try { + error = authenticationDataStore + .get(samlArtifact, Throwable.class); - authenticationDataStore.remove(samlArtifact); - - } catch (MOADatabaseException e) { + if (error == null) { Logger.error("Assertion not found for SAML Artifact: " + samlArtifact); throw new AuthenticationException("1206", new Object[] { samlArtifact }); + } - + + authenticationDataStore.remove(samlArtifact); + + } catch (MOADatabaseException e) { + Logger.error("Assertion not found for SAML Artifact: " + samlArtifact); + throw new AuthenticationException("1206", new Object[] { samlArtifact }); } - + return error; } @@ -130,7 +132,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { * @param iPersonalAttributeList STORK attribute list * @return */ - public static List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) { + public List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) { List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>(); if(null == iPersonalAttributeList) @@ -178,22 +180,24 @@ public class SAML1AuthenticationServer extends AuthenticationServer { throw new AuthenticationException("1205", new Object[] { samlArtifact, ex.toString() }); } - String authData = null; - synchronized (authenticationDataStore) { - // System.out.println("assertionHandle: " + assertionHandle); - - try { - authData = authenticationDataStore - .get(samlArtifact, String.class, authDataTimeOut); + String authData = null; + try { + authData = authenticationDataStore + .get(samlArtifact, String.class, authDataTimeOut); - } catch (MOADatabaseException e) { + if (authData == null) { Logger.error("Assertion not found for SAML Artifact: " + samlArtifact); throw new AuthenticationException("1206", new Object[] { samlArtifact }); - } - } + + } - authenticationDataStore.remove(samlArtifact); + } catch (MOADatabaseException e) { + Logger.error("Assertion not found for SAML Artifact: " + samlArtifact); + throw new AuthenticationException("1206", new Object[] { samlArtifact }); + } + + authenticationDataStore.remove(samlArtifact); Logger.debug("Assertion delivered for SAML Artifact: " + samlArtifact); return authData; @@ -211,7 +215,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { return samlArtifact; } - public String BuildSAMLArtifact(OAAuthParameter oaParam, + public String BuildSAMLArtifact(IOAAuthParameters oaParam, SAML1AuthenticationData authData, String sourceID) throws ConfigurationException, BuildException, AuthenticationException { @@ -265,15 +269,20 @@ public class SAML1AuthenticationServer extends AuthenticationServer { person.getIdentification().add(id ); Value value = new Value(); id.setValue(value ); - - id.setType(authData.getIdentificationType()); - //add baseID if it is requested and available - if ( MiscUtil.isNotEmpty(authData.getIdentificationValue()) && - saml1parameter.isProvideIdentityLink() ) + + if ( MiscUtil.isNotEmpty(authData.getIdentificationValue()) && + saml1parameter.isProvideIdentityLink() && !authData.isBusinessService()) { + //add baseID if it is requested and available and SP is publicService value.setValue(authData.getIdentificationValue()); - else - value.setValue(""); - + id.setType(authData.getIdentificationType()); + + } else { + //otherwise add bPK + value.setValue(authData.getBPK()); + id.setType(authData.getBPKType()); + + } + familyName.setValue(authData.getFamilyName()); familyName.setPrimary("undefined"); name.getGivenName().add(authData.getGivenName()); @@ -313,14 +322,15 @@ public class SAML1AuthenticationServer extends AuthenticationServer { } - String samlAssertion; + String samlAssertion; + + //add mandate info's if (authData.isUseMandate()) { List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA(); - //only provide full mandate if it is included. - //In case of federation only a short mandate could be include + //only provide full mandate if it is included. if (saml1parameter.isProvideFullMandatorData() - && authData.getMISMandate().isFullMandateIncluded()) { + && authData.getMISMandate() != null) { try { @@ -436,7 +446,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { } - private String generateMandateDate(OAAuthParameter oaParam, AuthenticationData authData + private String generateMandateDate(IOAAuthParameters oaParam, AuthenticationData authData ) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ServiceException, ValidateException { @@ -445,33 +455,36 @@ public class SAML1AuthenticationServer extends AuthenticationServer { throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID }); - IdentityLink tempIdentityLink = null; - + Element prPerson = null; + String identificationType = ""; + String identificationValue = ""; + Element mandate = authData.getMandate(); + if (mandate == null) { + //no full-mandate include + Logger.info("AuthData contains no full-mandate. Starting 'mandateDate' generation from PVP attributes ..."); + mandate = generateMandateDateFromPVPMandateAttributes(authData); + + } - if (authData.isUseMandate()) { - tempIdentityLink = new IdentityLink(); + if (mandate != null) { Element mandator = ParepUtils.extractMandator(mandate); String dateOfBirth = ""; - Element prPerson = null; String familyName = ""; String givenName = ""; - String identificationType = ""; - String identificationValue = ""; if (mandator != null) { boolean physical = ParepUtils.isPhysicalPerson(mandator); if (physical) { - familyName = ParepUtils.extractText(mandator, - "descendant-or-self::pr:Name/pr:FamilyName/text()"); - givenName = ParepUtils.extractText(mandator, - "descendant-or-self::pr:Name/pr:GivenName/text()"); - dateOfBirth = ParepUtils - .extractMandatorDateOfBirth(mandator); + familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()"); + givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()"); + dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator); + } else { familyName = ParepUtils.extractMandatorFullName(mandator); + } - identificationType = ParepUtils.getIdentification(mandator, - "Type"); + + identificationType = ParepUtils.getIdentification(mandator, "Type"); identificationValue = ParepUtils.extractMandatorWbpk(mandator); prPerson = ParepUtils.extractPrPersonOfMandate(mandate); @@ -498,33 +511,19 @@ public class SAML1AuthenticationServer extends AuthenticationServer { ParepUtils .HideStammZahlen(prPerson, true, null, null, true); } - - tempIdentityLink.setDateOfBirth(dateOfBirth); - tempIdentityLink.setFamilyName(familyName); - tempIdentityLink.setGivenName(givenName); - tempIdentityLink.setIdentificationType(identificationType); - tempIdentityLink.setIdentificationValue(identificationValue); - tempIdentityLink.setPrPerson(prPerson); - try { - tempIdentityLink.setSamlAssertion(authData.getIdentityLink() - .getSamlAssertion()); - } catch (Exception e) { - throw new ValidateException("validator.64", null); - } - } - + } - - Element mandatePerson = tempIdentityLink.getPrPerson(); - - String mandateData = null; - try { + + if (prPerson == null) { + Logger.warn("Mandates are enabled, but no mandate-information is found in authData."); + throw new AuthenticationException("auth.16", new Object[] { "Mandates are enabled, but no mandate information is included" }); + } + + try { boolean provideStammzahl = oaParam.getSAML1Parameter().isProvideStammzahl(); - - String oatargetType; - + String oatargetType; if(oaParam.getBusinessService()) { if (oaParam.getIdentityLinkDomainIdentifier().startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) oatargetType = oaParam.getIdentityLinkDomainIdentifier(); @@ -533,64 +532,166 @@ public class SAML1AuthenticationServer extends AuthenticationServer { } else { oatargetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget(); + } - Element prIdentification = (Element) mandatePerson - .getElementsByTagNameNS(Constants.PD_NS_URI, - "Identification").item(0); + Element prIdentification = (Element) prPerson. + getElementsByTagNameNS(Constants.PD_NS_URI,"Identification").item(0); - if (!oatargetType.equals(tempIdentityLink.getIdentificationType())) { - - String isPrPerson = mandatePerson.getAttribute("xsi:type"); + if (!oatargetType.equals(identificationType)) { + String isPrPerson = prPerson.getAttribute("xsi:type"); if (!StringUtils.isEmpty(isPrPerson)) { if (isPrPerson.equalsIgnoreCase("pr:PhysicalPerson")) { - String baseid = getBaseId(mandatePerson); - Element identificationBpK = createIdentificationBPK(mandatePerson, - baseid, oaParam.getTarget()); - - if (!provideStammzahl) { - prIdentification.getFirstChild().setTextContent(""); + + String baseid = getBaseId(prPerson); + Element identificationBpK; + if (MiscUtil.isNotEmpty(baseid)) { + identificationBpK = createIdentificationBPK(prPerson, baseid, oaParam.getTarget()); + + if (!provideStammzahl) { + prIdentification.getFirstChild().setTextContent(""); + } + + prPerson.insertBefore(identificationBpK, + prIdentification); + + } else { + Logger.info("No baseID included. --> Build 'MandateDate' without baseID"); + } + + - mandatePerson.insertBefore(identificationBpK, - prIdentification); + } } } else { - -// Element identificationBpK = mandatePerson.getOwnerDocument() -// .createElementNS(Constants.PD_NS_URI, "Identification"); -// Element valueBpK = mandatePerson.getOwnerDocument().createElementNS( -// Constants.PD_NS_URI, "Value"); -// -// valueBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode( -// tempIdentityLink.getIdentificationValue())); -// Element typeBpK = mandatePerson.getOwnerDocument().createElementNS( -// Constants.PD_NS_URI, "Type"); -// typeBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode( -// "urn:publicid:gv.at:cdid+bpk")); -// identificationBpK.appendChild(valueBpK); -// identificationBpK.appendChild(typeBpK); -// -// mandatePerson.insertBefore(identificationBpK, prIdentification); + ; } - - mandateData = DOMUtils.serializeNode(mandatePerson); + return DOMUtils.serializeNode(prPerson); } catch (TransformerException e1) { - throw new AuthenticationException("auth.16", - new Object[] { GET_MIS_SESSIONID }); + throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID }); } catch (IOException e1) { - throw new AuthenticationException("auth.16", - new Object[] { GET_MIS_SESSIONID }); + throw new AuthenticationException("auth.16", new Object[] { GET_MIS_SESSIONID }); } - return mandateData; } + private Element generateMandateDateFromPVPMandateAttributes(IAuthData authdata) throws BuildException { + String legalSourcePin = authdata.getGenericData(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class); + String legalSourceType = authdata.getGenericData(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, String.class); + String legalCommonName = authdata.getGenericData(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME, String.class); + + String natSourcePin = authdata.getGenericData(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_NAME, String.class); + String natSourcePinType = authdata.getGenericData(PVPConstants.MANDATE_NAT_PER_SOURCE_PIN_TYPE_NAME, String.class); + String natbPK = authdata.getGenericData(PVPConstants.MANDATE_NAT_PER_BPK_NAME, String.class); + + String natGivenName = authdata.getGenericData(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME, String.class); + String natFamilyName = authdata.getGenericData(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME, String.class); + String natDateOfBirth = authdata.getGenericData(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME, String.class); + + Mandate mandateObject = new Mandate(); + Mandator mandator = new Mandator(); + mandateObject.setMandator(mandator); + + if (MiscUtil.isNotEmpty(legalCommonName) && MiscUtil.isNotEmpty(legalSourceType) + && MiscUtil.isNotEmpty(legalSourcePin)) { + Logger.debug("Build 'mandateDate' element for legal person ..."); + at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType legalperson = + new at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType(); + at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType legalID = + new at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType(); + at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value idvalue = + new at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value(); + + legalID.setValue(idvalue ); + legalperson.getIdentification().add(legalID ); + mandator.setCorporateBody(legalperson); + legalperson.setFullName(legalCommonName); + legalID.setType(legalSourceType); + idvalue.setValue(legalSourcePin); + + } else if (MiscUtil.isNotEmpty(natFamilyName) && MiscUtil.isNotEmpty(natGivenName) && MiscUtil.isNotEmpty(natDateOfBirth) + && (MiscUtil.isNotEmpty(natSourcePin) || MiscUtil.isNotEmpty(natbPK))){ + Logger.debug("Build 'mandateDate' element for natural person ..."); + at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType physPerson = + new at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType(); + at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType persName = + new at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType(); + at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType.FamilyName familyName = + new at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameType.FamilyName(); + at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType persID = + new at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType(); + at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value idValue = + new at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType.Value(); + + physPerson.setName(persName ); + persName.getFamilyName().add(familyName ); + physPerson.getIdentification().add(persID ); + persID.setValue(idValue ); + mandator.setPhysicalPerson(physPerson); + + String[] pvp2GivenName = natGivenName.split(" "); + for(int i=0; i<pvp2GivenName.length; i++) + persName.getGivenName().add(pvp2GivenName[i]); + + familyName.setValue(natFamilyName); + physPerson.setDateOfBirth(natDateOfBirth); + + if (MiscUtil.isNotEmpty(natSourcePin)) { + persID.setType(Constants.URN_PREFIX_BASEID); + idValue.setValue(natSourcePin); + + } else { + String[] pvp2bPK = natbPK.split(":"); + if (pvp2bPK.length == 2) { + idValue.setValue(pvp2bPK[1]); + Pattern pattern = Pattern.compile(MOAIDAuthConstants.REGEX_PATTERN_TARGET); + Matcher matcher = pattern.matcher(pvp2bPK[0]); + if (matcher.matches()) + persID.setType(Constants.URN_PREFIX_CDID + "+" + pvp2bPK[0]); + + //TODO: maybe change to this, because original SAML1 response has + // target Constants.URN_PREFIX_BPK + //persID.setType(Constants.URN_PREFIX_BPK); + + + else + persID.setType(Constants.URN_PREFIX_WBPK + "+" + pvp2bPK[0]); + + } else { + Logger.warn("Receive mandator bPK from federation with an unsupported format. " + natbPK); + throw new BuildException("auth.16", new Object[]{"Receive mandator bPK from federation with an unsupported format."}); + + } + } + + } else { + Logger.error("mandateDate' elemente could not generated. AuthData contains not all PVP-attributes which are necessary."); + throw new BuildException("auth.16", new Object[]{"'mandateDate' elemente could not generated. AuthData contains not all PVP-attributes which are necessary."}); + + } + + try { + JAXBContext jc = JAXBContext.newInstance("at.gv.e_government.reference.namespace.mandates._20040701_"); + Marshaller m = jc.createMarshaller(); + ByteArrayOutputStream stream = new ByteArrayOutputStream(); + m.marshal(mandateObject, stream); + stream.close(); + + return DOMUtils.parseDocument(new String(stream.toByteArray(), "UTF-8"), false, null, null).getDocumentElement(); + + } catch (JAXBException | IOException | SAXException | ParserConfigurationException e) { + Logger.error("Failed to parse short mandate", e); + throw new BuildException("auth.16", new Object[]{"Failed to parse 'mandateDate element'"}, e); + + } + + } @@ -617,11 +718,11 @@ public class SAML1AuthenticationServer extends AuthenticationServer { new Object[] { samlArtifact }); parser.parseAssertionHandle(); - synchronized (authenticationDataStore) { + //synchronized (authenticationDataStore) { Logger.debug("Assertion stored for SAML Artifact: " + samlArtifact); authenticationDataStore.put(samlArtifact, samlAssertion); - } + //} } catch (AuthenticationException ex) { throw ex; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index 6573270e4..37d66d29b 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -22,37 +22,52 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.saml1; +import java.io.IOException; import java.util.Arrays; -import java.util.HashMap; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; +import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IModulInfo; -import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLEncoder; -public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo { +/** + * SAML1 authentication protocol implementation + * + * @deprecated + * @author tlenz + * + */ + +@Controller +public class SAML1Protocol extends AbstractAuthProtocolModulController { + @Autowired private SAML1AuthenticationServer saml1AuthServer; + + public static final String REQ_DATA_SOURCEID = "saml1_sourceID"; + public static final String REQ_DATA_TARGET = "saml1_target"; + public static final String NAME = SAML1Protocol.class.getName(); public static final String PATH = "id_saml1"; @@ -72,24 +87,6 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo { PVPConstants.EID_SOURCE_PIN_TYPE_NAME }); - private static HashMap<String, IAction> actions = new HashMap<String, IAction>(); - - static { - - actions.put(GETARTIFACT, new GetArtifactAction()); - - instance = new SAML1Protocol(); - } - - private static SAML1Protocol instance = null; - - public static SAML1Protocol getInstance() { - if (instance == null) { - instance = new SAML1Protocol(); - } - return instance; - } - public String getName() { return NAME; } @@ -98,92 +95,135 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo { return PATH; } - public IRequest preProcess(HttpServletRequest request, - HttpServletResponse response, String action, - String sessionId, String transactionId) throws MOAIDException { - SAML1RequestImpl config = new SAML1RequestImpl(request); - + + @RequestMapping(value = "/StartAuthentication", method = {RequestMethod.POST, RequestMethod.GET}) + public void SAML1AuthnRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException { if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) { Logger.info("SAML1 is deaktivated!"); throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" }); } - - String oaURL = (String) request.getParameter(PARAM_OA); - //oaURL = StringEscapeUtils.escapeHtml(oaURL); - String target = (String) request.getParameter(PARAM_TARGET); - target = StringEscapeUtils.escapeHtml(target); - - String sourceID = request.getParameter(PARAM_SOURCEID); - sourceID = StringEscapeUtils.escapeHtml(sourceID); - - //the target parameter is used to define the OA in SAML1 standard - if (target != null && target.startsWith("http")) { - oaURL = target; - target = null; - } + SAML1RequestImpl pendingReq = applicationContext.getBean(SAML1RequestImpl.class); + pendingReq.initialize(req); + pendingReq.setModule(NAME); + + revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier()); + revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier()); + revisionsLogger.logEvent( + pendingReq.getUniqueSessionIdentifier(), + pendingReq.getUniqueTransactionIdentifier(), + MOAIDEventConstants.TRANSACTION_IP, + req.getRemoteAddr()); - if (MiscUtil.isEmpty(oaURL)) { - Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!"); - throw new WrongParametersException("StartAuthentication", PARAM_OA, - "auth.12"); + //preProcess SAML1 Request + preProcess(req, resp, pendingReq); - } - - if (!ParamValidatorUtils.isValidOA(oaURL)) - throw new WrongParametersException("StartAuthentication", PARAM_OA, - "auth.12"); - - config.setOAURL(oaURL); - - Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL); - - if (!ParamValidatorUtils.isValidSourceID(sourceID)) - throw new WrongParametersException("StartAuthentication", PARAM_SOURCEID, "auth.12"); - - - //load Target only from OA config - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(oaURL); - - if (oaParam == null) - throw new InvalidProtocolRequestException("auth.00", - new Object[] { null }); + performAuthentication(req, resp, pendingReq); + return; - SAML1ConfigurationParameters saml1 = oaParam.getSAML1Parameter(); - if (saml1 == null || !(saml1.isIsActive() != null && saml1.isIsActive()) ) { - Logger.info("Online-Application " + oaURL + " can not use SAML1 for authentication."); - throw new InvalidProtocolRequestException("auth.00", - new Object[] { null }); - } - config.setOnlineApplicationConfiguration(oaParam); - config.setSourceID(sourceID); - - MOAReversionLogger.getInstance().logEvent(sessionId, transactionId, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST); - - if (MiscUtil.isNotEmpty(target)) - config.setTarget(target); - - else - config.setTarget(oaParam.getTarget()); + } + + + public void preProcess(HttpServletRequest request, + HttpServletResponse response, SAML1RequestImpl pendingRequest) throws MOAIDException { + try { + String oaURL = (String) request.getParameter(PARAM_OA); + //oaURL = StringEscapeUtils.escapeHtml(oaURL); + + String target = (String) request.getParameter(PARAM_TARGET); + target = StringEscapeUtils.escapeHtml(target); + + String sourceID = request.getParameter(PARAM_SOURCEID); + sourceID = StringEscapeUtils.escapeHtml(sourceID); + + //the target parameter is used to define the OA in SAML1 standard + if (target != null && target.startsWith("http")) { + oaURL = target; + target = null; + } + + if (MiscUtil.isEmpty(oaURL)) { + Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!"); + throw new WrongParametersException("StartAuthentication", PARAM_OA, + "auth.12"); + + } + + if (!ParamValidatorUtils.isValidOA(oaURL)) + throw new WrongParametersException("StartAuthentication", PARAM_OA, + "auth.12"); + + pendingRequest.setOAURL(oaURL); + + Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL); + + if (!ParamValidatorUtils.isValidSourceID(sourceID)) + throw new WrongParametersException("StartAuthentication", PARAM_SOURCEID, "auth.12"); + + + //load Target only from OA config + IOAAuthParameters oaParam = authConfig.getOnlineApplicationParameter(oaURL); + + if (oaParam == null) + throw new InvalidProtocolRequestException("auth.00", + new Object[] { null }); + + SAML1ConfigurationParameters saml1 = oaParam.getSAML1Parameter(); + if (saml1 == null || !(saml1.isIsActive() != null && saml1.isIsActive()) ) { + Logger.info("Online-Application " + oaURL + " can not use SAML1 for authentication."); + throw new InvalidProtocolRequestException("auth.00", + new Object[] { null }); + } + pendingRequest.setOnlineApplicationConfiguration(oaParam); + + //check and set SourceID + if (oaParam.getSAML1Parameter() != null && + MiscUtil.isNotEmpty(oaParam.getSAML1Parameter().getSourceID())) { + pendingRequest.setSourceID(oaParam.getSAML1Parameter().getSourceID()); + + } else + pendingRequest.setSourceID(sourceID); + + revisionsLogger.logEvent(pendingRequest, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST); + + if (MiscUtil.isNotEmpty(target)) { + pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, target); + pendingRequest.setTarget(target); - return config; + } + else { + pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, oaParam.getTarget()); + pendingRequest.setTarget(oaParam.getTarget()); + + } + + //AuthnRequest needs authentication + pendingRequest.setNeedAuthentication(true); + + //set protocol action, which should be executed after authentication + pendingRequest.setAction(GetArtifactAction.class.getName()); + + } catch (WrongParametersException e) { + throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters()); + + } catch (InvalidProtocolRequestException e) { + throw e; + + } + } public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable{ - - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); - if (!oa.getSAML1Parameter().isProvideAllErrors()) + if (!protocolRequest.getOnlineApplicationConfiguration().getSAML1Parameter().isProvideAllErrors()) return false; - else { - SAML1AuthenticationServer saml1authentication = SAML1AuthenticationServer.getInstace(); - String samlArtifactBase64 = saml1authentication.BuildErrorAssertion(e, protocolRequest); + else { + String samlArtifactBase64 = saml1AuthServer.BuildErrorAssertion(e, protocolRequest); String url = protocolRequest.getAuthURL() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8")); @@ -199,15 +239,6 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo { } } - public IAction getAction(String action) { - return actions.get(action); - } - - public IAction canHandleRequest(HttpServletRequest request, - HttpServletResponse response) { - return null; - } - public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java index 3da7cab80..42fafc01e 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java @@ -23,41 +23,30 @@ package at.gv.egovernment.moa.id.protocols.saml1; import java.util.ArrayList; +import java.util.Collection; import java.util.List; -import javax.servlet.http.HttpServletRequest; +import org.springframework.beans.factory.config.BeanDefinition; +import org.springframework.context.annotation.Scope; +import org.springframework.stereotype.Component; -import org.opensaml.saml2.core.Attribute; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; -import at.gv.egovernment.moa.logging.Logger; /** * @author tlenz * */ +@Component("SAML1RequestImpl") +@Scope(value = BeanDefinition.SCOPE_PROTOTYPE) public class SAML1RequestImpl extends RequestImpl { - - /** - * @param req - * @throws ConfigurationException - */ - public SAML1RequestImpl(HttpServletRequest req) - throws ConfigurationException { - super(req); - - } private static final long serialVersionUID = -4961979968425683115L; private String sourceID = null; - + private String target = null; + /** * @return the sourceID */ @@ -72,36 +61,44 @@ public class SAML1RequestImpl extends RequestImpl { this.sourceID = sourceID; } + + + /** + * @return the target + */ + public String getTarget() { + return target; + } + + /** + * @param target the target to set + */ + public void setTarget(String target) { + this.target = target; + } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public List<Attribute> getRequestedAttributes() { + public Collection<String> getRequestedAttributes() { List<String> reqAttr = new ArrayList<String>(); reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION); - try { - OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); - SAML1ConfigurationParameters saml1 = oa.getSAML1Parameter(); - if (saml1 != null) { - if (saml1.isProvideAUTHBlock()) - reqAttr.add(PVPConstants.EID_AUTH_BLOCK_NAME); - - if (saml1.isProvideCertificate()) - reqAttr.add(PVPConstants.EID_SIGNER_CERTIFICATE_NAME); - - if (saml1.isProvideFullMandatorData()) - reqAttr.add(PVPConstants.MANDATE_FULL_MANDATE_NAME); - } - - return AttributQueryBuilder.buildSAML2AttributeList(oa, reqAttr.iterator()); + SAML1ConfigurationParameters saml1 = this.getOnlineApplicationConfiguration().getSAML1Parameter(); + if (saml1 != null) { + if (saml1.isProvideAUTHBlock()) + reqAttr.add(PVPConstants.EID_AUTH_BLOCK_NAME); + + if (saml1.isProvideCertificate()) + reqAttr.add(PVPConstants.EID_SIGNER_CERTIFICATE_NAME); - } catch (ConfigurationException e) { - Logger.error("Load configuration for OA " + getOAURL() + " FAILED", e); - return null; + if (saml1.isProvideFullMandatorData()) + reqAttr.add(PVPConstants.MANDATE_FULL_MANDATE_NAME); } - + + return reqAttr; } diff --git a/id/server/modules/moa-id-modules-saml1/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo b/id/server/modules/moa-id-modules-saml1/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo deleted file mode 100644 index 5bff0dbc2..000000000 --- a/id/server/modules/moa-id-modules-saml1/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo +++ /dev/null @@ -1 +0,0 @@ -at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol
\ No newline at end of file diff --git a/id/server/modules/moa-id-modules-saml1/src/main/resources/plain_info.vm b/id/server/modules/moa-id-modules-saml1/src/main/resources/plain_info.vm new file mode 100644 index 000000000..dfc11820f --- /dev/null +++ b/id/server/modules/moa-id-modules-saml1/src/main/resources/plain_info.vm @@ -0,0 +1,14 @@ +<html> +<head> +<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> +</head> +<body> +<h1>GetAuthenticationData</h1> +<p>Hi there, this is an Web service!</p> +#if($error) + <i>Your request has an error: $error</i> +#else + <i>Perhaps there will be a form for invoking the service here...</i> +#end +</body> +</html> diff --git a/id/server/modules/moa-id-modules-saml1/src/main/resources/soap_error.vm b/id/server/modules/moa-id-modules-saml1/src/main/resources/soap_error.vm new file mode 100644 index 000000000..65945e2de --- /dev/null +++ b/id/server/modules/moa-id-modules-saml1/src/main/resources/soap_error.vm @@ -0,0 +1,4 @@ +<?xml version="1.0" encoding="UTF-8"?> +<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <soapenv:Body><samlp:Response #if($requestID) InResponseTo="$requestID" #end IssueInstant="$issueInstant" MajorVersion="1" MinorVersion="0" ResponseID="$responseID" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"> <samlp:Status> <samlp:StatusCode Value="$statusCode"/> <samlp:StatusMessage>$errorMsg</samlp:StatusMessage> </samlp:Status> </samlp:Response> </soapenv:Body> +</soapenv:Envelope>
\ No newline at end of file diff --git a/id/server/modules/moa-id-modules-saml1/src/main/resources/soap_success.vm b/id/server/modules/moa-id-modules-saml1/src/main/resources/soap_success.vm new file mode 100644 index 000000000..7dad2c259 --- /dev/null +++ b/id/server/modules/moa-id-modules-saml1/src/main/resources/soap_success.vm @@ -0,0 +1,4 @@ +<?xml version="1.0" encoding="UTF-8"?> +<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <soapenv:Body>$assertion</soapenv:Body> +</soapenv:Envelope>
\ No newline at end of file diff --git a/id/server/modules/moa-id-modules-saml1/src/main/resources/wsdl/MOA-ID-1.x.vm b/id/server/modules/moa-id-modules-saml1/src/main/resources/wsdl/MOA-ID-1.x.vm new file mode 100644 index 000000000..74be59723 --- /dev/null +++ b/id/server/modules/moa-id-modules-saml1/src/main/resources/wsdl/MOA-ID-1.x.vm @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<definitions name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/ http://schemas.xmlsoap.org/wsdl/"> + <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="$endpoint?xsd"/> + <message name="GetAuthenticationDataInput"> + <part name="body" element="samlp:Request"/> + </message> + <message name="GetAuthenticationDataOutput"> + <part name="body" element="samlp:Response"/> + </message> + <message name="MOAFault"> + <part name="body" element="moa:ErrorResponse"/> + </message> + <portType name="IdentificationPortType"> + <operation name="getAuthenticationData"> + <input message="tns:GetAuthenticationDataInput"/> + <output message="tns:GetAuthenticationDataOutput"/> + <fault name="MOAFault" message="tns:MOAFault"/> + </operation> + </portType> + <binding name="IdentificationBinding" type="tns:IdentificationPortType" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/soap/ http://schemas.xmlsoap.org/wsdl/soap/"> + <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> + <operation name="getAuthenticationData"> + <soap:operation soapAction="urn:GetAuthenticationDataAction"/> + <input> + <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </input> + <output> + <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </output> + <fault name="MOAFault"> + <soap:fault name="MOAFault" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/> + </fault> + </operation> + </binding> + <service name="GetAuthenticationDataService"> + <port name="IdentificationPort" binding="tns:IdentificationBinding"> + <soap:address location="$endpoint"/> + </port> + </service> +</definitions> diff --git a/id/server/modules/moa-id-modules-saml1/src/main/resources/wsdl/MOA-SPSS-1.2.vm b/id/server/modules/moa-id-modules-saml1/src/main/resources/wsdl/MOA-SPSS-1.2.vm new file mode 100644 index 000000000..4c86626a0 --- /dev/null +++ b/id/server/modules/moa-id-modules-saml1/src/main/resources/wsdl/MOA-SPSS-1.2.vm @@ -0,0 +1,528 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- MOA SP/SS 1.2 Schema --> +<xsd:schema + targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" + xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" + elementFormDefault="qualified" attributeFormDefault="unqualified" + version="1.2"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" + schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd" /> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="http://www.w3.org/2001/xml.xsd" /> + <!--########## Create XML Signature ### --> + <!--### Create XML Signature Request ### --> + <xsd:element name="CreateXMLSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreateXMLSignatureRequestType" /> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType" /> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch + wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="DataObjectInfo" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="DataObjectInfoType"> + <xsd:attribute name="ChildOfManifest" type="xsd:boolean" + use="optional" default="false" /> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="CreateSignatureInfo" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureEnvironment" + type="ContentOptionalRefType" /> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe des + Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit + der Signaturumgebung, oder Verweis auf ein benanntes Profil + </xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateSignatureEnvironmentProfile" /> + <xsd:element name="CreateSignatureEnvironmentProfileID" + type="ProfileIdentifierType" /> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" + use="optional" default="true" /> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create XML Signature Response ### --> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine + Stapelsignatur-Anfrage</xsd:documentation> + </xsd:annotation> + <xsd:element name="SignatureEnvironment"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung + erfolgreich war</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax" /> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element ref="ErrorResponse" /> + </xsd:choice> + </xsd:complexType> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType" /> + <!--########## Verify CMS Signature ### --> + <!--### Verifiy CMS Signature Request ### --> + <xsd:element name="VerifyCMSSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="VerifyCMSSignatureRequestType"> + <xsd:attribute name="Signatories" type="SignatoriesType" + use="optional" default="1" /> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" + minOccurs="0" /> + <xsd:element name="CMSSignature" type="xsd:base64Binary" /> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" + minOccurs="0" /> + <xsd:element name="TrustProfileID"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von + vertrauenswürdigen Wurzelzertifikaten spezifiziert + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify CMS Signature Response ### --> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType" /> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and RetrievalMethod is + supported; QualifiedCertificate is included as + X509Data/any;publicAuthority is included as X509Data/any + </xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SignatureCheck" type="CheckResultType" /> + <xsd:element name="CertificateCheck" type="CheckResultType" /> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify XML Signature ### --> + <!--### Verify XML Signature Request ### --> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType" /> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" + minOccurs="0" /> + <xsd:element name="VerifySignatureInfo"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType" /> + <xsd:element name="VerifySignatureLocation" type="xsd:token" /> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element ref="SupplementProfile" /> + <xsd:element name="SupplementProfileID" type="xsd:string" /> + </xsd:choice> + <xsd:element name="SignatureManifestCheckParams" + minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" + maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Pro dsig:Reference-Element in der zu + überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element + erscheinen. Die Reihenfolge der einzelnen ReferenceInfo + Elemente entspricht jener der dsig:Reference Elemente in der + XML-Signatur.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" + use="optional" default="true" /> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReturnHashInputData" minOccurs="0" /> + <xsd:element name="TrustProfileID"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von + vertrauenswürdigen Wurzelzertifikaten spezifiziert + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify XML Signature Response ### --> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType" /> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is + supported; QualifiedCertificate is included as X509Data/any; + PublicAuthority is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="HashInputData" type="ContentExLocRefBaseType" + minOccurs="0" maxOccurs="unbounded" /> + <xsd:element name="ReferenceInputData" type="ContentExLocRefBaseType" + minOccurs="0" maxOccurs="unbounded" /> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType" /> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" + minOccurs="0" /> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" + minOccurs="0" maxOccurs="unbounded" /> + <xsd:element name="CertificateCheck" type="CheckResultType" /> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ProfileIdentifierType"> + <xsd:restriction base="xsd:token" /> + </xsd:simpleType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType" /> + <xsd:element name="Description" type="xsd:anyURI" + minOccurs="0" /> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded" /> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="FinalDataMetaInfoType"> + <xsd:complexContent> + <xsd:extension base="MetaInfoType"> + <xsd:sequence> + <xsd:element name="Type" type="xsd:anyURI" minOccurs="0" /> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="ContentOptionalRefType" /> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe EINER + Transformationskette inklusive ggf. sinnvoller Supplements oder + Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateTransformsInfoProfile" /> + <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType" /> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached" /> + <xsd:enumeration value="enveloping" /> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0" /> + <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType" /> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLDataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" + minOccurs="0" /> + <xsd:element name="Content" type="ContentRequiredRefType" /> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" + minOccurs="0" /> + <xsd:element name="Content" type="CMSContentBaseType" /> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSContentBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary" /> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger" /> + <xsd:element name="Info" type="AnyChildrenType" + minOccurs="0" /> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger" /> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" + minOccurs="0" /> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" + mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" + minOccurs="0" maxOccurs="unbounded" /> + <xsd:element name="FailedReference" type="xsd:positiveInteger" + minOccurs="0" maxOccurs="unbounded" /> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger" /> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType" /> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" + mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" + minOccurs="0" maxOccurs="unbounded" /> + <xsd:element name="FailedReference" type="xsd:positiveInteger" + minOccurs="0" maxOccurs="unbounded" /> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger" /> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!--########## Error Response ### --> + <xsd:element name="ErrorResponse" type="ErrorResponseType"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert + ist</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="xsd:integer" /> + <xsd:element name="Info" type="xsd:string" /> + </xsd:sequence> + </xsd:complexType> + <!--########## Auxiliary Types ### --> + <xsd:simpleType name="KeyIdentifierType"> + <xsd:restriction base="xsd:string" /> + </xsd:simpleType> + <xsd:simpleType name="KeyStorageType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="Software" /> + <xsd:enumeration value="Hardware" /> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token" /> + </xsd:simpleType> + <xsd:complexType name="AnyChildrenType" mixed="true"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax" minOccurs="0" + maxOccurs="unbounded" /> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent mixed="true"> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute ref="xml:space" use="optional" /> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary" /> + <xsd:element name="XMLContent" type="XMLContentType" /> + <xsd:element name="LocRefContent" type="xsd:anyURI" /> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="ContentExLocRefBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary" /> + <xsd:element name="XMLContent" type="XMLContentType" /> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentOptionalRefType"> + <xsd:complexContent> + <xsd:extension base="ContentBaseType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional" /> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentRequiredRefType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary" /> + <xsd:element name="XMLContent" type="XMLContentType" /> + <xsd:element name="LocRefContent" type="xsd:anyURI" /> + </xsd:choice> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required" /> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="VerifyTransformsDataType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ein oder mehrere Transformationswege können von + der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur + hat zumindest einem dieser Transformationswege zu entsprechen. Die + Angabe kann explizit oder als Profilbezeichner erfolgen. + </xsd:documentation> + </xsd:annotation> + <xsd:element ref="VerifyTransformsInfoProfile" /> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string"> + <xsd:annotation> + <xsd:documentation>Profilbezeichner für einen Transformationsweg + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <xsd:element name="QualifiedCertificate" /> + <xsd:element name="PublicAuthority" type="PublicAuthorityType" /> + <xsd:complexType name="PublicAuthorityType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:string" minOccurs="0" /> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger" /> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all" /> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="CreateSignatureLocationType"> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:nonNegativeInteger" + use="required" /> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="TransformParameterType"> + <xsd:choice minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Die Angabe des Transformationsparameters + (explizit oder als Hashwert) kann unterlassen werden, wenn die + Applikation von der Unveränderlichkeit des Inhalts der in + "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen + kann.</xsd:documentation> + </xsd:annotation> + <xsd:element name="Base64Content" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Der Transformationsparameter explizit angegeben. + </xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="Hash"> + <xsd:annotation> + <xsd:documentation>Der Hashwert des Transformationsparameters. + </xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:DigestMethod" /> + <xsd:element ref="dsig:DigestValue" /> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:choice> + <xsd:attribute name="URI" type="xsd:anyURI" use="required" /> + </xsd:complexType> + <xsd:element name="CreateSignatureEnvironmentProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType" /> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" + minOccurs="0" maxOccurs="unbounded" /> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyTransformsInfoProfile"> + <xsd:annotation> + <xsd:documentation>Explizite Angabe des Transformationswegs + </xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0" /> + <xsd:element name="TransformParameter" type="TransformParameterType" + minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Alle impliziten Transformationsparameter, die + zum Durchlaufen der oben angeführten Transformationskette bekannt + sein müssen, müssen hier angeführt werden. Das Attribut "URI" + bezeichnet den Transformationsparameter in exakt jener Weise, wie + er in der zu überprüfenden Signatur gebraucht wird. + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" /> + <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType" /> + <xsd:element name="CreateTransformsInfoProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateTransformsInfo" type="TransformsInfoType" /> + <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded" /> + </xsd:sequence> + </xsd:complexType> + </xsd:element> +</xsd:schema> diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java index a7d7b9759..70448ef09 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java @@ -28,35 +28,38 @@ import java.util.Arrays; import java.util.List; import javax.servlet.ServletException; -import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; + +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.monitoring.TestManager; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -@WebServlet(name = "MonitoringServlet", value = "/MonitoringServlet") -public class MonitoringServlet extends AuthServlet { +@Controller +public class MonitoringServlet { - private static final long serialVersionUID = 1L; private static final String REQUEST_ATTR_MODULE = "module"; + @Autowired private AuthConfiguration authConfig; + public MonitoringServlet() { super(); Logger.debug("Registering servlet " + getClass().getName() + " with mapping '/MonitoringServlet'."); } - protected void doGet(HttpServletRequest req, HttpServletResponse resp) + @RequestMapping(value = "/MonitoringServlet", method = RequestMethod.GET) + public void getStatusInformation(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - try { - AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); - - if (config.isMonitoringActive()) { + try { + if (authConfig.isMonitoringActive()) { Logger.debug("Monitoring Servlet received request"); TestManager tests = TestManager.getInstance(); @@ -71,7 +74,7 @@ public class MonitoringServlet extends AuthServlet { } else { resp.setStatus(HttpServletResponse.SC_OK); resp.setContentType("text/html;charset=UTF-8"); - resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); + resp.getWriter().write(getHtml(authConfig.getMonitoringMessageSuccess())); Logger.info("Monitoring Servlet finished without errors"); } @@ -84,7 +87,7 @@ public class MonitoringServlet extends AuthServlet { } else { resp.setStatus(HttpServletResponse.SC_OK); resp.setContentType("text/html;charset=UTF-8"); - resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); + resp.getWriter().write(getHtml(authConfig.getMonitoringMessageSuccess())); Logger.info("Monitoring Servlet finished without errors"); } diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java index 13fb59038..5e4183146 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -29,11 +29,11 @@ import java.util.List; import org.hibernate.Query; import org.hibernate.Session; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java index 824791797..7994e7a06 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java @@ -37,9 +37,8 @@ import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -71,7 +70,7 @@ public class IdentityLinkTestModule implements TestModuleInterface { .getMoaSpIdentityLinkTrustProfileID(false)); // invokes the call - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() + Element domVerifyXMLSignatureResponse = SignatureVerificationInvoker.getInstance() .verifyXMLSignature(domVerifyXMLSignatureRequest); // parses the <VerifyXMLSignatureResponse> try { diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java index 3c2b143b3..b25eed520 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java @@ -27,8 +27,8 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; diff --git a/id/server/modules/module-stork/pom.xml b/id/server/modules/module-stork/pom.xml deleted file mode 100644 index b52c10391..000000000 --- a/id/server/modules/module-stork/pom.xml +++ /dev/null @@ -1,66 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> - - <parent> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-modules</artifactId> - <version>${moa-id-version}</version> - </parent> - - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-stork</artifactId> - <version>${moa-id-version}</version> - <packaging>jar</packaging> - - <name>MOA ID-Module STORK</name> - - <properties> - <repositoryPath>${basedir}/../../../../repository</repositoryPath> - </properties> - - <dependencies> - - <dependency> - <groupId>eu.stork</groupId> - <artifactId>DocumentService</artifactId> - <version>0.0.1-SNAPSHOT</version> - <classifier>classes</classifier> - <exclusions> - <exclusion> - <artifactId>axis</artifactId> - <groupId>org.apache.axis</groupId> - </exclusion> - <exclusion> - <artifactId>bcprov-jdk16</artifactId> - <groupId>org.bouncycastle</groupId> - </exclusion> - <exclusion> - <artifactId>jaxws-tools</artifactId> - <groupId>com.sun.xml.ws</groupId> - </exclusion> - </exclusions> - </dependency> - - <dependency> - <groupId>eu.stork</groupId> - <artifactId>SamlEngine</artifactId> - <version>1.5.1</version> - </dependency> - - <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-test</artifactId> - <scope>test</scope> - </dependency> - - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>${junit.version}</version> - <scope>test</scope> - </dependency> - - </dependencies> - -</project> diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKAuthModuleImpl.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKAuthModuleImpl.java deleted file mode 100644 index 41384690e..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKAuthModuleImpl.java +++ /dev/null @@ -1,39 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.stork;
-
-import org.apache.commons.lang3.StringUtils;
-
-import at.gv.egovernment.moa.id.auth.modules.AuthModule;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-
-/**
- * Module descriptor for an auth module providing stork authentication related processes.
- * @author tknall
- */
-public class STORKAuthModuleImpl implements AuthModule {
-
- private int priority = 0;
-
- @Override
- public int getPriority() {
- return priority;
- }
-
- /**
- * Sets the priority of this module. Default value is {@code 0}.
- * @param priority The priority.
- */
- public void setPriority(int priority) {
- this.priority = priority;
- }
-
- @Override
- public String selectProcess(ExecutionContext context) {
- return StringUtils.isNotBlank((String) context.get("ccc")) ? "STORKAuthentication" : null;
- }
-
- @Override
- public String[] getProcessDefinitions() {
- return new String[] { "classpath:at/gv/egovernment/moa/id/auth/modules/stork/STORKAuthentication.process.xml" };
- }
-
-}
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKProcessEngineSignalServlet.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKProcessEngineSignalServlet.java deleted file mode 100644 index efc1cd498..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKProcessEngineSignalServlet.java +++ /dev/null @@ -1,113 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.stork;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.xpath.XPath;
-import javax.xml.xpath.XPathConstants;
-import javax.xml.xpath.XPathExpression;
-import javax.xml.xpath.XPathFactory;
-
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.util.xml.SimpleNamespaceContext;
-import org.w3c.dom.Document;
-import org.xml.sax.SAXException;
-
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.servlet.ProcessEngineSignalServlet;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-
-/**
- * STORK module specific servlet, overloading {@link ProcessEngineSignalServlet}'s method
- * {@linkplain ProcessEngineSignalServlet#getMoaSessionId(HttpServletRequest) getMoaSessionId(HttpServletRequest)}
- * extending its capabilities for retrieving the current moa session id.
- * <p/>
- * This {@code STORKProcessEngineSignalServlet} tries to resolve the moa session id using the following strategy:
- * <ul>
- * <li>Use the super class' approach, looking at the HttpServletRequest parameter
- * {@link MOAIDAuthConstants#PARAM_SESSIONID}.</li>
- * <li>Evaluate the request parameter "{@code RelayState}".
- * <li>Finally evaluate the SAML response, which should come base64 encoded as request parameter "{@code SAMLResponse}".</li>
- * </ul>
- *
- * @author tknall
- *
- */
-@WebServlet(urlPatterns = { "/PEPSConnectorWithLocalSigning", "/PEPSConnector" }, loadOnStartup = 1)
-public class STORKProcessEngineSignalServlet extends ProcessEngineSignalServlet {
-
- private static final long serialVersionUID = 1L;
-
- public STORKProcessEngineSignalServlet() {
- super();
- Logger.debug("Registering servlet " + getClass().getName() + " with mappings '/PEPSConnectorWithLocalSigning', '/PEPSConnector'.");
- }
-
- @Override
- public String getMoaSessionId(HttpServletRequest request) {
- String sessionId = super.getMoaSessionId(request);
-
- try {
-
- // use SAML2 relayState
- if (sessionId == null) {
- sessionId = StringEscapeUtils.escapeHtml(request.getParameter("RelayState"));
- }
-
- // take from InResponseTo attribute of SAMLResponse
- if (sessionId == null) {
- String base64SamlToken = request.getParameter("SAMLResponse");
- if (base64SamlToken != null) {
- byte[] samlToken = Base64Utils.decode(base64SamlToken, false);
- Document samlResponse = parseDocument(new ByteArrayInputStream(samlToken));
-
- XPath xPath = XPathFactory.newInstance().newXPath();
- SimpleNamespaceContext nsContext = new SimpleNamespaceContext();
- nsContext.bindNamespaceUri("saml2p", "urn:oasis:names:tc:SAML:2.0:protocol");
- xPath.setNamespaceContext(nsContext);
- XPathExpression expression = xPath.compile("string(/saml2p:Response/@InResponseTo)");
- sessionId = (String) expression.evaluate(samlResponse, XPathConstants.STRING);
- sessionId = StringEscapeUtils.escapeHtml(StringUtils.trimToNull(sessionId));
- } else {
- Logger.warn("No parameter 'SAMLResponse'. Unable to retrieve MOA session id.");
- }
- }
-
- } catch (Exception e) {
- Logger.warn("Unable to retrieve moa session id.", e);
- }
-
- return sessionId;
- }
-
- /**
- * Parses a xml document (namespace aware).
- *
- * @param in
- * The input stream.
- * @return The DOM document.
- * @throws ParserConfigurationException
- * Thrown in case of configuration error.
- * @throws IOException
- * Thrown in case of error reading from the input stream.
- * @throws SAXException
- * Thrown in case of error parsing the document.
- */
- public static Document parseDocument(InputStream in) throws ParserConfigurationException, SAXException, IOException {
- DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
- documentBuilderFactory.setNamespaceAware(true);
- documentBuilderFactory.setIgnoringElementContentWhitespace(false);
- documentBuilderFactory.setValidating(false);
- DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
- return documentBuilder.parse(in);
- }
-
-}
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java deleted file mode 100644 index 939390847..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java +++ /dev/null @@ -1,225 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
-
-import iaik.x509.X509Certificate;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
-import java.security.cert.CertificateException;
-import java.util.HashMap;
-
-import javax.activation.DataSource;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.TransformerConfigurationException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactoryConfigurationError;
-
-import org.apache.commons.io.IOUtils;
-import org.xml.sax.SAXException;
-
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.BKUException;
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.exception.ServiceException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.stork.STORKException;
-import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.spss.MOAException;
-import at.gv.egovernment.moa.spss.api.SPSSFactory;
-import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
-import at.gv.egovernment.moa.spss.api.common.Content;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
-import at.gv.util.xsd.xmldsig.SignatureType;
-import at.gv.util.xsd.xmldsig.X509DataType;
-import eu.stork.oasisdss.api.LightweightSourceResolver;
-import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
-import eu.stork.oasisdss.api.exceptions.UtilsException;
-import eu.stork.oasisdss.profile.SignResponse;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-
-public abstract class AbstractPepsConnectorWithLocalSigningTask extends AbstractAuthServletTask {
-
- public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnectorWithLocalSigning";
-
- String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException,
- TransformerConfigurationException, UtilsException, TransformerException,
- TransformerFactoryConfigurationError, IOException, ApiUtilsException {
- // fetch signed doc
- DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse);
- if (ds == null) {
- throw new ApiUtilsException("No datasource found in response");
- }
-
- InputStream incoming = ds.getInputStream();
- String citizenSignature = IOUtils.toString(incoming);
- incoming.close();
-
- return citizenSignature;
- }
-
- void SZRGInsertion(AuthenticationSession moaSession, IPersonalAttributeList personalAttributeList,
- String authnContextClassRef, String citizenSignature) throws STORKException, MOAIDException {
- Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");
- Logger.debug("Citizen signature will be verified by SZR Gateway!");
-
- Logger.debug("fetching OAParameters from database");
-
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(
- moaSession.getPublicOAURLPrefix());
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() });
-
- // retrieve target
- // TODO: check in case of SSO!!!
- String targetType = null;
- if (oaParam.getBusinessService()) {
- String id = oaParam.getIdentityLinkDomainIdentifier();
- if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
- targetType = id;
- else
- targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_ + moaSession.getDomainIdentifier();
- } else {
- targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
- }
-
- Logger.debug("Starting connecting SZR Gateway");
- // contact SZR Gateway
- IdentityLink identityLink = null;
-
- identityLink = STORKResponseProcessor.connectToSZRGateway(personalAttributeList, oaParam.getFriendlyName(),
- targetType, null, oaParam.getMandateProfiles(), citizenSignature);
- Logger.debug("SZR communication was successfull");
-
- if (identityLink == null) {
- Logger.error("SZR Gateway did not return an identity link.");
- throw new MOAIDException("stork.10", null);
- }
- Logger.info("Received Identity Link from SZR Gateway");
- moaSession.setIdentityLink(identityLink);
-
- Logger.debug("Adding addtional STORK attributes to MOA session");
- moaSession.setStorkAttributes(personalAttributeList);
-
- // We don't have BKUURL, setting from null to "Not applicable"
- moaSession.setBkuURL("Not applicable (STORK Authentication)");
-
- // free for single use
- moaSession.setAuthenticatedUsed(false);
-
- // stork did the authentication step
- moaSession.setAuthenticated(true);
-
- // TODO: found better solution, but QAA Level in response could be not supported yet
- try {
- if (authnContextClassRef == null)
- authnContextClassRef = PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel();
- moaSession.setQAALevel(authnContextClassRef);
-
- } catch (Throwable e) {
- Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
- moaSession.setQAALevel(PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel());
-
- }
-
- }
-
- X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException,
- UnsupportedEncodingException {
- JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName());
- SignatureType root = ((JAXBElement<SignatureType>) ctx.createUnmarshaller().unmarshal(
- IOUtils.toInputStream(citizenSignature))).getValue();
-
- // extract certificate
- for (Object current : root.getKeyInfo().getContent())
- if (((JAXBElement<?>) current).getValue() instanceof X509DataType) {
- for (Object currentX509Data : ((JAXBElement<X509DataType>) current).getValue()
- .getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
- JAXBElement<?> casted = ((JAXBElement<?>) currentX509Data);
- if (casted.getName().getLocalPart().equals("X509Certificate")) {
- return new X509Certificate(((String) casted.getValue()).getBytes("UTF-8"));
- }
- }
- }
- return null;
- }
-
- VerifyXMLSignatureResponse verifyXMLSignature(String signature) throws AuthenticationException, ParseException,
- BKUException, BuildException, ConfigurationException, ServiceException, UnsupportedEncodingException,
- SAXException, IOException, ParserConfigurationException, MOAException {
- // Based on MOA demo client
- // Factory und Service instanzieren
- SPSSFactory spssFac = SPSSFactory.getInstance();
- SignatureVerificationService sigVerifyService = SignatureVerificationService.getInstance();
-
- Content sigDocContent1 = spssFac.createContent(IOUtils.toInputStream(signature, "UTF-8"), null);
-
- // Position der zu prüfenden Signatur im Dokument angeben
- // (Nachdem im XPath-Ausdruck ein NS-Präfix verwendet wird, muss in einer Lookup-Tabelle
- // der damit bezeichnete Namenraum mitgegeben werden)
- HashMap nSMap = new HashMap();
- nSMap.put("dsig", "http://www.w3.org/2000/09/xmldsig#");
- VerifySignatureLocation sigLocation = spssFac.createVerifySignatureLocation("//dsig:Signature", nSMap);
-
- // Zu prüfendes Dokument und Signaturposition zusammenfassen
-
- VerifySignatureInfo sigInfo = spssFac.createVerifySignatureInfo(sigDocContent1, sigLocation);
-
- // Prüfrequest zusammenstellen
- VerifyXMLSignatureRequest verifyRequest = spssFac.createVerifyXMLSignatureRequest(null, // Wird Prüfzeit nicht
- // angegeben, wird
- // aktuelle Zeit
- // verwendet
- sigInfo, null, // Keine Ergänzungsobjekte notwendig
- null, // Signaturmanifest-Prüfung soll nicht durchgeführt werden
- false, // Hash-Inputdaten, d.h. tatsächlich signierte Daten werden nicht zurückgeliefert
- "MOAIDBuergerkartePersonenbindungMitTestkarten");// TODO load from config
- // "Test-Signaturdienste"); // ID des verwendeten Vertrauensprofils
-
- VerifyXMLSignatureResponse verifyResponse = null;
- try {
- // Aufruf der Signaturprüfung
- verifyResponse = sigVerifyService.verifyXMLSignature(verifyRequest);
- } catch (MOAException e) {
- // Service liefert Fehler
- System.err.println("Die Signaturprüfung hat folgenden Fehler geliefert:");
- System.err.println("Fehlercode: " + e.getMessageId());
- System.err.println("Fehlernachricht: " + e.getMessage());
- throw e;
- }
-
- return verifyResponse;
- }
-
- at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse convert(
- VerifyXMLSignatureResponse xMLVerifySignatureResponse) {
- at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse response = new at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse();
- response.setCertificateCheckCode(xMLVerifySignatureResponse.getCertificateCheck().getCode());
- response.setPublicAuthority(xMLVerifySignatureResponse.getSignerInfo().isPublicAuthority());
- // response.setPublicAuthorityCode(publicAuthorityCode)
- response.setQualifiedCertificate(xMLVerifySignatureResponse.getSignerInfo().isQualifiedCertificate());
- response.setSignatureCheckCode(xMLVerifySignatureResponse.getSignatureCheck().getCode());
- response.setSignatureManifestCheckCode(xMLVerifySignatureResponse.getSignatureManifestCheck().getCode());
- // response.setSigningDateTime()
- // response.setX509certificate(x509certificate)
- response.setXmlDSIGManifestCheckCode(xMLVerifySignatureResponse.getSignatureManifestCheck().getCode());
- // response.setXmlDSIGManigest(xMLVerifySignatureResponse.getSignatureManifestCheck())
- // response.setXmlDsigSubjectName(xmlDsigSubjectName)
- return response;
- }
-
-}
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java deleted file mode 100644 index 138776976..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java +++ /dev/null @@ -1,447 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
-
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
-
-import java.io.IOException;
-import java.io.StringWriter;
-import java.math.BigInteger;
-import java.net.URL;
-import java.security.NoSuchAlgorithmException;
-import java.text.SimpleDateFormat;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.BooleanUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
-import org.opensaml.common.IdentifierGenerator;
-import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
-import org.w3c.dom.DOMException;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.config.stork.CPEPS;
-import at.gv.egovernment.moa.id.config.stork.STORKConfig;
-import at.gv.egovernment.moa.id.config.stork.StorkAttribute;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
-import at.gv.egovernment.moa.id.util.VelocityProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.oasisdss.api.AdditionalProfiles;
-import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.api.Profiles;
-import eu.stork.oasisdss.api.QualityLevels;
-import eu.stork.oasisdss.api.SignatureTypes;
-import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
-import eu.stork.oasisdss.profile.AnyType;
-import eu.stork.oasisdss.profile.DocumentType;
-import eu.stork.oasisdss.profile.SignRequest;
-import eu.stork.peps.auth.commons.PEPSUtil;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.engine.STORKSAMLEngine;
-import eu.stork.peps.exceptions.STORKSAMLEngineException;
-
-/**
- * Creates a SAML2 STORK authentication request, embeds it in a form (in order to satisfy saml post binging) and returns the form withing the HttpServletResponse.<p/>
- * In detail:
- * <ul>
- * <li>Validates the stork configuration in order to make sure the selected country is supported.</li>
- * <li>Puts a flag ({@link #PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED}) into the ExecutionContext reflecting the capability of the C-PEPS to create xml signatures.</li>
- * <li>Invokes {@link AuthenticationServer#startSTORKAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationSession)} which</li>
- * <ul>
- * <li>Creates and signs a SAML2 stork authentication request.</li>
- * <li>Creates a signature request for auth block signature (either to be performed by the C-PEPS or locally).</li>
- * <li>Using the velocity template engine in order to create a form with the embedded stork request.</li>
- * <li>Writes the form to the response output stream.</li>
- * </ul>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@linkplain at.gv.egovernment.moa.id.auth.MOAIDAuthConstants#PARAM_SESSIONID PARAM_SESSIONID}</li>
- * <li>Property {@code ccc} set within the moa session.</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Form containing a SAML2 Stork authentication request and an action url pointing to the selected C-PEPS.</li>
- * <li>Assertion consumer URL for C-PEPS set either to {@code /PEPSConnector} in case of a C-PEPS supporting xml signatures or {@code /PEPSConnectorWithLocalSigning} if the selected C-PEPS does not support xml signatures.</li>
- * <li>In case of a C-PEPS not supporting xml signature: moasession with set signedDoc property (containing the signature request for local signing).</li>
- * <li>ExecutionContext contains the boolean flag {@link #PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED}.
- * </ul>
- * Code taken from {@link StartAuthenticationBuilder#build(AuthenticationSession, HttpServletRequest, HttpServletResponse)}.<br/>
- * Using {@link AuthenticationServer#startSTORKAuthentication(HttpServletRequest, HttpServletResponse, AuthenticationSession)}
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- */
-public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
-
- /**
- * Boolean value reflecting the capability of the selected c-peps of creating xml signatures.
- */
- public static final String PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED = "C-PEPS:XMLSignatureSupported";
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
- throws TaskExecutionException {
-
- String pendingRequestID = null;
- String sessionID = null;
- try {
- setNoCachingHeaders(resp);
-
- sessionID = (String) executionContext.get(PARAM_SESSIONID);
- pendingRequestID = (String) executionContext.get("pendingRequestID");
- String ccc = (String) executionContext.get("CCC");
-
-
- // check parameter
- if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
- throw new WrongParametersException("CreateStorkAuthRequestFormTask", PARAM_SESSIONID, "auth.12");
- }
- AuthenticationSession moasession = BaseAuthenticationServer.getSession(sessionID);
- IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
-
- if (StringUtils.isEmpty(ccc)) {
- // illegal state; task should not have been executed without a selected country
- throw new AuthenticationException("stork.22", new Object[] { sessionID });
-
- }
- MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_STORK_REQUESTED);
-
- STORKConfig storkConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig();
- if (!storkConfig.isSTORKAuthentication(moasession.getCcc())) {
- throw new AuthenticationException("stork.23", new Object[] { moasession.getCcc(), sessionID });
- }
-
- // STORK authentication
- // cpeps cannot be null
- CPEPS cpeps = storkConfig.getCPEPS(ccc);
- Logger.debug("Found C-PEPS configuration for citizen of country: " + moasession.getCcc());
- executionContext.put(PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED, cpeps.isXMLSignatureSupported());
-
- //add selected Country-Code to MOASession DAO
- moasession.setCcc(ccc);
-
- Logger.info("Starting STORK authentication for a citizen of country: " + moasession.getCcc());
- startSTORKAuthentication(req, resp, moasession, pendingReq);
-
- } catch (MOAIDException ex) {
- throw new TaskExecutionException(ex.getMessage(), ex);
-
- } catch (Exception e) {
- Logger.error("CreateStorkAuthRequestFormTask has an interal Error.", e);
- throw new TaskExecutionException("CreateStorkAuthRequestFormTask has an interal Error.", e);
-
- }
-
- finally {
-
- }
- }
-
- /**
- * Starts a MOA-ID authentication process using STORK
- *
- * @param req HttpServletRequest
- * @param resp HttpServletResponse
- * @param pendingReq
- * @param ccc Citizen country code
- * @param oaURL URL of the online application
- * @param target Target parameter
- * @param targetFriendlyName Friendly Name of Target
- * @param authURL Authentication URL
- * @param sourceID SourceID parameter
- * @throws MOAIDException
- * @throws AuthenticationException
- * @throws WrongParametersException
- * @throws ConfigurationException
- */
- public void startSTORKAuthentication(
- HttpServletRequest req,
- HttpServletResponse resp,
- AuthenticationSession moasession, IRequest pendingReq) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
-
- if (moasession == null) {
- throw new AuthenticationException("auth.18", new Object[]{});
- }
-
- //read configuration paramters of OA
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()});
-
- //Start of STORK Processing
- STORKConfig storkConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig();
-
- CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
-
- Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:");
- String destination = cpeps.getPepsURL().toExternalForm();
- Logger.debug("C-PEPS URL: " + destination);
-
-
- String issuerValue = pendingReq.getAuthURL();
- // String acsURL = new DataURLBuilder().buildDataURL(issuerValue,
- // PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID());
-
-
- String providerName = oaParam.getFriendlyName();
- Logger.debug("Issuer value: " + issuerValue);
-
- // prepare collection of required attributes
- // - attributes for online application
- Collection<StorkAttribute> attributesFromConfig = oaParam.getRequestedSTORKAttributes();
-
- // - prepare attribute list
- PersonalAttributeList attributeList = new PersonalAttributeList();
-
- // - fill container
- for (StorkAttribute current : attributesFromConfig) {
- PersonalAttribute newAttribute = new PersonalAttribute();
- newAttribute.setName(current.getName());
-
- boolean globallyMandatory = false;
- for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())
- if (current.getName().equals(currentGlobalAttribute.getName())) {
- globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.getMandatory());
- break;
- }
-
- newAttribute.setIsRequired(current.getMandatory() || globallyMandatory);
- attributeList.add(newAttribute);
- }
-
- // add sign request
- PersonalAttribute newAttribute = new PersonalAttribute();
- newAttribute.setName("signedDoc");
- newAttribute.setIsRequired(true);
- List<String> value = new ArrayList<String>();
-
- Logger.debug("PEPS supports XMLSignatures:"+cpeps.isXMLSignatureSupported());
- String acsURL;
- if(cpeps.isXMLSignatureSupported())//Send SignRequest to PEPS
- {
- //solve Problem with sessionIDs
- acsURL = issuerValue + PepsConnectorTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
-
- value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
- "application/xhtml+xml", moasession.getCcc()));
- newAttribute.setValue(value);
- attributeList.add(newAttribute);
-
- // TODO[branch]: STORK AuthReq CPEPS acsURL "/PEPSConnector"
- }
- else//Process SignRequest locally with MOCCA
- {
- String target = moasession.getTarget();
- moasession.setTarget("AT");
- String signedDoc = (generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
- "application/xhtml+xml", "AT"));//moasession.getCcc()
- moasession.setTarget(target);
- Logger.warn("signedDoc to store:"+signedDoc);
- //attributeList.add(newAttribute);
-
- //store SignRequest for later...
- moasession.setSignedDoc(signedDoc);
-
- acsURL = issuerValue + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
- // TODO[branch]: STORK AuthReq acsURL "/PEPSConnectorWithLocalSigning"
- try {
- AuthenticationSessionStoreage.storeSession(moasession);
- } catch (MOADatabaseException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
-
- }
- Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
-
- if (Logger.isDebugEnabled()) {
- Logger.debug("The following attributes are requested for this OA:");
- for (StorkAttribute logReqAttr : attributesFromConfig)
- Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.getMandatory());
- }
-
- //TODO: check Target in case of SSO!!
- String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
- String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
- String spApplication = spInstitution;
- String spCountry = "AT"; // intentionally set AT - the flow is limited on that use case only
-
- //generate AuthnRquest
- STORKAuthnRequest authnRequest = new STORKAuthnRequest();
- authnRequest.setDestination(destination);
- authnRequest.setAssertionConsumerServiceURL(acsURL);//PEPSConnectorWithLocalSigning
- authnRequest.setProviderName(providerName);
- authnRequest.setIssuer(issuerValue);
- authnRequest.setQaa(oaParam.getQaaLevel());
- authnRequest.setSpInstitution(spInstitution);
- authnRequest.setSpCountry(spCountry);
- authnRequest.setSpApplication(spApplication);
- authnRequest.setSpSector(spSector);
- authnRequest.setPersonalAttributeList(attributeList);
-
- //TODO change
- authnRequest.setEIDCrossBorderShare(true);
- authnRequest.setEIDCrossSectorShare(true);
- authnRequest.setEIDSectorShare(true);
-
- authnRequest.setCitizenCountryCode(moasession.getCcc());
-
- Logger.debug("STORK AuthnRequest succesfully assembled.");
-
- STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
-
- if (samlEngine == null) {
- Logger.error("Could not initalize STORK SAML engine.");
- throw new MOAIDException("stork.00", null);
- }
-
- try {
- authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
- } catch (STORKSAMLEngineException e) {
- Logger.error("Could not sign STORK SAML AuthnRequest.", e);
- throw new MOAIDException("stork.00", null);
- }
-
- Logger.info("STORK AuthnRequest successfully signed!");
-
- //validate AuthnRequest
- try {
- samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml());
- } catch (STORKSAMLEngineException e) {
- Logger.error("STORK SAML AuthnRequest not valid.", e);
- throw new MOAIDException("stork.01", null);
- }
-
- Logger.debug("STORK AuthnRequest successfully internally validated.");
-
- //send
- moasession.setStorkAuthnRequest(authnRequest);
-
- // do PEPS-conform logging for easier evaluation
- try {
- // 2015-03-12 16:44:27.144#S-PEPS receives request from SP#spurl#spepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#
- Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives request from SP#" +
- moasession.getPublicOAURLPrefix() + "#" + issuerValue + "#" + spApplication + "#" +
- new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() +
- "#_hash_#" + moasession.getProcessInstanceId() + "#");
- } catch (Exception e1) {
- Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());
- }
-
- AuthenticationSessionStoreage.changeSessionID(moasession, authnRequest.getSamlId());
-
-
- Logger.info("Preparing to send STORK AuthnRequest.");
- Logger.info("prepared STORKAuthnRequest: ");
- Logger.info(new String(authnRequest.getTokenSaml()));
-
- try {
- Logger.trace("Initialize VelocityEngine...");
-
- VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
- Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
- VelocityContext context = new VelocityContext();
- context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml()));
- context.put("RelayState", moasession.getSessionID());
- context.put("action", destination);
-
- StringWriter writer = new StringWriter();
- template.merge(context, writer);
-
- // TODO[branch]: SAML2 Form Submit to CPEPS, response to acsURL Servlet
-
- resp.setContentType("text/html;charset=UTF-8");
- resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
-
- } catch (Exception e) {
- Logger.error("Error sending STORK SAML AuthnRequest.", e);
- throw new MOAIDException("stork.02", new Object[]{destination});
-
- }
-
- Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
- MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_REQUESTED, authnRequest.getDestination());
-
- // do PEPS-conform logging for easier evaluation
- try {
- // 2015-03-12 16:44:27.144#S-PEPS generates request to C-PEPS#spepsurl#cpepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#id2#
- Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates request to C-PEPS#" +
- issuerValue + "#" + destination + "#" + spApplication + "#" +
- new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() +
- "#_hash_#" + moasession.getProcessInstanceId() + "#" + authnRequest.getSamlId() + "#");
- } catch (Exception e1) {
- Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());
- }
- }
-
- private String generateDssSignRequest(String text, String mimeType, String citizenCountry) {
- IdentifierGenerator idGenerator;
- try {
- idGenerator = new SecureRandomIdentifierGenerator();
-
- DocumentType doc = new DocumentType();
- doc.setBase64XML(text.getBytes("UTF-8"));
- doc.setID(idGenerator.generateIdentifier());
-
- SignRequest request = new SignRequest();
- request.setInputDocuments(ApiUtils.createInputDocuments(doc));
-
- String id = idGenerator.generateIdentifier();
- request.setRequestID(id);
- request.setDocUI(id);
-
- request.setProfile(Profiles.XADES_BES.toString());
- request.setNumberOfSigners(BigInteger.ONE);
- request.setTargetCountry(citizenCountry);
-
- // no, no todo. PEPS will alter this value anyhow.
- request.setReturnURL("http://invalid_return");
-
- AnyType required = new AnyType();
- required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString()));
- required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString()));
- required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG));
- required.getAny().add(ApiUtils.createIncludeObject(doc));
- request.setOptionalInputs(required);
-
- return IOUtils.toString(ApiUtils.marshalToInputStream(request));
- } catch (NoSuchAlgorithmException e) {
- Logger.error("Cannot generate id", e);
- throw new RuntimeException(e);
- } catch (ApiUtilsException e) {
- Logger.error("Could not create SignRequest", e);
- throw new RuntimeException(e);
- } catch (DOMException e) {
- Logger.error("Could not create SignRequest", e);
- throw new RuntimeException(e);
- } catch (IOException e) {
- Logger.error("Could not create SignRequest", e);
- throw new RuntimeException(e);
- }
- }
-}
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java deleted file mode 100644 index 7b9fa3f12..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java +++ /dev/null @@ -1,228 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
-
-import iaik.x509.X509Certificate;
-
-import java.io.IOException;
-import java.io.StringWriter;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.transform.Source;
-import javax.xml.transform.stream.StreamSource;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.stork.STORKException;
-
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.VelocityProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.util.Base64Utils;
-import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.profile.SignResponse;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-
-/**
- * Processes the citizen's signature, creates identity link using szr gateway and finalizes authentication.
- * <p/>
- * In detail:
- * <ul>
- * <li>Changes moa session id.</li>
- * <li>Decodes and validates the sign response, extracting the citizen's signature.</li>
- * <li>Verifies the citizen's signature.</li>
- * <li>Create {@code signedDoc} attribute.</li>
- * <li>Retrieve identity link from SZR gateway using the citizen's signature.</li>
- * <li>If the S-PEPS did not provide any gender information, the szr gateway will not be able to issue an identity link.
- * Therefore a form is presented asking for the subject's gender. The form finally submits the user back to the
- * {@code /PepsConnectorWithLocalSigning} servlet (this task).</li>
- * <li>The moa session is updated with authentication information.</li>
- * <li>Change moa session id.</li>
- * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@code moaSessionID}</li>
- * <li>HttpServletRequest parameter {@code signresponse}</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Updated moa id session (signed auth block, signer certificate etc.)</li>
- * <li>Redirect to {@code /dispatcher}.</li>
- * <li>{@link ExecutionContext} contains boolean flag {@code identityLinkAvailable} indicating if an identitylink has been successfully creates or not.</li>
- * </ul>
- * Possible branches:
- * <ul>
- * <li>In case the szr gateway throws exception due to missing gender information:
- * <ul>
- * <li>Returns a form for gender selection with action url back to this servlet/task.</li>
- * </ul>
- * </li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet}.<br/>
- *
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- */
-public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnectorWithLocalSigningTask {
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
- throws TaskExecutionException {
- String moaSessionID = request.getParameter("moaSessionID");
- String signResponse = request.getParameter("signresponse");
- Logger.info("moaSessionID:" + moaSessionID);
- Logger.info("signResponse:" + signResponse);
-
- if (moaSessionID != null && signResponse != null) {
- // redirect from oasis with signresponse
- handleSignResponse(executionContext, request, response);
- } else {
- // should not occur
- throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", null);
- }
- return;
- }
-
- private void handleSignResponse(ExecutionContext executionContext, HttpServletRequest request,
- HttpServletResponse response) throws TaskExecutionException {
- Logger.info("handleSignResponse started");
- String moaSessionID = request.getParameter("moaSessionID");
- String signResponse = request.getParameter("signresponse");
- Logger.info("moaSessionID:" + moaSessionID);
- Logger.info("signResponse:" + signResponse);
- String pendingRequestID = null;
- try {
-
- // load MOASession from database
- AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);
- // change MOASessionID
- moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
-
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
- IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
-
- Logger.info("pendingRequestID:" + pendingRequestID);
- String signResponseString = new String(Base64Utils.decode(signResponse, false), "UTF8");
- Logger.info("RECEIVED signresponse:" + signResponseString);
- // create SignResponse object
- Source response1 = new StreamSource(new java.io.StringReader(signResponseString));
- SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class);
-
- // SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new
- // java.io.StringReader(Base64.signResponse)));
-
- String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
-
- // memorize signature into authblock
- moaSession.setAuthBlock(citizenSignature);
-
- X509Certificate cert = getSignerCertificate(citizenSignature);
- moaSession.setSignerCertificate(cert);
- VerifyXMLSignatureResponse xMLVerifySignatureResponse = verifyXMLSignature(citizenSignature);
- at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse tmp = convert(xMLVerifySignatureResponse);
-
- moaSession.setXMLVerifySignatureResponse(tmp);
- executionContext.put("identityLinkAvailable", false);
- try {
- IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList();
- // Add SignResponse TODO Add signature (extracted from signResponse)?
- List<String> values = new ArrayList<String>();
- values.add(signResponseString);
- // values.add(citizenSignature);
- Logger.debug("Assembling signedDoc attribute");
- PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, "Available");
- personalAttributeList.add(signedDocAttribute);
-
- String authnContextClassRef = moaSession.getAuthnContextClassRef();
- SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef, citizenSignature);
- executionContext.put("identityLinkAvailable", true);
- } catch (STORKException e) {
- // this is really nasty but we work against the system here. We are supposed to get the gender attribute
- // from
- // stork. If we do not, we cannot register the person in the ERnP - we have to have the
- // gender for the represented person. So here comes the dirty hack.
- if (e.getCause() instanceof STORKException
- && e.getCause().getMessage().equals("gender not found in response")) {
- try {
- Logger.trace("Initialize VelocityEngine...");
-
- VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
- Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html");
- VelocityContext context = new VelocityContext();
- context.put("SAMLResponse", request.getParameter("SAMLResponse"));
- context.put("action", request.getRequestURL());
-
- StringWriter writer = new StringWriter();
- template.merge(context, writer);
- response.getOutputStream().write(writer.toString().getBytes("UTF-8"));
- } catch (Exception e1) {
- Logger.error("Error sending gender retrival form.", e1);
- // httpSession.invalidate();
- throw new MOAIDException("stork.10", null);
- }
-
- return;
- }
-
- Logger.error("Error connecting SZR Gateway", e);
- throw new MOAIDException("stork.10", null);
- }
-
- Logger.debug("Add full STORK AuthnResponse to MOA session");
- moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
- // authnResponse?
-
- MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED);
-
- moaSession.setForeigner(true);
-
- // session is implicit stored in changeSessionID!!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
-
- Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);
-
- // redirect
- String redirectURL = null;
- redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(),
- ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID),
- newMOASessionID);
- redirectURL = response.encodeRedirectURL(redirectURL);
-
- response.sendRedirect(redirectURL);
- Logger.info("REDIRECT TO: " + redirectURL);
-
- } catch (AuthenticationException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (MOAIDException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (Exception e) {
- Logger.error("PEPSConnector has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
- }
-
- finally {
-
- }
- }
-
-}
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java deleted file mode 100644 index e84c33d5d..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java +++ /dev/null @@ -1,451 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
-
-import iaik.x509.X509Certificate;
-
-import java.io.IOException;
-import java.io.StringWriter;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.transform.Source;
-import javax.xml.transform.stream.StreamSource;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
-import org.opensaml.saml2.core.StatusCode;
-
-import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.stork.STORKException;
-import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
-
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.VelocityProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.StringUtils;
-import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.profile.SignRequest;
-import eu.stork.oasisdss.profile.SignResponse;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PEPSUtil;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
-import eu.stork.peps.auth.engine.STORKSAMLEngine;
-import eu.stork.peps.exceptions.STORKSAMLEngineException;
-
-/**
- * Validates the SAML response from C-PEPS.
- * <p/>
- * In detail:
- * <ul>
- * <li>Decodes and validates SAML response from C-PEPS.</li>
- * <li>Retrieves the moa session using the session id provided by HttpServletRequest parameter {@code RelayState} or by {@code inResponseTo} attribute of the saml response.</li>
- * <li>Store saml response in moa session.</li>
- * <li>Change moa session id.</li>
- * <li>Redirect to {@code /PEPSConnectorWithLocalSigning}, with providing the moa session id as request parameter.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@code moaSessionID} <strong>to be {@code null}</strong></li>
- * <li>HttpServletRequest parameter {@code signresponse} <strong>to be {@code null}</strong></li>
- * <li>HttpServletRequest parameter {@code SAMLResponse}</li>
- * <li>Either HttpServletRequest parameter {@code RelayState} or {@code inResponseTo} attribute within the saml response, both reflecting the moa session id.</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Updated moa session (with saml response).</li>
- * <li>Redirect to {@code /PEPSConnectorWithLocalSigning}, with providing the moa session id as request parameter.</li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet}.<br/>
- *
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- */
-public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPepsConnectorWithLocalSigningTask {
-
- private String oasisDssWebFormURL = "https://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";
- // load from config below
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
- throws TaskExecutionException {
- String moaSessionID = request.getParameter("moaSessionID");
- String signResponse = request.getParameter("signresponse");
- Logger.info("moaSessionID:" + moaSessionID);
- Logger.info("signResponse:" + signResponse);
-
- if (moaSessionID == null && signResponse == null) {
- // normal saml response
- handleSAMLResponse(executionContext, request, response);
-
- } else {
- // should not occur
- throw new TaskExecutionException("Parsing mulitpart/form-data request parameters failed", null);
- }
- return;
- }
-
- private void handleSAMLResponse(ExecutionContext executionContext, HttpServletRequest request,
- HttpServletResponse response) throws TaskExecutionException {
- Logger.info("handleSAMLResponse started");
- String pendingRequestID = null;
-
- setNoCachingHeaders(response);
- try {
- Logger.info("PEPSConnector Servlet invoked, expecting C-PEPS message.");
- Logger.debug("This ACS endpoint is: " + HTTPUtils.getBaseURL(request));
-
- Logger.trace("No Caching headers set for HTTP response");
-
- // check if https or only http
- super.checkIfHTTPisAllowed(request.getRequestURL().toString());
-
- Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
-
- // extract STORK Response from HTTP Request
- // Decodes SAML Response
- byte[] decSamlToken;
- try {
- decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse"));
- Logger.debug("SAMLResponse: " + new String(decSamlToken));
-
- } catch (NullPointerException e) {
- Logger.error("Unable to retrieve STORK Response", e);
- throw new MOAIDException("stork.04", null);
- }
-
- // Get SAMLEngine instance
- STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing");
-
- STORKAuthnResponse authnResponse = null;
- try {
- // validate SAML Token
- Logger.debug("Starting validation of SAML response");
- authnResponse = engine.validateSTORKAuthnResponseWithQuery(decSamlToken, (String) request.getRemoteHost());
- Logger.info("SAML response succesfully verified!");
- } catch (STORKSAMLEngineException e) {
- Logger.error("Failed to verify STORK SAML Response", e);
- throw new MOAIDException("stork.05", null);
- }
-
- Logger.info("STORK SAML Response message succesfully extracted");
- Logger.debug("STORK response: ");
- Logger.debug(authnResponse.toString());
-
- Logger.debug("Trying to find MOA Session-ID ...");
- // String moaSessionID = request.getParameter(PARAM_SESSIONID);
- // first use SAML2 relayState
- String moaSessionID = request.getParameter("RelayState");
-
- // escape parameter strings
- moaSessionID = StringEscapeUtils.escapeHtml(moaSessionID);
-
- // check if SAML2 relaystate includes a MOA sessionID
- if (StringUtils.isEmpty(moaSessionID)) {
- // if relaystate is emtpty, use SAML response -> inResponseTo element as session identifier
-
- moaSessionID = authnResponse.getInResponseTo();
- moaSessionID = StringEscapeUtils.escapeHtml(moaSessionID);
-
- if (StringUtils.isEmpty(moaSessionID)) {
- // No authentication session has been started before
- Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
- Logger.debug("PEPSConnectorURL was: " + request.getRequestURL());
- throw new AuthenticationException("auth.02", new Object[] { moaSessionID });
-
- } else
- Logger.trace("Use MOA SessionID " + moaSessionID + " from AuthnResponse->inResponseTo attribute.");
-
- } else
- // Logger.trace("MOA SessionID " + moaSessionID + " is found in http GET parameter.");
- Logger.trace("MOA SessionID " + moaSessionID + " is found in SAML2 relayState.");
-
- /*
- * INFO!!!! SAML message IDs has an different format then MOASessionIDs This is only a workaround because
- * many PEPS does not support SAML2 relayState or MOASessionID as AttributConsumerServiceURL GET parameter
- */
- // if (!ParamValidatorUtils.isValidSessionID(moaSessionID))
- // throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
-
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
- IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
-
- // load MOASession from database
- AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);
- // change MOASessionID
- moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
-
- Logger.info("Found MOA sessionID: " + moaSessionID);
-
- String statusCodeValue = authnResponse.getStatusCode();
-
- if (!statusCodeValue.equals(StatusCode.SUCCESS_URI)) {
- Logger.error("Received ErrorResponse from PEPS: " + statusCodeValue);
- throw new MOAIDException("stork.06", new Object[] { statusCodeValue });
- }
-
- Logger.info("Got SAML response with authentication success message.");
-
- Logger.debug("MOA session is still valid");
-
- STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
-
- if (storkAuthnRequest == null) {
- Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
- throw new MOAIDException("stork.07", null);
- }
-
- Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
-
-
- // first, try to fetch the attributes from the list of total attributes. Note that this very list is only filled
- // with ALL attributes when there is more than one assertion in the SAML2 STORK message.
- IPersonalAttributeList attributeList = authnResponse.getTotalPersonalAttributeList();
-
- // if the list is empty, there was just one assertion... probably
- if(attributeList.isEmpty())
- attributeList = authnResponse.getPersonalAttributeList();
-
- // //////////// incorporate gender from parameters if not in stork response
- // but first, check if we have a representation case
- if (STORKResponseProcessor.hasAttribute("mandateContent", attributeList)
- || STORKResponseProcessor.hasAttribute("representative", attributeList)
- || STORKResponseProcessor.hasAttribute("represented", attributeList)) {
- // in a representation case...
- moaSession.setUseMandate("true");
-
- // and check if we have the gender value
- PersonalAttribute gender = attributeList.get("gender");
- if (null == gender) {
- String gendervalue = (String) request.getParameter("gender");
- if (null != gendervalue) {
- gender = new PersonalAttribute();
- gender.setName("gender");
- ArrayList<String> tmp = new ArrayList<String>();
- tmp.add(gendervalue);
- gender.setValue(tmp);
-
- attributeList.add(gender);
- }
- }
- }
-
-
-
- // ////////////////////////////////////////////////////////////////////////
-
- Logger.debug("Starting extraction of signedDoc attribute");
- // extract signed doc element and citizen signature
- String citizenSignature = null;
- try {
- PersonalAttribute signedDoc = attributeList.get("signedDoc");
- String signatureInfo = null;
- // FIXME: Remove nonsense code (signedDoc attribute... (throw Exception for "should not occur" situations)), adjust error messages in order to reflect the true problem...
- if (signedDoc != null) {
- signatureInfo = signedDoc.getValue().get(0);
- // should not occur
- } else {
-
- // store SAMLResponse
- moaSession.setSAMLResponse(request.getParameter("SAMLResponse"));
- // store authnResponse
-
- // moaSession.setAuthnResponse(authnResponse);//not serializable
- moaSession.setAuthnResponseGetPersonalAttributeList(attributeList);
-
- String authnContextClassRef = null;
- try {
- authnContextClassRef = authnResponse.getAssertions().get(0).getAuthnStatements().get(0)
- .getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef();
- } catch (Throwable e) {
- Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
- }
-
- moaSession.setAuthnContextClassRef(authnContextClassRef);
- moaSession.setReturnURL(request.getRequestURL());
-
- // load signedDoc
- String signRequest = moaSession.getSignedDoc();
-
- // session is implicit stored in changeSessionID!!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
-
- // set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID
- // signRequest
-
- String issuerValue = pendingReq.getAuthURL();
- String acsURL = issuerValue
- + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
-
- String url = acsURL + "?moaSessionID=" + newMOASessionID;
- // redirect to OASIS module and sign there
-
- boolean found = false;
- try {
- Collection<StorkAttributeProviderPlugin> aps = AuthConfigurationProviderFactory.getInstance()
- .getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs();
- Logger.info("Found AttributeProviderPlugins:" + aps.size());
- for (StorkAttributeProviderPlugin ap : aps) {
- Logger.info("Found AttributeProviderPlugin attribute:" + ap.getAttributes());
- if (ap.getAttributes().equalsIgnoreCase("signedDoc")) {
- // FIXME: A servlet's class field is not thread safe!!!
- oasisDssWebFormURL = ap.getUrl();
- found = true;
- Logger.info("Loaded signedDoc attribute provider url from config:" + oasisDssWebFormURL);
- break;
- }
- }
- } catch (Exception e) {
- e.printStackTrace();
- Logger.error("Loading the signedDoc attribute provider url from config failed");
- }
- if (!found) {
- Logger.error("Failed to load the signedDoc attribute provider url from config");
- }
- performRedirect(url, request, response, signRequest);
-
- return;
- }
-
- // FIXME: This servlet/task is intended to handle peps responses without signature, so why do we try to process that signature here?
- SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(
- new java.io.StringReader(signatureInfo)));
-
- citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
-
- // memorize signature into authblock
- moaSession.setAuthBlock(citizenSignature);
-
- X509Certificate cert = getSignerCertificate(citizenSignature);
- moaSession.setSignerCertificate(cert);
- moaSession.setForeigner(true);
-
- } catch (Throwable e) {
- Logger.error("Could not extract citizen signature from C-PEPS", e);
- throw new MOAIDException("stork.09", null);
- }
-
- // FIXME: Same here; we do not have the citizen's signature, so this code might be regarded as dead code.
- try {
- SZRGInsertion(moaSession, attributeList, authnResponse.getAssertions()
- .get(0).getAuthnStatements().get(0).getAuthnContext().getAuthnContextClassRef()
- .getAuthnContextClassRef(), citizenSignature);
- } catch (STORKException e) {
- // this is really nasty but we work against the system here. We are supposed to get the gender attribute
- // from
- // stork. If we do not, we cannot register the person in the ERnP - we have to have the
- // gender for the represented person. So here comes the dirty hack.
- if (e.getCause() instanceof STORKException
- && e.getCause().getMessage().equals("gender not found in response")) {
- try {
- Logger.trace("Initialize VelocityEngine...");
-
- VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
- Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html");
- VelocityContext context = new VelocityContext();
- context.put("SAMLResponse", request.getParameter("SAMLResponse"));
- context.put("action", request.getRequestURL());
-
- StringWriter writer = new StringWriter();
- template.merge(context, writer);
-
- response.getOutputStream().write(writer.toString().getBytes("UTF-8"));
- } catch (Exception e1) {
- Logger.error("Error sending gender retrival form.", e1);
- // httpSession.invalidate();
- throw new MOAIDException("stork.10", null);
- }
-
- return;
- }
-
- Logger.error("Error connecting SZR Gateway", e);
- throw new MOAIDException("stork.10", null);
- }
-
- Logger.debug("Add full STORK AuthnResponse to MOA session");
- moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
- // authnResponse?
-
- // session is implicit stored in changeSessionID!!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
-
- Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);
-
- // redirect
- String redirectURL = null;
- redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(),
- ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID),
- newMOASessionID);
- redirectURL = response.encodeRedirectURL(redirectURL);
-
- response.setContentType("text/html");
- response.setStatus(302);
- response.addHeader("Location", redirectURL);
- Logger.info("REDIRECT TO: " + redirectURL);
-
- } catch (AuthenticationException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (MOAIDException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (Exception e) {
- Logger.error("PEPSConnector has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
- }
-
- finally {
-
- }
-
- }
-
- private void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, String signRequestString)
- throws MOAIDException {
-
- try {
- Logger.trace("Initialize VelocityEngine...");
-
- VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
- Template template = velocityEngine.getTemplate("/resources/templates/oasis_dss_webform_binding.vm");
- VelocityContext context = new VelocityContext();
-
- Logger.debug("performRedirect, signrequest:" + signRequestString);
- Source signDoc = new StreamSource(new java.io.StringReader(signRequestString));
- SignRequest signRequest = ApiUtils.unmarshal(signDoc, SignRequest.class);
- signRequest.setReturnURL("TODO");
- signRequestString = IOUtils.toString(ApiUtils.marshalToInputStream(signRequest));
- context.put("signrequest", Base64Utils.encode(signRequestString.getBytes("UTF8")));
- context.put("clienturl", url);
- context.put("action", oasisDssWebFormURL);
-
- StringWriter writer = new StringWriter();
- template.merge(context, writer);
-
- resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
- } catch (Exception e) {
- Logger.error("Error sending DSS signrequest.", e);
- throw new MOAIDException("stork.11", null);
- }
- }
-}
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java deleted file mode 100644 index b505605ab..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ /dev/null @@ -1,791 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
-
-import iaik.x509.X509Certificate;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.StringWriter;
-import java.net.URL;
-import java.text.SimpleDateFormat;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Date;
-import java.util.List;
-import java.util.Properties;
-
-import javax.activation.DataSource;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.namespace.QName;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.Service;
-import javax.xml.ws.soap.SOAPBinding;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang.StringEscapeUtils;
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
-import org.opensaml.saml2.core.StatusCode;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-
-import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.auth.stork.STORKException;
-import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
-
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulUtils;
-import at.gv.egovernment.moa.id.moduls.RequestStorage;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.IdentityLinkReSigner;
-import at.gv.egovernment.moa.id.util.VelocityProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-import at.gv.util.xsd.xmldsig.SignatureType;
-import at.gv.util.xsd.xmldsig.X509DataType;
-import eu.stork.documentservice.DocumentService;
-import eu.stork.oasisdss.api.ApiUtils;
-import eu.stork.oasisdss.api.LightweightSourceResolver;
-import eu.stork.oasisdss.profile.DocumentType;
-import eu.stork.oasisdss.profile.DocumentWithSignature;
-import eu.stork.oasisdss.profile.SignResponse;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PEPSUtil;
-import eu.stork.peps.auth.commons.PersonalAttribute;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
-import eu.stork.peps.auth.engine.STORKSAMLEngine;
-import eu.stork.peps.exceptions.STORKSAMLEngineException;
-
-/**
- * Evaluates the SAML response from the C-PEPS and authenticates the user.
- * <p/>
- * In detail:
- * <ul>
- * <li>Decodes and validates the SAML response from the C-PEPS.</li>
- * <li>Change moa session id.</li>
- * <li>Extracts the subject's gender from request parameter {@code gender} if not available from the saml response.</li>
- * <li>Extracts the {@code signedDoc} attribute from the response, get signed doc payload using stork attribute query request.</li>
- * <li>Request SZR gateway for verification of the citizen's signature and for creating of an identity link.</li>
- * <li>In case of mandate mode: If the S-PEPS did not provide any gender information, the szr gateway will not be able to issue an identity link. Therefore a form is presented asking for the subject's gender. The form submits the user back to the {@code /PepsConnector} servlet (this task).</li>
- * <li>The moa session is updated with authentication information.</li>
- * <li>Change moa session id.</li>
- * <li>Redirects back to {@code /dispatcher} in order to finalize the authentication.</li>
- * </ul>
- * Expects:
- * <ul>
- * <li>HttpServletRequest parameter {@code SAMLResponse}</li>
- * <li>Either HttpServletRequest parameter {@code RelayState} or {@code inResponseTo} attribute from the SAML response (both depicting the moa session id)</li>
- * <li>HttpServletRequest parameter {@code gender} in case the request comes from the gender selection form</li>
- * <li>{@code signedDoc} attribute within the SAML response.</li>
- * </ul>
- * Result:
- * <ul>
- * <li>Updated moa id session (identity link, stork attributes...)</li>
- * <li>{@link ExecutionContext} contains boolean flag {@code identityLinkAvailable} indicating if an identitylink has been successfully creates or not.</li>
- * <li>Redirect to {@code /dispatcher}.</li>
- * </ul>
- * Possible branches:
- * <ul>
- * <li>In case the szr gateway throws exception due to missing gender information:
- * <ul>
- * <li>Returns a form for gender selection with action url back to this servlet/task.</li>
- * </ul>
- * </li>
- * </ul>
- * Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet}.<br/>
- *
- * @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
- */
-public class PepsConnectorTask extends AbstractAuthServletTask {
-
- public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnector";
-
- public PepsConnectorTask() {
- super();
-
- }
-
- @Override
- public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
- throws TaskExecutionException {
- String pendingRequestID = null;
-
- setNoCachingHeaders(response);
-
- try {
-
- Logger.info("PEPSConnector Servlet invoked, expecting C-PEPS message.");
- Logger.debug("This ACS endpoint is: " + HTTPUtils.getBaseURL(request));
-
- // check if https or only http
- super.checkIfHTTPisAllowed(request.getRequestURL().toString());
-
- Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");
-
- // extract STORK Response from HTTP Request
- // Decodes SAML Response
- byte[] decSamlToken;
- try {
- decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse"));
- Logger.debug("SAMLResponse: " + new String(decSamlToken));
-
- } catch (NullPointerException e) {
- Logger.error("Unable to retrieve STORK Response", e);
- throw new MOAIDException("stork.04", null);
- }
-
- // Get SAMLEngine instance
- STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing");
-
- STORKAuthnResponse authnResponse = null;
- try {
- // validate SAML Token
- Logger.debug("Starting validation of SAML response");
- authnResponse = engine.validateSTORKAuthnResponseWithQuery(decSamlToken, (String) request.getRemoteHost());
- Logger.info("SAML response succesfully verified!");
- } catch (STORKSAMLEngineException e) {
- Logger.error("Failed to verify STORK SAML Response", e);
- throw new MOAIDException("stork.05", null);
- }
-
- Logger.info("STORK SAML Response message succesfully extracted");
- Logger.debug("STORK response: ");
- Logger.debug(authnResponse.toString());
-
- // do PEPS-conform logging for easier evaluation
- try {
- // 2015-03-12 16:44:27.144#S-PEPS receives response from C-PEPS#orig_msg_id id2 (in response to)#orig_msg_id id1 (in response to)#status#msghash#msg_id id3#
- Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives response from C-PEPS#" +
- authnResponse.getInResponseTo() + "#NA#" + authnResponse.getMessage() + "#_hash_#" + authnResponse.getSamlId() + "#");
- } catch (Exception e1) {
- Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());
- }
-
- Logger.debug("Trying to find MOA Session-ID ...");
- // String moaSessionID = request.getParameter(PARAM_SESSIONID);
- // first use SAML2 relayState
- String moaSessionID = request.getParameter("RelayState");
-
- // escape parameter strings
- moaSessionID = StringEscapeUtils.escapeHtml(moaSessionID);
-
- // check if SAML2 relaystate includes a MOA sessionID
- if (StringUtils.isEmpty(moaSessionID)) {
- // if relaystate is emtpty, use SAML response -> inResponseTo element as session identifier
-
- moaSessionID = authnResponse.getInResponseTo();
- moaSessionID = StringEscapeUtils.escapeHtml(moaSessionID);
-
- if (StringUtils.isEmpty(moaSessionID)) {
- // No authentication session has been started before
- Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
- Logger.debug("PEPSConnectorURL was: " + request.getRequestURL());
- throw new AuthenticationException("auth.02", new Object[] { moaSessionID });
-
- } else
- Logger.trace("Use MOA SessionID " + moaSessionID + " from AuthnResponse->inResponseTo attribute.");
-
- } else
- // Logger.trace("MOA SessionID " + moaSessionID + " is found in http GET parameter.");
- Logger.trace("MOA SessionID " + moaSessionID + " is found in SAML2 relayState.");
-
- /*
- * INFO!!!! SAML message IDs has an different format then MOASessionIDs This is only a workaround because
- * many PEPS does not support SAML2 relayState or MOASessionID as AttributConsumerServiceURL GET parameter
- */
- // if (!ParamValidatorUtils.isValidSessionID(moaSessionID))
- // throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
-
- pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
- IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
-
- // load MOASession from database
- AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);
- // change MOASessionID
- moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
-
- Logger.info("Found MOA sessionID: " + moaSessionID);
-
- String statusCodeValue = authnResponse.getStatusCode();
-
- if (!statusCodeValue.equals(StatusCode.SUCCESS_URI)) {
- Logger.error("Received ErrorResponse from PEPS: " + statusCodeValue);
- throw new MOAIDException("stork.06", new Object[] { statusCodeValue });
- }
-
- Logger.info("Got SAML response with authentication success message.");
-
- Logger.debug("MOA session is still valid");
-
- STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
-
- if (storkAuthnRequest == null) {
- Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
- throw new MOAIDException("stork.07", null);
- }
-
- OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix());
- if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() });
-
- //================== Check QAA level start ====================
- int reqQaa = -1;
- int authQaa = -1;
- String authQaaStr = null;
- try {
- reqQaa = storkAuthnRequest.getQaa();
-
- //TODO: found better solution, but QAA Level in response could be not supported yet
- try {
-
- authQaaStr = authnResponse.getAssertions().get(0).
- getAuthnStatements().get(0).getAuthnContext().
- getAuthnContextClassRef().getAuthnContextClassRef();
- moaSession.setQAALevel(authQaaStr);
-
- } catch (Throwable e) {
- Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
- moaSession.setQAALevel(PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel());
- authQaaStr = PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel();
- }
- if(authQaaStr != null)//Check value only if set
- {
- authQaa = Integer.valueOf(authQaaStr.substring(PVPConstants.STORK_QAA_PREFIX.length()));
-// authQaa = Integer.valueOf(authQaaStr);
- if (reqQaa > authQaa) {
- Logger.warn("Requested QAA level does not match to authenticated QAA level");
- throw new MOAIDException("stork.21", new Object[]{reqQaa, authQaa});
-
- }
- }
- } catch (MOAIDException e) {
- throw e;
-
- } catch (Exception e) {
- if (Logger.isDebugEnabled())
- Logger.warn("STORK QAA Level evaluation error", e);
-
- else
- Logger.warn("STORK QAA Level evaluation error (ErrorMessage="
- + e.getMessage() + ")");
-
- throw new MOAIDException("stork.21", new Object[]{reqQaa, authQaa});
-
- }
- //================== Check QAA level end ====================
-
-
- Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
-
- // fetch attribute list from response
- IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList();
- if(authnResponse.getAssertions().size() > 1) {
- for(IPersonalAttributeList currentList : authnResponse.getPersonalAttributeLists()) {
- for(PersonalAttribute currentAttribute : currentList.values()) {
- if(!attributeList.containsKey(currentAttribute.getName()))
- attributeList.add((PersonalAttribute) currentAttribute.clone());
- else {
- if(!attributeList.get(currentAttribute.getName()).getValue().equals(currentAttribute.getValue()))
- throw new TaskExecutionException("data integrity failure", new Exception("data integrity failure: found non-matching values in multiple attributes of type " + currentAttribute.getName()));
- }
- }
- }
- }
-
- // //////////// incorporate gender from parameters if not in stork response
-
- // but first, check if we have a representation case
- if (STORKResponseProcessor.hasAttribute("mandateContent", attributeList)
- || STORKResponseProcessor.hasAttribute("representative", attributeList)
- || STORKResponseProcessor.hasAttribute("represented", attributeList)) {
- // in a representation case...
- moaSession.setUseMandate("true");
-
- // and check if we have the gender value
- PersonalAttribute gender = attributeList.get("gender"); // TODO Do we need to check gender value if
- // there is no representation case?
- if (null == gender) {
- String gendervalue = (String) request.getParameter("gender");
- if (null != gendervalue) {
- gender = new PersonalAttribute();
- gender.setName("gender");
- ArrayList<String> tmp = new ArrayList<String>();
- tmp.add(gendervalue);
- gender.setValue(tmp);
-
- attributeList.add(gender);
- }
- }
- }
-
- // ////////////////////////////////////////////////////////////////////////
-
- MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED);
-
- AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
- String citizenSignature = null;
- if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
- Logger.debug("signedDoc extraction skipped due to configuration");
- } else {
- Logger.debug("Starting extraction of signedDoc attribute");
- // extract signed doc element and citizen signature
- try {
-
- if (attributeList.get("signedDoc") == null
- || attributeList.get("signedDoc").getValue() == null
- || attributeList.get("signedDoc").getValue().get(0) == null) {
- Logger.info("STORK Response include NO signedDoc attribute!");
- throw new STORKException("STORK Response include NO signedDoc attribute.");
-
- }
-
- String signatureInfo = attributeList.get("signedDoc").getValue().get(0);
-
-
- Logger.debug("signatureInfo:" + signatureInfo);
-
- SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(
- new java.io.StringReader(signatureInfo)));
-
- // fetch signed doc
- DataSource ds = null;
- try{
- ds = LightweightSourceResolver.getDataSource(dssSignResponse);
- }catch(Exception e)
- {
- e.printStackTrace();
- }
- if(ds == null){
- //Normal DocumentServices return a http-page, but the SI DocumentService returns HTTP error 500
- //which results in an exception and ds==null
-
- //try to load document from documentservice
- citizenSignature = loadDocumentFromDocumentService(dssSignResponse);
- //throw new ApiUtilsException("No datasource found in response");
- }
- else
- {
- InputStream incoming = ds.getInputStream();
- citizenSignature = IOUtils.toString(incoming);
- incoming.close();
-
- Logger.debug("citizenSignature:"+citizenSignature);
- if(isDocumentServiceUsed(citizenSignature)==true)
- {
- citizenSignature = loadDocumentFromDocumentService(dssSignResponse);
- // Logger.debug("Loading document from DocumentService.");
- // String url = getDtlUrlFromResponse(dssSignResponse);
- // //get Transferrequest
- // String transferRequest = getDocTransferRequest(dssSignResponse.getDocUI(), url);
- // //Load document from DocumentService
- // byte[] data = getDocumentFromDtl(transferRequest, url);
- // citizenSignature = new String(data, "UTF-8");
- // Logger.debug("Overridung citizenSignature with:"+citizenSignature);
- }
- }
-
- JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName());
- SignatureType root = ((JAXBElement<SignatureType>) ctx.createUnmarshaller().unmarshal(
- IOUtils.toInputStream(citizenSignature))).getValue();
-
- // memorize signature into authblock
- moaSession.setAuthBlock(citizenSignature);
-
- // extract certificate
- for (Object current : root.getKeyInfo().getContent())
- if (((JAXBElement<?>) current).getValue() instanceof X509DataType) {
- for (Object currentX509Data : ((JAXBElement<X509DataType>) current).getValue()
- .getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
- JAXBElement<?> casted = ((JAXBElement<?>) currentX509Data);
- if (casted.getName().getLocalPart().equals("X509Certificate")) {
- moaSession.setSignerCertificate(new X509Certificate(((String) casted.getValue())
- .getBytes("UTF-8")));
- break;
- }
- }
- }
-
- } catch (Throwable e) {
- Logger.error("Could not extract citizen signature from C-PEPS", e);
- throw new MOAIDException("stork.09", null);
- }
- }
- Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)");
- Logger.debug("Citizen signature will be verified by SZR Gateway!");
-
- Logger.debug("fetching OAParameters from database");
-
- // //read configuration paramters of OA
- // AuthenticationSession moasession;
- // try {
- // moasession = AuthenticationSessionStoreage.getSession(moaSessionID);
- // } catch (MOADatabaseException e2) {
- // Logger.error("could not retrieve moa session");
- // throw new AuthenticationException("auth.01", null);
- // }
-
- // retrieve target
- // TODO: check in case of SSO!!!
- String targetType = null;
- if (oaParam.getBusinessService()) {
- String id = oaParam.getIdentityLinkDomainIdentifier();
- if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
- targetType = id;
- else
- targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_ + moaSession.getDomainIdentifier();
- } else {
- targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
- }
-
- Logger.debug("Starting connecting SZR Gateway");
- // contact SZR Gateway
- IdentityLink identityLink = null;
- executionContext.put("identityLinkAvailable", false);
- try {
- if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
- // create fake IdL
- // - fetch IdL template from resources
- InputStream s = PepsConnectorTask.class.getResourceAsStream("/resources/xmldata/fakeIdL_IdL_template.xml");
- Element idlTemplate = DOMUtils.parseXmlValidating(s);
-
- identityLink = new IdentityLinkAssertionParser(idlTemplate).parseIdentityLink();
-
- // replace data
- Element idlassertion = identityLink.getSamlAssertion();
- // - set bpk/wpbk;
- Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
- if(!STORKResponseProcessor.hasAttribute("eIdentifier", attributeList))
- throw new STORKException("eIdentifier is missing");
- String eIdentifier = STORKResponseProcessor.getAttributeValue("eIdentifier", attributeList, false);
- prIdentification.getFirstChild().setNodeValue(eIdentifier);
-
- // - set last name
- Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH);
- if(!STORKResponseProcessor.hasAttribute("surname", attributeList))
- throw new STORKException("surname is missing");
- String familyName = STORKResponseProcessor.getAttributeValue("surname", attributeList, false);
- prFamilyName.getFirstChild().setNodeValue(familyName);
-
- // - set first name
- Node prGivenName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH);
- if(!STORKResponseProcessor.hasAttribute("givenName", attributeList))
- throw new STORKException("givenName is missing");
- String givenName = STORKResponseProcessor.getAttributeValue("givenName", attributeList, false);
- prGivenName.getFirstChild().setNodeValue(givenName);
-
- // - set date of birth
- Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH);
- if(!STORKResponseProcessor.hasAttribute("dateOfBirth", attributeList))
- throw new STORKException("dateOfBirth is missing");
- String dateOfBirth = STORKResponseProcessor.getAttributeValue("dateOfBirth", attributeList, false);
- dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(new SimpleDateFormat("yyyyMMdd").parse(dateOfBirth));
- prDateOfBirth.getFirstChild().setNodeValue(dateOfBirth);
-
- identityLink = new IdentityLinkAssertionParser(idlassertion).parseIdentityLink();
-
- //resign IDL
- IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance();
- Element resignedilAssertion = identitylinkresigner.resignIdentityLink(identityLink.getSamlAssertion(), config.getStorkFakeIdLResigningKey());
- identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink();
-
- } else {
- //contact SZR Gateway
- Logger.debug("Starting connecting SZR Gateway");
-
- identityLink = STORKResponseProcessor.connectToSZRGateway(
- attributeList,
- oaParam.getFriendlyName(),
- targetType,
- null,
- oaParam.getMandateProfiles(),
- citizenSignature);
-
- }
-
- } catch (STORKException e) {
- // this is really nasty but we work against the system here. We are supposed to get the gender attribute
- // from
- // stork. If we do not, we cannot register the person in the ERnP - we have to have the
- // gender for the represented person. So here comes the dirty hack.
- if (e.getCause() instanceof STORKException
- && e.getCause().getMessage().equals("gender not found in response")) {
- try {
- Logger.trace("Initialize VelocityEngine...");
-
- VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
- Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html");
- VelocityContext context = new VelocityContext();
- context.put("SAMLResponse", request.getParameter("SAMLResponse"));
- context.put("action", request.getRequestURL());
-
- StringWriter writer = new StringWriter();
- template.merge(context, writer);
-
- response.getOutputStream().write(writer.toString().getBytes("UTF-8"));
- } catch (Exception e1) {
- Logger.error("Error sending gender retrival form.", e1);
- // httpSession.invalidate();
- throw new MOAIDException("stork.10", null);
- }
-
- return;
- }
-
- Logger.error("Error connecting SZR Gateway", e);
- throw new MOAIDException("stork.10", null);
- }
- Logger.debug("SZR communication was successfull");
-
- if (identityLink == null) {
- Logger.error("SZR Gateway did not return an identity link.");
- throw new MOAIDException("stork.10", null);
- }
-
- MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED);
- moaSession.setForeigner(true);
-
- Logger.info("Received Identity Link from SZR Gateway");
- executionContext.put("identityLinkAvailable", true);
- moaSession.setIdentityLink(identityLink);
-
- Logger.debug("Adding addtional STORK attributes to MOA session");
- moaSession.setStorkAttributes(attributeList);
-
- Logger.debug("Add full STORK AuthnResponse to MOA session");
- moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));
-
- // We don't have BKUURL, setting from null to "Not applicable"
- moaSession.setBkuURL("Not applicable (STORK Authentication)");
-
- // free for single use
- moaSession.setAuthenticatedUsed(false);
-
- // stork did the authentication step
- moaSession.setAuthenticated(true);
-
- // do PEPS-conform logging for easier evaluation
- try {
- // 2015-03-12 16:44:27.144#S-PEPS generates response to SP#orig_msg_id id1 (in response to)#status#msghash#msg_id id4#
- Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates response to SP#" +
- "#" + moaSession.getProcessInstanceId() + "#" + authnResponse.getMessage() + "#_hash_#" + moaSession.getProcessInstanceId() + "#");
- } catch (Exception e1) {
- Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());
- }
-
- // TODO: found better solution, but QAA Level in STORK response is not be supported yet
-// try {
-//
-// moaSession.setQAALevel(authnResponse.getAssertions().get(0).getAuthnStatements().get(0)
-// .getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef());
-//
-// } catch (Throwable e) {
-// Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
-// moaSession.setQAALevel(PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel());
-//
-// }
-
- // session is implicit stored in changeSessionID!!!!
- String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
-
- Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);
-
- // redirect
- String redirectURL = null;
- redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(),
- ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID),
- newMOASessionID);
- redirectURL = response.encodeRedirectURL(redirectURL);
-
- // response.setContentType("text/html");
- // response.setStatus(302);
- // response.addHeader("Location", redirectURL);
- response.sendRedirect(redirectURL);
- Logger.info("REDIRECT TO: " + redirectURL);
-
- } catch (AuthenticationException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (MOAIDException e) {
- throw new TaskExecutionException(e.getMessage(), e);
-
- } catch (Exception e) {
- Logger.error("PEPSConnector has an interal Error.", e);
- throw new TaskExecutionException(e.getMessage(), e);
- }
-
- finally {
-
- }
-
- }
-
- private boolean isDocumentServiceUsed(String citizenSignature) // TODo add better check
- {
- if (citizenSignature
- .contains("<table border=\"0\"><tr><td>Service Name:</td><td>{http://stork.eu}DocumentService</td></tr><tr><td>Port Name:</td><td>{http://stork.eu}DocumentServicePort</td></tr></table>")) {
- Logger.trace("isDocumentServiceUsed => true");
- return true;
- }
-
- Logger.trace("isDocumentServiceUsed => false");
- return false;
- }
-
- /**
- * Get DTL uril from the oasis sign response
- *
- * @param signRequest
- * The signature response
- * @return The URL of DTL service
- * @throws SimpleException
- */
- private String getDtlUrlFromResponse(SignResponse dssSignResponse) {
- List<DocumentWithSignature> documents = ApiUtils.findNamedElement(dssSignResponse.getOptionalOutputs(),
- ApiUtils.OPTIONAL_OUTPUT_DOCUMENTWITHSIGNATURE, DocumentWithSignature.class);
- DocumentType sourceDocument = documents.get(0).getDocument();
-
- if (sourceDocument.getDocumentURL() != null)
- return sourceDocument.getDocumentURL();
- else
- return null;// throw new Exception("No document url found");
- }
-
- // From DTLPEPSUTIL
-
- /**
- * Get document from DTL
- *
- * @param transferRequest
- * The transfer request (attribute query)
- * @param eDtlUrl
- * The DTL url of external DTL
- * @return the document data
- * @throws SimpleException
- */
- private byte[] getDocumentFromDtl(String transferRequest, String eDtlUrl) throws Exception {
- URL url = null;
- try {
-
- Logger.trace("getDocumentFromDtl, dtlUrl:'"+getdtlUrl()+"' eDtlUrl:'"+eDtlUrl+"'");
- url = new URL(getdtlUrl());
- QName qname = new QName("http://stork.eu", "DocumentService");
-
- Service service = Service.create(url, qname);
- DocumentService docservice = service.getPort(DocumentService.class);
-
- BindingProvider bp = (BindingProvider) docservice;
- SOAPBinding binding = (SOAPBinding) bp.getBinding();
- binding.setMTOMEnabled(true);
-
- if (eDtlUrl.equalsIgnoreCase(getdtlUrl()))
- return docservice.getDocument(transferRequest, "");
- else
- return docservice.getDocument(transferRequest, eDtlUrl);
- } catch (Exception e) {
- e.printStackTrace();
- throw new Exception("Error in getDocumentFromDtl", e);
- }
- }
-
- /**
- * Get a document transfer request (attribute query)
- *
- * @param docId
- * @return
- * @throws SimpleException
- */
- private String getDocTransferRequest(String docId, String destinationUrl) throws Exception {
- String spCountry = docId.substring(0, docId.indexOf("/"));
- final STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
- STORKAttrQueryRequest req = new STORKAttrQueryRequest();
- req.setAssertionConsumerServiceURL(getdtlUrl());
- req.setDestination(destinationUrl);
- req.setSpCountry(spCountry);
- req.setQaa(3);// TODO
- PersonalAttributeList pal = new PersonalAttributeList();
- PersonalAttribute attr = new PersonalAttribute();
- attr.setName("docRequest");
- attr.setIsRequired(true);
- attr.setValue(Arrays.asList(docId));
- pal.add(attr);
- req.setPersonalAttributeList(pal);
-
- STORKAttrQueryRequest req1;
- try {
- req1 = engine.generateSTORKAttrQueryRequest(req);
- return PEPSUtil.encodeSAMLTokenUrlSafe(req1.getTokenSaml());
- } catch (STORKSAMLEngineException e) {
- e.printStackTrace();
- throw new Exception("Error in doc request attribute query generation", e);
- }
- }
-
- private String getdtlUrl() {
- String dtlUrl;
- try {
- AuthConfiguration authConfigurationProvider = AuthConfigurationProviderFactory.getInstance();
- dtlUrl = authConfigurationProvider.getDocumentServiceUrl();
- Logger.info ("PEPSConnectorServlet, using dtlUrl:"+dtlUrl);
-
- } catch (Exception e) {
- dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService";
- Logger.error("Loading documentservice url failed, using default value:"+dtlUrl, e);
-
- }
-
-
-// Properties props = new Properties();
-// try {
-// props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties"));
-// dtlUrl = props.getProperty("docservice.url");
-// } catch (IOException e) {
-// dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService";
-// Logger.error("Loading DTL config failed, using default value:" + dtlUrl);
-// e.printStackTrace();
-// }
-
- return dtlUrl;
-
- }
-
- private String loadDocumentFromDocumentService(SignResponse dssSignResponse) throws Exception
- {
- Logger.debug("Loading document from DocumentService.");
- String url = getDtlUrlFromResponse(dssSignResponse);
- Logger.debug("Loading document from DocumentService, url:"+url);
- //get Transferrequest
- String transferRequest = getDocTransferRequest(dssSignResponse.getDocUI(), url);
- //Load document from DocumentService
- byte[] data = getDocumentFromDtl(transferRequest, url);
- String citizenSignature = new String(data, "UTF-8");
- Logger.debug("Overridung citizenSignature with:"+citizenSignature);
- return citizenSignature;
- }
-
-}
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java deleted file mode 100644 index 79641d085..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKException.java +++ /dev/null @@ -1,64 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/** - * - */ -package at.gv.egovernment.moa.id.auth.stork; - - -/** - * Exception thrown if error occurs in STORK processing - * @author bzwattendorfer - * - */ -public class STORKException extends Exception{ - - /** - * - */ - private static final long serialVersionUID = 1L; - - public STORKException() { - super(); - - } - - public STORKException(String message, Throwable cause) { - super(message, cause); - - } - - public STORKException(String message) { - super(message); - - } - - public STORKException(Throwable cause) { - super(cause); - - } - - - - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java deleted file mode 100644 index 65a3637a9..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ /dev/null @@ -1,286 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/** - * - */ -package at.gv.egovernment.moa.id.auth.stork; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.List; -import java.util.Vector; - -import javax.activation.DataSource; -import javax.xml.transform.Source; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactoryConfigurationError; -import javax.xml.transform.stream.StreamSource; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang3.StringEscapeUtils; - -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.ParseException; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.client.SZRGWClientException; -import at.gv.egovernment.moa.id.client.utils.SZRGWClientUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DateTimeUtils; -import at.gv.egovernment.moa.util.StringUtils; -import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; -import eu.stork.oasisdss.api.ApiUtils; -import eu.stork.oasisdss.api.LightweightSourceResolver; -import eu.stork.oasisdss.api.exceptions.ApiUtilsException; -import eu.stork.oasisdss.api.exceptions.UtilsException; -import eu.stork.oasisdss.profile.SignResponse; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; - -/** - * - * Handles all functionality for the processing of a STORK response - * @author bzwattendorfer - * - */ -public class STORKResponseProcessor { - - /** OASIS DSS Namespace */ - public static final String OASIS_DSS_NS = "urn:oasis:names:tc:dss:1.0:core:schema"; - - /** OASIS DSS Success Message */ - public static final String OASIS_DSS_SUCCESS_MSG = "urn:oasis:names:tc:dss:1.0:resultmajor:Success"; - - /** - * Checks for attribute. - * - * @param attributeName the attribute name - * @param attributeList the attribute list - * @return true, if successful - */ - public static boolean hasAttribute(String attributeName, IPersonalAttributeList attributeList) { - try { - getAttributeValue(attributeName, attributeList); - return true; - } catch(STORKException e) { - return false; - } - } - - /** - * helper for reading attributes. Handles logging and error handling. - * - * @param attributeName the attribute name - * @param attributeList the attribute list - * @return the attribute value - * @throws STORKException the sTORK exception - */ - private static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList) throws STORKException { - return getAttributeValue(attributeName, attributeList, true); - } - public static String getAttributeValue(String attributeName, IPersonalAttributeList attributeList, boolean throwException) throws STORKException { - try { - String result = attributeList.get(attributeName).getValue().get(0); - Logger.trace(attributeName + " : " + result); - return result; - } catch(Exception e) { - Logger.error(attributeName + " not found in response"); - if(throwException) - throw new STORKException(attributeName + " not found in response"); - else - return null; - } - } - - /** - * Handels connection to SZR-GW and returns Identity Link on success. - * - * @param attributeList the attribute list - * @param oaFriendlyName the oa friendly name - * @param targetType the target type - * @param targetValue the target value - * @param filters the filters - * @param citizenSignature2 - * @return Identity Link - * @throws STORKException the sTORK exception - * @throws MOAIDException - */ - public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList, String oaFriendlyName, String targetType, String targetValue, List<String> filters, String citizenSignature) throws STORKException, MOAIDException { - Logger.trace("Calling SZR Gateway with the following attributes:"); - - CreateIdentityLinkResponse identityLinkResponse = null; - IdentityLink identityLink = null; - try { - Logger.trace("Starting call..."); - - // if there is no signedDoc attribute, we cannot go on - if(citizenSignature==null || citizenSignature.length()==0) - { - String signResponseString = getAttributeValue("signedDoc", attributeList); - - //Extract signature from SIgnResponse - Source response1 = new StreamSource(new java.io.StringReader(signResponseString)); - SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class); - citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse); - } - - String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false); - - // if we have a signedDoc we test for a representation case - // - according to stork samlengine and commons - if(hasAttribute("mandate", attributeList)) { - // we have a representation case - String mandate = getAttributeValue("mandate", attributeList, false); - - if(!hasAttribute("dateOfBirth", attributeList)) { - // if we get here, we have a natural person representing a legal person - String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false); - String organizationType = getAttributeValue("translateableType", attributeList, false); - - identityLinkResponse = SZRGWClientUtils.getIdentityLink(citizenSignature, null, null, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); - } else { - // if we get here, we have a natural person representing another natural person - String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); - String givenName = getAttributeValue("givenName", attributeList, false); - String lastName = getAttributeValue("surname", attributeList, false); - String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); - - // gender attribute is mandatory here because of some legal stuff - String gender = getAttributeValue("gender", attributeList, false); - - if (!StringUtils.isEmpty(dateOfBirth)) - dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); - - identityLinkResponse = SZRGWClientUtils.getIdentityLink(eIdentifier, - givenName, lastName, dateOfBirth, gender, citizenSignature, null, - null, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); - } - } - // - according to stork spec - else if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) { - // we have a representation case - String representative = getAttributeValue("representative", attributeList, false); - String represented = getAttributeValue("represented", attributeList, false); - String mandate = getAttributeValue("mandateContent", attributeList, false); - - if(!hasAttribute("dateOfBirth", attributeList)) { - // if we get here, we have a natural person representing a legal person - String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList, false); - String organizationType = getAttributeValue("translateableType", attributeList, false); - - identityLinkResponse = SZRGWClientUtils.getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); - } else { - // if we get here, we have a natural person representing another natural person - String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); - String givenName = getAttributeValue("givenName", attributeList, false); - String lastName = getAttributeValue("surname", attributeList, false); - String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); - - // gender attribute is mandatory here because of some legal stuff - String gender = getAttributeValue("gender", attributeList, false); - - if (!StringUtils.isEmpty(dateOfBirth)) - dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); - - identityLinkResponse = SZRGWClientUtils.getIdentityLink(eIdentifier, - givenName, lastName, dateOfBirth, gender, citizenSignature, representative, - represented, mandate, targetType, targetValue, oaFriendlyName, filters, fiscalNumber); - } - } else { - // we do not have a representation case - String eIdentifier = getAttributeValue("eIdentifier", attributeList, false); - String givenName = getAttributeValue("givenName", attributeList, false); - String lastName = getAttributeValue("surname", attributeList, false); - String dateOfBirth = getAttributeValue("dateOfBirth", attributeList, false); - if (!StringUtils.isEmpty(dateOfBirth)) - dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth); - identityLinkResponse = SZRGWClientUtils.getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, fiscalNumber); - } - - if (null != identityLinkResponse.getErrorResponse()){ - throw new SZRGWClientException("service.08", (String)identityLinkResponse.getErrorResponse().getErrorCode(), - (String)identityLinkResponse.getErrorResponse().getInfo()); - } - else { - IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(identityLinkResponse.getIdentityLink())); - identityLink = ilParser.parseIdentityLink(); - - Logger.debug("Received Identity Link from SZR Gateway"); - //TODO: is this ok? -// if (StringUtils.isEmpty(identityLink.getDateOfBirth())) { -// identityLink.setDateOfBirth("9999-12-31"); -// } - - } - - } catch (ParseException e) { - Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); - throw new MOAIDException("auth.25", null, e); - } catch (ApiUtilsException e) { - Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); - throw new MOAIDException("auth.25", null, e); - } catch (IllegalArgumentException e) { - Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); - throw new MOAIDException("auth.25", null, e); - } catch (TransformerConfigurationException e) { - Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); - throw new MOAIDException("auth.25", null, e); - } catch (UtilsException e) { - Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); - throw new MOAIDException("auth.25", null, e); - } catch (TransformerException e) { - Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); - throw new MOAIDException("auth.25", null, e); - } catch (TransformerFactoryConfigurationError e) { - Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); - throw new MOAIDException("auth.25", null, e); - } catch (IOException e) { - Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e); - throw new MOAIDException("auth.25", null, e); - } - - return identityLink; - - } - - private static String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException - { - // fetch signed doc - DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse); - if(ds == null){ - throw new ApiUtilsException("No datasource found in response"); - } - - InputStream incoming = ds.getInputStream(); - String citizenSignature = IOUtils.toString(incoming); - incoming.close(); - - return citizenSignature; - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAdoptedFamilyNameAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAdoptedFamilyNameAttributBuilder.java deleted file mode 100644 index 124e490f2..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAdoptedFamilyNameAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKAdoptedFamilyNameAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.ADOPTEDFAMILYNAME_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.ADOPTEDFAMILYNAME_FRIENDLYNAME, STORKConstants.ADOPTEDFAMILYNAME_NAME, - STORKAttributHelper.getAttribut(STORKConstants.ADOPTEDFAMILYNAME_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.ADOPTEDFAMILYNAME_FRIENDLYNAME, STORKConstants.ADOPTEDFAMILYNAME_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAgeAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAgeAttributBuilder.java deleted file mode 100644 index dff93139c..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAgeAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKAgeAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.AGE_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.AGE_FRIENDLYNAME, STORKConstants.AGE_NAME, - STORKAttributHelper.getAttribut(STORKConstants.AGE_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.AGE_FRIENDLYNAME, STORKConstants.AGE_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java deleted file mode 100644 index 9a0598cf6..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException; -import at.gv.egovernment.moa.logging.Logger; - -/** - * @author tlenz - * - */ -public class STORKAttributHelper { - - public static String getAttribut(String attributName, - IAuthData authSession) throws UnavailableAttributeException { - - if (!authSession.isForeigner()) { - throw new UnavailableAttributeException(attributName); - - } else { - IPersonalAttributeList storkAttributes = authSession.getStorkAttributes(); - - if ( storkAttributes == null ) { - throw new UnavailableAttributeException(attributName); - - } - - try { - PersonalAttribute attribut = storkAttributes.get(attributName); - if (attribut != null) { - - return attribut.getValue().get(0); - - } else - throw new UnavailableAttributeException(attributName); - - } catch (Exception e) { - Logger.warn("Attribut " + attributName + " generation error", e); - throw new UnavailableAttributeException(attributName); - } - } - - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKCanonicalResidenceAddressAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKCanonicalResidenceAddressAttributBuilder.java deleted file mode 100644 index 66d8a6bc1..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKCanonicalResidenceAddressAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKCanonicalResidenceAddressAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.CANONICALRESIDENCEADDRESS_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.CANONICALRESIDENCEADDRESS_FRIENDLYNAME, STORKConstants.CANONICALRESIDENCEADDRESS_NAME, - STORKAttributHelper.getAttribut(STORKConstants.CANONICALRESIDENCEADDRESS_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.CANONICALRESIDENCEADDRESS_FRIENDLYNAME, STORKConstants.CANONICALRESIDENCEADDRESS_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKCountryCodeOfBirthAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKCountryCodeOfBirthAttributBuilder.java deleted file mode 100644 index 706f5dd3a..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKCountryCodeOfBirthAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKCountryCodeOfBirthAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.CONTRYCODEOFBIRTH_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.CONTRYCODEOFBIRTH_FRIENDLYNAME, STORKConstants.CONTRYCODEOFBIRTH_NAME, - STORKAttributHelper.getAttribut(STORKConstants.CONTRYCODEOFBIRTH_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.CONTRYCODEOFBIRTH_FRIENDLYNAME, STORKConstants.CONTRYCODEOFBIRTH_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKFiscalNumberAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKFiscalNumberAttributBuilder.java deleted file mode 100644 index adc1d28da..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKFiscalNumberAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKFiscalNumberAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.FISCALNUMBER_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.FISCALNUMBER_FRIENDLYNAME, STORKConstants.FISCALNUMBER_NAME, - STORKAttributHelper.getAttribut(STORKConstants.FISCALNUMBER_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.FISCALNUMBER_FRIENDLYNAME, STORKConstants.FISCALNUMBER_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKGenderAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKGenderAttributBuilder.java deleted file mode 100644 index 2faeaf2d7..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKGenderAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKGenderAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.GENDER_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.GENDER_FRIENDLYNAME, STORKConstants.GENDER_NAME, - STORKAttributHelper.getAttribut(STORKConstants.GENDER_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.GENDER_FRIENDLYNAME, STORKConstants.GENDER_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKInhertedFamilyNameAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKInhertedFamilyNameAttributBuilder.java deleted file mode 100644 index b6d29d42f..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKInhertedFamilyNameAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKInhertedFamilyNameAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.INHERITEDFAMILYNAME_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.INHERITEDFAMILYNAME_FRIENDLYNAME, STORKConstants.INHERITEDFAMILYNAME_NAME, - STORKAttributHelper.getAttribut(STORKConstants.INHERITEDFAMILYNAME_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.INHERITEDFAMILYNAME_FRIENDLYNAME, STORKConstants.INHERITEDFAMILYNAME_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKIsAgeOverAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKIsAgeOverAttributBuilder.java deleted file mode 100644 index 2ac3e2aaa..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKIsAgeOverAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKIsAgeOverAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.ISAGEOVER_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.ISAGEOVER_FRIENDLYNAME, STORKConstants.ISAGEOVER_NAME, - STORKAttributHelper.getAttribut(STORKConstants.ISAGEOVER_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.ISAGEOVER_FRIENDLYNAME, STORKConstants.ISAGEOVER_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKMaritalStatusAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKMaritalStatusAttributBuilder.java deleted file mode 100644 index c4e42029e..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKMaritalStatusAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKMaritalStatusAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.MARITALSTATUS_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.MARITALSTATUS_FRIENDLYNAME, STORKConstants.MARITALSTATUS_NAME, - STORKAttributHelper.getAttribut(STORKConstants.MARITALSTATUS_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.MARITALSTATUS_FRIENDLYNAME, STORKConstants.MARITALSTATUS_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKNationalityCodeAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKNationalityCodeAttributBuilder.java deleted file mode 100644 index 47fbdd145..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKNationalityCodeAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKNationalityCodeAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.NATIONALITYCODE_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.NATIONALITYCODE_FRIENDLYNAME, STORKConstants.NATIONALITYCODE_NAME, - STORKAttributHelper.getAttribut(STORKConstants.NATIONALITYCODE_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.NATIONALITYCODE_FRIENDLYNAME, STORKConstants.NATIONALITYCODE_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKPseudonymAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKPseudonymAttributBuilder.java deleted file mode 100644 index 6b079b8d4..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKPseudonymAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKPseudonymAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.PSEUDONYM_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.PSEUDONYM_FRIENDLYNAME, STORKConstants.PSEUDONYM_NAME, - STORKAttributHelper.getAttribut(STORKConstants.PSEUDONYM_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.PSEUDONYM_FRIENDLYNAME, STORKConstants.PSEUDONYM_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKResidencePermitAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKResidencePermitAttributBuilder.java deleted file mode 100644 index 5728a3979..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKResidencePermitAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKResidencePermitAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.RESIDENCEPERMIT_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.RESIDENCEPERMIT_FRIENDLYNAME, STORKConstants.RESIDENCEPERMIT_NAME, - STORKAttributHelper.getAttribut(STORKConstants.RESIDENCEPERMIT_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.RESIDENCEPERMIT_FRIENDLYNAME, STORKConstants.RESIDENCEPERMIT_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKTextResidenceAddressAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKTextResidenceAddressAttributBuilder.java deleted file mode 100644 index 1879eb42a..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKTextResidenceAddressAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKTextResidenceAddressAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.TEXTRESIDENCEADDRESS_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.TEXTRESIDENCEADDRESS_FRIENDLYNAME, STORKConstants.TEXTRESIDENCEADDRESS_NAME, - STORKAttributHelper.getAttribut(STORKConstants.TEXTRESIDENCEADDRESS_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.TEXTRESIDENCEADDRESS_FRIENDLYNAME, STORKConstants.TEXTRESIDENCEADDRESS_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKTitleAttributBuilder.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKTitleAttributBuilder.java deleted file mode 100644 index 107386b5a..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKTitleAttributBuilder.java +++ /dev/null @@ -1,49 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.builder.attributes; - -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException; - -public class STORKTitleAttributBuilder implements IPVPAttributeBuilder { - - public String getName() { - return STORKConstants.TITLE_NAME; - } - - public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, - IAttributeGenerator<ATT> g) throws AttributeException { - - return g.buildStringAttribute(STORKConstants.TITLE_FRIENDLYNAME, STORKConstants.TITLE_NAME, - STORKAttributHelper.getAttribut(STORKConstants.TITLE_NAME, authData)); - - } - - public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { - return g.buildEmptyAttribute(STORKConstants.TITLE_FRIENDLYNAME, STORKConstants.TITLE_NAME); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java deleted file mode 100644 index 2e72f216a..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ /dev/null @@ -1,367 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; - -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationImpl; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.*; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * The AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. - * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes. - * Furthermore, the class can handle direct posts. That is when the class triggers an attribute query which needs user - * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes. - * - * TODO how do we treat mandatory and optional attributes? - */ -public class AttributeCollector implements IAction { - - /** - * The Constant ARTIFACT_ID. - */ - private static final String ARTIFACT_ID = "artifactId"; - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) - */ - public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { - - // - fetch the container - String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - - - if (httpReq.getParameter("SAMLResponse") != null) { - Logger.info("Got SAML response from external attribute provider."); - - MOASTORKResponse STORK2Response = new MOASTORKResponse(httpReq); - - //extract STORK Response from HTTP Request - byte[] decSamlToken; - try { - decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); - } catch (NullPointerException e) { - if (httpReq.getRemoteHost().contains("129.27.142")) { - Logger.warn("Availability check by " + httpReq.getRemoteHost() + " on URI: " + httpReq.getRequestURI()); - } else { - Logger.error("Unable to retrieve STORK Request for host: " + httpReq.getRemoteHost() + " and URI: " + httpReq.getRequestURI(), e); - } - throw new MOAIDException("stork.04", null); - } - - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - - STORKAuthnResponse authnResponse = null; - - - // check if valid authn response is contained - try { - authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, httpReq.getRemoteAddr()); - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); - } - - STORK2Response.setSTORKAuthnResponseToken(decSamlToken); - - // check if the attributes are provided for the same person from request - // requires presence of eIdentifier for unambigious correlation - Logger.debug("Checking if the attribute relates to the correct person.."); - try { - String remoteEIdentifier= authnResponse.getPersonalAttributeList().get("eIdentifier").getValue().get(0); - String localEidentifier= container.getResponse().getStorkAuthnResponse().getPersonalAttributeList().get("eIdentifier").getValue().get(0); - if (!remoteEIdentifier.equals(localEidentifier)) { - Logger.error("The attribute is not provided for the same person!"); - throw new MOAIDException("stork.25", null); - } - } catch (NullPointerException ex) { - Logger.warn("Could not check the correlation of attributes from external provider. Ignoring the check."); - //Logger.debug(ex); - //throw new MOAIDException("stork.04", null); // TODO revise message, raise exception when ehvd checked - } - - if (authnResponse.getPersonalAttributeList().size() > 0) { - Logger.info("Response from external attribute provider contains " + authnResponse.getPersonalAttributeList().size() + " attributes."); - container.getResponse().setPersonalAttributeList(addOrUpdateAll(container.getResponse().getPersonalAttributeList(), authnResponse.getPersonalAttributeList())); - } - - } - - // end addition - - - // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{container.getRequest().getAssertionConsumerServiceURL()}); - - // find the attribute provider plugin that can handle the response - IPersonalAttributeList newAttributes = null; - - Iterator<AttributeProvider> attibuteProvidersInterator = AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()); - while(attibuteProvidersInterator.hasNext()) - try { - newAttributes = attibuteProvidersInterator.next().parse(httpReq); - - // stop as soon as we hit a capable plugin - break; - } catch (UnsupportedAttributeException e1) { - // the current provider cannot find anything familiar within the - // provided httpreq. Try the next one. - } - - if (null == newAttributes) { - // we do not have a provider which is capable of fetching something - // from the received httpreq. - Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); - } - - // - insert the embedded attribute(s) into the container - if (null != newAttributes) - container.getResponse().setPersonalAttributeList(addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes)); - - // see if we need some more attributes - SLOInformationImpl sloInfo = (SLOInformationImpl) processRequest(container, httpReq, httpResp, authData, oaParam); - - if (sloInfo == null) { - sloInfo = new SLOInformationImpl(req.getAuthURL(), null, null, null, req.requestedModule()); - } - - return sloInfo; - - } - - /** - * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch, - * this very method creates and sends the protocol result to the asking S-PEPS. - * - * @param container the {@link DataContainer} representing the status of the overall query. - * @return the string - * @throws MOAIDException - */ - public SLOInformationInterface processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, IAuthData authData, OAAuthParameter oaParam) throws MOAIDException { - // check if there are attributes we need to fetch - - IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); - IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); - List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>(); - Logger.debug("aquire list of missing attributes"); - for (PersonalAttribute current : requestAttributeList) - if (!responseAttributeList.containsKey(current.getName())) { - if(null == current.getStatus() || (null != current.getStatus() && !current.getStatus().equals(AttributeStatusType.WITHHELD.value()))) { - // add the ones we need - missingAttributes.add(current); - Logger.debug("add " + current.getName() + " to the list of missing attributes"); - } - } else { - // remove the ones we do not want to share from the response list - if(null != current.getStatus() && current.getStatus().equals(AttributeStatusType.WITHHELD.value())) { - responseAttributeList.remove(current.getName()); - Logger.debug("remove " + current.getName() + " from the list of resulting attributes because the user does not want to disclose the data"); - } - } - - Logger.info("collecting attributes..."); - Logger.debug("found " + missingAttributes.size() + " missing attributes"); - - // Try to get all missing attributes - try { - // for each attribute still missing - for (PersonalAttribute currentAttribute : missingAttributes) { - - /* - * prefill attributes with "notAvailable". If we get them later, we override the value and status. - * This way, there is no error case in which an attribute is left unanswered. - */ - IPersonalAttributeList aquiredAttributes = new PersonalAttributeList(); - currentAttribute.setStatus(AttributeStatusType.NOT_AVAILABLE.value()); - aquiredAttributes.add((PersonalAttribute) currentAttribute.clone()); - container.getResponse().setPersonalAttributeList( - addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes)); - // - check if we can find a suitable AttributeProvider Plugin - - Iterator<AttributeProvider> attibuteProvidersInterator = AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs()); - while(attibuteProvidersInterator.hasNext()) { - AttributeProvider currentProvider = attibuteProvidersInterator.next(); - - // build a section of attribute provider's predefined attributes and missing attributes - // only missing attributes that can be handled by attribute provider will be sent to it - List<PersonalAttribute> currentProviderConfiguredAttributes = new ArrayList<PersonalAttribute>(); - for (String attributeName : currentProvider.getSupportedAttributeNames()) { - for (PersonalAttribute missingAttribute : missingAttributes) { - if (missingAttribute.getName().equals(attributeName)) { - currentProviderConfiguredAttributes.add(missingAttribute); - break; - } - } - } - - try { - // - hand over control to the suitable plugin - Logger.info(currentProvider.getClass().getSimpleName() + " called to handle attribute '" + currentAttribute.getName() + "'"); - - //aquiredAttributes = currentProvider.acquire(currentAttribute, container.getRequest().getSpCountry(), moasession); - //aquiredAttributes = currentProvider.acquire(missingAttributes, container.getRequest().getSpCountry(), moasession); - aquiredAttributes = currentProvider.acquire(currentProviderConfiguredAttributes, container.getRequest(), authData); - - Logger.info(currentProvider.getClass().getSimpleName() + " can handle attribute '" + currentAttribute.getName() + "'"); - break; - } catch (UnsupportedAttributeException e) { - // ok, try the next attributeprovider - Logger.info(currentProvider.getClass().getSimpleName() + " could not handle attribute '" + currentAttribute.getName() + "'"); - } catch (MOAIDException e) { - // the current plugin had an error. Try the next one. - Logger.info(currentProvider.getClass().getSimpleName() + " could not handle attribute '" + currentAttribute.getName() + "' due to an error"); - } - } - - // check if we could fetch the attribute - if (null == aquiredAttributes) { - // if not - Logger.error("We have no suitable plugin for obtaining the attribute '" + currentAttribute.getName() + "'"); - } else - // else, update any existing attributes - container.getResponse().setPersonalAttributeList(addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes)); - } - Logger.info("collecting attributes done"); - - // ask for consent if necessary - new ConsentEvaluator().generateSTORKResponse(response, container); - - return null; // AssertionId - // TODO - - } catch (ExternalAttributeRequestRequiredException e) { - // the attribute request is ongoing and requires an external service. - try { - // memorize the container again - Logger.debug("prepare putting the container into temporary storage..."); - - // - generate new key - String newArtifactId = new SecureRandomIdentifierGenerator() - .generateIdentifier(); - // - put container in temporary store. - AssertionStorage.getInstance().put(newArtifactId, container); - - Logger.debug("...successful"); - - Logger.info(e.getAp().getClass().getSimpleName() + " is going to ask an external service provider for the requested attributes"); - - // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0) + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam); - - } catch (Exception e1) { - // TODO should we return the response as is to the PEPS? - Logger.error("Error putting incomplete Stork response into temporary storage", e1); - e1.printStackTrace(); - throw new MOAIDException("stork.11", null); - } - - //TODO: in case of Single LogOut -> SLO information has to be stored - return null; // TODO what to do here? - } - } - - /** - * Adds or updates all {@link PersonalAttribute} objects given in {@code source} to/in {@code target}. - * - * @param target the target - * @param source the source - * @return - * @throws MOAIDException - */ - private PersonalAttributeList addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException { - - PersonalAttributeList updatedList = new PersonalAttributeList(); - for (PersonalAttribute el : target) - updatedList.add(el); - - Logger.debug("Updating " + source.size() + " attributes..."); - for (PersonalAttribute current : source) { - Logger.debug("treating " + current.getName()); - - // check if we need to update the current pa - if (updatedList.containsKey(current.getName())) { - PersonalAttribute existing = target.get(current.getName()); - if(!(existing.isEmptyValue() && existing.isEmptyComplexValue())) - if(!(existing.getValue().equals(current.getValue()) || existing.getComplexValue().equals(current.getComplexValue()))) { - Logger.error("Attribute Value does not match the value from first authentication!"); - throw new MOAIDException("stork.16", new Object[] {existing.getName()}); - } - - updatedList.get(current.getName()).setStatus(current.getStatus()); - updatedList.get(current.getName()).setValue(current.getValue()); - updatedList.get(current.getName()).setComplexValue(current.getComplexValue()); - } else - updatedList.add(current); - - Logger.debug("...successfully treated " + current.getName()); - } - - return updatedList; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) - */ - public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. - return false; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName() - */ - public String getDefaultActionName() { - return STORKProtocol.ATTRIBUTE_COLLECTOR; - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java deleted file mode 100644 index aadbbd959..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ /dev/null @@ -1,101 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.commons.MOAIDConstants; -import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; -import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider; -import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.EHvdAttributeProviderPlugin; -import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.MandateAttributeRequestProvider; -import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.PVPAuthenticationProvider; -import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.SignedDocAttributeRequestProvider; -import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.StorkAttributeRequestProvider; -import at.gv.egovernment.moa.logging.Logger; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.Iterator; -import java.util.List; -import java.util.PriorityQueue; - -/** - * A factory for creating AttributeProvider objects. - */ -public class AttributeProviderFactory { - - /** - * Gets the available plugins. - * - * @return the available plugins - */ - public static List<String> getAvailablePlugins() { - return MOAIDConstants.ALLOWED_STORKATTRIBUTEPROVIDERS; - } - - /** - * Creates an AttributeProvider object for the given shortname. Returns - * {@code null} if there is no such provider available. - * - * @param shortname the simpleName for the providers class - * @return the attribute provider - */ - public static AttributeProvider create(String shortname, String url, String attributes) { - if (shortname.equals("StorkAttributeRequestProvider")) { - return new StorkAttributeRequestProvider(url, attributes); - } else if (shortname.equals("EHvdAttributeProvider")) { - return new EHvdAttributeProviderPlugin(url, attributes); - } else if (shortname.equals("SignedDocAttributeRequestProvider")) { - return new SignedDocAttributeRequestProvider(url, attributes); - } else if (shortname.equals("MandateAttributeRequestProvider")) { - try { - return new MandateAttributeRequestProvider(url, attributes); - } catch (Exception ex) { - ex.printStackTrace(); - return null; - } - } else if (shortname.equals("PVPAuthenticationProvider")) { - return new PVPAuthenticationProvider(url, attributes); - } else { - return null; - } - } - - /** - * Gets fresh instances of the configured plugins. - * - * @param collection the configured a ps - * @return the configured plugins - */ - public static Iterator<AttributeProvider> getConfiguredPlugins( - Collection<StorkAttributeProviderPlugin> collection) { - - PriorityQueue<AttributeProvider> result = new PriorityQueue<AttributeProvider>(); - for (StorkAttributeProviderPlugin current : collection) { - - result.add(create(current.getName(), current.getUrl(), current.getAttributes())); - Logger.debug("Adding configured attribute provider: " + current.getClass().getName() + current.getName() + " at " + current.getUrl()); - } - - return result.iterator(); - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java deleted file mode 100644 index f16f7c9a8..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ /dev/null @@ -1,531 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.MISMandate; -import at.gv.egovernment.moa.id.data.SLOInformationImpl; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; -import eu.stork.peps.auth.commons.*; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; -import org.apache.velocity.runtime.RuntimeConstants; -import org.w3c.dom.Element; -import org.w3c.dom.NamedNodeMap; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.io.StringWriter; -import java.net.MalformedURLException; -import java.net.URL; - - -/** - * Second request step - after authentication of the user is done and moasession obtained, - * process request and forward the user further to PEPS and/or other entities - * - * @author bsuzic - */ - -public class AuthenticationRequest implements IAction { - - - private VelocityEngine velocityEngine; - private MOASTORKRequest moaStorkRequest = null; - - - public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { - - if ((req instanceof MOASTORKRequest)) { // && ( ((MOASTORKRequest) req).getCitizenCountryCode() == null || ((MOASTORKRequest) req).getCitizenCountryCode().equals("AT") )) { - - this.moaStorkRequest = (MOASTORKRequest) req; - - Logger.debug("Entering MOASTORKRequest"); - httpResp.reset(); - - //TODO: CHECK: req.getOAURL() should return the unique OA identifier - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(req.getOAURL()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()}); - - MOASTORKResponse moaStorkResponse = new MOASTORKResponse(httpReq); - - // check if it is attribute query - if (moaStorkRequest.isAttrRequest()) { - Logger.debug("Starting AttrQueryRequest"); - - moaStorkResponse.setSTORKAttrResponse(new STORKAttrQueryResponse()); - } - // check if we have authentication request - else if (moaStorkRequest.isAuthnRequest()) { - Logger.debug("Starting AuthenticationRequest"); - moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse()); - - //STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - - // Logger.debug("Starting generation of SAML response"); - // try { - // moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false)); - // } catch (STORKSAMLEngineException ex) { - // Logger.error("Failed to generate STORK SAML Response", ex); - // throw new MOAIDException("stork.05", null); // TODO - // } - - // Get personal attributtes from MOA/IdentityLink - - //build STORK attributes from local authentication information - if (authData != null) { - int reqQaa = -1; - int authQaa = -1; - try { - reqQaa = moaStorkRequest.getStorkAuthnRequest().getQaa(); - authQaa = Integer.valueOf( - authData.getQAALevel().substring(PVPConstants.STORK_QAA_PREFIX.length())); - - if (reqQaa > authQaa) { - Logger.warn("Requested QAA level does not match to authenticated QAA level"); - throw new MOAIDException("stork.21", new Object[]{reqQaa, authQaa}); - - } - - } catch (MOAIDException e) { - throw e; - - } catch (Exception e) { - if (Logger.isDebugEnabled()) - Logger.warn("STORK QAA Level evaluation error", e); - - else - Logger.warn("STORK QAA Level evaluation error (ErrorMessage=" - + e.getMessage() + ")"); - - throw new MOAIDException("stork.21", new Object[]{reqQaa, authQaa}); - - } - - moaStorkResponse.setPersonalAttributeList(populateAttributes(authData, oaParam)); - - } - } - - //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); - - // Prepare extended attributes - Logger.debug("Preparing data container"); - - // create fresh container - DataContainer container = new DataContainer(); - - // - fill in the request we extracted above - container.setRequest(moaStorkRequest); - - // - fill in the partial response created above - container.setResponse(moaStorkResponse); - - container.setRemoteAddress(httpReq.getRemoteAddr()); - - Logger.debug("Data container prepared"); - - if(oaParam.isRequireConsentForStorkAttributes()) - new ConsentEvaluator().requestConsent(container, httpReq, httpResp, authData, oaParam); - else - new AttributeCollector().processRequest(container, httpReq, httpResp, authData, oaParam); - - return null; - } -// // check if we are getting request for citizen of some other country -// else if (req instanceof MOASTORKRequest) { -// return handleMOAStorkRequest("VIDP", (MOASTORKRequest) req, httpReq.getRemoteAddr(), httpResp); -// } - - // Check if we got the response from PEPS - // If so then process it and forward to SP - else if ((req instanceof MOASTORKResponse)) { - return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp); - } else { - Logger.error("Could not recognize request."); - throw new MOAIDException("stork.15", null); - } - } - - /* - Handles STORKAuthnRequeste received for citizens of other countries - */ - private SLOInformationInterface handleMOAStorkRequest(String instanceName, MOASTORKRequest moastorkRequest, String remoteAddr, HttpServletResponse httpResp) throws MOAIDException { - - STORKAuthnRequest spAuthnRequest = moastorkRequest.getStorkAuthnRequest(); - STORKAuthnRequest storkAuthnRequest = null; - - String citizenCountryCode = spAuthnRequest.getCitizenCountryCode(); - Logger.info("Got authentication request for citizen of " + citizenCountryCode); - - try { - storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone(); - } catch (CloneNotSupportedException e) { - Logger.error("Could not clone AuthnRequest ", e); - throw new MOAIDException("stork.05", null); // TODO - } - - //TODO: in case of Single LogOut -> SLO information has to be stored - // check if citizen country is configured in the system - if (!(AuthConfigurationProviderFactory.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) { - Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode); - throw new MOAIDException("stork.05", null); // TODO - } - - // extracting basic settings and adjusting assertion consumer - String issuer = null; - String assertionConsumerURL = null; - String publicURLPrefix = null; - String destinationURL = null; - - try { - issuer = new URL(moaStorkRequest.getAuthURL()).toString(); - destinationURL = AuthConfigurationProviderFactory.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString(); - publicURLPrefix = moaStorkRequest.getAuthURL(); - assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest"; - } catch (MalformedURLException ex) { - Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(), ex); - throw new MOAIDException("stork.05", null); // TODO - } catch (Exception ex) { - Logger.error("Problem with PEPS configuration of MOA instance.", ex); - throw new MOAIDException("stork.05", null); // TODO - } - - - // drop if we do not have publicprefix url configured on the instance - if (publicURLPrefix == null) - throw new AuthenticationException("stork.12", new String[]{"PublicURLPrefix"}); - - // adjusting request - storkAuthnRequest.setEIDCrossBorderShare(spAuthnRequest.isEIDCrossBorderShare()); - storkAuthnRequest.setEIDSectorShare(spAuthnRequest.isEIDSectorShare()); - storkAuthnRequest.setEIDCrossSectorShare(spAuthnRequest.isEIDCrossSectorShare()); - storkAuthnRequest.setCitizenCountryCode(spAuthnRequest.getCitizenCountryCode()); - storkAuthnRequest.setIssuer(issuer); - storkAuthnRequest.setAssertionConsumerServiceURL(assertionConsumerURL); - storkAuthnRequest.setDestination(destinationURL); - - // regenerate request - try { - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML request"); - storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest); - - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - // store original request from SP in order to be able to extract it in later iteration/response - DataContainer spRequestContainer = new DataContainer(); - spRequestContainer.setRequest(moastorkRequest); - - try { - AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), spRequestContainer); - Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request with id " + spAuthnRequest.getSamlId()); - } catch (MOADatabaseException e) { - e.printStackTrace(); - } - - // preparing redirection for the client - performRedirection("SAMLRequest", destinationURL, storkAuthnRequest.getTokenSaml(), httpResp); - - SLOInformationImpl sloInfo = new SLOInformationImpl(); - sloInfo.setProtocolType(moastorkRequest.requestedModule()); - return sloInfo; - } - - /* - Handles STORKAuthnResponse received from PEPS (return to SP) - */ - private SLOInformationInterface handleMOAStorkResponse(String instanceName, MOASTORKResponse moastorkResponse, String remoteAddr, HttpServletResponse httpResp) throws MOAIDException { - - STORKAuthnResponse authnResponse = null; - - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance(instanceName); - - try { - authnResponse = engine.validateSTORKAuthnResponse(moastorkResponse.getSTORKAuthnResponseToken(), remoteAddr); - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); - throw new MOAIDException("stork.15", null); // TODO - } - - Logger.debug("Requesting artifactId " + authnResponse.getInResponseTo() + " from store."); - - DataContainer dataContainer = null; - try { - dataContainer = AssertionStorage.getInstance().get(authnResponse.getInResponseTo(), DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Unable to retrieve datacontainer with reference authentication request. Database exception."); - throw new MOAIDException("stork.15", null); // TODO - } - - // setting new reference request and return url - authnResponse.setInResponseTo(dataContainer.getRequest().getStorkAuthnRequest().getSamlId()); - authnResponse.setAudienceRestriction(dataContainer.getRequest().getAssertionConsumerServiceURL()); - //AudienceRestrictionBuilder audienceRestrictionBuilder = new AudienceRestrictionBuilder(); - //AudienceRestriction audienceRestriction = audienceRestrictionBuilder.buildObject(dataContainer.getRequest().getAssertionConsumerServiceURL(), "localname", "nameprefix"); - - //authnResponse.getAssertions().get(0).getConditions().getAudienceRestrictions().add(audienceRestriction); - - Logger.debug("Starting generation of SAML response"); - try { - authnResponse = engine.generateSTORKAuthnResponse(dataContainer.getRequest().getStorkAuthnRequest(), authnResponse, remoteAddr, false); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); // TODO check - } - - Logger.info("SAML response succesfully generated."); - - // preparing redirection for the client - performRedirection("SAMLResponse", dataContainer.getRequest().getAssertionConsumerServiceURL(), authnResponse.getTokenSaml(), httpResp); - - return null; - } - - /* - Perform redirection of the client based on post binding - */ - private void performRedirection(String actionType, String assertionConsumerURL, byte[] tokenSaml, HttpServletResponse httpResp) throws MOAIDException { - Logger.info("Performing redirection, using action type: " + actionType); - - try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); - - context.put(actionType, PEPSUtil.encodeSAMLToken(tokenSaml)); - Logger.debug("Encoded " + actionType + " original: " + new String(tokenSaml)); - - Logger.debug("Using assertion consumer url as action: " + assertionConsumerURL); - context.put("action", assertionConsumerURL); - - Logger.debug("Starting template merge"); - StringWriter writer = new StringWriter(); - - Logger.debug("Doing template merge"); - template.merge(context, writer); - Logger.debug("Template merge done"); - - Logger.debug("Sending html content: " + writer.getBuffer().toString()); - Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); - - } catch (IOException e) { - Logger.error("Velocity IO error: " + e.getMessage()); - throw new MOAIDException("stork.15", null); // TODO - } catch (Exception e) { - Logger.error("Velocity general error: " + e.getMessage()); - throw new MOAIDException("stork.15", null); // TODO - } - - } - - public void generatePEPSRedirect(HttpServletResponse httpResp, DataContainer container) throws MOAIDException { - MOASTORKRequest request = container.getRequest(); - MOASTORKResponse response = container.getResponse(); - - Logger.info("generating stork response..."); - - try { - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML response"); - if (response.isAuthnResponse()) - response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); - else - response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); - - - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - // preparing redirection for the client - try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); - - byte[] blob; - if (request.isAttrRequest()) - blob = response.getStorkAttrQueryResponse().getTokenSaml(); - else - blob = response.getStorkAuthnResponse().getTokenSaml(); - - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); - Logger.debug("SAMLResponse original: " + new String(blob)); - - Logger.debug("Putting assertion consumer url as action: " + request.getAssertionConsumerServiceURL()); - context.put("action", request.getAssertionConsumerServiceURL()); - Logger.trace("Starting template merge"); - StringWriter writer = new StringWriter(); - - Logger.trace("Doing template merge"); - template.merge(context, writer); - Logger.trace("Template merge done"); - - Logger.trace("Sending html content: " + writer.getBuffer().toString()); - Logger.trace("Sending html content2 : " + new String(writer.getBuffer())); - - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); - - } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); - } - } - - - public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - - //redirect to national PVP IDP infrastructure if special attributes are requested - if (MiscUtil.isEmpty(req.getRequestedIDP()) && req instanceof MOASTORKRequest) - return !STORKPVPUtilits.performAuthenticationOnNationalIDP((MOASTORKRequest) req); - -// // authentication is not needed if we have authentication request from SP for citizen of configured PEPS country -// if (req instanceof MOASTORKRequest) { -// MOASTORKRequest moastorkRequest = (MOASTORKRequest) req; -// if (moastorkRequest.getStorkAuthnRequest() != null) { -// String citizenCountryCode = moastorkRequest.getStorkAuthnRequest().getCitizenCountryCode(); -// // check if citizen country is configured in the system -// try { -// if (AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode)) { -// return false; -// } -// } catch (MOAIDException e) { -// Logger.error("Could not initialize AuthConfigurationProvider"); -// } -// } -// // authentication is not required if received authentication response -// } else if (req instanceof MOASTORKResponse) { -// return false; -// } - - return true; - } - - - private void iterate(NamedNodeMap attributesList) { - for (int j = 0; j < attributesList.getLength(); j++) { - Logger.debug("--Attribute: " - + attributesList.item(j).getNodeName() + " = " - + attributesList.item(j).getNodeValue()); - } - } - - - // does nothing - public void mandate(IAuthData authData) { - - if (authData.isUseMandate()) { - try { - MISMandate mandate = authData.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = authData.getMandate(); - - iterate(mndt.getAttributes()); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); - } catch (Exception x) { - Logger.debug("There is no mandate used in transaction"); - } - } - - - } - - public PersonalAttributeList populateAttributes(IAuthData authData, IOAAuthParameters oaParam) { - - IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList(); - Logger.info("Found " + attrLst.size() + " personal attributes in the request."); - - // Define attribute list to be populated - PersonalAttributeList attributeList = new PersonalAttributeList(); - MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(authData, moaStorkRequest); - - try { - for (PersonalAttribute personalAttribute : attrLst) { - try { - Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); - moaAttributeProvider.populateAttribute(attributeList, personalAttribute); - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage(), e); - } - } - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage(), e); - } - - Logger.trace("AUTHBLOCK " + authData.getAuthBlock()); - Logger.debug("SESSION IDENTIFIER " + authData.getCcc() + " " + oaParam.getIdentityLinkDomainIdentifier()); - - return attributeList; - } - - public String getDefaultActionName() { - return STORKProtocol.AUTHENTICATIONREQUEST; - } - - - private void initVelocityEngine() throws Exception { - velocityEngine = new VelocityEngine(); - velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); - velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); - velocityEngine.setProperty("classpath.resource.loader.class", - "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); - - velocityEngine.init(); - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java deleted file mode 100644 index 2b7d4e045..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ /dev/null @@ -1,249 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import java.io.StringWriter; - -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Map.Entry; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.storage.AssertionStorage; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * The ConsentEvaluator assists with fetching user consent on the list of attributes to be sent to the asking S-PEPS. - */ -public class ConsentEvaluator implements IAction { - - /** - * The Constant ARTIFACT_ID. - */ - private static final String ARTIFACT_ID = "artifactId"; - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) - */ - public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { - - // - fetch the container - String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - req = container.getRequest(); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.17", null); - } - - // evaluate response - for(PersonalAttribute current : container.getRequest().getPersonalAttributeList()) { - if(null == httpReq.getParameter(current.getName())) { - current.setStatus(AttributeStatusType.WITHHELD.value()); - current.setValue(new ArrayList<String>()); - current.setComplexValue(new HashMap<String, String>()); - } - } - - //TODO: CHECK: req.getOAURL() should return the unique OA identifier - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(req.getOAURL()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()}); - - new AttributeCollector().processRequest(container, httpReq, httpResp, authData, oaParam); - - return null; // AssertionId - } - - /** - * Fills the given HttpResponse with the required web page. - * - * @param container the container - * @param authData - * @param response the response - * @param oaParam the oa param - * @return the string - * @throws MOAIDException the mOAID exception - */ - public String requestConsent(DataContainer container, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData, OAAuthParameter oaParam) throws MOAIDException { - //check if we need to collect consent - if(!oaParam.isRequireConsentForStorkAttributes()) { - (new AttributeCollector()).processRequest(container, httpReq, httpResp, authData, oaParam); - return ""; - } - - // prepare redirect - String newArtifactId; - try { - - // memorize the container again - Logger.debug("prepare putting the container into temporary storage..."); - - // - generate new key - newArtifactId = new SecureRandomIdentifierGenerator().generateIdentifier(); - - // - put container in temporary store. - AssertionStorage.getInstance().put(newArtifactId, container); - - Logger.debug("...successful"); - - } catch (Exception e1) { - // TODO should we return the response as is to the PEPS? - e1.printStackTrace(); - Logger.error("Error putting incomplete Stork response into temporary storage", e1); - throw new MOAIDException("stork.17", null); - } - - // ask for consent - try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html"); - VelocityContext context = new VelocityContext(); - - context.put("action", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0) + "/stork2/GetConsent?" + ARTIFACT_ID + "=" + newArtifactId); - - // assemble table - String table = ""; - for (PersonalAttribute current : container.getRequest().getPersonalAttributeList()) - table += "<tr><td><input type=\"checkbox\" checked=\"yes\" name=\"" + current.getName() + "\"></td><td>" + current.getName() + (current.isRequired() ? "" : " (optional)") + "</td></tr>\n"; - - context.put("tablecontent", table); - for(Entry<String, String> current : oaParam.getFormCustomizaten().entrySet()) - context.put(current.getKey().replace("#", ""), current.getValue()); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); - - } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); - throw new MOAIDException("stork.17", null); - } - - return "12345"; // AssertionId - } - - /** - * generates binary response from given response class and fill the given HttpResponse with a SAML Post Binding template. - * - * @param httpResp the http resp - * @param container the container - * @throws MOAIDException the mOAID exception - */ - public void generateSTORKResponse(HttpServletResponse httpResp, DataContainer container) throws MOAIDException { - MOASTORKRequest request = container.getRequest(); - MOASTORKResponse response = container.getResponse(); - - Logger.info("generating stork response..."); - - try { - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML response"); - if(response.isAuthnResponse()) - response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); - else - response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); - - - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - // preparing redirection for the client - try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); - - byte[] blob; - if(request.isAttrRequest()) - blob = response.getStorkAttrQueryResponse().getTokenSaml(); - else - blob = response.getStorkAuthnResponse().getTokenSaml(); - - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); - Logger.debug("SAMLResponse original: " + new String(blob)); - - Logger.debug("Putting assertion consumer url as action: " + request.getAssertionConsumerServiceURL()); - context.put("action", request.getAssertionConsumerServiceURL()); - Logger.trace("Starting template merge"); - StringWriter writer = new StringWriter(); - - Logger.trace("Doing template merge"); - template.merge(context, writer); - Logger.trace("Template merge done"); - - Logger.trace("Sending html content: " + writer.getBuffer().toString()); - Logger.trace("Sending html content2 : " + new String(writer.getBuffer())); - - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes("UTF-8")); - - } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); - } - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) - */ - public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. - return false; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName() - */ - public String getDefaultActionName() { - return STORKProtocol.CONSENT_EVALUATOR; - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java deleted file mode 100644 index acbf1678a..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java +++ /dev/null @@ -1,115 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.logging.Logger; -import org.xml.sax.InputSource; - -import javax.xml.xpath.XPathExpressionException; -import java.io.StringReader; -/** - * Physical person representing corporate body - * - * @author bsuzic - * Date: 4/29/14, Time: 3:40 PM - */ -public class CorporateBodyMandateContainer extends MandateContainer { - - protected String corpMandatorIdentificationValue = null; - protected String corpMandatorIdentificationType = null; - protected String corpMandatorFullName = null; - - - String localMethods[] = new String[]{"getCorpMandatorIdentificationValue", "getCorpMandatorIdentificationType", "getCorpMandatorFullName", - "getMandateIssuePlace", "getMandateIssueDate", "getMandateIssueTime", "getSimpleMandateContent", "getMandateValidFrom", - "getMandateValidTo", "getPhysicalRepresentativeIdentificationValue", "getPhysicalRepresentativeIdentificationType", "getAnnotation", - "getPhysicalRepresentativeGivenName", "getPhysicalRepresentativeFamilyName", "getPhysicalRepresentativeBirthDate" - }; - - public CorporateBodyMandateContainer(String mandate) throws XPathExpressionException, MOAIDException { - super(mandate); - Logger.debug("Initializing corporate body mandate container."); - - setAnnotation(xPath.evaluate(S2Constants.MANDATE_ANNOTATION_QUERY, new InputSource(new StringReader(mandate)))); - setCorpMandatorFullName(xPath.evaluate(S2Constants.MANDATE_MANDATOR_CORPBODY_FULLNAME_QUERY, new InputSource(new StringReader(mandate)))); - setCorpMandatorIdentificationType(xPath.evaluate(S2Constants.MANDATE_MANDATOR_CORPBODY_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); - setCorpMandatorIdentificationValue(xPath.evaluate(S2Constants.MANDATE_MANDATOR_CORPBODY_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); - setMandateIssueDate(xPath.evaluate(S2Constants.MANDATE_ISSUEDDATE_QUERY, new InputSource(new StringReader(mandate)))); - setMandateIssuePlace(xPath.evaluate(S2Constants.MANDATE_ISSUEDPLACE_QUERY, new InputSource(new StringReader(mandate)))); - setMandateIssueTime(xPath.evaluate(S2Constants.MANDATE_ISSUEDTIME_QUERY, new InputSource(new StringReader(mandate)))); - setMandateValidFrom(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_VALIDFROM_QUERY, new InputSource(new StringReader(mandate)))); - setMandateValidTo(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_VALIDTO_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeBirthDate(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_DATEOFBIRTH_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeFamilyName(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_FAMILYNAME_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeGivenName(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_GIVENNAME_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeIdentificationType(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeIdentificationValue(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); - setSimpleMandateContent(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY, new InputSource(new StringReader(mandate)))); - - // check if all necessary fields are present - Logger.debug("Starting mandate structure validation"); - try { - validateMandateStructure(localMethods); // TODO - } catch (Exception e) { - - if (e instanceof MOAIDException) { - Logger.error("Could not validate mandate structure."); - throw new MOAIDException("stork.16", new Object[] {e.getMessage()}); // TODO - } else { - Logger.error("Error during mandate structure validation."); - throw new MOAIDException("stork.16", new Object[] {e.getMessage()}); // TODO - } - - } - - } - - public String getCorpMandatorIdentificationValue() { - return corpMandatorIdentificationValue; - } - - public void setCorpMandatorIdentificationValue(String corpMandatorIdentificationValue) { - Logger.debug("Setting corpMandatorIdentificationValue to AT/" + corpMandatorIdentificationValue); - this.corpMandatorIdentificationValue = "AT/" + corpMandatorIdentificationValue; - } - - public String getCorpMandatorIdentificationType() { - return corpMandatorIdentificationType; - } - - public void setCorpMandatorIdentificationType(String corpMandatorIdentificationType) { - this.corpMandatorIdentificationType = corpMandatorIdentificationType; - } - - public String getCorpMandatorFullName() { - return corpMandatorFullName; - } - - public void setCorpMandatorFullName(String corpMandatorFullName) { - this.corpMandatorFullName = corpMandatorFullName; - } - - - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java deleted file mode 100644 index e01a7526a..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java +++ /dev/null @@ -1,100 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import java.io.Serializable; - -/** - * Holds info about an ongoing but yet incomplete stork authnrequest process. - */ -public class DataContainer implements Serializable { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = -8765997480582363012L; - - /** The incoming request. */ - private MOASTORKRequest request; - - /** The yet incomplete response. */ - private MOASTORKResponse response; - - /** The target. */ - private String target; - - /** The remote address. */ - private String remoteAddress; - - /** - * Gets the request. - * - * @return the request - */ - public MOASTORKRequest getRequest() { - return request; - } - - /** - * Sets the request. - * - * @param moaStorkRequest the new request - */ - public void setRequest(MOASTORKRequest moaStorkRequest) { - this.request = moaStorkRequest; - } - - /** - * Gets the response. - * - * @return the response - */ - public MOASTORKResponse getResponse() { - return response; - } - - /** - * Sets the response. - * - * @param moaStorkResponse the new response - */ - public void setResponse(MOASTORKResponse moaStorkResponse) { - this.response = moaStorkResponse; - } - - /** - * Gets the remote address. - * - * @return the remote address - */ - public String getRemoteAddress() { - return remoteAddress; - } - - /** - * Sets the remote address. - * - * @param remoteAddress the new remote address - */ - public void setRemoteAddress(String remoteAddress) { - this.remoteAddress = remoteAddress; - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java deleted file mode 100644 index 096f223d7..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java +++ /dev/null @@ -1,53 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider; - -public class ExternalAttributeRequestRequiredException extends Exception { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 5207631348933518908L; - - /** The ap. */ - private AttributeProvider ap; - - /** - * Instantiates a new external attribute request required exception. - * - * @param provider the provider - */ - public ExternalAttributeRequestRequiredException(AttributeProvider provider) { - ap = provider; - } - - /** - * Gets the ap that caused the exception. - * - * @return the ap - */ - public AttributeProvider getAp() { - return ap; - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java deleted file mode 100644 index 2c7e5b539..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ /dev/null @@ -1,248 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.data.AuthenticationRole; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; -import org.joda.time.Period; - -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.text.DateFormat; -import java.text.SimpleDateFormat; -import java.util.*; - -/** - * @author bsuzic - * Date: 2/19/14, Time: 4:42 PM - * - * @author tlenz - * Date: 23.10.14 - */ -public class MOAAttributeProvider { - private final IAuthData authData; - private static final Map<String, String> storkAttributeSimpleMapping; - private static final Map<String, String> storkAttributeFunctionMapping; - private final MOASTORKRequest moastorkRequest; - - // mappings for attribute population methods - // based on mapping of moa authndata and executing functions to extract attributes - static { - Map<String, String> tempSimpleMap = new HashMap<String, String>(); - tempSimpleMap.put("givenName", "getGivenName"); - tempSimpleMap.put("surname", "getFamilyName"); - tempSimpleMap.put("MSOrganization", "getPvpAttribute_OU"); - storkAttributeSimpleMapping = Collections.unmodifiableMap(tempSimpleMap); - - Map<String, String> tempFunctionMap = new HashMap<String, String>(); - tempFunctionMap.put("eIdentifier", "geteIdentifier"); - tempFunctionMap.put("ECApplicationRole","getECApplicationRole"); - tempFunctionMap.put("dateOfBirth", "getFormatedDateOfBirth"); - tempFunctionMap.put("MSOrganization", "getMSOrganization"); - tempFunctionMap.put("age", "getAge"); - tempFunctionMap.put("isAgeOver", "getIsAgeOver"); - tempFunctionMap.put("citizenQAALevel", "getQAALevel"); - storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); - - } - - public MOAAttributeProvider(IAuthData authData, MOASTORKRequest moastorkRequest) { - this.authData = authData; - this.moastorkRequest = moastorkRequest; - - } - - public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) { - String storkAttribute = requestedAttribute.getName(); - - // TODO: check if authData gets populated with stork attributtes during previous steps; it seems it is not - if (null != authData && null != authData.getStorkAttributes() && authData.getStorkAttributes().containsKey(requestedAttribute.getName())) { - Logger.debug("Trying to get value for attribute directly from STORK2 response [" + storkAttribute + "]"); - try { - PersonalAttribute tmp = authData.getStorkAttributes().get(requestedAttribute.getName()); - attributeList.add((PersonalAttribute) tmp.clone()); - } catch(Exception e) { - Logger.error("Could not retrieve attribute from STORK2 response: " + storkAttribute); - Logger.debug(e); - } - } else if (storkAttributeSimpleMapping.containsKey(storkAttribute)) { - Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]"); - try { - Method method = authData.getClass().getDeclaredMethod(storkAttributeSimpleMapping.get(storkAttribute)); - populateAttributeWithMethod(method, authData, attributeList, storkAttribute, requestedAttribute); - } catch (NoSuchMethodException e) { - Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute); - Logger.debug(e); - } catch (NullPointerException e) { - Logger.error("Error getting MOA extraction method while getting attribute: " + storkAttribute); - Logger.debug(e); - } - - } else if (storkAttributeFunctionMapping.containsKey(storkAttribute)) { - - Logger.debug("Trying to get value for attribute using function mapping [" + storkAttribute + "]"); - try { - Method method = this.getClass().getDeclaredMethod(storkAttributeFunctionMapping.get(storkAttribute), PersonalAttribute.class); - populateAttributeWithMethod(method, this, attributeList, storkAttribute, requestedAttribute); - } catch (NoSuchMethodException e) { - Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute); - } - } else { - Logger.debug("MOA method for extraction of attribute " + storkAttribute + " not defined."); - } - } - - private String getAge(PersonalAttribute personalAttribute) { - if (authData.getDateOfBirth() != null) { - Integer age = new Period(authData.getDateOfBirth().getTime(), Calendar.getInstance().getTime().getTime()).getYears(); - return age >= 0 ? age.toString() : null; - } - return null; // WP4 D4.2, Table 12:age, description - considerations - } - - private String getIsAgeOver(PersonalAttribute personalAttribute) - { - try { - if ((authData.getDateOfBirth() != null) && (personalAttribute.getValue() != null) && (personalAttribute.getValue().size() > 0)) { - Integer ageOver = Integer.parseInt(personalAttribute.getValue().get(0)); - Integer age = new Period(authData.getDateOfBirth().getTime(), Calendar.getInstance().getTime().getTime()).getYears(); - return age >= ageOver ? ageOver.toString() : ""; - } - } catch (Exception ex) { - Logger.error("Error encountered when determining isAgeOver"); - Logger.debug(ex); - } - return null; - } - - public String getQAALevel(PersonalAttribute personalAttribute) { - if (authData.getQAALevel().startsWith(PVPConstants.STORK_QAA_PREFIX)) - return authData.getQAALevel().substring(PVPConstants.STORK_QAA_PREFIX.length()); - else - return null; - } - - - private String geteIdentifier(PersonalAttribute personalAttribute) { - Logger.debug("Using base urn for identification value: " + authData.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry()); - try { - return new BPKBuilder().buildStorkeIdentifier(authData.getIdentificationType(), authData.getIdentificationValue(), - moastorkRequest.getStorkAuthnRequest().getSpCountry()); - } catch (BuildException be) { - Logger.error("Stork eid could not be constructed; " + be.getMessage()); - return null; // TODO error - } - } - - private List<String> getECApplicationRole(PersonalAttribute personalAttribute) { - List<String> storkRoles = null; - - if (authData.getAuthenticationRoles() != null - && authData.getAuthenticationRoles().size() > 0) { - - storkRoles = new ArrayList<String>(); - PVPtoSTORKMapper mapper = PVPtoSTORKMapper.getInstance(); - for (AuthenticationRole el : authData.getAuthenticationRoles()) { - String storkRole = mapper.map(el); - if (MiscUtil.isNotEmpty(storkRole)) - storkRoles.add(storkRole); - } - } - return storkRoles; - } - - private String getFormatedDateOfBirth(PersonalAttribute personalAttribute) { - if (authData.getDateOfBirth() != null) { - DateFormat fmt = new SimpleDateFormat("yyyyMMdd"); - return fmt.format(authData.getDateOfBirth()); - } - else - return null; - } - - private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, PersonalAttribute requestedAttribute) { - try { - Object attributeValue; - if (storkAttributeSimpleMapping.containsValue(method.getName())) { - attributeValue = method.invoke(object, new Class[]{}); - } else { - attributeValue = method.invoke(object, requestedAttribute); - } - - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName(storkAttribute); - newAttribute.setIsRequired(requestedAttribute.isRequired()); - - if (attributeValue != null) { - newAttribute.setStatus(AttributeStatusType.AVAILABLE.value()); - Logger.info("Got attribute value: " + attributeValue); - - if (attributeValue instanceof String) - newAttribute.setValue(new ArrayList<String>(Collections.singletonList((String)attributeValue))); - - else if (attributeValue instanceof List<?>) { - List<?> attributeValueList = (List<?>) attributeValue; - if (attributeValueList.size() > 0 && attributeValueList.get(0) instanceof String) { - newAttribute.setValue((List<String>) attributeValueList); - - } else { - Logger.info("Attribute " + storkAttribute + " is not available."); - newAttribute.setStatus(AttributeStatusType.NOT_AVAILABLE.value()); - - } - - } else { - Logger.error("Receive an unsupported type for attribute " + storkAttribute); - - } - attributeList.add(newAttribute); - - } else { - Logger.info("Attribute " + storkAttribute + " is not available."); - newAttribute.setStatus(AttributeStatusType.NOT_AVAILABLE.value()); - } - - } catch (InvocationTargetException e) { - Logger.error("Invocation target exception while getting attribute: " + storkAttribute); - Logger.debug(e); - } catch (IllegalAccessException e) { - Logger.error("Illegal access exception while getting attribute: " + storkAttribute); - Logger.debug(e); - } catch (NullPointerException e) { - Logger.error("Could not find method: " + storkAttribute); - Logger.debug(e); - } - } - - -} - diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java deleted file mode 100644 index 4e666c21c..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ /dev/null @@ -1,265 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; - -import org.opensaml.saml2.core.Attribute; - -import at.gv.egovernment.moa.id.auth.builder.DynamicOAAuthParameterBuilder; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; -import at.gv.egovernment.moa.id.moduls.RequestImpl; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; - -/** - * Implements MOA request and stores StorkAuthn/Attr-Request related data. - * - * @author bsuzic - */ -public class MOASTORKRequest extends RequestImpl { - - /** - * @param req - * @throws ConfigurationException - */ - public MOASTORKRequest(HttpServletRequest req) - throws ConfigurationException { - super(req); - } - - public static final List<String> DEFAULTREQUESTEDATTRFORINTERFEDERATION = Arrays.asList( - new String[] { - PVPConstants.BPK_NAME, - PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME, - PVPConstants.GIVEN_NAME_NAME, - PVPConstants.PRINCIPAL_NAME_NAME, - PVPConstants.BIRTHDATE_NAME, - PVPConstants.EID_CITIZEN_QAA_LEVEL_NAME, - }); - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 4581953368724501376L; - - /** The request id. */ - private String requestID; - - /** The stork authn request. */ - private STORKAuthnRequest storkAuthnRequest; - - /** The stork attr query request. */ - private STORKAttrQueryRequest storkAttrQueryRequest; - - - /** - * Sets the sTORK authn request. - * - * @param request the new sTORK authn request - */ - public void setSTORKAuthnRequest(STORKAuthnRequest request) { - this.storkAuthnRequest = request; - } - - /** - * Sets the sTORK attr request. - * - * @param request the new sTORK attr request - */ - public void setSTORKAttrRequest(STORKAttrQueryRequest request) { - this.storkAttrQueryRequest = request; - } - - /** - * Checks if the container holds an AttrQueryRequest - * - * @return true, if is attr request - */ - public boolean isAttrRequest() { - return null != storkAttrQueryRequest; - } - - /** - * Checks if the container holds an AuthnRequest - * - * @return true, if is authn request - */ - public boolean isAuthnRequest() { - return null != storkAuthnRequest; - } - - /** - * Gets the stork authn request. - * - * @return the stork authn request - */ - public STORKAuthnRequest getStorkAuthnRequest() { - return this.storkAuthnRequest; - } - - /** - * Gets the stork attr query request. - * - * @return the stork attr query request - */ - public STORKAttrQueryRequest getStorkAttrQueryRequest() { - return this.storkAttrQueryRequest; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#getOAURL() - */ - public String getOAURL() { - if (isAuthnRequest()) - return storkAuthnRequest.getAssertionConsumerServiceURL(); - else if (isAttrRequest()) - return storkAttrQueryRequest.getAssertionConsumerServiceURL(); - else { - Logger.error("There is no authentication or attribute request contained in MOASTORKRequest."); - return null; - } - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#isPassiv() - */ - public boolean isPassiv() { - return false; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#forceAuth() - */ - public boolean forceAuth() { - return false; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#isSSOSupported() - */ - public boolean isSSOSupported() { - return false; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#setRequestID(java.lang.String) - */ - public void setRequestID(String id) { - this.requestID = id; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestID() - */ - public String getRequestID() { - return this.requestID; - } - - /** - * Gets the personal attribute list. - * - * @return the personal attribute list - */ - public IPersonalAttributeList getPersonalAttributeList() { - if(isAttrRequest()) - return this.storkAttrQueryRequest.getPersonalAttributeList(); - else - return this.storkAuthnRequest.getPersonalAttributeList(); - } - - /** - * Gets the sp country. - * - * @return the sp country - */ - public String getSpCountry() { - if(isAttrRequest()) - return this.storkAttrQueryRequest.getSpCountry(); - else - return this.storkAuthnRequest.getSpCountry(); - } - - /** - * Gets the assertion consumer service url. - * - * @return the assertion consumer service url - */ - public String getAssertionConsumerServiceURL() { - if(isAttrRequest()) - return this.storkAttrQueryRequest.getAssertionConsumerServiceURL(); - else - return this.storkAuthnRequest.getAssertionConsumerServiceURL(); - } - - /** - * Gets the citizen country code. - * - * @return the citizen country code - */ - public String getCitizenCountryCode() { - if(isAttrRequest()) - return this.storkAttrQueryRequest.getCitizenCountryCode(); - else - return this.storkAuthnRequest.getCitizenCountryCode(); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() - */ - @Override - public List<Attribute> getRequestedAttributes() { - //TODO: only for testing with MOA-ID as PVP Stammportal - IOAAuthParameters oa; - try { - oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); - oa = DynamicOAAuthParameterBuilder.buildFromAuthnRequest(oa, this); - - DynamicOAAuthParameters tmp = (DynamicOAAuthParameters) oa; - tmp.setBusinessTarget(Constants.URN_PREFIX_CDID + "+BF"); - - return AttributQueryBuilder.buildSAML2AttributeList(tmp, DEFAULTREQUESTEDATTRFORINTERFEDERATION.iterator()); - - } catch (ConfigurationException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return null; - } - - //return new ArrayList<Attribute>(); - - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java deleted file mode 100644 index a233835bf..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java +++ /dev/null @@ -1,308 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestImpl; -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnResponse; - -import java.io.Serializable; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; - -import org.opensaml.saml2.core.Attribute; - -/** - * Implements MOA request and stores StorkAuthn/Attr-Request related data. - * - * @author bsuzic - */ -public class MOASTORKResponse extends RequestImpl { - - /** - * @param req - * @throws ConfigurationException - */ - public MOASTORKResponse(HttpServletRequest req) - throws ConfigurationException { - super(req); - } - - /** - * The Constant serialVersionUID. - */ - private static final long serialVersionUID = -5798803155055518747L; - - /** - * The stork authn request. - */ - private STORKAuthnResponse storkAuthnResponse; - - /** - * The stork attr query request. - */ - private STORKAttrQueryResponse storkAttrQueryResponse; - - /** - * The action. - */ - String action = null; - - /** - * The token - */ - private byte[] storkAuthnResponseToken = null; - - /** - * The request id. - */ - private String requestID; - - - /** - * The module. - */ - String module = null; - - /** - * The target. - */ - private String target = null; - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedModule() - */ - public String requestedModule() { - return this.module; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedAction() - */ - public String requestedAction() { - return action; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestID() - */ - public String getRequestID() { - return this.requestID; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#getTarget() - */ - public String getTarget() { - return this.target; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#isSSOSupported() - */ - public boolean isSSOSupported() { - return false; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#forceAuth() - */ - public boolean forceAuth() { - return false; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#setModule(java.lang.String) - */ - public void setModule(String module) { - this.module = module; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#setRequestID(java.lang.String) - */ - public void setRequestID(String id) { - this.requestID = id; - } - - /** - * Sets the sTORK authn response. - * - * @param request the new sTORK authn response - */ - public void setSTORKAuthnResponse(STORKAuthnResponse request) { - this.storkAuthnResponse = request; - } - - /** - * Sets the sTORK authn response token - * - * @param request the new sTORK authn response token - */ - public void setSTORKAuthnResponseToken(byte[] token) { - this.storkAuthnResponseToken = token; - } - - /** - * Gets the sTORK authn response token . - * - * @param request the new sTORK authn response - */ - public byte[] getSTORKAuthnResponseToken() { - return this.storkAuthnResponseToken; - } - /** - * Sets the sTORK attr response. - * - * @param request the new sTORK attr response - */ - public void setSTORKAttrResponse(STORKAttrQueryResponse request) { - this.storkAttrQueryResponse = request; - } - - /** - * Checks if the container holds an AttrQuery - * - * @return true, if is attr response - */ - public boolean isAttrResponse() { - return null != storkAttrQueryResponse; - } - - /** - * Checks if the container holds an AuthnRequest - * - * @return true, if is authn response - */ - public boolean isAuthnResponse() { - return null != storkAuthnResponse; - } - - - /** - * Gets the AuthnResponse. - * - * @return the stork authn response - */ - public STORKAuthnResponse getStorkAuthnResponse() { - return this.storkAuthnResponse; - } - - /** - * Gets the AttrQueryResponse. - * - * @return the stork attr query response - */ - public STORKAttrQueryResponse getStorkAttrQueryResponse() { - return this.storkAttrQueryResponse; - } - - /** - * Gets the personal attribute list. - * - * @return the personal attribute list - */ - public IPersonalAttributeList getPersonalAttributeList() { - if (isAttrResponse()) - return this.storkAttrQueryResponse.getPersonalAttributeList(); - else - return this.storkAuthnResponse.getPersonalAttributeList(); - } - - /** - * Sets the personal attribute list. - * - * @param populateAttributes the new personal attribute list - */ - public void setPersonalAttributeList(PersonalAttributeList populateAttributes) { - if (isAttrResponse()) - this.storkAttrQueryResponse.setPersonalAttributeList(populateAttributes); - else - this.storkAuthnResponse.setPersonalAttributeList(populateAttributes); - } - - /** - * Sets the country. - * - * @param spCountry the new country - */ - public void setCountry(String spCountry) { - if (isAttrResponse()) - this.storkAttrQueryResponse.setCountry(spCountry); - else - this.storkAuthnResponse.setCountry(spCountry); - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#getOAURL() - */ - public String getOAURL() { - if (isAuthnResponse()) - return storkAuthnResponse.getAudienceRestriction(); - else if (isAttrResponse()) - return storkAttrQueryResponse.getAudienceRestriction(); - else { - Logger.error("There is no authentication or attribute request contained in MOASTORKRequest."); - return null; - } - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#isPassiv() - */ - public boolean isPassiv() { - return false; - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.IRequest#setAction(java.lang.String) - */ - public void setAction(String action) { - this.action = action; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() - */ - @Override - public List<Attribute> getRequestedAttributes() { - // TODO Auto-generated method stub - return null; - } - - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java deleted file mode 100644 index a3fac0f6e..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java +++ /dev/null @@ -1,182 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.logging.Logger; - -import javax.xml.xpath.XPath; -import javax.xml.xpath.XPathExpressionException; -import javax.xml.xpath.XPathFactory; - -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.util.HashMap; - -/** - * @author bsuzic - * Date: 5/5/14, Time: 2:35 PM - */ -public abstract class MandateContainer { - protected String mandateIssuePlace = null; - protected String mandateIssueDate = null; - protected String mandateIssueTime = null; - protected String simpleMandateContent = null; - protected String mandateValidFrom = null; - protected String mandateValidTo = null; - protected String annotation = null; - protected String physicalRepresentativeIdentificationValue = null; - protected String physicalRepresentativeIdentificationType = null; - protected String physicalRepresentativeGivenName = null; - protected String physicalRepresentativeFamilyName = null; - protected String physicalRepresentativeBirthDate = null; - protected XPath xPath = null; - - - public MandateContainer(String mandate) throws XPathExpressionException, MOAIDException { - Logger.debug("Received mandate content for processing: " + mandate); - - xPath = XPathFactory.newInstance().newXPath(); - HashMap<String, String> prefMap = new HashMap<String, String>() {{ - put(S2Constants.MANDATE_PREFIX, S2Constants.MANDATE_NS); - put(S2Constants.PERSONDATA_PREFIX, S2Constants.PERSONDATA_NS); - put(S2Constants.XMLDSIG_PREFIX, S2Constants.XMLDSIG_NS); - }}; - - SimpleNamespaceContext namespace = new SimpleNamespaceContext(prefMap); - xPath.setNamespaceContext(namespace); - } - - - public void validateMandateStructure(String localMethods[]) throws NoSuchMethodException, InvocationTargetException, IllegalAccessException, MOAIDException { - for (String localMethod : localMethods) { - Method method = this.getClass().getMethod(localMethod); - Object x = method.invoke(this); - if ((x == null) || x.toString().length() == 0) { - throw new MOAIDException("stork.16", new Object[] {localMethod}); // TODO - } - } - Logger.debug("Mandate structure validated"); - } - - - public String getMandateIssuePlace() { - return mandateIssuePlace; - } - - public void setMandateIssuePlace(String mandateIssuePlace) { - this.mandateIssuePlace = mandateIssuePlace; - } - - public String getMandateIssueDate() { - return mandateIssueDate; - } - - public void setMandateIssueDate(String mandateIssueDate) { - this.mandateIssueDate = mandateIssueDate; - } - - public String getMandateIssueTime() { - return mandateIssueTime; - } - - public void setMandateIssueTime(String mandateIssueTime) { - this.mandateIssueTime = mandateIssueTime; - } - - public String getSimpleMandateContent() { - return simpleMandateContent; - } - - public void setSimpleMandateContent(String simpleMandateContent) { - this.simpleMandateContent = simpleMandateContent; - } - - public String getMandateValidFrom() { - return mandateValidFrom; - } - - public void setMandateValidFrom(String mandateValidFrom) { - this.mandateValidFrom = mandateValidFrom; - } - - public String getMandateValidTo() { - return mandateValidTo; - } - - public void setMandateValidTo(String mandateValidTo) { - this.mandateValidTo = mandateValidTo; - } - - public String getPhysicalRepresentativeIdentificationValue() { - return physicalRepresentativeIdentificationValue; - } - - public void setPhysicalRepresentativeIdentificationValue(String physicalRepresentativeIdentificationValue) { - this.physicalRepresentativeIdentificationValue = physicalRepresentativeIdentificationValue; - } - - public String getPhysicalRepresentativeIdentificationType() { - return physicalRepresentativeIdentificationType; - } - - public void setPhysicalRepresentativeIdentificationType(String physicalRepresentativeIdentificationType) { - this.physicalRepresentativeIdentificationType = physicalRepresentativeIdentificationType; - } - - public String getPhysicalRepresentativeGivenName() { - return physicalRepresentativeGivenName; - } - - public void setPhysicalRepresentativeGivenName(String physicalRepresentativeGivenName) { - this.physicalRepresentativeGivenName = physicalRepresentativeGivenName; - } - - public String getPhysicalRepresentativeFamilyName() { - return physicalRepresentativeFamilyName; - } - - public void setPhysicalRepresentativeFamilyName(String physicalRepresentativeFamilyName) { - this.physicalRepresentativeFamilyName = physicalRepresentativeFamilyName; - } - - public String getPhysicalRepresentativeBirthDate() { - return physicalRepresentativeBirthDate; - } - - public void setPhysicalRepresentativeBirthDate(String physicalRepresentativeBirthDate) { - // making it conform to STORK dateOfBirth specifications, removing dash - this.physicalRepresentativeBirthDate = physicalRepresentativeBirthDate.replaceAll("-",""); - } - - public String getAnnotation() { - return annotation; - } - - public void setAnnotation(String annotation) { - this.annotation = annotation; - } - - - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java deleted file mode 100644 index 2351450e4..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ /dev/null @@ -1,602 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.*; -import org.apache.commons.codec.binary.StringUtils; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.Marshaller; -import javax.xml.datatype.DatatypeConfigurationException; -import javax.xml.datatype.DatatypeFactory; -import javax.xml.datatype.XMLGregorianCalendar; -import javax.xml.namespace.QName; -import java.io.StringWriter; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.regex.Pattern; - -/** - * Entry point for mandate retrieval. Processes MIS data and transforms into STORK mandate attribute. - * Additionally provides eIdentifier attribute (if requested) in order to enable identity correlation - */ -public class MandateRetrievalRequest implements IAction { - - private IAuthData authData; - private MOASTORKRequest moaStorkRequest; - private IdentityLink representingIdentityLink; - private Integer QAALevel; - private byte[] originalContent; - - public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException { - Logger.debug("Entering AttributeRequest for MandateProvider"); - httpResp.reset(); - this.representingIdentityLink = authData.getIdentityLink(); - this.QAALevel = translateQAALevel(authData.getQAALevel()); - - // preparing original content and removing sensitive data from it - try { - this.originalContent = authData.getMISMandate().getMandate(); - } catch (Exception e) { - Logger.error("Could not extract mandate"); - Logger.debug(e); - throw new MOAIDException("stork.26", new Object[]{}); - } - String originalMandate = StringUtils.newStringUtf8(authData.getMISMandate().getMandate()).replaceAll("<pd:Value>.*?==</pd:Value><pd:Type>urn:publicid:gv.at:baseid</pd:Type>","<pd:Value></pd:Value><pd:Type></pd:Type>");; - Logger.debug("Removing personal identification value and type from original mandate "); - originalContent = StringUtils.getBytesUtf8(originalMandate); - - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(req.getOAURL()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()}); - - MOASTORKResponse moaStorkResponse = new MOASTORKResponse(httpReq); - STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); - - this.authData = authData; - - if ((req instanceof MOASTORKRequest)) { - this.moaStorkRequest = (MOASTORKRequest) req; - } else { - Logger.error("Internal error - did not receive MOASTORKRequest as expected"); - throw new MOAIDException("stork.27", new Object[]{}); - } - - - if (!(moaStorkRequest.isAttrRequest() || moaStorkRequest.getStorkAttrQueryRequest() == null)) { - Logger.error("Did not receive attribute request as expected"); - throw new MOAIDException("stork.27", new Object[]{}); - } - - MandateContainer mandateContainer = null; - - try { - mandateContainer = new CorporateBodyMandateContainer(new String(authData.getMISMandate().getMandate(), "UTF-8")); - } catch (Exception ex) { - try { - mandateContainer = new PhyPersonMandateContainer(new String(authData.getMISMandate().getMandate(), "UTF-8")); - } catch (Exception ex2) { - Logger.error("Could not extract data and create mandate container."); - throw new MOAIDException("stork.27", new Object[]{}); - } - } - - IPersonalAttributeList sourceAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList(); - - IPersonalAttributeList attributeList = new PersonalAttributeList(); - - // according to new mapping, only mandate attribute is directly relevant - for (PersonalAttribute currentAttribute : sourceAttributeList) { - Logger.debug("Evaluating attributes, current attribute: " + currentAttribute.getName()); - if (currentAttribute.getName().equals("mandateContent")) { // deprecated - MandateContentType mandateContent = getMandateContent(mandateContainer, currentAttribute); - attributeList.add(marshallComplexAttribute(currentAttribute, mandateContent)); - } else if (currentAttribute.getName().equals("representative")) { // deprecated - RepresentationPersonType representative = getRepresentative(mandateContainer, currentAttribute); - attributeList.add(marshallComplexAttribute(currentAttribute, representative)); - } else if (currentAttribute.getName().equals("represented")) { - RepresentationPersonType represented = getRepresented(mandateContainer, currentAttribute); - attributeList.add(marshallComplexAttribute(currentAttribute, represented)); - } else if (currentAttribute.getName().equals("mandate")) { - MandateType mandateType = getMandateType(mandateContainer, currentAttribute); - attributeList.add(marshallComplexAttribute(currentAttribute, mandateType)); - } else if (currentAttribute.getName().equals("legalName")) { - String legalName = getLegalName(mandateContainer, currentAttribute); - if (legalName.length() > 0) { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(legalName), AttributeStatusType.AVAILABLE.value())); - } else { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(legalName), AttributeStatusType.NOT_AVAILABLE.value())); - } - } else if (currentAttribute.getName().equals("eLPIdentifier")) { - String eLPIdentifier = geteLPIdentifier(mandateContainer, currentAttribute); - if (eLPIdentifier.length() > 0) { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(eLPIdentifier), AttributeStatusType.AVAILABLE.value())); - } else { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(eLPIdentifier), AttributeStatusType.NOT_AVAILABLE.value())); - } - } else if (currentAttribute.getName().equals("type")) { - String type = getCompanyType(mandateContainer, currentAttribute); - if (type.length() > 0) { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(type), AttributeStatusType.AVAILABLE.value())); - } else { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(type), AttributeStatusType.NOT_AVAILABLE.value())); - } - } else if (currentAttribute.getName().equals("status")) { - String status = getCompanyStatus(mandateContainer, currentAttribute); - if (status.length() > 0) { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(status), AttributeStatusType.AVAILABLE.value())); - } else { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(status), AttributeStatusType.NOT_AVAILABLE.value())); - } - } else if (currentAttribute.getName().equals("translatableType")) { - String translatableType = getCompanyTranslatableType(mandateContainer, currentAttribute); - if (translatableType.length() > 0) { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(translatableType), AttributeStatusType.AVAILABLE.value())); - } else { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(translatableType), AttributeStatusType.NOT_AVAILABLE.value())); - } - } - - if (currentAttribute.getName().equals("eIdentifier")) { - attributeList.add(new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), Arrays.asList(geteIdentifier(authData.getIdentificationType(), authData.getIdentificationValue(), moaStorkRequest.getStorkAttrQueryRequest().getSpCountry())), AttributeStatusType.AVAILABLE.value())); - Logger.info("Adding eIdentifier for mandate holder using SP country: " + moaStorkRequest.getStorkAttrQueryRequest().getSpCountry()); - } - - } - - -// if (attrResponse.getPersonalAttributeList().size() == 0) { -// Logger.error("AttributeList empty - could not retrieve attributes"); -// throw new MOAIDException("stork.16", new Object[]{}); // TODO MESSAGE -// } - - attrResponse.setPersonalAttributeList(attributeList); - moaStorkResponse.setSTORKAttrResponse(attrResponse); - - Logger.debug("Attributes retrieved: " + moaStorkResponse.getStorkAttrQueryResponse().getPersonalAttributeList().size() + " for SP country " + attrResponse.getCountry()); - - // Prepare extended attributes - Logger.debug("Preparing data container"); - - // create fresh container - DataContainer container = new DataContainer(); - - // - fill in the request we extracted above - container.setRequest(moaStorkRequest); - - // - fill in the partial response created above - container.setResponse(moaStorkResponse); - - container.setRemoteAddress(httpReq.getRemoteAddr()); - - Logger.debug("Data container prepared"); - - // ask for consent if necessary - if (oaParam.isRequireConsentForStorkAttributes()) - new ConsentEvaluator().requestConsent(container, httpReq, httpResp, authData, oaParam); - else - new ConsentEvaluator().generateSTORKResponse(httpResp, container); - - return null; - } - - private Integer translateQAALevel(String qaaLevel) throws MOAIDException { - if (qaaLevel.equals(PVPConstants.STORK_QAA_1_1)) - return 1; - if (qaaLevel.equals(PVPConstants.STORK_QAA_1_2)) - return 2; - if (qaaLevel.equals(PVPConstants.STORK_QAA_1_3)) - return 3; - if (qaaLevel.equals(PVPConstants.STORK_QAA_1_4)) - return 4; - Logger.error("Wrong QAA Number format"); - throw new MOAIDException("stork.28", new Object[]{}); - } - - private String geteLPIdentifier(MandateContainer mandateContainer, PersonalAttribute currentAttribute) throws MOAIDException { - RepresentationPersonType represented = getRepresented(mandateContainer, currentAttribute); - if (mandateContainer instanceof CorporateBodyMandateContainer) { - return represented.getELPIdentifier(); - } else if (currentAttribute.isRequired()) { - Logger.error("Cannot provide eLPIdentifier for natural person."); - throw new MOAIDException("stork.29", new Object[]{currentAttribute.getName()}); - } - return ""; - } - - private String geteIdentifier(String identificationType, String identificationValue, String destinationCountry) throws MOAIDException { - BPKBuilder bpkBuilder = new BPKBuilder(); - try { - return bpkBuilder.buildStorkeIdentifier(identificationType, identificationValue, destinationCountry); - } catch (BuildException be) { - Logger.error("Could not build STORK eIdentifier while generating mandate assertion."); - throw new MOAIDException("stork.29", new Object[]{}); - } - } - - private PersonalAttribute marshallComplexAttribute(PersonalAttribute currentAttribute, Object obj) { // TODO refactor - StringWriter stringWriter = new StringWriter(); - try { - if (obj instanceof MandateContentType) { - final Marshaller marshaller = JAXBContext.newInstance(MandateContentType.class).createMarshaller(); - marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - marshaller.marshal(new JAXBElement<MandateContentType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), MandateContentType.class, null, (MandateContentType) obj), stringWriter); - } else if (obj instanceof MandateType) { - final Marshaller marshaller = JAXBContext.newInstance(MandateType.class).createMarshaller(); - marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - marshaller.marshal(new JAXBElement<MandateType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), MandateType.class, null, (MandateType) obj), stringWriter); - } else if (obj instanceof RepresentationPersonType) { - final Marshaller marshaller = JAXBContext.newInstance(RepresentationPersonType.class).createMarshaller(); - marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - marshaller.marshal(new JAXBElement<RepresentationPersonType>(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), RepresentationPersonType.class, null, (RepresentationPersonType) obj), stringWriter); - } - - } catch (Exception ex) { - Logger.error("Could not marshall atrribute: " + currentAttribute.getName() + ", " + ex.getMessage()); - return new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), new ArrayList<String>(), AttributeStatusType.NOT_AVAILABLE.value()); - } - ArrayList<String> value = new ArrayList<String>(); - value.add(stringWriter.toString()); - - PersonalAttribute personalAttribute = new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), value, AttributeStatusType.AVAILABLE.value()); - return personalAttribute; - } - - - private String mapPowersType(MandateContainer mandateContainer) { - Logger.debug("Analyzing mandate of type: " + mandateContainer.getAnnotation() + "."); - // using if for java 6 compatibility if necessary - if (mandateContainer.getAnnotation().equals("ELGABilateral")) { - return "6"; // Health Powers - } else if (mandateContainer.getAnnotation().equals("ERsB")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("Gesetzliche Vollmacht auf Basis Ergäzungsregister für sonstige Betroffene")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("Gesetzliche Vollmacht auf Basis Ergänzungsregister für sonstige Betroffene")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().contains("Gesetzliche Vollmacht auf Basis Erg")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("GeneralvollmachtBilateral")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().contains("Gesetzliche Vollmacht auf Basis Firmenbuch")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("ERsBMitPostvollmacht")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("ZVR")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("ZVRMitPostvollmacht")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("EVB")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("Einzelvertretungsbefugnis")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("Prokura")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("Notar")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("Organwalter")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("Rechtsanwalt")) { - return "0"; // General Powers - } else if (mandateContainer.getAnnotation().equals("Ziviltechniker")) { - return "0"; // General Powers - } - Logger.debug("Returning other type of mandate"); - return "9"; - } - - private MandateType getMandateType(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - MandateType mandateType = new MandateType(); - RepresentationPersonType representative = getRepresentative(mandateContainer, sourceAttribute); - RepresentationPersonType represented = getRepresented(mandateContainer, sourceAttribute); - MandateContentType mandateContent = getMandateContent(mandateContainer, sourceAttribute); - mandateType.setRepresentative(representative); - mandateType.setRepresented(represented); - mandateType.getMandateContent().add(mandateContent); - Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); - return mandateType; - } - - private String getLegalName(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - RepresentationPersonType represented = getRepresented(mandateContainer, sourceAttribute); - if (mandateContainer instanceof CorporateBodyMandateContainer) { - represented.getLegalName(); - //return represented.getName(); - } else if (sourceAttribute.isRequired()) { - Logger.error("Cannot provide legalName for natural person."); - throw new MOAIDException("stork.19", new Object[]{sourceAttribute.getName()}); - } - return ""; - } - - - private String getLegalIdentificationType(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - if (mandateContainer instanceof CorporateBodyMandateContainer) { - return ((CorporateBodyMandateContainer) mandateContainer).getCorpMandatorIdentificationType(); - } else if (sourceAttribute.isRequired()) { - Logger.error("Cannot provide type for natural person."); - throw new MOAIDException("stork.19", new Object[]{sourceAttribute.getName()}); // TODO - } - return ""; - } - - private String getCompanyStatus(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - String legalName = getLegalName(mandateContainer, sourceAttribute); - if (legalName.contains("in Liquidation") || legalName.contains("in Liqu.")) { - return "L"; // liqudation - } - return "R"; - } - - private String getCompanyType(String legalName, String legalIdentificationType, PersonalAttribute sourceAttrivbute) throws MOAIDException { - // compile patterns for different organisation types - // sources: USP, WKO, LexAndTax - - // gmbh patterns - ArrayList<Pattern> gmbhPatterns = new ArrayList<Pattern>(); - gmbhPatterns.add(Pattern.compile(".+ GmbH(( in Liquidation)|( in Liqu.)){0,1}$")); - gmbhPatterns.add(Pattern.compile(".+ GesmbH$")); - gmbhPatterns.add(Pattern.compile(".+ Gesellschaft mit beschränkter Haftung$")); - gmbhPatterns.add(Pattern.compile(".+ Ges\\.m\\.b\\.H\\.$")); - gmbhPatterns.add(Pattern.compile(".+ G\\.m\\.b\\.H\\.$")); - gmbhPatterns.add(Pattern.compile(".+ Handelsges\\.m\\.b\\.H\\.$")); - gmbhPatterns.add(Pattern.compile(".+ Gesellschaft m\\.b\\.H\\.$")); - - // ag patterns - ArrayList<Pattern> agPatterns = new ArrayList<Pattern>(); - agPatterns.add(Pattern.compile(".+ AG$")); - agPatterns.add(Pattern.compile(".+ Aktiengesellschaft$")); - - // og patterns - ArrayList<Pattern> ogPatterns = new ArrayList<Pattern>(); - ogPatterns.add(Pattern.compile(".+ OG$")); - ogPatterns.add(Pattern.compile(".+ OHG$")); - ogPatterns.add(Pattern.compile(".+ offene Gesellschaft$")); - - // kg patterns - ArrayList<Pattern> kgPatterns = new ArrayList<Pattern>(); - kgPatterns.add(Pattern.compile(".+ KG$")); - kgPatterns.add(Pattern.compile(".+ Kommanditgesellschaft$")); - - // eu patterns - ArrayList<Pattern> euPatterns = new ArrayList<Pattern>(); - euPatterns.add(Pattern.compile(".+ eingetragene Unternehmerin$")); - euPatterns.add(Pattern.compile(".+ eingetragener Unternehmer$")); - euPatterns.add(Pattern.compile(".+ e\\.U\\.$")); - - - // company patterns - HashMap<String, ArrayList<Pattern>> companyPatterns = new HashMap<String, ArrayList<Pattern>>(); - companyPatterns.put("GmbH", gmbhPatterns); - companyPatterns.put("AG", agPatterns); - companyPatterns.put("OG", ogPatterns); - companyPatterns.put("KG", kgPatterns); - companyPatterns.put("e.U.", euPatterns); - - // iterate over different types of companies and check if the name ending matches - if (S2Constants.IDENTIFICATION_TYPE_COMPANY.equals(legalIdentificationType)) { - for (String companyType : companyPatterns.keySet()) { - for (Pattern pattern : companyPatterns.get(companyType)) { - if (pattern.matcher(legalName).matches()) { - return companyType; - } - } - } - } - - // check if the subject is association - if (S2Constants.IDENTIFICATION_TYPE_ASSOCIATION.equals(legalIdentificationType)) { - return "Verein"; - } - - // check if the subject falls under category of others - if (S2Constants.IDENTIFICATION_TYPE_OTHERS.equals(legalIdentificationType)) { - return "ERsB"; - } - - return ""; - } - - private String getCompanyType(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - // retrieve the registered subject name and identification type - String legalName = getLegalName(mandateContainer, sourceAttribute); - String legalIdentificationType = getLegalIdentificationType(mandateContainer, sourceAttribute); - return getCompanyType(legalName, legalIdentificationType, sourceAttribute); - } - - private String getCompanyTranslatableType(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - // retrieve first the company type - String companyType = getCompanyType(mandateContainer, sourceAttribute); - - // translate company type based on the section 5.6 in STORK 2 D4.11 - if (companyType.length() == 0) { - return ""; - } else if (companyType.equals("GmbH")) { - return "G"; - } else if (companyType.equals("AG")) { - return "A"; - } else if (companyType.equals("OG")) { - return "O"; - } else if (companyType.equals("KG")) { - return "K"; - } else { - return ""; - } - } - - - private String getRepresentedStorkeIdentifier(MandateContainer mandateContainer) throws MOAIDException { - - if (!(mandateContainer instanceof PhyPersonMandateContainer)) { - Logger.error("Physical person mandate container missing"); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer) mandateContainer; - - if (!phyPersonMandateContainer.getPhyPersMandatorIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { - Logger.error("Identification type of represented person from MIS is not correct"); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - if (phyPersonMandateContainer.getPhyPersMandatorIdentificationValue().length() != 24) { - Logger.error("Identification value of represented person from MIS is not correct"); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - if ((this.moaStorkRequest.getStorkAttrQueryRequest().getSpCountry() == null) || (this.moaStorkRequest.getStorkAttrQueryRequest().getSpCountry().length() == 0)) { - Logger.error("Error accessing SP country code"); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - return geteIdentifier(phyPersonMandateContainer.getPhyPersMandatorIdentificationType(), phyPersonMandateContainer.getPhyPersMandatorIdentificationValue(), this.moaStorkRequest.getStorkAttrQueryRequest().getSpCountry()); - } - - private String getRepresentingStorkeIdentifier(MandateContainer mandateContainer) throws MOAIDException { - if ((this.representingIdentityLink == null)) { - Logger.error("Error accessing identityLink while fetching mandate attribute"); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - if ((this.moaStorkRequest.getStorkAttrQueryRequest().getSpCountry() == null) || (this.moaStorkRequest.getStorkAttrQueryRequest().getSpCountry().length() == 0)) { - Logger.error("Error accessing SP country code"); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - if (!this.representingIdentityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { - Logger.error("Incorrect identity link (local): identification type is not correct! Got: " + this.representingIdentityLink.getIdentificationType()); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - if (!mandateContainer.getPhysicalRepresentativeIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { - Logger.error("Incorrect identity link (MIS): identification type is not correct! Got: " + this.representingIdentityLink.getIdentificationType() + " (representingIdentityLink) and " + mandateContainer.getPhysicalRepresentativeIdentificationType() + " (mandateContainer.phyRepresentative)"); - Logger.debug("mandatecontainervalue: " + mandateContainer.getPhysicalRepresentativeIdentificationValue() + ", representingidentitylinkvalue: " + this.representingIdentityLink.getIdentificationValue()); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - if (!mandateContainer.getPhysicalRepresentativeIdentificationValue().equals(this.representingIdentityLink.getIdentificationValue())) { - Logger.error("Identification values from MIS and local service are not equal!"); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - BPKBuilder bpkBuilder = new BPKBuilder(); - try { - return bpkBuilder.buildStorkeIdentifier(this.representingIdentityLink, this.moaStorkRequest.getStorkAttrQueryRequest().getSpCountry()); - } catch (BuildException be) { - Logger.error("Could not build STORK eIdentifier while generating mandate assertion."); - throw new MOAIDException("stork.20", new Object[]{}); // TODO - } - - } - - private RepresentationPersonType getRepresentative(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - RepresentationPersonType representative = new RepresentationPersonType(); - - representative.setEIdentifier(getRepresentingStorkeIdentifier(mandateContainer)); - representative.setGivenName(mandateContainer.getPhysicalRepresentativeGivenName()); - representative.setSurname(mandateContainer.getPhysicalRepresentativeFamilyName()); - representative.setDateOfBirth(mandateContainer.getPhysicalRepresentativeBirthDate()); - - Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); - return representative; - } - - private RepresentationPersonType getRepresented(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - RepresentationPersonType represented = new RepresentationPersonType(); - - if (mandateContainer instanceof CorporateBodyMandateContainer) { - CorporateBodyMandateContainer corporateBodyMandateContainer = (CorporateBodyMandateContainer) mandateContainer; - represented.setELPIdentifier(corporateBodyMandateContainer.getCorpMandatorIdentificationValue()); - represented.setLegalName(corporateBodyMandateContainer.getCorpMandatorFullName()); - represented.setTextRegisteredAddress(null); - represented.setCanonicalRegisteredAddress(new CanonicalAddressType()); - represented.setLegalForm(getCompanyType(corporateBodyMandateContainer.corpMandatorFullName, corporateBodyMandateContainer.corpMandatorIdentificationType, sourceAttribute)); - } else if (mandateContainer instanceof PhyPersonMandateContainer) { - PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer) mandateContainer; - represented.setEIdentifier(getRepresentedStorkeIdentifier(mandateContainer)); - represented.setGivenName(phyPersonMandateContainer.getPhyPersMandatorGivenName()); - represented.setSurname(phyPersonMandateContainer.getPhyPersMandatorFamilyName()); - represented.setDateOfBirth(phyPersonMandateContainer.getPhyPersMandatorBirthDate()); - } - - Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); - - return represented; - } - - - private MandateContentType getMandateContent(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { - MandateContentType mandateContent = new MandateContentType(); - try { - XMLGregorianCalendar validFrom = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidFrom()); - XMLGregorianCalendar validTo = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidTo()); - TimeRestrictionType timeRestriction = new TimeRestrictionType(); - timeRestriction.setValidFrom(validFrom); - timeRestriction.setValidTo(validTo); - mandateContent.setTimeRestriction(timeRestriction); - } catch (DatatypeConfigurationException dte) { - Logger.error("Error converting date from mandate: " + mandateContainer.getMandateValidFrom() + ", " + mandateContainer.getMandateValidTo()); - throw new MOAIDException("stork.20", new Object[]{}); - } - mandateContent.setAQAA(this.QAALevel); - mandateContent.setOriginalMandate(originalContent); - mandateContent.setOriginalMandateType("application/xml"); - TransactionLimitRestrictionType transactionLimit = new TransactionLimitRestrictionType(); - mandateContent.setTransactionLimit(transactionLimit); - mandateContent.setIsJoint(""); - mandateContent.setIsChained(false); - mandateContent.setTypeOfPower(mapPowersType(mandateContainer)); // TODO check - Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); - return mandateContent; - } - - public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - return true; - } - - public String getDefaultActionName() { - return STORKProtocol.MANDATERETRIEVALREQUEST; - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java deleted file mode 100644 index c715b65eb..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java +++ /dev/null @@ -1,132 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.logging.Logger; -import org.xml.sax.InputSource; - -import javax.xml.xpath.XPathExpressionException; -import java.io.StringReader; - -/** - * Physical person representing physical person - * @author bsuzic - * Date: 4/30/14, Time: 11:29 AM - */ -public class PhyPersonMandateContainer extends MandateContainer { - - private String phyPersMandatorIdentificationValue = null; - private String phyPersMandatorIdentificationType = null; - private String phyPersMandatorGivenName = null; - private String phyPersMandatorFamilyName = null; - private String phyPersMandatorBirthDate = null; - - String localMethods[] = new String[]{"getPhyPersMandatorGivenName", "getPhyPersMandatorFamilyName", "getPhyPersMandatorBirthDate", "getPhyPersMandatorIdentificationValue", - "getPhyPersMandatorIdentificationType", "getMandateIssuePlace", "getMandateIssueDate", "getMandateIssueTime", "getSimpleMandateContent", "getMandateValidFrom", - "getMandateValidTo", "getPhysicalRepresentativeIdentificationValue", "getPhysicalRepresentativeIdentificationType", "getAnnotation", - "getPhysicalRepresentativeGivenName", "getPhysicalRepresentativeFamilyName", "getPhysicalRepresentativeBirthDate" - }; - - - public PhyPersonMandateContainer(String mandate) throws XPathExpressionException, MOAIDException { - super(mandate); - - setAnnotation(xPath.evaluate(S2Constants.MANDATE_ANNOTATION_QUERY, new InputSource(new StringReader(mandate)))); - setPhyPersMandatorIdentificationType(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); - setPhyPersMandatorIdentificationValue(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); - setPhyPersMandatorGivenName(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_GIVENNAME_QUERY, new InputSource(new StringReader(mandate)))); - setPhyPersMandatorFamilyName(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_FAMILYNAME_QUERY, new InputSource(new StringReader(mandate)))); - setPhyPersMandatorBirthDate(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_DATEOFBIRTH_QUERY, new InputSource(new StringReader(mandate)))); - setMandateIssueDate(xPath.evaluate(S2Constants.MANDATE_ISSUEDDATE_QUERY, new InputSource(new StringReader(mandate)))); - setMandateIssuePlace(xPath.evaluate(S2Constants.MANDATE_ISSUEDPLACE_QUERY, new InputSource(new StringReader(mandate)))); - setMandateIssueTime(xPath.evaluate(S2Constants.MANDATE_ISSUEDTIME_QUERY, new InputSource(new StringReader(mandate)))); - setMandateValidFrom(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_VALIDFROM_QUERY, new InputSource(new StringReader(mandate)))); - setMandateValidTo(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_VALIDTO_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeBirthDate(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_DATEOFBIRTH_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeFamilyName(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_FAMILYNAME_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeGivenName(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_GIVENNAME_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeIdentificationType(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); - setPhysicalRepresentativeIdentificationValue(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); - setSimpleMandateContent(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY, new InputSource(new StringReader(mandate)))); - - // check if all necessary fields are present - Logger.debug("Starting mandate structure validation"); - try { - validateMandateStructure(localMethods); // TODO - } catch (Exception e) { - if (e instanceof MOAIDException) { - Logger.error("Could not validate mandate structure."); - throw new MOAIDException("stork.16", new Object[] {e.getMessage()}); // TODO - } else { - Logger.error("Error during mandate structure validation."); - throw new MOAIDException("stork.16", new Object[] {e.getMessage()}); // TODO - } - - } - } - - - - public String getPhyPersMandatorGivenName() { - return phyPersMandatorGivenName; - } - - public void setPhyPersMandatorGivenName(String phyPersMandatorGivenName) { - this.phyPersMandatorGivenName = phyPersMandatorGivenName; - } - - public String getPhyPersMandatorFamilyName() { - return phyPersMandatorFamilyName; - } - - public void setPhyPersMandatorFamilyName(String phyPersMandatorFamilyName) { - this.phyPersMandatorFamilyName = phyPersMandatorFamilyName; - } - - public String getPhyPersMandatorBirthDate() { - return phyPersMandatorBirthDate; - } - - public void setPhyPersMandatorBirthDate(String phyPersMandatorBirthDate) { - // making it conform to STORK dateOfBirth specifications, removing dash - this.phyPersMandatorBirthDate = phyPersMandatorBirthDate.replaceAll("-",""); - } - - public String getPhyPersMandatorIdentificationValue() { - return phyPersMandatorIdentificationValue; - } - - public void setPhyPersMandatorIdentificationValue(String phyPersMandatorIdentificationValue) { - this.phyPersMandatorIdentificationValue = phyPersMandatorIdentificationValue; - } - - public String getPhyPersMandatorIdentificationType() { - return phyPersMandatorIdentificationType; - } - - public void setPhyPersMandatorIdentificationType(String phyPersMandatorIdentificationType) { - this.phyPersMandatorIdentificationType = phyPersMandatorIdentificationType; - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java deleted file mode 100644 index a560bdaff..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java +++ /dev/null @@ -1,66 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -/** - * @author bsuzic - * Date: 4/29/14, Time: 5:34 PM - */ -public interface S2Constants { - public static final String MANDATE_PREFIX = "mandate"; - public static final String PERSONDATA_PREFIX = "persondata"; - public static final String XMLDSIG_PREFIX = "xmldsig"; - - public static final String MANDATE_NS = "http://reference.e-government.gv.at/namespace/mandates/20040701#"; - public static final String PERSONDATA_NS = "http://reference.e-government.gv.at/namespace/persondata/20020228#"; - public static final String XMLDSIG_NS = "http://www.w3.org/2000/09/xmldsig#"; - - public static final String MANDATE_ANNOTATION_QUERY = "/mandate:Mandate/mandate:Annotation/text()"; - public static final String MANDATE_REPRESENTATIVE_PHYPERS_IDVALUE_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:Identification/persondata:Value/text()"; - public static final String MANDATE_REPRESENTATIVE_PHYPERS_IDTYPE_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:Identification/persondata:Type/text()"; - public static final String MANDATE_REPRESENTATIVE_PHYPERS_GIVENNAME_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:Name/persondata:GivenName/text()"; - public static final String MANDATE_REPRESENTATIVE_PHYPERS_FAMILYNAME_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:Name/persondata:FamilyName/text()"; - public static final String MANDATE_REPRESENTATIVE_PHYPERS_DATEOFBIRTH_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:DateOfBirth/text()"; - public static final String MANDATE_MANDATOR_CORPBODY_IDVALUE_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:CorporateBody/persondata:Identification/persondata:Value/text()"; - public static final String MANDATE_MANDATOR_CORPBODY_IDTYPE_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:CorporateBody/persondata:Identification/persondata:Type/text()"; - public static final String MANDATE_MANDATOR_CORPBODY_FULLNAME_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:CorporateBody/persondata:FullName/text()"; - public static final String MANDATE_ISSUEDPLACE_QUERY = "/mandate:Mandate/mandate:Issued/mandate:Place/text()"; - public static final String MANDATE_ISSUEDDATE_QUERY = "/mandate:Mandate/mandate:Issued/mandate:Date/text()"; - public static final String MANDATE_ISSUEDTIME_QUERY = "/mandate:Mandate/mandate:Issued/mandate:Time/text()"; - public static final String MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY = "/mandate:Mandate/mandate:SimpleMandateContent/mandate:TextualDescription/text()"; - public static final String MANDATE_SIMPLEMANDATECONTENT_VALIDFROM_QUERY = "/mandate:Mandate/mandate:SimpleMandateContent/mandate:TimeConstraint/mandate:ValidFrom/text()"; - public static final String MANDATE_SIMPLEMANDATECONTENT_VALIDTO_QUERY = "/mandate:Mandate/mandate:SimpleMandateContent/mandate:TimeConstraint/mandate:ValidTo/text()"; - - public static final String MANDATE_MANDATOR_PHYPERS_IDVALUE_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:Identification/persondata:Value/text()"; - public static final String MANDATE_MANDATOR_PHYPERS_IDTYPE_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:Identification/persondata:Type/text()"; - public static final String MANDATE_MANDATOR_PHYPERS_GIVENNAME_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:Name/persondata:GivenName/text()"; - public static final String MANDATE_MANDATOR_PHYPERS_FAMILYNAME_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:Name/persondata:FamilyName/text()"; - public static final String MANDATE_MANDATOR_PHYPERS_DATEOFBIRTH_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:DateOfBirth/text()"; - - public static final String IDENTIFICATION_TYPE_COMPANY = "urn:publicid:gv.at:baseid+XFN"; - public static final String IDENTIFICATION_TYPE_ASSOCIATION = "urn:publicid:gv.at:baseid+XZVR"; - public static final String IDENTIFICATION_TYPE_OTHERS = "urn:publicid:gv.at:baseid+XERSB"; - - - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKPVPUtilits.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKPVPUtilits.java deleted file mode 100644 index 123d32af4..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKPVPUtilits.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.protocols.stork2; - -import java.util.Arrays; -import java.util.List; - -/** - * @author tlenz - * - */ -public class STORKPVPUtilits { - - public static final List<String> attributesRequirePVPAuthentication = - Arrays.asList("ECApplicationRole", "MSOrganization"); - - - - public static boolean performAuthenticationOnNationalIDP(MOASTORKRequest moastorkRequest) { - for (String el : attributesRequirePVPAuthentication) { - if (moastorkRequest.getPersonalAttributeList().containsKey(el)) { - return true; - - } - } - return false; - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java deleted file mode 100644 index c4f9658e4..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ /dev/null @@ -1,233 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IModulInfo; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; -import eu.stork.peps.auth.commons.*; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.util.HashMap; - -/** - * Stork 2 Protocol Support - * - * @author bsuzic - */ -public class STORKProtocol extends MOAIDAuthConstants implements IModulInfo { - - public static final String NAME = STORKProtocol.class.getName(); - public static final String PATH = "id_stork2"; - - public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; - public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; - public static final String MANDATERETRIEVALREQUEST = "MandateRetrievalRequest"; - public static final String CONSENT_EVALUATOR = "ConsentEvaluator"; - - private static HashMap<String, IAction> actions = new HashMap<String, IAction>(); - - static { - actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); - actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); - actions.put(CONSENT_EVALUATOR, new ConsentEvaluator()); - actions.put(MANDATERETRIEVALREQUEST, new MandateRetrievalRequest()); - } - - public String getName() { - return NAME; - } - - public String getPath() { - return PATH; - } - - public IAction getAction(String action) { - return actions.get(action); - } - - public STORKProtocol() { - super(); - } - - /* - First request step - send it to BKU selection for user authentication. After the user credentials - and other info are obtained, in the second step the request will be processed and the user redirected - */ - public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action, - String sessionId, String transactionId) throws MOAIDException { - Logger.info("Starting preprocessing for Stork2 protocol"); - Logger.debug("Request method: " + request.getMethod()); - Logger.debug("Request content length: " + request.getContentLength()); - Logger.debug("Initiating action: " + action); - - MOASTORKRequest STORK2Request = new MOASTORKRequest(request); - MOASTORKResponse STORK2Response = new MOASTORKResponse(request); - - - if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action)) - return STORK2Request; - - - if (request.getParameter("SAMLResponse") != null) { // TODO check attribute collector - //extract STORK Response from HTTP Request - byte[] decSamlToken; - try { - decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse")); - } catch (NullPointerException e) { - if (request.getRemoteHost().contains("129.27.142")) { - Logger.warn("Availability check by " + request.getRemoteHost() + " on URI: " + request.getRequestURI()); - } else { - Logger.error("Unable to retrieve STORK Request for host: " + request.getRemoteHost() + " and URI: " + request.getRequestURI(), e); - } - throw new MOAIDException("stork.04", null); - } - - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - - STORKAuthnResponse authnResponse = null; - - - // check if valid authn request is contained - try { - authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, request.getRemoteAddr()); - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); - } - - STORK2Response.setSTORKAuthnResponseToken(decSamlToken); - - return STORK2Response; - - } else if (request.getParameter("SAMLRequest") != null) { - - //extract STORK Response from HTTP Request - byte[] decSamlToken; - try { - decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); - } catch (NullPointerException e) { - if (request.getRemoteHost().contains("129.27.142")) { - Logger.warn("Availability check by " + request.getRemoteHost() + " on URI: " + request.getRequestURI()); - } else { - Logger.error("Unable to retrieve STORK Request for host: " + request.getRemoteHost() + " and URI: " + request.getRequestURI(), e); - } - throw new MOAIDException("stork.04", null); - } - - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - - STORKAuthnRequest authnRequest = null; - STORKAttrQueryRequest attrRequest = null; - - // check if valid authn request is contained - try { - authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); - - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); - - } catch (ClassCastException e) { - // we do not have a authnRequest - // check if a valid attr request is container - try { - attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); - - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); - - } - } - - // if there is no authn or attr request, raise error - if ((authnRequest == null) && (attrRequest == null)) { - Logger.error("There is no authentication or attribute request contained."); - throw new MOAIDException("stork.14", null); - } - // list attributes in the request - try { - for (PersonalAttribute personalAttribute : authnRequest.getPersonalAttributeList()) { - Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); - } - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage()); - } - - STORK2Request.setSTORKAuthnRequest(authnRequest); - STORK2Request.setSTORKAttrRequest(attrRequest); - - //check if OA is instance of VIDP or STORKPVPGateway - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(STORK2Request.getOAURL()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{STORK2Request.getOAURL()}); - - else { - STORK2Request.setOnlineApplicationConfiguration(oaParam); - if (oaParam.isSTORKPVPGateway()) { - if (MiscUtil.isNotEmpty(oaParam.getSTORKPVPForwardEntity())) { - Logger.info("Received request for STORK->PVP gateway. " + - "Forward to PVP portal with entiyID " + oaParam.getSTORKPVPForwardEntity() + - " ..." ); - STORK2Request.setRequestedIDP(oaParam.getSTORKPVPForwardEntity()); - - } else { - Logger.error("InterfederatedGateway configuration with ID " + STORK2Request.getOAURL() + - " not configure a forward entityID."); - throw new MOAIDException("", null); - - } - } - - } - - return STORK2Request; - } else { - throw new MOAIDException("stork.14", null); // TODO Specify message - } - } - - public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { - return null; - } - - public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable { - return false; - } - - public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { - return false; - } -} - - diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SimpleNamespaceContext.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SimpleNamespaceContext.java deleted file mode 100644 index 2c2df3e54..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SimpleNamespaceContext.java +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.protocols.stork2; - -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map.Entry; -import java.util.Set; - -import javax.xml.namespace.NamespaceContext; - -/** - * @author tlenz - * - */ -public class SimpleNamespaceContext implements NamespaceContext { - - HashMap<String, String> prefMap = null; - /** - * @param prefMap - */ - SimpleNamespaceContext(HashMap<String, String> prefMap) { - this.prefMap = prefMap; - } - - /* (non-Javadoc) - * @see javax.xml.namespace.NamespaceContext#getNamespaceURI(java.lang.String) - */ - @Override - public String getNamespaceURI(String prefix) { - if (prefMap.containsKey(prefix)) - return prefMap.get(prefix); - else - return null; - } - - /* (non-Javadoc) - * @see javax.xml.namespace.NamespaceContext#getPrefix(java.lang.String) - */ - @Override - public String getPrefix(String namespaceURI) { - if (prefMap.containsValue(namespaceURI)) { - Set<Entry<String, String>> set = prefMap.entrySet(); - for (Entry<String, String> el : set) { - if (el.getValue().equals(namespaceURI)) - return el.getKey(); - - } - } - - return null; - } - - /* (non-Javadoc) - * @see javax.xml.namespace.NamespaceContext#getPrefixes(java.lang.String) - */ - @Override - public Iterator getPrefixes(String namespaceURI) { - // TODO Auto-generated method stub - return null; - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java deleted file mode 100644 index 31b9c9c0a..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java +++ /dev/null @@ -1,29 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2; - -public class UnsupportedAttributeException extends Exception { - - private static final long serialVersionUID = -7720066381435378111L; - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/AttributeProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/AttributeProvider.java deleted file mode 100644 index aaf13a779..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/AttributeProvider.java +++ /dev/null @@ -1,139 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2.attributeproviders; - -import java.util.ArrayList; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; -import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; -import at.gv.egovernment.moa.id.protocols.stork2.UnsupportedAttributeException; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; - -/** - * An {@link AttributeProvider} can fetch a set of stork attributes. It might complete the query within one method call, - * but might also need to redirect to another webservice to accomplish its task. - */ -public abstract class AttributeProvider implements Comparable<AttributeProvider>{ - - protected String attributes; - - public AttributeProvider(String attributes){ - this.attributes = attributes; - } - - /** - * Acquire the specified attribute. Returns {@code null} when attribute retrieval is in progress, but requires for - * for redirecting the user to an external service. Use {@link AttributeProvider#parse(HttpServletRequest)} to parse - * the response. - * - * @param currentProviderConfiguredAttributes the list of attributes to be acquired - * @param moastorkRequest the sp county code - * @param authData the moasession - * @return the personal attribute - * @throws UnsupportedAttributeException the unsupported attribute exception - * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done - * @throws MOAIDException the mOAID exception - */ - protected abstract IPersonalAttributeList acquire(PersonalAttribute currentProviderConfiguredAttributes, MOASTORKRequest moastorkRequest, IAuthData authData) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException; - - public IPersonalAttributeList acquire(List<PersonalAttribute> attributes, MOASTORKRequest moastorkRequest, IAuthData authData) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { - if (attributes.size() == 1) { - return acquire(attributes.get(0), moastorkRequest, authData); - } else { - throw new MOAIDException("stork.13", new Object[] { }); // TODO message only one attribute supported by this provider - - } - } - - /** - * Perform redirect. - * - * @param url the return URL ending with ?artifactId=... - * @param req the request we got from the S-PEPS and for which we have to ask our APs - * @param resp the response to the preceding request - * @param oaParam the oa param - * @throws MOAIDException the mOAID exception - */ - public abstract void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; - - /** - * Parses the response we got from the external attribute provider. - * - * @param httpReq the http req - * @return a list of attributes - * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq - * @throws MOAIDException if something went wrong - */ - public abstract IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; - - /** - * Returns the list of supported attributes - * - * @return a list of attributes - * @throws MOAIDException if something went wrong - */ - public List<String> getSupportedAttributeNames() throws MOAIDException { - ArrayList<String> supportedAttributeNames = new ArrayList<String>(); - for (String attributeName : this.attributes.split(",")) { - supportedAttributeNames.add(attributeName); - } - return supportedAttributeNames; - } - - - /** - * Returns the sequence priority of this attribute provider. - * Providers with small numbers are requested first. - * - * @return a sequence priority of this provider - */ - public abstract int getPriority(); - - /** - * Compare the sequence priority of two attribute providers - * @param o attribute provider - * @return 0 if priority is equal - * @return -1 if priority if this is higher then from o - * @return +1 if priority if o is higher then from this - */ - @Override - public int compareTo(AttributeProvider o) { - if (this.getPriority() == o.getPriority()) - return 0; - - if (this.getPriority() < o.getPriority()) - return -1; - - else - return +1; - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttributeProviderPlugin.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttributeProviderPlugin.java deleted file mode 100644 index bd1576020..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/EHvdAttributeProviderPlugin.java +++ /dev/null @@ -1,254 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2.attributeproviders; - -import java.io.StringWriter; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.Marshaller; -import javax.xml.soap.MessageFactory; -import javax.xml.soap.SOAPBody; -import javax.xml.soap.SOAPConnection; -import javax.xml.soap.SOAPConnectionFactory; -import javax.xml.soap.SOAPElement; -import javax.xml.soap.SOAPEnvelope; -import javax.xml.soap.SOAPMessage; -import javax.xml.soap.SOAPPart; - -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; -import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; -import at.gv.egovernment.moa.id.protocols.stork2.UnsupportedAttributeException; -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.IsHealthCareProfessionalType; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.ObjectFactory; - -/** - * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service - */ -public class EHvdAttributeProviderPlugin extends AttributeProvider { - - /** The destination. */ - private Object destination; - - /** - * Instantiates a new e hvd attribute provider plugin. - * - * @param url the service url - * @param supportedAttributes - */ - public EHvdAttributeProviderPlugin(String url, String supportedAttributes) { - super(supportedAttributes); - destination = url; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) - */ - @Override - protected IPersonalAttributeList acquire(PersonalAttribute attribute, MOASTORKRequest moastorkRequest, IAuthData authData) - throws UnsupportedAttributeException, - ExternalAttributeRequestRequiredException, MOAIDException { - - // break when we cannot handle the requested attribute - if(!attributes.contains(attribute.getName())) - throw new UnsupportedAttributeException(); - - try { - Logger.debug("initializing SOAP connections..."); - // create SOAP connection - SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection(); - - // assemble SOAP request - MessageFactory messageFactory = MessageFactory.newInstance(); - SOAPMessage requestMessage = messageFactory.createMessage(); - SOAPPart requestPart = requestMessage.getSOAPPart(); - - // (soap 1.1 relevant part. could not find a solution to use soap 1.2 in time. - requestMessage.getMimeHeaders().setHeader("SOAPAction", "http://gesundheit.gv.at/BAGDAD/DataAccessService/IsHealthcareProfessional"); - - /* - Construct SOAP Request Message: - <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> - <soap:Body> - <IsHealthcareProfessional xmlns="http://gesundheit.gv.at/BAGDAD/DataAccessService"> - <bPK>string</bPK> - </IsHealthcareProfessional> - </soap:Body> - </soap:Envelope> - - see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional - */ - - // SOAP Envelope - SOAPEnvelope envelope = requestPart.getEnvelope(); - - // SOAP Body - SOAPBody requestBody = envelope.getBody(); - SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional"); - requestBodyElem.addAttribute(envelope.createName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService"); - - SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK"); - - //TODO: CHECK: IdentificationValue containts wbPK if MOA-ID is used as VIDP - requestBodyElem1.addTextNode(new BPKBuilder().buildBPK(authData.getIdentificationValue(), "GH")); - - requestMessage.saveChanges(); - - // perform SOAP call - Logger.debug("call..."); - SOAPMessage responseMessage = soapConnection.call(requestMessage, destination); - - // parse SOAP response - - /* - <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> - <soap:Body> - <IsHealthcareProfessionalResponse xmlns="http://gesundheit.gv.at/BAGDAD/DataAccessService"> - <IsHealthcareProfessionalResult> - <RequestOK>boolean</RequestOK> - <Message>string</Message> - <IsHealthcareProfessional>boolean</IsHealthcareProfessional> - <NameOfOrganisation>string</NameOfOrganisation> - <Type>string</Type> - <Specialization>string</Specialization> - </IsHealthcareProfessionalResult> - </IsHealthcareProfessionalResponse> - </soap:Body> - </soap:Envelope> - - see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional - */ - Logger.debug("call successful. Parse..."); - SOAPBody responseBody = responseMessage.getSOAPBody(); - - // iterate through tree - SOAPElement responseElement = (SOAPElement) responseBody.getChildElements().next(); - SOAPElement resultElement = (SOAPElement) responseElement.getChildElements().next(); - - // collect all info in a map - Iterator<?> it = resultElement.getChildElements(); - Map<String, String> collection = new HashMap<String, String>(); - while (it.hasNext()) { - SOAPElement current = (SOAPElement) it.next(); - - collection.put(current.getNodeName(), current.getTextContent()); - } - - // check if there is anything valid in the map - if (collection.isEmpty() || collection.size() != 6) { - Logger.warn("eHVD returned an unexpected count of values. Expected 6 got " + collection.size()); - throw new IndexOutOfBoundsException("response attributes not like specified"); - } - - // - fetch request validity - if (collection.get("RequestOK").equals("false")) { - Logger.warn("eHVD reported an invalid request. The error message is: " + collection.get("Message")); - throw new Exception("eHVD reported an invalid request"); - } - - PersonalAttribute acquiredAttribute = null; - - if (collection.get("IsHealthcareProfessional").equals("false") || !collection.get("Type").equals("Medical doctor")) { - // the citizen is no HCP - acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList<String>(), AttributeStatusType.NOT_AVAILABLE.value()); - } else { - // go on and parse the data - IsHealthCareProfessionalType result = new IsHealthCareProfessionalType(); - - // TODO: we do not have any list of possible values yet. Fix as soon as we get some. -// if (collection.get("Type").equals("Medical doctor")) - result.setTypeOfHCP("physician"); - - result.setNameOfOrganisation(collection.get("NameOfOrganisation")); - //result.setTypeOfOrganisation("Unknown"); // TODO used in previous version, check what to do with this - - result.setAQAA(4); - - final Marshaller m = JAXBContext.newInstance(IsHealthCareProfessionalType.class).createMarshaller(); - m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); - - StringWriter stringWriter = new StringWriter(); - m.marshal(new ObjectFactory().createIsHealthCareProfessional(result), stringWriter); - - ArrayList<String> value = new ArrayList<String>(); - value.add(stringWriter.toString()); - - acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, AttributeStatusType.AVAILABLE.value()); - } - - // pack and return the result - PersonalAttributeList result = new PersonalAttributeList(); - result.add(acquiredAttribute); - - // add stork id for verification - ArrayList<String> value = new ArrayList<String>(); - value.add(new BPKBuilder().buildStorkeIdentifier(authData.getIdentityLink(), moastorkRequest.getSpCountry())); - result.add(new PersonalAttribute("eIdentifier", false, value, AttributeStatusType.AVAILABLE.value())); - - return result; - } catch (Exception e) { - throw new MOAIDException("stork.13", new Object[] { e }); - } - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) - */ - public void performRedirect(String url, - HttpServletRequest req, HttpServletResponse resp, - OAAuthParameter oaParam) throws MOAIDException { - // there is no redirect required - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) - */ - public IPersonalAttributeList parse(HttpServletRequest httpReq) - throws UnsupportedAttributeException, MOAIDException { - // there is no redirect required, so we throw an exception when someone asks us to parse a response - throw new UnsupportedAttributeException(); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#getPriority() - */ - @Override - public int getPriority() { - return 99; - } - -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java deleted file mode 100644 index f671f0807..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/MandateAttributeRequestProvider.java +++ /dev/null @@ -1,231 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2.attributeproviders; - -import java.io.StringWriter; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; -import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; -import at.gv.egovernment.moa.id.protocols.stork2.UnsupportedAttributeException; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * Provides mandate attribute from MIS - */ -public class MandateAttributeRequestProvider extends AttributeProvider { - /** - * The destination. - */ - private String destination; - - private String spCountryCode; - - private PersonalAttributeList requestedAttributes; - - public MandateAttributeRequestProvider(String aPurl, String supportedAttributes) throws MOAIDException { - super(supportedAttributes); - destination = aPurl; - - } - - public String getAttrProviderName() { - return "MandateAttributeRequestProvider"; - } - - // TODO check if used - @Override - protected IPersonalAttributeList acquire(PersonalAttribute attribute, MOASTORKRequest moastorkRequest, IAuthData authData) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { - Logger.info("Acquiring attribute: " + attribute.getName() + ", by: " + getAttrProviderName()); - this.spCountryCode = moastorkRequest.getSpCountry(); - requestedAttributes = new PersonalAttributeList(1); - requestedAttributes.add(attribute); - - // break if we cannot handle the requested attribute - if (!attributes.contains(attribute.getName())) { - Logger.info("Attribute " + attribute.getName() + " not supported by the provider: " + getAttrProviderName()); - throw new UnsupportedAttributeException(); - } - - // check if there is eIdentifier included and add if necessary -// if (!requestedAttributes.containsKey("eIdentifier")) { -// PersonalAttribute eIdentifier = new PersonalAttribute(); - // eIdentifier.setName("eIdentifier"); -// eIdentifier.setIsRequired(true); -// requestedAttributes.add(eIdentifier); -// } - - Logger.info("Thrown external request by: " + getAttrProviderName()); - throw new ExternalAttributeRequestRequiredException(this); - } - - @Override - public IPersonalAttributeList acquire(List<PersonalAttribute> attributes, MOASTORKRequest moastorkRequest, IAuthData moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { - Logger.info("Acquiring " + attributes.size() + " attributes, by: " + getAttrProviderName()); - this.spCountryCode = moastorkRequest.getSpCountry(); - requestedAttributes = new PersonalAttributeList(attributes.size()); - - for (PersonalAttribute personalAttribute : attributes) { - // break if we cannot handle the requested attribute - if (!this.attributes.contains(personalAttribute.getName())) { - Logger.info("Attribute " + personalAttribute.getName() + " not supported by the provider: " + getAttrProviderName()); - throw new UnsupportedAttributeException(); - } - requestedAttributes.add(personalAttribute); - } - - // continue with other attribute providers if there are no attributes current provider is able to handle - if (requestedAttributes.size() == 0) { - Logger.info("Attribute(s) " + attributes.toString() + " not supported by the provider: " + getAttrProviderName()); - throw new UnsupportedAttributeException(); - } - - - - Logger.info("Thrown external request by: " + getAttrProviderName()); - throw new ExternalAttributeRequestRequiredException(this); - } - - - - - public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - - String spSector = "Business"; - String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); - String spApplication = spInstitution; - - if ((spCountryCode == null) || (spCountryCode.length()<2)) { - spCountryCode = oaParam.getTarget(); - Logger.info("Setting spcountry target: " + oaParam.getTarget()); - Logger.info("idlink ident " + oaParam.getIdentityLinkDomainIdentifier()); - Logger.info("idlink type " + oaParam.getIdentityLinkDomainIdentifierType()); - Logger.info("Setting spcountry target friendly : " + oaParam.getTargetFriendlyName()); - Logger.info("Oatype : " + oaParam.getOaType()); - Logger.info("puburl : " + oaParam.getPublicURLPrefix()); - if ("STORK".equals(oaParam.getIdentityLinkDomainIdentifierType())) { - - spCountryCode = oaParam.getIdentityLinkDomainIdentifier().substring(oaParam.getIdentityLinkDomainIdentifier().length()-2); - Logger.info("Set to " +spCountryCode); - } - - } - - // TODO ensure that other providers request eidentifier - // check if there is eIdentifier included and add if necessary - if (!requestedAttributes.containsKey("eIdentifier")) { - PersonalAttribute eIdentifier = new PersonalAttribute(); - eIdentifier.setName("eIdentifier"); - eIdentifier.setIsRequired(true); - requestedAttributes.add(eIdentifier); - } - - //generate AttrQueryRequest - STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest(); - attributeRequest.setDestination(destination); - attributeRequest.setAssertionConsumerServiceURL(url); - attributeRequest.setIssuer(HTTPUtils.getBaseURL(req)); - attributeRequest.setQaa(oaParam.getQaaLevel()); - attributeRequest.setSpInstitution(spInstitution); - attributeRequest.setCountry(spCountryCode); - attributeRequest.setSpCountry(spCountryCode); - attributeRequest.setSpApplication(spApplication); - attributeRequest.setSpSector(spSector); - attributeRequest.setPersonalAttributeList(requestedAttributes); - - attributeRequest.setCitizenCountryCode("AT"); - attributeRequest.setQaa(oaParam.getQaaLevel()); - - if (attributeRequest.getQaa() == 0 ) { - attributeRequest.setQaa(4); // workaround - } - - - - Logger.info("STORK AttrRequest successfully assembled."); - - STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP"); - try { - - attributeRequest = samlEngine.generateSTORKAttrQueryRequest(attributeRequest); - } catch (STORKSAMLEngineException e) { - Logger.error("Could not sign STORK SAML AttrRequest.", e); - throw new MOAIDException("stork.00", null); - } - - Logger.info("STORK AttrRequest successfully signed!"); - - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); - VelocityContext context = new VelocityContext(); - context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(attributeRequest.getTokenSaml())); - context.put("action", destination); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); - } catch (Exception e) { - Logger.error("Error sending STORK SAML AttrRequest.", e); - throw new MOAIDException("stork.11", null); - } - Logger.info("STORK AttrRequest successfully rendered!"); - - } - - public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { - return null; // - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#getPriority() - */ - @Override - public int getPriority() { - return 99; - } -} - diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java deleted file mode 100644 index 7f06c604b..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.protocols.stork2.attributeproviders; - -import java.io.StringWriter; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; -import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; -import at.gv.egovernment.moa.id.protocols.stork2.UnsupportedAttributeException; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * @author tlenz - * - */ -public class PVPAuthenticationProvider extends AttributeProvider { - - private String destination = null; - private MOASTORKRequest moastorkRequest = null; - - /** - * @param attributes - * @param attributes2 - */ - public PVPAuthenticationProvider(String url, String attributes) { - super(attributes); - this.destination = url; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute, java.lang.String, at.gv.egovernment.moa.id.data.IAuthData) - */ - @Override - protected IPersonalAttributeList acquire(PersonalAttribute attribute, - MOASTORKRequest moastorkRequest, IAuthData authData) - throws UnsupportedAttributeException, - ExternalAttributeRequestRequiredException, MOAIDException { - - this.moastorkRequest = moastorkRequest; - // break if we cannot handle the requested attribute - if (!getSupportedAttributeNames().contains(attribute.getName())) { - Logger.info("Attribute " + attribute.getName() + " not supported by the provider: " + getAttrProviderName()); - throw new UnsupportedAttributeException(); - - } - - Logger.info("Thrown external request by: " + getAttrProviderName()); - throw new ExternalAttributeRequestRequiredException(this); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#performRedirect(java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) - */ - @Override - public void performRedirect(String url, HttpServletRequest req, - HttpServletResponse resp, OAAuthParameter oaParam) - throws MOAIDException { - - String spSector = "Business"; - String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); - String spApplication = spInstitution; - String spCountryCode = moastorkRequest.getSpCountry(); - - if ((spCountryCode == null) || (spCountryCode.length()<2)) { - spCountryCode = oaParam.getTarget(); - Logger.info("Setting spcountry target: " + oaParam.getTarget()); - Logger.info("idlink ident " + oaParam.getIdentityLinkDomainIdentifier()); - Logger.info("idlink type " + oaParam.getIdentityLinkDomainIdentifierType()); - Logger.info("Setting spcountry target friendly : " + oaParam.getTargetFriendlyName()); - Logger.info("Oatype : " + oaParam.getOaType()); - Logger.info("puburl : " + oaParam.getPublicURLPrefix()); - if ("STORK".equals(oaParam.getIdentityLinkDomainIdentifierType())) { - - spCountryCode = oaParam.getIdentityLinkDomainIdentifier().substring(oaParam.getIdentityLinkDomainIdentifier().length()-2); - Logger.info("Set to " +spCountryCode); - } - - } - - //generate AttrQueryRequest - STORKAuthnRequest authRequest = new STORKAuthnRequest(); - authRequest.setDestination(destination); - authRequest.setAssertionConsumerServiceURL(url); - authRequest.setIssuer(HTTPUtils.getBaseURL(req)); - authRequest.setQaa(oaParam.getQaaLevel()); - authRequest.setSpInstitution(spInstitution); - authRequest.setCountry(spCountryCode); - authRequest.setSpCountry(spCountryCode); - authRequest.setSpApplication(spApplication); - authRequest.setProviderName(spApplication); - authRequest.setSpSector(spSector); - authRequest.setPersonalAttributeList(moastorkRequest.getPersonalAttributeList()); - - authRequest.setCitizenCountryCode("AT"); - //authRequest.setQaa(oaParam.getQaaLevel()); - authRequest.setQaa(moastorkRequest.getStorkAuthnRequest().getQaa()); - - - - - Logger.info("STORK AttrRequest successfully assembled."); - - STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP"); - try { - - authRequest = samlEngine.generateSTORKAuthnRequest(authRequest); - } catch (STORKSAMLEngineException e) { - Logger.error("Could not sign STORK SAML AttrRequest.", e); - throw new MOAIDException("stork.00", null); - } - - Logger.info("STORK AttrRequest successfully signed!"); - - //validate AuthnRequest - try { - samlEngine.validateSTORKAuthnRequest(authRequest.getTokenSaml()); - } catch (STORKSAMLEngineException e) { - Logger.error("STORK SAML AuthnRequest not valid.", e); - throw new MOAIDException("stork.01", null); - } - - Logger.debug("STORK AuthnRequest successfully internally validated."); - - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); - VelocityContext context = new VelocityContext(); - context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authRequest.getTokenSaml())); - context.put("action", destination); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); - - } catch (Exception e) { - Logger.error("Error sending STORK SAML AttrRequest.", e); - throw new MOAIDException("stork.11", null); - - } - Logger.info("STORK AttrRequest successfully rendered!"); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) - */ - @Override - public IPersonalAttributeList parse(HttpServletRequest httpReq) - throws UnsupportedAttributeException, MOAIDException { - - throw new UnsupportedAttributeException(); - -// Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request"); -// //extract STORK Response from HTTP Request -// //Decodes SAML Response -// byte[] decSamlToken; -// try { -// decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); -// } catch(NullPointerException e) { -// throw new UnsupportedAttributeException(); -// } -// -// //Get SAMLEngine instance -// STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); -// -// STORKAuthnResponse authnResponse = null; -// try { -// //validate SAML Token -// Logger.debug("Starting validation of SAML response"); -// authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) httpReq.getRemoteHost()); -// Logger.info("SAML response successfully verified!"); -// -// }catch(STORKSAMLEngineException e){ -// Logger.error("Failed to verify STORK SAML Response", e); -// throw new MOAIDException("stork.05", null); -// } -// -// return authnResponse.getPersonalAttributeList(); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#getPriority() - */ - @Override - public int getPriority() { - return 1; - } - - public String getAttrProviderName() { - return this.getClass().getName(); - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java deleted file mode 100644 index def89d0d9..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java +++ /dev/null @@ -1,688 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2.attributeproviders; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; -import java.net.URL; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; - -import javax.activation.DataSource; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.namespace.QName; -import javax.xml.transform.Source; -import javax.xml.transform.stream.StreamSource; -import javax.xml.ws.Service; -import javax.xml.ws.soap.SOAPBinding; -import javax.xml.ws.BindingProvider; - -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.NotImplementedException; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; -import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; -import at.gv.egovernment.moa.id.protocols.stork2.UnsupportedAttributeException; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Base64Utils; -import eu.stork.oasisdss.api.ApiUtils; -import eu.stork.oasisdss.api.LightweightSourceResolver; -import eu.stork.oasisdss.api.ResultMajor; -import eu.stork.oasisdss.api.exceptions.ApiUtilsException; -import eu.stork.oasisdss.profile.AnyType; -import eu.stork.oasisdss.profile.Base64Data; -import eu.stork.oasisdss.profile.DocumentType; -import eu.stork.oasisdss.profile.DocumentWithSignature; -import eu.stork.oasisdss.profile.IncludeObject; -import eu.stork.oasisdss.profile.SignRequest; -import eu.stork.oasisdss.profile.SignResponse; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.documentservice.DocumentService; -/** - * Forwards a signedDoc attribute request to the oasis-dss service instance - */ -public class SignedDocAttributeRequestProvider extends AttributeProvider { - - private String dtlUrl = null; - private PersonalAttribute requestedAttribute; - - /** - * The URL of the service listening for the oasis dss webform post request - */ - private String oasisDssWebFormURL; - - /** - * Instantiates a new signed doc attribute request provider. - * - * @param oasisDssWebFormURL - * the AP location - * @param attributes - */ - public SignedDocAttributeRequestProvider(String oasisDssWebFormURL, String attributes) { - super(attributes); - this.oasisDssWebFormURL = oasisDssWebFormURL; - - try { - AuthConfiguration authConfigurationProvider = AuthConfigurationProviderFactory.getInstance(); - dtlUrl = authConfigurationProvider.getDocumentServiceUrl(); - Logger.info ("SignedDocAttributeRequestProvider, using dtlUrl:"+dtlUrl); - } catch (Exception e) { - dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService"; - e.printStackTrace(); - Logger.error("Loading documentservice url failed, using default value:"+dtlUrl); - } - -// Properties props = new Properties(); -// try { -// props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); -// dtlUrl = props.getProperty("docservice.url"); -// } catch (IOException e) { -// dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService"; -// Logger.error("Loading DTL config failed, using default value:"+dtlUrl); -// e.printStackTrace(); -// } - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java - * .lang.String) - */ - @Override - protected IPersonalAttributeList acquire(PersonalAttribute attribute, MOASTORKRequest moastorkRequest, IAuthData authData) throws UnsupportedAttributeException, - ExternalAttributeRequestRequiredException { - if(!attributes.contains(attribute.getName())) { - throw new UnsupportedAttributeException(); - } - - requestedAttribute = attribute; - try - { - String tmp = requestedAttribute.getValue().get(0); - }catch(Exception e) - { - Logger.info("SignedDocAttributeProvide failed:"+e.toString()); - throw new UnsupportedAttributeException(); - } - - throw new ExternalAttributeRequestRequiredException(this); - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax - * .servlet.http.HttpServletRequest) - */ - public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { - Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request"); - - try { - String base64 = httpReq.getParameter("signresponse"); - Logger.debug("signresponse url: " + httpReq.getRequestURI().toString()); - Logger.debug("signresponse querystring: " + httpReq.getQueryString()); - Logger.debug("signresponse method: " + httpReq.getMethod()); - Logger.debug("signresponse content type: " + httpReq.getContentType()); - Logger.debug("signresponse parameter:"+base64); - String signResponseString = new String(Base64Utils.decode(base64, false), "UTF8"); - Logger.debug("RECEIVED signresponse:"+signResponseString); - //create SignResponse object - Source response = new StreamSource(new java.io.StringReader(signResponseString)); - SignResponse signResponse = ApiUtils.unmarshal(response, SignResponse.class); - //Check if Signing was successfully or not - - if(!signResponse.getResult().getResultMajor().equals(ResultMajor.RESULT_MAJOR_SUCCESS)) - { - //Pass unmodifed or unmarshal & marshal?? - InputStream istr = ApiUtils.marshalToInputStream(signResponse); - StringWriter writer = new StringWriter(); - IOUtils.copy(istr, writer, "UTF-8"); - signResponseString = writer.toString(); - Logger.info("SignResponse with error (unmodified):"+signResponseString); - istr.close(); - } - else - { - //extract doc from signresponse - DataSource dataSource = LightweightSourceResolver.getDataSource(signResponse); - - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - IOUtils.copy(dataSource.getInputStream(), baos); - byte[] data = baos.toByteArray(); - baos.close(); - - //update doc in DTL - String docId, dssId = ""; - docId = signResponse.getDocUI(); - //For reference dssId equals docId - dssId = docId; - if (dssId != null && data!=null) - { - boolean success = false; - try{ - success = updateDocumentInDtl(data, docId, signResponseString); - }catch(Exception e){//No document service used? - Logger.info("No document service used?"); - e.printStackTrace(); - success = false; - } - if(success) - { - // set the url in the SignResponse - DocumentWithSignature documentWithSignature = new DocumentWithSignature(); - DocumentType value = new DocumentType(); - if(dtlUrl.endsWith("?wsdl")) - { - String tmp = dtlUrl.replace("?wsdl", ""); - Logger.debug("DocumentUrl ends with ? wsdl, using "+tmp+" instead."); - value.setDocumentURL(tmp); - } - else - { - value.setDocumentURL(dtlUrl); - } - documentWithSignature.setDocument(value); - if(signResponse.getOptionalOutputs()!=null) - { - //signResponse.getOptionalOutputs().getAny().add(documentWithSignature); - for(Object o :signResponse.getOptionalOutputs().getAny()) - { - if(o instanceof DocumentWithSignature) - { - signResponse.getOptionalOutputs().getAny().remove(o); - signResponse.getOptionalOutputs().getAny().add(documentWithSignature); - break; - } - } - } - else - { - AnyType anytype = new AnyType(); - anytype.getAny().add(documentWithSignature); - signResponse.setOptionalOutputs(anytype ); - } - - // System.out.println("overwriting:"+signResponse.getResult().getResultMessage()+" with DTL url:"+dtlUrl); - InputStream istr = ApiUtils.marshalToInputStream(signResponse); - StringWriter writer = new StringWriter(); - IOUtils.copy(istr, writer, "UTF-8"); - signResponseString = writer.toString(); - Logger.info("SignResponse overwritten:"+signResponseString); - istr.close(); - } - else - { - //No document service used? - // do nothing.... - //TODO temporary fix because document is deleted after fetching => SP can't download Doc - //Add doc to Signresponse - - DocumentWithSignature documentWithSignature = new DocumentWithSignature(); - DocumentType value = new DocumentType(); - if(signResponse.getProfile().toLowerCase().contains("xades")) - { - value.setBase64XML(data); - } - else - { - Base64Data base64data = new Base64Data(); - base64data.setValue(data); - base64data.setMimeType(dataSource.getContentType()); - value.setBase64Data(base64data); - } - documentWithSignature.setDocument(value); - if(signResponse.getOptionalOutputs()!=null) - { - //signResponse.getOptionalOutputs().getAny().add(documentWithSignature); - for(Object o :signResponse.getOptionalOutputs().getAny()) - { - if(o instanceof DocumentWithSignature) - { - signResponse.getOptionalOutputs().getAny().remove(o); - signResponse.getOptionalOutputs().getAny().add(documentWithSignature); - break; - } - } - } - else - { - AnyType anytype = new AnyType(); - anytype.getAny().add(documentWithSignature); - signResponse.setOptionalOutputs(anytype ); - } - - // System.out.println("overwriting:"+signResponse.getResult().getResultMessage()+" with DTL url:"+dtlUrl); - InputStream istr = ApiUtils.marshalToInputStream(signResponse); - StringWriter writer = new StringWriter(); - IOUtils.copy(istr, writer, "UTF-8"); - signResponseString = writer.toString(); - Logger.info("SignResponse overwritten:"+signResponseString); - istr.close(); - } - } - else - throw new Exception("No DSS id found."); - } - - //alter signresponse - //done - List<String> values = new ArrayList<String>(); - values.add(signResponseString); - - Logger.debug("Assembling signedDoc attribute"); - PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, - AttributeStatusType.AVAILABLE.value()); - - // pack and return the result - PersonalAttributeList result = new PersonalAttributeList(); - result.add(signedDocAttribute); - return result; - } catch (UnsupportedEncodingException e) { - Logger.error("Failed to assemble signedDoc attribute"); - throw new MOAIDException("stork.05", null); - } catch (ApiUtilsException e) { - e.printStackTrace(); - Logger.error("Failed to assemble signedDoc attribute"); - throw new MOAIDException("stork.05", null); - } catch (IOException e) { - e.printStackTrace(); - Logger.error("Failed to assemble signedDoc attribute"); - throw new MOAIDException("stork.05", null); - } catch (Exception e) { - e.printStackTrace(); - Logger.error("Failed to assemble signedDoc attribute"); - //throw new MOAIDException("stork.05", null); - throw new UnsupportedAttributeException(); - } - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect - * (java.lang.String) - */ - public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) - throws MOAIDException { - - try { - Logger.trace("Initialize VelocityEngine..."); - Logger.info("performRedirect url:"+url); - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/oasis_dss_webform_binding.vm"); - VelocityContext context = new VelocityContext(); - - //Parse SignRequest - String signRequestString = requestedAttribute.getValue().get(0); - Logger.debug("performRedirect, signrequest:"+signRequestString); - Source signDoc = new StreamSource(new java.io.StringReader(signRequestString)); - SignRequest signRequest = ApiUtils.unmarshal(signDoc, SignRequest.class); - try{ - //search for DTL link - String dtlURL = getDtlUrlFromRequest(signRequest); - String docId = signRequest.getDocUI(); - - if(dtlURL!=null) - { - String docRequest = getDocTransferRequest(docId, dtlURL);//dtlUrl - - byte[] data = getDocumentFromDtl(docRequest, dtlURL);//dtlUrl - - //load doc from DTL - Logger.debug("data:"+data+" "+data.length); - try{ - Logger.trace("data:"+new String(data,"UTF-8")); - }catch(Exception e) - { - Logger.trace("data: creating String failed:"+e); - } - String mime = getDocumentMimeFromDtl(docId, dtlURL);//dtlUrl - Logger.debug("mime:"+mime); - - //add doc as base64* to signrequest => post doc to oasis - try{ - List<IncludeObject> includeObjects = ApiUtils.findNamedElement( - signRequest.getOptionalInputs(), "IncludeObject", - IncludeObject.class); - signRequest.getOptionalInputs().getAny().removeAll(includeObjects); - - String documentId = null; - Object objDoc = signRequest.getInputDocuments().getDocumentOrTransformedDataOrDocumentHash().get(0); - if (objDoc != null && objDoc instanceof DocumentType) - { - DocumentType document = (DocumentType)objDoc; - documentId = document.getID(); - } - DocumentType document = new DocumentType(); - if(documentId != null) - document.setID(documentId); - if(signRequest.getProfile().toLowerCase().contains("xades")) - { - document.setBase64XML(data); - } - else - { - Base64Data b64data = new Base64Data(); - b64data.setValue(data); - b64data.setMimeType(mime); - document.setBase64Data(b64data); - } - - signRequest.setInputDocuments(ApiUtils.createInputDocuments(document)); - //override old signRequestString - - InputStream istr = ApiUtils.marshalToInputStream(signRequest); - StringWriter writer = new StringWriter(); - IOUtils.copy(istr, writer, "UTF-8"); - signRequestString = writer.toString(); - Logger.info("Signrequest overwritten"); - Logger.debug("Signrequest overwritten:"+signRequestString); - istr.close(); - } catch (Exception e) { - e.printStackTrace(); - throw new Exception("Could not marshall sign request", e); - } - } - else//Do not modify signRequest, document is already included - { - - } - }catch(Exception e) - { - Logger.info("No documentservice used?"); - e.printStackTrace(); - } - - context.put("signrequest", Base64Utils.encode(signRequestString.getBytes("UTF8"))); - context.put("clienturl", url); - context.put("action", oasisDssWebFormURL); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); - } catch (Exception e) { - Logger.error("Error sending DSS signrequest.", e); - throw new MOAIDException("stork.11", null); - } - } - - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#getSupportedAttributeNames() - */ - @Override - public List<String> getSupportedAttributeNames() throws MOAIDException { - ArrayList<String> supportedAttributeNames = new ArrayList<String>(); - for (String attributeName : this.attributes.split(",")) { - supportedAttributeNames.add(attributeName); - } - return supportedAttributeNames; - } - - - //From DTLPEPSUTIL - - /** - * Get DTL uril from the oasis sign request - * @param signRequest The signature request - * @return The URL of DTL service - * @throws SimpleException - */ - private String getDtlUrlFromRequest(SignRequest signRequest) throws Exception - { - if (signRequest == null) - throw new Exception("Signature request is empty"); - else - { - try - { - Object objDoc = signRequest.getInputDocuments().getDocumentOrTransformedDataOrDocumentHash().get(0); - if (objDoc instanceof DocumentType) - { - DocumentType document = (DocumentType)objDoc; - if (document.getDocumentURL() != null) - return document.getDocumentURL(); - else - return null;//throw new Exception("No document url found"); - } - else - throw new Exception("No input document found"); - } - catch (Exception ex) - { - throw new Exception("Unable to parse xml.", ex); - } - } - } - - /** - * Get document from DTL - * @param transferRequest The transfer request (attribute query) - * @param eDtlUrl The DTL url of external DTL - * @return the document data - * @throws SimpleException - */ - private byte[] getDocumentFromDtl(String transferRequest, String eDtlUrl) throws Exception - { - URL url = null; - try - { - Logger.debug("getDocumentFromDtl:"+dtlUrl); - url = new URL(dtlUrl); - QName qname = new QName("http://stork.eu", - "DocumentService"); - - Service service = Service.create(url, qname); - DocumentService docservice = service.getPort(DocumentService.class); - - BindingProvider bp = (BindingProvider) docservice; - SOAPBinding binding = (SOAPBinding) bp.getBinding(); - binding.setMTOMEnabled(true); - - if (eDtlUrl.equalsIgnoreCase(dtlUrl)) - return docservice.getDocument(transferRequest, ""); - else - return docservice.getDocument(transferRequest, eDtlUrl); - } - catch (Exception e) - { - e.printStackTrace(); - throw new Exception("Error in getDocumentFromDtl", e); - } - } - - /** - * Get a document transfer request (attribute query) - * @param docId - * @return - * @throws SimpleException - */ - private String getDocTransferRequest(String docId, String destinationUrl) throws Exception - { - String spCountry = docId.substring(0, docId.indexOf("/")); - final STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - STORKAttrQueryRequest req = new STORKAttrQueryRequest(); - req.setAssertionConsumerServiceURL(dtlUrl); - req.setDestination(destinationUrl); - req.setSpCountry(spCountry); - req.setQaa(3);//TODO - PersonalAttributeList pal = new PersonalAttributeList(); - PersonalAttribute attr = new PersonalAttribute(); - attr.setName("docRequest"); - attr.setIsRequired(true); - attr.setValue(Arrays.asList(docId)); - pal.add(attr); - req.setPersonalAttributeList(pal); - - STORKAttrQueryRequest req1; - try { - req1 = engine.generateSTORKAttrQueryRequest(req); - return PEPSUtil.encodeSAMLTokenUrlSafe(req1.getTokenSaml()); - } catch (STORKSAMLEngineException e) { - e.printStackTrace(); - throw new Exception("Error in doc request attribute query generation", e); - } - } - - /** - * Get mime type of document from DTL - * @param docId The document id - * @param dtlUrl The url of dtl - * @return The mime type - */ - private String getDocumentMimeFromDtl(String docId, String eDtlUrl) throws Exception - { - URL url = null; - try - { - url = new URL(dtlUrl); - QName qname = new QName("http://stork.eu", - "DocumentService"); - - Service service = Service.create(url, qname); - DocumentService docservice = service.getPort(DocumentService.class); - - BindingProvider bp = (BindingProvider) docservice; - SOAPBinding binding = (SOAPBinding) bp.getBinding(); - binding.setMTOMEnabled(true); - - if (eDtlUrl.equalsIgnoreCase(dtlUrl)) - return docservice.getDocumentMime(docId, ""); - else - return docservice.getDocumentMime(docId, eDtlUrl); - } - catch (Exception e) - { - e.printStackTrace(); - throw new Exception("Error in getDocumentFromDtl", e); - } - } - - /** - * Add document to DTL service - * @param docData the document data - * @param mime the mime type of data - * @param signRequest the sign request - * @return the document id - * @throws SimpleException - */ - private String addDocumentToDtl(byte[] docData, String mime, String signRequest, String destCountry, String spId) throws Exception - { - throw new NotImplementedException(); -// URL url = null; -// String docID = null; -// try -// { -// url = new URL(dtlUrl); -// QName qname = new QName("http://stork.eu", -// "DocumentService"); -// -// Service service = Service.create(url, qname); -// DocumentService docservice = service.getPort(DocumentService.class); -// -// BindingProvider bp = (BindingProvider) docservice; -// SOAPBinding binding = (SOAPBinding) bp.getBinding(); -// binding.setMTOMEnabled(true); -// -// docID = docservice.addDocument(docData, signRequest, destCountry, spId, mime, ""); -// } -// catch (Exception e) -// { -// e.printStackTrace(); -// throw new Exception("Error in addDocumentToDtl", e); -// } -// -// return docID; - } - - /** - * Update document in DTL - * @param docData The docment data - * @param docId The document ID - * @param signResponse The signature response - * @return True if successful - * @throws SimpleException - */ - private boolean updateDocumentInDtl(byte[] docData, String docId, String signResponse) throws Exception - { - boolean success = false; - URL url = null; - try - { - url = new URL(dtlUrl); - QName qname = new QName("http://stork.eu", - "DocumentService"); - - Service service = Service.create(url, qname); - DocumentService docservice = service.getPort(DocumentService.class); - - BindingProvider bp = (BindingProvider) docservice; - SOAPBinding binding = (SOAPBinding) bp.getBinding(); - binding.setMTOMEnabled(true); - - success = docservice.updateDocument(docId, signResponse, docData); - } - catch (Exception e) - { - e.printStackTrace(); - throw new Exception("Error in updateDocumentInDtl", e); - } - - return success; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#getPriority() - */ - @Override - public int getPriority() { - return 99; - } -} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java deleted file mode 100644 index 5ee0e380e..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/StorkAttributeRequestProvider.java +++ /dev/null @@ -1,193 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.protocols.stork2.attributeproviders; - -import java.io.StringWriter; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; -import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; -import at.gv.egovernment.moa.id.protocols.stork2.UnsupportedAttributeException; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * creates a STORK attribute request for a configurable set of attributes - */ -public class StorkAttributeRequestProvider extends AttributeProvider { - - private PersonalAttributeList requestedAttributes; - - /** The destination. */ - private String destination; - - /** The sp country code. */ - private String spCountryCode; - - /** - * Instantiates a new stork attribute request provider. - * - * @param apUrl the AP location - * @param supportedAttributes the supported attributes as csv - */ - public StorkAttributeRequestProvider(String apUrl, String supportedAttributes) { - super(supportedAttributes); - destination = apUrl; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) - */ - @Override - protected IPersonalAttributeList acquire(PersonalAttribute attribute, MOASTORKRequest moastorkRequest, IAuthData authData) - throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { - - if (!attributes.contains(attribute.getName())) - throw new UnsupportedAttributeException(); - - this.spCountryCode = moastorkRequest.getSpCountry(); - - requestedAttributes = new PersonalAttributeList(1); - requestedAttributes.add(attribute); - throw new ExternalAttributeRequestRequiredException(this); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) - */ - public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { - - Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request"); - - //extract STORK Response from HTTP Request - //Decodes SAML Response - byte[] decSamlToken; - try { - decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); - } catch(NullPointerException e) { - throw new UnsupportedAttributeException(); - } - - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - - STORKAttrQueryResponse attrResponse = null; - try { - //validate SAML Token - Logger.debug("Starting validation of SAML response"); - attrResponse = engine.validateSTORKAttrQueryResponse(decSamlToken, (String) httpReq.getRemoteHost()); - Logger.info("SAML response successfully verified!"); - }catch(STORKSAMLEngineException e){ - Logger.error("Failed to verify STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - return attrResponse.getPersonalAttributeList(); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) - */ - public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - - String spSector = "Business"; - String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); - String spApplication = spInstitution; - - //generate AuthnRquest - STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest(); - attributeRequest.setDestination(destination); - attributeRequest.setAssertionConsumerServiceURL(url); - attributeRequest.setIssuer(HTTPUtils.getBaseURL(req)); - attributeRequest.setQaa(oaParam.getQaaLevel()); - attributeRequest.setSpInstitution(spInstitution); - attributeRequest.setCountry(spCountryCode); - attributeRequest.setSpCountry(spCountryCode); - attributeRequest.setSpApplication(spApplication); - attributeRequest.setSpSector(spSector); - attributeRequest.setPersonalAttributeList(requestedAttributes); - - attributeRequest.setCitizenCountryCode("AT"); - - - Logger.debug("STORK AttrRequest successfully assembled."); - - STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP"); - try { - attributeRequest = samlEngine.generateSTORKAttrQueryRequest(attributeRequest); - } catch (STORKSAMLEngineException e) { - Logger.error("Could not sign STORK SAML AttrRequest.", e); - throw new MOAIDException("stork.00", null); - } - Logger.info("Using citizen country code: " + attributeRequest.getCitizenCountryCode()); - Logger.info("STORK AttrRequest successfully signed!"); - - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); - VelocityContext context = new VelocityContext(); - context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(attributeRequest.getTokenSaml())); - context.put("action", destination); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); - } catch (Exception e) { - Logger.error("Error sending STORK SAML AttrRequest.", e); - throw new MOAIDException("stork.11", null); - } - Logger.info("STORK AttrRequest successfully rendered!"); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#getPriority() - */ - @Override - public int getPriority() { - return 99; - } - -} - diff --git a/id/server/modules/module-stork/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo b/id/server/modules/module-stork/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo deleted file mode 100644 index 5d7af87d5..000000000 --- a/id/server/modules/module-stork/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.moduls.IModulInfo +++ /dev/null @@ -1 +0,0 @@ -at.gv.egovernment.moa.id.protocols.stork2.STORKProtocol
\ No newline at end of file diff --git a/id/server/modules/module-stork/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder b/id/server/modules/module-stork/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder deleted file mode 100644 index 540802dce..000000000 --- a/id/server/modules/module-stork/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder +++ /dev/null @@ -1,14 +0,0 @@ -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKAdoptedFamilyNameAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKAgeAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKCanonicalResidenceAddressAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKCountryCodeOfBirthAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKFiscalNumberAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKGenderAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKInhertedFamilyNameAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKIsAgeOverAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKMaritalStatusAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKNationalityCodeAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKPseudonymAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKResidencePermitAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKTextResidenceAddressAttributBuilder -at.gv.egovernment.moa.id.protocols.builder.attributes.STORKTitleAttributBuilder
\ No newline at end of file diff --git a/id/server/modules/module-stork/src/main/resources/at/gv/egovernment/moa/id/auth/modules/stork/STORK.authmodule.beans.xml b/id/server/modules/module-stork/src/main/resources/at/gv/egovernment/moa/id/auth/modules/stork/STORK.authmodule.beans.xml deleted file mode 100644 index 2e924bdd0..000000000 --- a/id/server/modules/module-stork/src/main/resources/at/gv/egovernment/moa/id/auth/modules/stork/STORK.authmodule.beans.xml +++ /dev/null @@ -1,14 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:context="http://www.springframework.org/schema/context"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
-
- <context:annotation-config />
-
- <bean id="storkAuthModule" class="at.gv.egovernment.moa.id.auth.modules.stork.STORKAuthModuleImpl">
- <property name="priority" value="0" />
- </bean>
-
-</beans>
diff --git a/id/server/modules/module-stork/src/main/resources/at/gv/egovernment/moa/id/auth/modules/stork/STORKAuthentication.process.xml b/id/server/modules/module-stork/src/main/resources/at/gv/egovernment/moa/id/auth/modules/stork/STORKAuthentication.process.xml deleted file mode 100644 index 60989e638..000000000 --- a/id/server/modules/module-stork/src/main/resources/at/gv/egovernment/moa/id/auth/modules/stork/STORKAuthentication.process.xml +++ /dev/null @@ -1,29 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<pd:ProcessDefinition id="STORKAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
-
-<!--
- STORK authentication both with C-PEPS supporting xml signatures and with C-PEPS not supporting xml signatures.
--->
- <pd:Task id="createStorkAuthRequestForm" class="at.gv.egovernment.moa.id.auth.modules.stork.tasks.CreateStorkAuthRequestFormTask" />
- <pd:Task id="pepsConnector" class="at.gv.egovernment.moa.id.auth.modules.stork.tasks.PepsConnectorTask" async="true" />
- <pd:Task id="pepsConnectorWithoutSignature" class="at.gv.egovernment.moa.id.auth.modules.stork.tasks.PepsConnectorHandleResponseWithoutSignatureTask" async="true" />
- <pd:Task id="pepsConnectorWithLocalSignature" class="at.gv.egovernment.moa.id.auth.modules.stork.tasks.PepsConnectorHandleLocalSignResponseTask" async="true" />
-
- <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->
- <pd:StartEvent id="start" />
-
- <pd:Transition from="start" to="createStorkAuthRequestForm" />
-
- <pd:Transition from="createStorkAuthRequestForm" to="pepsConnector" conditionExpression="ctx['C-PEPS:XMLSignatureSupported']" />
- <pd:Transition from="createStorkAuthRequestForm" to="pepsConnectorWithoutSignature" />
-
- <pd:Transition from="pepsConnector" to="pepsConnector" conditionExpression="!ctx['identityLinkAvailable']" /> <!-- honor strange intermediate step of asking for the subject's gender -->
- <pd:Transition from="pepsConnector" to="end" />
-
- <pd:Transition from="pepsConnectorWithoutSignature" to="pepsConnectorWithLocalSignature" />
- <pd:Transition from="pepsConnectorWithLocalSignature" to="pepsConnectorWithoutSignature" conditionExpression="!ctx['identityLinkAvailable']" /> <!-- honor strange intermediate step of asking for the subject's gender -->
- <pd:Transition from="pepsConnectorWithLocalSignature" to="end" />
-
- <pd:EndEvent id="end" />
-
-</pd:ProcessDefinition>
diff --git a/id/server/modules/module-stork/src/test/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKProcessEngineSignalServletTest.java b/id/server/modules/module-stork/src/test/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKProcessEngineSignalServletTest.java deleted file mode 100644 index ab2d3071f..000000000 --- a/id/server/modules/module-stork/src/test/java/at/gv/egovernment/moa/id/auth/modules/stork/STORKProcessEngineSignalServletTest.java +++ /dev/null @@ -1,27 +0,0 @@ -package at.gv.egovernment.moa.id.auth.modules.stork;
-
-import static org.junit.Assert.*;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.apache.commons.io.IOUtils;
-import org.junit.Test;
-import org.springframework.mock.web.MockHttpServletRequest;
-
-public class STORKProcessEngineSignalServletTest {
-
- @Test
- public void testGetMoaSessionId() throws IOException {
- try (InputStream in = getClass().getResourceAsStream("SAMLResponse.base64")) {
- String samlResponse = IOUtils.toString(in);
-
- MockHttpServletRequest request = new MockHttpServletRequest("GET", "/service/createTransactionId");
- request.addParameter("SAMLResponse", samlResponse);
- assertEquals("_f2358f2f4db445bd1ac75ce415d76a95",
- new STORKProcessEngineSignalServlet().getMoaSessionId(request));
- }
-
- }
-
-}
diff --git a/id/server/modules/module-stork/src/test/resources/at/gv/egovernment/moa/id/auth/modules/stork/SAMLResponse.base64 b/id/server/modules/module-stork/src/test/resources/at/gv/egovernment/moa/id/auth/modules/stork/SAMLResponse.base64 deleted file mode 100644 index e4061a705..000000000 --- a/id/server/modules/module-stork/src/test/resources/at/gv/egovernment/moa/id/auth/modules/stork/SAMLResponse.base64 +++ /dev/null @@ -1 +0,0 @@ -PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnN0b3JrPSJ1cm46ZXU6c3Rvcms6bmFtZXM6dGM6U1RPUks6MS4wOmFzc2VydGlvbiIgeG1sbnM6c3RvcmtwPSJ1cm46ZXU6c3Rvcms6bmFtZXM6dGM6U1RPUks6MS4wOnByb3RvY29sIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIENvbnNlbnQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjb25zZW50Om9idGFpbmVkIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0My9tb2EtaWQtYXV0aC9QRVBTQ29ubmVjdG9yIiBJRD0iXzY0MjUzODBkMjdlNjViY2I3NDc0OGE1ZjFjOWU2Yzk5IiBJblJlc3BvbnNlVG89Il9mMjM1OGYyZjRkYjQ0NWJkMWFjNzVjZTQxNWQ3NmE5NSIgSXNzdWVJbnN0YW50PSIyMDE1LTAyLTIzVDE2OjEzOjA4LjYxMVoiIFZlcnNpb249IjIuMCI+PHNhbWwyOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSI+aHR0cDovL0MtUEVQUy5nb3YueHg8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNfNjQyNTM4MGQyN2U2NWJjYjc0NzQ4YTVmMWM5ZTZjOTkiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxlYzpJbmNsdXNpdmVOYW1lc3BhY2VzIHhtbG5zOmVjPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiIFByZWZpeExpc3Q9InhzIi8+PC9kczpUcmFuc2Zvcm0+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5Ha2czSHZoemNSMjlEdko2U1U5TmI2bUlNb009PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPkJUOVY0SVNWa2kwdExRUk1OZU1WaTc2QTB5VHpGRXRkdGIwS1VvQVpQUTNNWkcwSmlrL09wRnhoRFdjQ2gxSFR6am5PVzhsa21sVnpJcENGQ2l2cm9GOTZoN2ZLWmloODdLNi9JL084bEhKOGR0R0NobXFERUgrQ2liNEM3K3hsaUNna0luMGZoZzhDYTVBWWtJSzBIZTVHWm9VSk5uOWNKbnFNalNuQ2ZRRzNsUHRLOURPSTVsMU9oTkdYWGIrY3JVVHo2eUVlZFB1OENNUUpiWG1PVFFsb21ud00rN2VxV0RMWnd4dzJ3VHUrV252clpvYUJ4cG8rMlNrMTRhV0gxcytzVDJYbE1URE5ubVpzb21WalYzdTUrWlhxWlZFcm9TYkNkZW9BbmFZM3o2OGkxdWYzQzYvNFRBbzhBbENkbVBYMlNUUSs1Y21OUHMvRHhCM3RrZz09PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlGYkRDQ0JGU2dBd0lCQWdJRVFMSzU5ekFOQmdrcWhraUc5dzBCQVFVRkFEQStNUXN3Q1FZRFZRUUdFd0p6YVRFYk1Ca0dBMVVFCkNoTVNjM1JoZEdVdGFXNXpkR2wwZFhScGIyNXpNUkl3RUFZRFZRUUxFd2x6YVhSbGMzUXRZMkV3SGhjTk1UQXdNek13TVRNd09USXoKV2hjTk1UVXdNek13TVRNek9USXpXakNCaGpFTE1Ba0dBMVVFQmhNQ2Mya3hHekFaQmdOVkJBb1RFbk4wWVhSbExXbHVjM1JwZEhWMAphVzl1Y3pFU01CQUdBMVVFQ3hNSlUwbFVSVk5VTFVOQk1Sa3dGd1lEVlFRTEV4QmpaWEowYVdacFkyRjBaWE10ZDJWaU1Tc3dFd1lEClZRUURFd3hVUlZOVUlGQkZVRk1nVTBrd0ZBWURWUVFGRXcwek1EQXpNakF4TURBd01EQXhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUYKQUFPQ0FROEFNSUlCQ2dLQ0FRRUE0aDZMOVB2MVRLN2Z6NUs2VXVyMFJsaTZFS3pad1R0djl4WGhTdDJ4bEk0d0ZXenpGaUN5NS9PLwpRNUdQUmExMFlvTWM4czdXbU1kTTV5SS9iVTBCRjJ0NVNZdEVIN013YkdhRlpGS0p0MTdPdGJwWkFhQ1NvaDZmbTF5TzBIdFZWa0c5ClVkSDRtc3dTM3dIcC9kMUM5MWxRTmJhMmVuVmMycDlOZDRnWW9wL3picm9FdG9GZUR5SHhUbDBtWU4vY1VIUUZUNEgyNGh6QWZXWGgKMkZPQmZOU252TmwySG5QSk9UNkhuclVCc2R5emtTekxOMEVpczJSMUc1K21Ra3pBd1c2VU9yb29qdk1jbEVKSzN6MW9la2oyT1dqMQpGaGFsVE5tQTVEOWRrRHltVFJuNG8zQlcyUzdvdm1XUG14WVVXOXMyNmJrUGh6L0NiQ1F3SUY5eVBRSURBUUFCbzRJQ0p6Q0NBaU13CkRnWURWUjBQQVFIL0JBUURBZ1dnTUNzR0ExVWRFQVFrTUNLQUR6SXdNVEF3TXpNd01UTXdPVEl6V29FUE1qQXhOVEF6TXpBeE16TTUKTWpOYU1Fc0dBMVVkSUFSRU1FSXdOZ1lMS3dZQkJBR3ZXUUlCQVFJd0p6QWxCZ2dyQmdFRkJRY0NBUllaYUhSMGNEb3ZMM2QzZHk1agpZUzVuYjNZdWMya3ZZM0J6THpBSUJnWUVBSXN3QVFJd0dBWUlLd1lCQlFVSEFRTUVEREFLTUFnR0JnUUFqa1lCQVRBZUJnTlZIUkVFCkZ6QVZnUk4wWlhOMExuTnBMWEJsY0hOQVoyOTJMbk5wTUlIMkJnTlZIUjhFZ2U0d2dlc3dWYUJUb0ZHa1R6Qk5NUXN3Q1FZRFZRUUcKRXdKemFURWJNQmtHQTFVRUNoTVNjM1JoZEdVdGFXNXpkR2wwZFhScGIyNXpNUkl3RUFZRFZRUUxFd2x6YVhSbGMzUXRZMkV4RFRBTApCZ05WQkFNVEJFTlNURE13Z1pHZ2dZNmdnWXVHV0d4a1lYQTZMeTk0TlRBd0xtZHZkaTV6YVM5dmRUMXphWFJsYzNRdFkyRXNiejF6CmRHRjBaUzFwYm5OMGFYUjFkR2x2Ym5Nc1l6MXphVDlqWlhKMGFXWnBZMkYwWlZKbGRtOWpZWFJwYjI1TWFYTjBQMkpoYzJXR0wyaDAKZEhBNkx5OTNkM2N1YzJsblpXNHRZMkV1YzJrdlkzSnNMM05wZEdWemRDOXphWFJsYzNRdFkyRXVZM0pzTUI4R0ExVWRJd1FZTUJhQQpGRlJKQjBhSHp4MkpuY3F1Y3Flb29LQnB0eUhuTUIwR0ExVWREZ1FXQkJReVNlbWVEaTEwRGJlVFlqMXRrR1o1Wm80bXdqQUpCZ05WCkhSTUVBakFBTUJrR0NTcUdTSWIyZlFkQkFBUU1NQW9iQkZZM0xqRURBZ09vTUEwR0NTcUdTSWIzRFFFQkJRVUFBNElCQVFBU1E0bDEKVmQrTVJETEZvMkE2cVlZV0xWcVR2dFBMSWs3djdCc3dtcTJTRkFMMlhtUG9MNXhiUUZlRFcrTGlXaFFCbXJsZ1d5STdnYmkvMS9ycwoxRTAwWjRTa244bDk3dHVJeXV4dkNLVEZoSkR4OXB6Z1VRR293b0NZbzlJemNNTlFweHg2bGtlcHJlQ0R1YytlMGZBYnZUTkdFcHZRCjdEa2dyd0pkY3NVQUVsUTRPSjBpZkVMb2FoMURIOHdwVTMxenI3RDNZc2l6WmdwdTVURUlHUDU0QU9oYkZlWkVtWmxUVTZnd053NGkKVGY2blZRa0dheHNKdDZnR0dzeUw4UlV1dndwVlJSM1dtcGxDdGpYcnlHQ2U0Qi9hZ0FlM0VLVWgxNUlhUHZXcWRpeFNqeVN4akJJMQpiTjhJRUZIWVBabXV3aDdZMUZRdU9ZUUdqdVNMc0p5OTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sMnA6U3RhdHVzPjxzYW1sMnA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PHNhbWwycDpTdGF0dXNNZXNzYWdlPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2Vzczwvc2FtbDJwOlN0YXR1c01lc3NhZ2U+PC9zYW1sMnA6U3RhdHVzPjxzYW1sMjpBc3NlcnRpb24gSUQ9Il8zNzhiMGNjNTk0YThkMzhmMzJjN2M3NjQ5NTQ0OWQ1ZCIgSXNzdWVJbnN0YW50PSIyMDE1LTAyLTIzVDE2OjEzOjA4LjYxMVoiIFZlcnNpb249IjIuMCIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIj48c2FtbDI6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5Ij5odHRwOi8vQy1QRVBTLmdvdi54eDwvc2FtbDI6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz48ZHM6UmVmZXJlbmNlIFVSST0iI18zNzhiMGNjNTk0YThkMzhmMzJjN2M3NjQ5NTQ0OWQ1ZCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyI+PGVjOkluY2x1c2l2ZU5hbWVzcGFjZXMgeG1sbnM6ZWM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIgUHJlZml4TGlzdD0ieHMiLz48L2RzOlRyYW5zZm9ybT48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPnJCYTMrbTU0RXVVZzgzSzhpTnVPVDlTaktQcz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+RGlZc3UxRXRzMzFocEJySEtvT2IvVnloRisxL1dxYjI5akE4T1J6cnZZb2h1WUlUdjV2V3oxcjhKdkpkK2NubVRNSFlZSU9hQ2V6SXd6L08yUlZ1K3IwWHEwdWNKbmhhcnQ3aUcwTTdFSGR4MVdFaGVzMWtHcHd2c1VjbnlLbm9tdnlSVklNVC80YmU3YTJLRTJZNzJkMGg3bVBsZmV4bVNvUENiaGJYSDIzc0grNTlVYjM1d3pwaXRUUFFtREFmOU5ibVAzV1I2OHpFS0VMTnRuaEZ2VUIyMHZVaGxGNi9hN3pPMlhRTmdFbzFaZW53RlBtWjdYbFhIK29BT3Q1cnFwUXNyMjN4R0tpYXV5YUpjRXpzQ0E5Z0I4YVhMYlQxR0xta1IwTndVa0RMWWxzcWwyeVZ2M01ZaHI5VjU3enk2T3dDR0dzUEltNTdlYnZ1d3RSbE5RPT08L2RzOlNpZ25hdHVyZVZhbHVlPjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUZiRENDQkZTZ0F3SUJBZ0lFUUxLNTl6QU5CZ2txaGtpRzl3MEJBUVVGQURBK01Rc3dDUVlEVlFRR0V3SnphVEViTUJrR0ExVUUKQ2hNU2MzUmhkR1V0YVc1emRHbDBkWFJwYjI1ek1SSXdFQVlEVlFRTEV3bHphWFJsYzNRdFkyRXdIaGNOTVRBd016TXdNVE13T1RJegpXaGNOTVRVd016TXdNVE16T1RJeldqQ0JoakVMTUFrR0ExVUVCaE1DYzJreEd6QVpCZ05WQkFvVEVuTjBZWFJsTFdsdWMzUnBkSFYwCmFXOXVjekVTTUJBR0ExVUVDeE1KVTBsVVJWTlVMVU5CTVJrd0Z3WURWUVFMRXhCalpYSjBhV1pwWTJGMFpYTXRkMlZpTVNzd0V3WUQKVlFRREV3eFVSVk5VSUZCRlVGTWdVMGt3RkFZRFZRUUZFdzB6TURBek1qQXhNREF3TURBeE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRgpBQU9DQVE4QU1JSUJDZ0tDQVFFQTRoNkw5UHYxVEs3Zno1SzZVdXIwUmxpNkVLelp3VHR2OXhYaFN0MnhsSTR3Rld6ekZpQ3k1L08vClE1R1BSYTEwWW9NYzhzN1dtTWRNNXlJL2JVMEJGMnQ1U1l0RUg3TXdiR2FGWkZLSnQxN090YnBaQWFDU29oNmZtMXlPMEh0VlZrRzkKVWRING1zd1Mzd0hwL2QxQzkxbFFOYmEyZW5WYzJwOU5kNGdZb3AvemJyb0V0b0ZlRHlIeFRsMG1ZTi9jVUhRRlQ0SDI0aHpBZldYaAoyRk9CZk5TbnZObDJIblBKT1Q2SG5yVUJzZHl6a1N6TE4wRWlzMlIxRzUrbVFrekF3VzZVT3Jvb2p2TWNsRUpLM3oxb2VrajJPV2oxCkZoYWxUTm1BNUQ5ZGtEeW1UUm40bzNCVzJTN292bVdQbXhZVVc5czI2YmtQaHovQ2JDUXdJRjl5UFFJREFRQUJvNElDSnpDQ0FpTXcKRGdZRFZSMFBBUUgvQkFRREFnV2dNQ3NHQTFVZEVBUWtNQ0tBRHpJd01UQXdNek13TVRNd09USXpXb0VQTWpBeE5UQXpNekF4TXpNNQpNak5hTUVzR0ExVWRJQVJFTUVJd05nWUxLd1lCQkFHdldRSUJBUUl3SnpBbEJnZ3JCZ0VGQlFjQ0FSWVphSFIwY0RvdkwzZDNkeTVqCllTNW5iM1l1YzJrdlkzQnpMekFJQmdZRUFJc3dBUUl3R0FZSUt3WUJCUVVIQVFNRUREQUtNQWdHQmdRQWprWUJBVEFlQmdOVkhSRUUKRnpBVmdSTjBaWE4wTG5OcExYQmxjSE5BWjI5MkxuTnBNSUgyQmdOVkhSOEVnZTR3Z2Vzd1ZhQlRvRkdrVHpCTk1Rc3dDUVlEVlFRRwpFd0p6YVRFYk1Ca0dBMVVFQ2hNU2MzUmhkR1V0YVc1emRHbDBkWFJwYjI1ek1SSXdFQVlEVlFRTEV3bHphWFJsYzNRdFkyRXhEVEFMCkJnTlZCQU1UQkVOU1RETXdnWkdnZ1k2Z2dZdUdXR3hrWVhBNkx5OTROVEF3TG1kdmRpNXphUzl2ZFQxemFYUmxjM1F0WTJFc2J6MXoKZEdGMFpTMXBibk4wYVhSMWRHbHZibk1zWXoxemFUOWpaWEowYVdacFkyRjBaVkpsZG05allYUnBiMjVNYVhOMFAySmhjMldHTDJoMApkSEE2THk5M2QzY3VjMmxuWlc0dFkyRXVjMmt2WTNKc0wzTnBkR1Z6ZEM5emFYUmxjM1F0WTJFdVkzSnNNQjhHQTFVZEl3UVlNQmFBCkZGUkpCMGFIengySm5jcXVjcWVvb0tCcHR5SG5NQjBHQTFVZERnUVdCQlF5U2VtZURpMTBEYmVUWWoxdGtHWjVabzRtd2pBSkJnTlYKSFJNRUFqQUFNQmtHQ1NxR1NJYjJmUWRCQUFRTU1Bb2JCRlkzTGpFREFnT29NQTBHQ1NxR1NJYjNEUUVCQlFVQUE0SUJBUUFTUTRsMQpWZCtNUkRMRm8yQTZxWVlXTFZxVHZ0UExJazd2N0Jzd21xMlNGQUwyWG1Qb0w1eGJRRmVEVytMaVdoUUJtcmxnV3lJN2diaS8xL3JzCjFFMDBaNFNrbjhsOTd0dUl5dXh2Q0tURmhKRHg5cHpnVVFHb3dvQ1lvOUl6Y01OUXB4eDZsa2VwcmVDRHVjK2UwZkFidlROR0VwdlEKN0RrZ3J3SmRjc1VBRWxRNE9KMGlmRUxvYWgxREg4d3BVMzF6cjdEM1lzaXpaZ3B1NVRFSUdQNTRBT2hiRmVaRW1abFRVNmd3Tnc0aQpUZjZuVlFrR2F4c0p0NmdHR3N5TDhSVXV2d3BWUlIzV21wbEN0alhyeUdDZTRCL2FnQWUzRUtVaDE1SWFQdldxZGl4U2p5U3hqQkkxCmJOOElFRkhZUFptdXdoN1kxRlF1T1lRR2p1U0xzSnk5PC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWwyOlN1YmplY3Q+PHNhbWwyOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OnVuc3BlY2lmaWVkIiBOYW1lUXVhbGlmaWVyPSJodHRwOi8vQy1QRVBTLmdvdi54eCI+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQ8L3NhbWwyOk5hbWVJRD48c2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBBZGRyZXNzPSI5MS4xNDMuMTA1LjM3IiBJblJlc3BvbnNlVG89Il9mMjM1OGYyZjRkYjQ0NWJkMWFjNzVjZTQxNWQ3NmE5NSIgTm90T25PckFmdGVyPSIyMDE1LTAyLTIzVDE2OjE4OjA4LjYxMVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0My9tb2EtaWQtYXV0aC9QRVBTQ29ubmVjdG9yIi8+PC9zYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDI6U3ViamVjdD48c2FtbDI6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTUtMDItMjNUMTY6MTM6MDguNjExWiIgTm90T25PckFmdGVyPSIyMDE1LTAyLTIzVDE2OjE4OjA4LjYxMVoiPjxzYW1sMjpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sMjpBdWRpZW5jZT5odHRwczovL2xvY2FsaG9zdDo4NDQzL21vYS1pZC1hdXRoPC9zYW1sMjpBdWRpZW5jZT48L3NhbWwyOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWwyOk9uZVRpbWVVc2UvPjwvc2FtbDI6Q29uZGl0aW9ucz48c2FtbDI6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE1LTAyLTIzVDE2OjEzOjA4LjYxMloiPjxzYW1sMjpTdWJqZWN0TG9jYWxpdHkgQWRkcmVzcz0iOTEuMTQzLjEwNS4zNyIvPjxzYW1sMjpBdXRobkNvbnRleHQ+PHNhbWwyOkF1dGhuQ29udGV4dERlY2wvPjwvc2FtbDI6QXV0aG5Db250ZXh0Pjwvc2FtbDI6QXV0aG5TdGF0ZW1lbnQ+PHNhbWwyOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDI6QXR0cmlidXRlIE5hbWU9Imh0dHA6Ly93d3cuc3RvcmsuZ292LmV1LzEuMC9lSWRlbnRpZmllciIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1cmkiIHN0b3JrOkF0dHJpYnV0ZVN0YXR1cz0iQXZhaWxhYmxlIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOmFueVR5cGUiPlNJL0FUL1E4Ny93WkcrYWYxOGZ3d1orUjJ6SlNVOG5rSGFOVWh0QW9KRTJ6RTF5SldQdjBvWjRGd2srRFJUYTZNPTwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PHNhbWwyOkF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vd3d3LnN0b3JrLmdvdi5ldS8xLjAvZ2l2ZW5OYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSIgc3Rvcms6QXR0cmlidXRlU3RhdHVzPSJBdmFpbGFibGUiPjxzYW1sMjpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6YW55VHlwZSI+SmFuZXo8L3NhbWwyOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDI6QXR0cmlidXRlPjxzYW1sMjpBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3d3dy5zdG9yay5nb3YuZXUvMS4wL2RhdGVPZkJpcnRoIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSIgc3Rvcms6QXR0cmlidXRlU3RhdHVzPSJBdmFpbGFibGUiPjxzYW1sMjpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6YW55VHlwZSI+MTk5OTA2MDM8L3NhbWwyOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDI6QXR0cmlidXRlPjxzYW1sMjpBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3d3dy5zdG9yay5nb3YuZXUvMS4wL3NpZ25lZERvYyIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1cmkiIHN0b3JrOkF0dHJpYnV0ZVN0YXR1cz0iQXZhaWxhYmxlIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOmFueVR5cGUiPjxuczI6U2lnblJlc3BvbnNlIHhtbG5zOm5zMj0idXJuOm9hc2lzOm5hbWVzOnRjOmRzczoxLjA6Y29yZTpzY2hlbWEiIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjA6YXNzZXJ0aW9uIiB4bWxuczpuczM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIERvY1VJPSJMT0NBTC9TSS83NDljOWNiOS01YzAzLTQwY2UtYmZmOC00NTc4MDJiMzk2OTUiIFByb2ZpbGU9InVybjpvYXNpczpuYW1lczp0Yzpkc3M6MS4wOnByb2ZpbGVzOlhBZEVTOmZvcm1zOkJFUyIgUmVxdWVzdElEPSJfMWUxNjkyODliZjEwMmNlMmViYzYyMDY4Nzc4OTNjMjQiPjxuczI6UmVzdWx0PjxuczI6UmVzdWx0TWFqb3I+dXJuOm9hc2lzOm5hbWVzOnRjOmRzczoxLjA6cmVzdWx0bWFqb3I6U3VjY2VzczwvbnMyOlJlc3VsdE1ham9yPjwvbnMyOlJlc3VsdD48bnMyOk9wdGlvbmFsT3V0cHV0cz48bnMyOkRvY3VtZW50V2l0aFNpZ25hdHVyZT48bnMyOkRvY3VtZW50PjxuczI6RG9jdW1lbnRVUkw+aHR0cHM6Ly9wZXBzLXRlc3QubWp1Lmdvdi5zaS9Eb2N1bWVudFNlcnZpY2UvRG9jdW1lbnRTZXJ2aWNlPC9uczI6RG9jdW1lbnRVUkw+PC9uczI6RG9jdW1lbnQ+PC9uczI6RG9jdW1lbnRXaXRoU2lnbmF0dXJlPjwvbnMyOk9wdGlvbmFsT3V0cHV0cz48L25zMjpTaWduUmVzcG9uc2U+PC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48c2FtbDI6QXR0cmlidXRlIE5hbWU9Imh0dHA6Ly93d3cuc3RvcmsuZ292LmV1LzEuMC9zdXJuYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSIgc3Rvcms6QXR0cmlidXRlU3RhdHVzPSJBdmFpbGFibGUiPjxzYW1sMjpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6YW55VHlwZSI+VnpvcmVjPC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48L3NhbWwyOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWwyOkFzc2VydGlvbj48L3NhbWwycDpSZXNwb25zZT4=
\ No newline at end of file diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml index c164252c7..3ca3497a0 100644 --- a/id/server/modules/pom.xml +++ b/id/server/modules/pom.xml @@ -19,12 +19,19 @@ <repositoryPath>${basedir}/../../../repository</repositoryPath> </properties> - <modules> - <module>module-stork</module> + <modules> + <module>moa-id-modul-citizencard_authentication</module> + <module>module-monitoring</module> + <module>moa-id-modules-saml1</module> <module>moa-id-module-openID</module> - <module>moa-id-modul-citizencard_authentication</module> + + <module>moa-id-module-eIDAS</module> + <module>moa-id-modules-federated_authentication</module> + <module>moa-id-module-elga_mandate_service</module> + + <module>moa-id-module-ssoTransfer</module> </modules> <dependencies> diff --git a/id/server/pom.xml b/id/server/pom.xml index a7e79ef78..56d317cf5 100644 --- a/id/server/pom.xml +++ b/id/server/pom.xml @@ -18,13 +18,13 @@ </properties>
<modules>
+ <module>moa-id-spring-initializer</module>
+ <module>moa-id-frontend-resources</module>
<module>idserverlib</module>
-<!-- <module>proxy</module> -->
- <module>auth</module>
<module>moa-id-commons</module>
- <module>stork2-saml-engine</module>
- <module>stork2-commons</module>
- <module>modules</module>
+ <module>modules</module>
+ <module>auth-final</module>
+ <module>auth-edu</module>
</modules>
<dependencyManagement>
diff --git a/id/server/stork2-commons/.gitignore b/id/server/stork2-commons/.gitignore deleted file mode 100644 index a9036d427..000000000 --- a/id/server/stork2-commons/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -/target -/stork-commons.log* diff --git a/id/server/stork2-commons/Releases b/id/server/stork2-commons/Releases deleted file mode 100644 index 6550affd0..000000000 --- a/id/server/stork2-commons/Releases +++ /dev/null @@ -1,73 +0,0 @@ -Created 06-04-2011 - -Branch : STORKCommons_0_5_UPDATE_06042011 -Date : 06-04-2011 -Changes: No changes. - -Branch : STORKCommons_0_5_UPDATE_07072011 -Date : 07-07-2011 -Changes: Inserted constants to HttpOnly HTTP Header. - -Branch : STORKCommons_0_6 -Date : 07-11-2011 -Changes: Improved error exception handling (few changes on the exception classes). - Improved Constansts (unused removed, others added). - Unit Tests include (almost all the code is cover). - Fix some minor bugs found on unit tests. - New Copyright License added. - PEPUtils refactored. - Improved error code message (three kind of messages: to citizen, admin and saml token). - -Branch : STORKCommons_0_6_1 -Date : 28-11-2011 -Changes: Removed unnecessary javadoc package file. - Updated pepsUtils.properties file (check attribute value had old error message) - -Branch : STORKCommons_0_9 -Date : 02-12-2011 -Changes: Updated Version to 0.9 - -Branch : STORKCommons_1_0 -Date : 02-12-2011 -Changes: Updated Version to 1.0 - -Branch : STORKCommons_1_1_0 -Date : 01-11-2013 -Changes: Updated Version to 1.1.0 - Dependencies updated - Business Logic Part I changes - SAML Engine Changes merged (from SamlEngine/1.1.0/Commons branch to be easier to merge this branch with trunk) - Fixed some errors on Test Case - -Branch : STORKCommons_1_1_1 -Date : 02-12-2013 -Changes: Updated Version to 1.1.1 - Added mandate error code - PMD quality code changes (some final identifier missing) - Added new methods to personal attribute list to get Mandatory/Optional and/or Simple/Complex attributes - Added new unit tests - -Branch : Commons_1_1_2 -Date : 13-12-2013 -Changes: Updated Version to 1.1.2 - Added request flow of PV (incomplete) - Added AP mandatory attribute to get data for business attributes - *) based on configuration file it adds the missing attributes (eIdentifier, givenName, surname and dateOfBirth) or change isRequired to true. - changes original isRequired state in response - Added new Interface (IAttributeListProcessor) to make some operations on attribute lists - -Branch : Commons_1_1_3 -Date : 21-12-2013 -Changes: Updated Version to 1.1.3 - Power Validation is complete now - Business Logic I and II integration (Request Complete!) - -Branch : Commons_1_1_4 -Date : 08-01-2014 -Changes: Updated Version to 1.1.4 - Added new method to Personal attribute List to check if there is at least one attribute with no value. - -Branch : Commons_1_4_0 -Date : 28-02-2014 -Changes: Updated Version to 1.4.0 - Removed AUB
\ No newline at end of file diff --git a/id/server/stork2-commons/pom.xml b/id/server/stork2-commons/pom.xml deleted file mode 100644 index 20b5c7619..000000000 --- a/id/server/stork2-commons/pom.xml +++ /dev/null @@ -1,220 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <parent> - <groupId>MOA.id</groupId> - <artifactId>moa-id</artifactId> - <version>3.x</version> - </parent> - <modelVersion>4.0.0</modelVersion> - <groupId>eu.stork</groupId> - <artifactId>Commons</artifactId> - <packaging>jar</packaging> - <name>Stork Commons</name> - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <stork.version>1.5.1</stork.version> - </properties> - <version>${stork.version}</version> - <description> - The STORKCommons library provides beans, Java Interfaces and utility classes to integrate PEPS and SAML Engine. - </description> - - <repositories> - <repository> - <id>shibboleth.internet2.edu</id> - <name>Internet2</name> - <url>https://build.shibboleth.net/nexus/content/groups/public/</url> - </repository> - </repositories> - - <dependencies> - - <!-- Joda --> - <dependency> - <groupId>joda-time</groupId> - <artifactId>joda-time</artifactId> - <version>2.3</version> - </dependency> - - <!-- Log4J --> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <exclusions> - <exclusion> - <groupId>javax.jms</groupId> - <artifactId>jms</artifactId> - </exclusion> - <exclusion> - <groupId>com.sun.jdmk</groupId> - <artifactId>jmxtools</artifactId> - </exclusion> - <exclusion> - <groupId>com.sun.jmx</groupId> - <artifactId>jmxri</artifactId> - </exclusion> - <exclusion> - <artifactId>mail</artifactId> - <groupId>javax.mail</groupId> - </exclusion> - </exclusions> - </dependency> - - <!-- Bouncy Castle --> - <dependency> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk16</artifactId> - </dependency> - - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>opensaml</artifactId> - <exclusions> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>log4j-over-slf4j</artifactId> - </exclusion> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - </exclusion> - </exclusions> - </dependency> - - <!-- Servlet API --> - <!-- provided by Application Server --> - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <scope>provided</scope> - </dependency> - - <dependency> - <groupId>commons-lang</groupId> - <artifactId>commons-lang</artifactId> - <version>2.6</version> - <type>jar</type> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <build> - <finalName>commons</finalName> - <pluginManagement> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>3.1</version> - <configuration> - <source>1.7</source> - <target>1.7</target> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <runOrder>reversealphabetical</runOrder> - <skip>true</skip> - <includes> - <runOrder>reversealphabetical</runOrder> - <include>**/PEPSUtilTest.java</include> - <include>**/PersonalAttributeTestCase.java</include> - <include>**/PersonalAttributeListTestCase.java</include> - <include>**/DateUtilTestCase.java</include> - <include>**/AttributeUtilTest.java</include> - </includes> - </configuration> - </plugin> - </plugins> - </pluginManagement> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <version>2.9.1</version> - <configuration> - <links> - <link>http://commons.apache.org/lang/api/</link> - <link>http://java.sun.com/j2se/1.6.0/docs/api/</link> - <link>http://www.bouncycastle.org/docs/docs1.6/</link> - <link>http://docs.oracle.com/javase/6/docs/api/</link> - </links> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-source-plugin</artifactId> - <version>2.2.1</version> - <executions> - <execution> - <id>attach-sources</id> - <phase>verify</phase> - <goals> - <goal>jar-no-fork</goal> - </goals> - </execution> - </executions> - </plugin> - </plugins> - <testResources> - <testResource> - <directory>src/test/resources</directory> - <includes> - <include>log4j.xml</include> - </includes> - </testResource> - </testResources> - </build> - <profiles> - <profile> - <id>embedded</id> - <build> - <resources> - <resource> - <directory> ${project.basedir}/src/main/resources</directory> - </resource> - <resource> - <directory> ${project.basedir}/src/main/config/embedded</directory> - </resource> - </resources> - </build> - </profile> - <profile> - <id>metrics</id> - <build> - <plugins> - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>cobertura-maven-plugin</artifactId> - <version>2.5.1</version> - <configuration> - <formats> - <format>html</format> - <format>xml</format> - </formats> - </configuration> - </plugin> - </plugins> - </build> - </profile> - </profiles> -</project> diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java deleted file mode 100644 index 4d13c2d92..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains all the STORK PEPS, Commons and Specific errors constant identifiers. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.2 $, $Date: 2010-11-17 05:15:28 $ - */ -public enum AttributeConstants { - - /** - * Represents the attribute's name index. - */ - ATTR_NAME_INDEX(0), - /** - * Represents the attribute's type index. - */ - ATTR_TYPE_INDEX(1), - /** - * Represents the attribute's value index. - */ - ATTR_VALUE_INDEX(2), - /** - * Represents the attribute's status index. - */ - ATTR_STATUS_INDEX(3), - /** - * Represents the number of allowed tuples. - */ - NUMBER_TUPLES(4); - - /** - * Represents the constant's value. - */ - private int attribute; - - /** - * Solo Constructor. - * - * @param attr - * The Attribute Constant value. - */ - AttributeConstants(final int attr) { - - this.attribute = attr; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public int intValue() { - - return attribute; - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java deleted file mode 100644 index 28115ae62..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java +++ /dev/null @@ -1,85 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.io.Serializable;
-
-/**
- * This class is a bean used to store information relative to Attribute Names.
- *
- * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
- *
- * @version $Revision: 1.00 $, $Date: 2013-11-26 $
- */
-public final class AttributeName implements Serializable {
-
- /**
- *
- */
- private static final long serialVersionUID = -3537736618869722308L;
-
- /**
- * Attribute Id.
- */
- private String attributeId;
-
- /**
- * Attribute Name.
- */
- private String attributeName;
-
- /**
- * Attribute Name Constructor.
- *
- * @param aId
- * Id of the Attribute Name.
- * @param aName
- * Name of the Attribute Name.
- */
- public AttributeName(final String aId, final String aName) {
-
- this.attributeId = aId;
- this.attributeName = aName;
- }
-
- /**
- * Getter for the attributeId value.
- *
- * @return The attributeId value.
- */
- public String getAttributeId() {
-
- return attributeId;
- }
-
- /**
- * Setter for the attributeId value.
- *
- * @param aId
- * Id of the Attribute Name.
- */
- public void setAttributeId(final String aId) {
-
- this.attributeId = aId;
- }
-
- /**
- * Getter for the attributeName value.
- *
- * @return The attributeName value.
- */
- public String getAttributeName() {
-
- return attributeName;
- }
-
- /**
- * Setter for the attributeName value.
- *
- * @param name
- * Name of the Attribute Name.
- */
- public void setAttributeName(final String name) {
-
- this.attributeName = name;
- }
-
-}
\ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java deleted file mode 100644 index 08265e8f0..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java +++ /dev/null @@ -1,129 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.io.Serializable;
-import java.util.List;
-
-/**
- * This class is a bean used to store the information relative to the Attribute Provider.
- *
- * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
- *
- * @version $Revision: 1.01 $, $Date: 2014-01-13 $
- */
-public final class AttributeProvider implements Serializable {
- /**
- * Unique identifier.
- */
- private static final long serialVersionUID = 7210186241917444559L;
-
- /**
- * Provider Id.
- */
- private String providerId;
-
- /**
- * Provider Name.
- */
- private String providerName;
-
- /**
- * Allowed groups of attribute names.
- */
- private List<String> allowedGroups;
-
- /**
- * Attribute Provider Constructor.
- *
- * @param pId
- * Id of the Attribute Provider.
- * @param pName
- * Name of the Attribute Provider.
- */
- public AttributeProvider(final String pId, final String pName, final List<String> pAllowedGroups) {
-
- this.providerId = pId;
- this.providerName = pName;
- this.allowedGroups = pAllowedGroups;
- }
-
- /**
- * Getter for the providerId value.
- *
- * @return The providerId value.
- */
- public String getProviderId() {
-
- return providerId;
- }
-
- /**
- * Setter for the providerId value.
- *
- * @param pId
- * Id of the Attribute Provider.
- */
- public void setProviderId(final String pId) {
-
- this.providerId = pId;
- }
-
- /**
- * Getter for the providerName value.
- *
- * @return The providerName value.
- */
- public String getProviderName() {
-
- return providerName;
- }
-
- /**
- * Setter for the providerName value.
- *
- * @param name
- * Name of the Attribute Provider.
- */
- public void setProviderName(final String name) {
-
- this.providerName = name;
- }
-
- /**
- * Getter for the allowedGroups value.
- *
- * @return The allowedGroups value.
- */
- public List<String> getAllowedGroups() {
-
- return allowedGroups;
- }
-
- /**
- * Setter for the allowedGroups value.
- *
- * @param name
- * AllowedGroups of the Attribute Provider.
- */
- public void setAllowedGroups(final List<String> pAllowedGroups) {
-
- this.allowedGroups = pAllowedGroups;
- }
-
- /**
- * Check if an attribute name is allowed for this Attribute Provider
- *
- * @param pAttrName
- * the Attribute Name to check
- * @return true if the name is allowed, false otherwise
- */
- public boolean isAttributeNameAllowed(final String pAttrName) {
- if (allowedGroups == null || pAttrName == null)
- return false;
- else if (allowedGroups.contains(PEPSParameters.ATTRIBUTE_GROUPS_ALL.toString()))
- return true;
- else if (allowedGroups.contains(PEPSParameters.ATTRIBUTE_GROUPS_NONE.toString()))
- return false;
- else
- return allowedGroups.contains(pAttrName);
- }
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java deleted file mode 100644 index c59109092..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java +++ /dev/null @@ -1,112 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.util.Iterator;
-import java.util.LinkedHashMap;
-
-import org.apache.log4j.Logger;
-
-/**
- * Implementation of the AttributeProviderMap using a LinkedHashMap.
- *
- * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
- *
- * @version $Revision: 1.01 $, $Date: 2013-09-20 $
- *
- * @see LinkedHashMap
- */
-public class AttributeProvidersMap extends LinkedHashMap<AttributeSource, IPersonalAttributeList> implements IAttributeProvidersMap {
- /**
- * Logger object.
- */
- private static final Logger LOG = Logger.getLogger(AttributeProvidersMap.class.getName());
-
- /**
- * Unique identifier.
- */
- private static final long serialVersionUID = 8949081185106296122L;
-
- /**
- * {@inheritDoc}
- */
- @Override
- public IPersonalAttributeList get(final AttributeSource key) {
- return this.get((Object) key);
- }
-
- /**
- * {@inheritDoc}
- */
- @Override
- public IPersonalAttributeList remove(final AttributeSource key) {
- return this.remove((Object) key);
- }
-
- /**
- * {@inheritDoc}
- */
- @Override
- public boolean containsKey(final AttributeSource key) {
- return this.containsKey((Object) key);
- }
-
- /**
- * {@inheritDoc}
- */
- @Override
- public Iterator<AttributeSource> keyIterator() {
- return this.keySet().iterator();
- }
-
- public void trace() {
- Iterator<AttributeSource> iterator;
- Iterator<PersonalAttribute> iterator2;
- AttributeSource source;
- IPersonalAttributeList pal;
- PersonalAttribute pa;
-
- iterator = this.keyIterator();
- LOG.trace("Start dumping of AttributeProvidersMap\n=======================");
- while (iterator.hasNext()) {
- source = iterator.next();
-
- LOG.trace("Source details: type [" + source.getSourceType() + "], URL [" + source.getProviderURL() + "]");
-
- if (source.getSourceType() == AttributeSource.SOURCE_LOCAL_APROVIDER) {
- LOG.trace("-> Attribute Provider: ID [" + source.getProvider().getProviderId() + "], name [" + source.getProvider().getProviderName() + "]");
- } else {
- LOG.trace("-> Country: ID [" + source.getCountry().getCountryId() + "], name [" + source.getCountry().getCountryName() + "]");
- }
-
- pal = this.get(source);
- LOG.trace("++++++++=>");
- iterator2 = pal.iterator();
- while (iterator2.hasNext()) {
- pa = iterator2.next();
-
- LOG.trace("-> Citizen Attribute: name [" + pa.getName() + "], required [" + pa.isRequired() + "]");
- }
- LOG.trace("<=++++++++");
-
- LOG.trace("-----------------------");
- }
- LOG.trace("END\n=======================");
- }
-
- public void mergeWith(IAttributeProvidersMap aPMap) {
- Iterator<AttributeSource> maKeys = aPMap.keyIterator();
- while (maKeys.hasNext()) {
- AttributeSource key = maKeys.next();
- IPersonalAttributeList l2 = aPMap.get(key);
- if (containsKey(key)) {
- IPersonalAttributeList l1 = get(key);
- for (PersonalAttribute pa : l2) {
- if (!l1.containsKey(pa.getName())) {
- l1.add(pa);
- }
- }
- } else {
- put(key, l2);
- }
- }
- }
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java deleted file mode 100644 index eb5e3ded4..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java +++ /dev/null @@ -1,197 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.io.Serializable;
-
-import org.apache.log4j.Logger;
-
-/**
- * This class is a bean used to store the information relative to the Attribute Source (either AttributeProvider or Country).
- *
- * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
- *
- * @version $Revision: 1.10 $, $Date: 2013-11-29 $
- */
-public final class AttributeSource implements Serializable {
- /**
- * Unique identifier.
- */
- private static final long serialVersionUID = 432243595968469014L;
-
- public static final int SOURCE_LOCAL_APROVIDER = 1;
- public static final int SOURCE_REMOTE_COUNTRY = 2;
-
- /**
- * Logger object.
- */
- private static final Logger LOG = Logger.getLogger(AttributeSource.class.getName());
-
- /**
- * Provider source.
- */
- private int sourceType;
-
- /**
- * Provider URL.
- */
- private String providerURL;
-
- /**
- * The local Attribute Provider.
- */
- private AttributeProvider provider;
-
- /**
- * The remote Country.
- */
- private Country country;
-
- /**
- * Attribute Source Constructor.
- *
- * @param provider
- * The local Attribute Provider.
- * @param pURL
- * URL of the Attribute Provider.
- */
- public AttributeSource(final AttributeProvider provider, final String pURL) {
- this.setSourceType(SOURCE_LOCAL_APROVIDER);
-
- this.setProvider(provider);
- this.setProviderURL(pURL);
- }
-
- /**
- * Attribute Source Constructor.
- *
- * @param country
- * The remote Country.
- * @param pURL
- * URL of the Country.
- */
- public AttributeSource(final Country country, final String pURL) {
- this.setSourceType(SOURCE_REMOTE_COUNTRY);
-
- this.setCountry(country);
- this.setProviderURL(pURL);
- }
-
- /**
- * @param sourceType
- * the sourceType to set
- */
- public void setSourceType(final int sourceType) {
- this.sourceType = sourceType;
- }
-
- /**
- * @return the sourceType
- */
- public int getSourceType() {
- return sourceType;
- }
-
- /**
- * @param providerURL
- * the providerURL to set
- */
- public void setProviderURL(final String providerURL) {
- this.providerURL = providerURL;
- }
-
- /**
- * @return the providerURL
- */
- public String getProviderURL() {
- return providerURL;
- }
-
- /**
- * @param provider
- * the provider to set
- */
- public void setProvider(final AttributeProvider provider) {
- this.setSourceType(SOURCE_LOCAL_APROVIDER);
-
- this.provider = provider;
- }
-
- /**
- * @return the provider
- */
- public AttributeProvider getProvider() {
- return provider;
- }
-
- /**
- * @param country
- * the country to set
- */
- public void setCountry(final Country country) {
- this.setSourceType(SOURCE_REMOTE_COUNTRY);
-
- this.country = country;
- }
-
- /**
- * @return the country
- */
- public Country getCountry() {
- return country;
- }
-
- /**
- * {@inheritDoc}
- */
- public boolean equals(Object obj) {
- boolean outcome = false;
-
- LOG.debug("Calling equals with Object.");
- if (obj instanceof AttributeSource) {
- LOG.debug("Calling equals with AttributeSource.");
- outcome = this.innerEquals((AttributeSource) obj);
- }
- if (LOG.isDebugEnabled()) {
- LOG.debug("Object equals outcome: " + outcome);
- }
- return outcome;
- }
-
- /**
- * Compare the given AttributeSource with the current object in order to determinine if they are equal.
- *
- * @param obj
- * The AttributeSource to compare to
- *
- * @return true if the two objects are equal
- */
- public boolean innerEquals(AttributeSource obj) {
- boolean outcome = false;
-
- if (this.sourceType == obj.getSourceType()) {
- if (this.sourceType == AttributeSource.SOURCE_LOCAL_APROVIDER) {
- if (this.provider.getProviderId().equals(obj.getProvider().getProviderId()))
- outcome = true;
- } else if (this.sourceType == AttributeSource.SOURCE_REMOTE_COUNTRY) {
- if (this.country.getCountryId().equals(obj.getCountry().getCountryId()))
- outcome = true;
- }
- }
- if (LOG.isDebugEnabled()) {
- LOG.debug("AttributeSource equals outcome: " + outcome);
- }
- return outcome;
- }
-
- /**
- * {@inheritDoc}
- */
- public int hashCode() {
- int hash = 1;
- hash = hash * 17 + this.sourceType;
- if (this.sourceType == AttributeSource.SOURCE_LOCAL_APROVIDER)
- hash = hash * 31 + this.provider.getProviderName().hashCode();
- else
- hash = hash * 31 + this.country.getCountryName().hashCode();
- return hash;
- }
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java deleted file mode 100644 index f49986aaf..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java +++ /dev/null @@ -1,218 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -import org.apache.commons.lang.StringUtils; - -/** - * This class holds static helper methods. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.5 $, $Date: 2010-12-15 23:19:59 $ - */ -public final class AttributeUtil { - - /** - * Private constructor. Prevents the class from being instantiated. - */ - private AttributeUtil() { - // empty constructor - } - - /** - * Safe escape any given string. - * - * @param value - * The HTTP Value to escaped. - * - * @return The value escaped value. - */ - public static String escape(final String value) { - - final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString(); - final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); - final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString(); - - final String escAttrSep = "%" + (int) attrSep.charAt(0); - final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0); - final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0); - - return value.replace(attrSep, escAttrSep).replace(attrTupleSep, escAttrTupleSep).replace(attrValueSep, escAttrValueSep); - } - - /** - * Unescape any given string. - * - * @param value - * The HTTP Value to be unescaped. - * - * @return The value unescaped value. - */ - public static String unescape(final String value) { - final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString(); - final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); - final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString(); - - final String escAttrSep = "%" + (int) attrSep.charAt(0); - final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0); - final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0); - - return value.replace(escAttrSep, attrSep).replace(escAttrTupleSep, attrTupleSep).replace(escAttrValueSep, attrValueSep); - } - - /** - * Appends the string representation of an object to a StringBuilder. - * - * @param strBuilder - * The StringBuilder to append to. - * @param val - * The string representation of an object. - */ - public static void appendIfNotNull(final StringBuilder strBuilder, final Object val) { - - if (val != null) { - strBuilder.append(val); - } - } - - /** - * Given a separator and a list of strings, joins the list, as a string, separated by the separator string. - * - * @param list - * The list of strings to join. - * @param separator - * The separator string. - * @return the list, as a string, separated by the separator string. - */ - public static String listToString(final List<String> list, final String separator) { - - final StringBuilder strBuilder = new StringBuilder(); - for (final String s : list) { - if (!StringUtils.isEmpty(s)) { - strBuilder.append(AttributeUtil.escape(s) + separator); - } - } - return strBuilder.substring(0, strBuilder.length() - 1).toString(); - } - - /** - * Given a separator and a map of strings to strings, joins the map, as a string, separated by the separator string with the pair key/value concatenated with a '='. - * - * @param map - * The map of strings to join. - * @param separator - * The separator string. - * - * @return the map of strings, as a string, separated by the separator string with the pair key/value concatenated with a '='. - */ - public static String mapToString(final Map<String, String> map, final String separator) { - - final StringBuilder strBuilder = new StringBuilder(); - final Iterator<Entry<String, String>> valuesIt = map.entrySet().iterator(); - while (valuesIt.hasNext()) { - final Entry<String, String> entry = valuesIt.next(); - strBuilder.append(entry.getKey()); - strBuilder.append('='); - strBuilder.append(AttributeUtil.escape(entry.getValue())); - strBuilder.append(separator); - } - return strBuilder.substring(0, strBuilder.length() - 1).toString(); - } - - /** - * Validates the attribute value format. - * - * @param value - * The attribute value to validate. - * - * @return true if value has a valid format. - */ - public static boolean isValidValue(final String value) { - boolean retVal = false; - if (value != null && value.charAt(0) == '[' && value.endsWith("]")) { - final String tmpAttrValue = value.substring(1, value.length() - 1); - final String[] vals = tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - if (tmpAttrValue.length() >= 0 || (vals.length > 0 && vals[0].length() > 0)) { - retVal = true; - } - } - return retVal; - } - - /** - * Validates the attribute type value. It's case insensitive. E.g. return true value to: a) "true", "TRUE", "True", ... b) "false", "FALSE", "False", ... - * - * @param type - * The attribute type value. - * - * @return true if type has a true or false (case insensitive) value. - */ - public static boolean isValidType(final String type) { - return StringUtils.isNotEmpty(type) && (PEPSValues.TRUE.toString().equalsIgnoreCase(type) || PEPSValues.FALSE.toString().equalsIgnoreCase(type)); - } - - /** - * Validates the Personal attribute tuple. E.g. name:type:[value]:status - * - * @param tuples - * The Personal attribute's tuple. - * - * @return true if the tuples' format is valid. - * - * @see PEPSUtil#validateParameter(String, String, String) - * @see String#equalsIgnoreCase(String) - */ - public static boolean hasValidTuples(final String[] tuples) { - boolean retVal = false; - - final int numberTuples = AttributeConstants.NUMBER_TUPLES.intValue(); - if (tuples != null && tuples.length == numberTuples) { - // validate attrName - final int attrNameIndex = AttributeConstants.ATTR_NAME_INDEX.intValue(); - final int attrTypeIndex = AttributeConstants.ATTR_TYPE_INDEX.intValue(); - final int attrValueIndex = AttributeConstants.ATTR_VALUE_INDEX.intValue(); - - retVal = StringUtils.isNotEmpty(tuples[attrNameIndex]) && StringUtils.isNotEmpty(tuples[attrTypeIndex]) && StringUtils.isNotEmpty(tuples[attrValueIndex]) - && AttributeUtil.isValidType(tuples[attrTypeIndex]) && AttributeUtil.isValidValue(tuples[attrValueIndex]); - } - return retVal; - } - - /** - * Check if all mandatory attributes have values. - * - * @param personalAttrList - * The Personal Attributes List. - * - * @return true if all mandatory attributes have values, false if at least one attribute doesn't have value. - */ - public static boolean checkMandatoryAttributes(final IPersonalAttributeList personalAttrList) { - - final Iterator<PersonalAttribute> itAttributes = personalAttrList.values().iterator(); - boolean retVal = true; - while (itAttributes.hasNext() && retVal) { - final PersonalAttribute attr = itAttributes.next(); - if (attr.isRequired() && !STORKStatusCode.STATUS_AVAILABLE.toString().equals(attr.getStatus())) { - retVal = false; - } - } - return retVal; - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java deleted file mode 100644 index a1b6c5a53..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java +++ /dev/null @@ -1,121 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.ArrayList; -import java.util.List; - -/** - * This class is a bean used to store the information relative to the Citizen Consent. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class CitizenConsent { - - /** - * Mandatory attributes list. - */ - private List<String> mandatoryList; - - /** - * Optional attributes list. - */ - private List<String> optionalList; - - /** - * Citizen Consent default Constructor. - */ - public CitizenConsent() { - this.mandatoryList = new ArrayList<String>(); - this.optionalList = new ArrayList<String>(); - } - - /** - * Getter for the mandatoryList value. - * - * @return The mandatoryList value. - */ - public List<String> getMandatoryList() { - return this.mandatoryList; - } - - /** - * Setter for the mandatoryList value. - * - * @param mandatoryAttrList - * Mandatory parameters list. - */ - public void setMandatoryList(final List<String> mandatoryAttrList) { - this.mandatoryList = mandatoryAttrList; - } - - /** - * Setter for some mandatoryAttribute. Adds the input parameter to the mandatoryList. - * - * @param mandatoryAttr - * Attribute to add to the mandatoryList. - */ - public void setMandatoryAttribute(final String mandatoryAttr) { - this.mandatoryList.add(mandatoryAttr); - } - - /** - * Getter for the optionalList value. - * - * @return The optionalList value. - */ - public List<String> getOptionalList() { - return optionalList; - } - - /** - * Setter for the optionalList value. - * - * @param optAttrList - * Optional parameters list. - */ - public void setOptionalList(final List<String> optAttrList) { - this.optionalList = optAttrList; - } - - /** - * Setter for some optionalAttr. Adds the input parameter to the optionalList. - * - * @param optionalAttr - * Attribute to add to the optionalList. - */ - public void setOptionalAttribute(final String optionalAttr) { - this.optionalList.add(optionalAttr); - } - - /** - * Returns a string in the following format. "Mandatory attributes: mandatoryAttr1;mandatoryAttr2;mandatoryAttrN Optional attributes: optionalAttr1;optionalAttr2;optionalAttrN" - * - * @return {@inheritDoc} - */ - public String toString() { - final StringBuilder strbldr = new StringBuilder(46); - strbldr.append("Mandatory attributes: "); - for (final String str : mandatoryList) { - strbldr.append(str).append(';'); - } - strbldr.append(" Optional attributes: "); - for (final String str : optionalList) { - strbldr.append(str).append(';'); - } - return strbldr.toString(); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java deleted file mode 100644 index 7bef0c628..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java +++ /dev/null @@ -1,97 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -/** - * This class is a bean used to store the information relative to the Country. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.10 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class Country implements Serializable { - - /** - * - */ - private static final long serialVersionUID = 1135994036496370993L; - - /** - * Country Id. - */ - private String countryId; - - /** - * Country Name. - */ - private String countryName; - - /** - * Country Constructor. - * - * @param cId - * Id of the Country. - * @param cName - * Name of the Country. - */ - public Country(final String cId, final String cName) { - - this.countryId = cId; - this.countryName = cName; - } - - /** - * Getter for the countryId value. - * - * @return The countryId value. - */ - public String getCountryId() { - - return countryId; - } - - /** - * Setter for the countryId value. - * - * @param cId - * Id of the Country. - */ - public void setCountryId(final String cId) { - - this.countryId = cId; - } - - /** - * Getter for the countryName value. - * - * @return The countryName value. - */ - public String getCountryName() { - - return countryName; - } - - /** - * Setter for the countryName value. - * - * @param name - * Name of the Country. - */ - public void setCountryName(final String name) { - - this.countryName = name; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java deleted file mode 100644 index 5cf7a9751..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.Arrays; -import java.util.List; - -/** - * This class contains all the ISO 3166-1 Alpha 3 Country Codes. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.2 $, $Date: 2011-04-14 00:24:56 $ - */ -public final class CountryCodes { - - /** - * Private Constructor. - */ - private CountryCodes() { - - } - - /** - * ISO 3166-1 Alpha 3 Country Codes. - */ - private static List<String> countrysAlpha3 = Arrays.asList("ABW", "AFG", "AGO", "AIA", "ALA", "ALB", "AND", "ANT", "ARE", "ARG", "ARM", "ASM", "ATA", "ATF", "ATG", "AUS", "AUT", "AZE", "BDI", - "BEL", "BEN", "BES", "BFA", "BGD", "BGR", "BHR", "BHS", "BIH", "BLM", "BLR", "BLZ", "BMU", "BOL", "BRA", "BRB", "BRN", "BTN", "BUR", "BVT", "BWA", "BYS", "CAF", "CAN", "CCK", "CHE", - "CHL", "CHN", "CIV", "CMR", "COD", "COG", "COK", "COL", "COM", "CPV", "CRI", "CSK", "CUB", "CUW", "CXR", "CYM", "CYP", "CZE", "DEU", "DJI", "DMA", "DNK", "DOM", "DZA", "ECU", "EGY", - "ERI", "ESH", "ESP", "EST", "ETH", "FIN", "FJI", "FLK", "FRA", "FRO", "FSM", "GAB", "GBR", "GEO", "GGY", "GHA", "GIB", "GIN", "GLP", "GMB", "GNB", "GNQ", "GRC", "GRD", "GRL", "GTM", - "GUF", "GUM", "GUY", "HKG", "HMD", "HND", "HRV", "HTI", "HUN", "IDN", "IMN", "IND", "IOT", "IRL", "IRN", "IRQ", "ISL", "ISR", "ITA", "JAM", "JEY", "JOR", "JPN", "KAZ", "KEN", "KGZ", - "KHM", "KIR", "KNA", "KOR", "KWT", "LAO", "LBN", "LBR", "LBY", "LCA", "LIE", "LKA", "LSO", "LTU", "LUX", "LVA", "MAC", "MAF", "MAR", "MCO", "MDA", "MDG", "MDV", "MEX", "MHL", "MKD", - "MLI", "MLT", "MMR", "MNE", "MNG", "MNP", "MOZ", "MRT", "MSR", "MTQ", "MUS", "MWI", "MYS", "MYT", "NAM", "NCL", "NER", "NFK", "NGA", "NIC", "NIU", "NLD", "NOR", "NPL", "NRU", "NZL", - "OMN", "PAK", "PAN", "PCN", "PER", "PHL", "PLW", "PNG", "POL", "PRI", "PRK", "PRT", "PRY", "PSE", "PYF", "QAT", "REU", "ROM", "ROU", "RUS", "RWA", "SAU", "SCG", "SDN", "SEN", "SGP", - "SGS", "SHN", "SJM", "SLB", "SLE", "SLV", "SMR", "SOM", "SPM", "SRB", "STP", "SUR", "SVK", "SVN", "SXW", "SWE", "SWZ", "SYC", "SYR", "TCA", "TCD", "TGO", "THA", "TJK", "TKL", "TKM", - "TLS", "TMP", "TON", "TTO", "TUN", "TUR", "TUV", "TWN", "TZA", "UGA", "UKR", "UMI", "URY", "USA", "UZB", "VAT", "VCT", "VEN", "VGB", "VIR", "VNM", "VUT", "WLF", "WSM", "YEM", "YUG", - "ZAF", "ZAR", "ZMB", "ZWE"); - - /** - * Searches the CountryCode (3166-1 alpha3 format) an return true if it exists. - * - * @param countryCode - * The Country code to search. - * - * @return true if the CountryCode exists, false otherwise. - */ - public static boolean hasCountryCodeAlpha3(final String countryCode) { - - return CountryCodes.countrysAlpha3.contains(countryCode); - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java deleted file mode 100644 index 0c59e117f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java +++ /dev/null @@ -1,160 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.sql.Timestamp; -import java.util.GregorianCalendar; - -import org.apache.log4j.Logger; -import org.joda.time.DateTime; -import org.joda.time.Years; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; - -import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException; - -/** - * This class holds static helper methods for Date Operations. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.4 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class DateUtil { - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(DateUtil.class.getName()); - - /** - * yyyy Date format size. - */ - private static final int YEAR_DATE_SIZE = 4; - - /** - * yyyyMM Date format size. - */ - private static final int MONTH_DATE_SIZE = 6; - - /** - * Private constructor. Prevents the class from being instantiated. - */ - private DateUtil() { - // empty constructor - } - - /** - * Fulfils dateValue with a valid date. The following roles are applied: a) If the dateValue only contains the year then fulfils with last year's day. e.g. this method returns 19951231 to the 1995 - * dateValue. b) If the dateValue contains the year and the month then fulfils with last month's day. e.g. this method returns 19950630 to the 199505 dateValue. - * - * @param dateValue - * The date to be fulfilled. - * - * @return The dateValue fulfilled. - */ - private static String fulfilDate(final String dateValue) { - - final StringBuffer strBuf = new StringBuffer(); - strBuf.append(dateValue); - // if the IdP just provides the year then we must fullfil the date. - if (dateValue.length() == YEAR_DATE_SIZE) { - strBuf.append(PEPSValues.LAST_MONTH.toString()); - } - // if the IdP provides the year and the month then we must fullfil the - // date. - if (dateValue.length() == MONTH_DATE_SIZE || strBuf.length() == MONTH_DATE_SIZE) { - // IdP doesn't provide the day, so we will use DateTime to - // calculate it. - final String noDayCons = PEPSValues.NO_DAY_DATE_FORMAT.toString(); - final DateTimeFormatter fmt = DateTimeFormat.forPattern(noDayCons); - final DateTime dateTime = fmt.parseDateTime(strBuf.toString()); - // Append the last month's day. - strBuf.append(dateTime.dayOfMonth().withMaximumValue().getDayOfMonth()); - } - - return strBuf.toString(); - } - - /** - * Validates the dateValue format: a) if has a valid size; b) if has a numeric value; Note: dateValue must have the format yyyyMMdd. - * - * @param dateValueTmp - * The date to be validated. - * @param pattern - * The accepted date format. - * - * @return true if the date has a valid format. - */ - public static boolean isValidFormatDate(final String dateValueTmp, final String pattern) { - - boolean retVal = true; - try { - final String dateValue = DateUtil.fulfilDate(dateValueTmp); - - final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern); - fmt.parseDateTime(dateValue); - } catch (final Exception e) { - // We catch Exception because we only have to return false - // value! - retVal = false; - } - return retVal; - } - - /** - * Calculates the age for a given date string. - * - * @param dateVal - * The date to be validated. - * @param now - * The current date. - * @param pattern - * The date pattern. - * - * @return The age value. - */ - public static int calculateAge(final String dateVal, final DateTime now, final String pattern) { - - if (DateUtil.isValidFormatDate(dateVal, pattern)) { - try { - final String dateValueTemp = DateUtil.fulfilDate(dateVal); - final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern); - final DateTime dateTime = fmt.parseDateTime(dateValueTemp); - // Calculating age - final Years age = Years.yearsBetween(dateTime, now); - - return age.getYears(); - } catch (final IllegalArgumentException e) { - LOG.warn("Invalid date format (" + pattern + ") or an invalid dateValue."); - throw new SecurityPEPSException(PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()), PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage()), e); - } - } else { - LOG.warn("Couldn't calculate Age, invalid date!"); - throw new SecurityPEPSException(PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()), PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage())); - } - - } - - /** - * Generates the current timestamp. - * - * @return timestamp The current timestamp - */ - public static Timestamp currentTimeStamp() { - final GregorianCalendar cal = new GregorianCalendar(); - final long millis = cal.getTimeInMillis(); - return new Timestamp(millis); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java deleted file mode 100644 index bdcf58fec..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java +++ /dev/null @@ -1,203 +0,0 @@ -package eu.stork.peps.auth.commons; - -import java.util.List; -import java.util.Map; - -/** - * Interface for {@link AttributeListProcessor}. - * - * @author ricardo.ferreira@multicert.com - * - * @version $Revision: $, $Date: $ - * - * @see IPersonalAttributeList - */ -public interface IAttributeListProcessor { - - /** - * Checks if attribute list only contains allowed attributes. - * - * @param attrList - * the requested attribute list - * @param attributes - * the allowed attributes - * - * @return true is all the attributes are allowed. - * - * @see IPersonalAttributeList - */ - boolean hasAllowedAttributes(final IPersonalAttributeList attrList, final List<String> attributes); - - /** - * Lookup for business attribute. - * - * @param attrList - * the requested attribute list - * @param normalAttributes - * the normal attributes - * - * @return true is at least one business attribute was requested. - * - * @see IPersonalAttributeList - */ - boolean hasBusinessAttributes(final IPersonalAttributeList attrList, final List<String> normalAttributes); - - /** - * Lookup for business attribute in normal attribute list (loaded by implementation). - * - * @param attrList - * the requested attribute list - * - * @return true is at least one business attribute was requested. - * - * @see IPersonalAttributeList - */ - boolean hasBusinessAttributes(final IPersonalAttributeList attrList); - - /** - * Adds eIdentifier, name, surname, and DateOfBirth attributes to get business attributes from some AP. - * - * @param attrList - * the requested attribute list - * @param attributes - * the list of attributes to add (eIdentifier, name, surname, and DateOfBirth). - * - * @return the requested attribute list and the new attributes added (eIdentifier, name, surname, and DateOfBirth). - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList, final List<String> attributes); - - /** - * Adds eIdentifier, name, surname, and DateOfBirth attributes, loaded by implementation, to get business attributes from some AP. - * - * @param attrList - * the requested attribute list - * - * @return the requested attribute list and the new attributes added (eIdentifier, name, surname, and DateOfBirth). - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList); - - /** - * Removes from attribute list the given list of attributes. - * - * @param attrList - * the requested attribute list - * @param attributes - * the list of attributes to remove. - * - * @return the requested attribute list and the attributes removed. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList removeAPMandatoryAttributes(final IPersonalAttributeList attrList, final List<String> attributes); - - /** - * Removes from attribute list the given list of attributes and change attributes status if attribute was optional in the request. - * - * @param attrList - * the requested attribute list - * @param attributes - * the map of attributes (attribute name, mandatory/optional) to remove. - * - * @return the requested attribute list and the attributes removed - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList removeAPMandatoryAttributes(IPersonalAttributeList attrList, Map<String, Boolean> attributes); - - /** - * Removes from attribute list the Stork list of attributes. - * - * @param attrList - * the requested attribute list - * - * @return the attribute list without rejected attributes. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList removeAPRejectedAttributes(IPersonalAttributeList attrList); - - /** - * Checks if mandate attribute exist in the requested Attribute List. Power attribute name to lookup is loaded by implementation. - * - * @param attrList - * the requested attribute list. - * - * @return true if mandate attribute exists or false otherwise. - * - * @see IPersonalAttributeList - */ - boolean hasPowerAttribute(final IPersonalAttributeList attrList); - - /** - * Checks if attribute name was requested and has value. - * - * @param attrList - * the requested attribute list. - * @param attrName - * the attribute name to lookup for . - * - * @return true if attribute was requested and has value or false otherwise. - * - * @see IPersonalAttributeList - */ - boolean hasAttributeValue(final IPersonalAttributeList attrList, final String attrName); - - /** - * Checks if attribute has value. - * - * @param attr - * the attribute to check. - * - * @return true if has value; - * - * @see PersonalAttribute - */ - boolean hasAttributeValue(final PersonalAttribute attr); - - /** - * Gets a map (attribute name, attribute isRequired) of attributes added to attribute list. - * - * @return the Map of attributes added and if is required to attribute list. - */ - Map<String, Boolean> getNormalAttributesAdded(); - - /** - * Adds normal attributes to personal attribute list if exist in original list (allAttrList). - * - * @param attrList - * the list which will be updated - * @param allAttrList - * the list to check if attributes are to be included. - * - * - * @return the attributes list updated. - */ - IPersonalAttributeList addNormalAttributes(IPersonalAttributeList attrList, IPersonalAttributeList allAttrList); - - /** - * Updates list by filtering any attribute that must be requested instead of using a value obtained from cache (business and legal attrs) - * - * @param attrList - * the list which will be updated - * @return the filtered list - */ - IPersonalAttributeList filterAttrList(IPersonalAttributeList attrList); - - /** - * Updates the list of cached attrs by inserting the business and/or legal attrs requested by the user - * - * @param cachedAttrList - * @param requestedAttrsList - */ - void updateAttrList(IPersonalAttributeList cachedAttrList, IPersonalAttributeList requestedAttrsList); - - /** - * Verifies if normal attribute list contains any attribute that we must always request (usually business attributes) - */ - boolean hasAlwaysRequestAttributes(IPersonalAttributeList attributeList); - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java deleted file mode 100644 index cc5fe977f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java +++ /dev/null @@ -1,88 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.util.Iterator;
-
-/**
- * Interface for Attributes Providers map.
- *
- * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
- *
- * @version $Revision: 1.00 $, $Date: 2013-09-20 $
- */
-public interface IAttributeProvidersMap {
-
- /**
- * Returns the object associated the the given key.
- *
- * @param key
- * with which the specified value is to be associated.
- *
- * @return The object associated the the given key.
- */
- IPersonalAttributeList get(AttributeSource key);
-
- /**
- * Associates a key to a value, and inserts them in the session object.
- *
- * @param key
- * with which the specified value is to be associated.
- * @param value
- * to be associated with the specified key.
- *
- * @return previous value associated with specified key, or null if there was no mapping for key. A null return can also indicate that the map previously associated null with the specified key.
- */
- Object put(AttributeSource key, IPersonalAttributeList value);
-
- /**
- * Removes the mapping for this key.
- *
- * @param key
- * with which the specified value is to be associated.
- *
- * @return previous value associated with specified key, or null if there was no mapping for key. A null return can also indicate that the map previously associated null with the specified key.
- */
- IPersonalAttributeList remove(AttributeSource key);
-
- /**
- * Returns the number of key-value mappings in this map.
- *
- * @return the number of key-value mappings in this map.
- */
- int size();
-
- /**
- * Returns true if this map contains a mapping for the specified key.
- *
- * @param key
- * with which the specified value is to be associated.
- *
- * @return true if this map contains a mapping for the specified key.
- */
- boolean containsKey(AttributeSource key);
-
- /**
- * Removes all mappings from this map.
- */
- void clear();
-
- /**
- * Returns true if this map contains no key-value mappings.
- *
- * @return true if this map contains no key-value mappings.
- */
- boolean isEmpty();
-
- /**
- * Returns an Iterator of the keys contained in this map. The implementation must take care in order for the Iterator to have predictable order of the returned keys.
- *
- * @return an iterator of the keys contained in this map
- */
- Iterator<AttributeSource> keyIterator();
-
- /**
- * Merges this Attribute Providers Map with another providers map changes the contents of this map so it returns null
- *
- * @param aPMap
- */
- void mergeWith(IAttributeProvidersMap aPMap);
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java deleted file mode 100644 index 7eb788461..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java +++ /dev/null @@ -1,198 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.Collection; -import java.util.Iterator; -import java.util.Set; - -/** - * Interface for {@link PersonalAttributeList}. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.16 $, $Date: 2010-11-17 05:15:28 $ - * - * @see PersonalAttribute - */ -@SuppressWarnings("PMD.CloneMethodMustImplementCloneable") -public interface IPersonalAttributeList extends Iterable<PersonalAttribute>, Cloneable { - - /** - * Associates the specified value with the specified key in this Personal Attribute List. - * - * @param key - * with which the specified value is to be associated. - * @param value - * to be associated with the specified key. - * - * @return the previous value associated with key, or null if there was no mapping for key. - * - * @see PersonalAttribute - */ - PersonalAttribute put(String key, PersonalAttribute value); - - /** - * Replaces the specified value with the specified key in this Personal Attribute List. - * - * @param key - * with which the specified value is to be replaced. - * @param value - * to be associated with the specified key. - * - * @return the previous value associated with key, or null if there was no mapping for key. - * - * @see PersonalAttribute - */ - PersonalAttribute replace(String key, PersonalAttribute value); - - /** - * Returns the value to which the specified key is mapped, or null if this map contains no mapping for the key. - * - * @param key - * whose associated value is to be returned. - * - * @return The value to which the specified key is mapped, or null if this map contains no mapping for the key. - * - * @see PersonalAttribute - */ - PersonalAttribute get(Object key); - - /** - * Adds to the PersonalAttributeList the given PersonalAttribute. It sets the attribute name as the key to the attribute value. - * - * @param value - * PersonalAttribute to add to the PersonalAttributeList - */ - void add(PersonalAttribute value); - - /** - * Get the size of the Personal Attribute List. - * - * @return size of the Personal Attribute List. - */ - int size(); - - /** - * Checks if the Personal Attribute List contains the given key. - * - * @param key - * with which the specified value is to be associated. - * - * @return true if the Personal Attribute List contains the given key, false otherwise. - */ - boolean containsKey(Object key); - - /** - * Getter for the iterator of the Personal Attribute List values. - * - * @return The iterator for the Personal Attribute List values. - * - * @see PersonalAttribute - */ - Iterator<PersonalAttribute> iterator(); - - /** - * Creates a Personal Attribute List from a String representing an Attribute List. - * - * @param attrList - * String Object representing the attribute list. - */ - void populate(String attrList); - - /** - * Removes the mapping for this key from this map if present. - * - * @param key - * key whose mapping is to be removed from the map. - * @return previous value associated with specified key, or <tt>null</tt> if there was no mapping for key. A <tt>null</tt> return can also indicate that the map previously associated <tt>null</tt> - * with the specified key. - */ - PersonalAttribute remove(Object key); - - /** - * Returns a collection view of the values contained in this map. The collection is backed by the map, so changes to the map are reflected in the collection, and vice-versa. The collection - * supports element removal, which removes the corresponding mapping from this map, via the <tt>Iterator.remove</tt>, <tt>Collection.remove</tt>, <tt>removeAll</tt>, <tt>retainAll</tt>, and - * <tt>clear</tt> operations. It does not support the <tt>add</tt> or <tt>addAll</tt> operations. - * - * @return a collection view of the values contained in this map. - */ - Collection<PersonalAttribute> values(); - - /** - * Returns a {@link Set} view of the keys contained in this map. The set is backed by the map, so changes to the map are reflected in the set, and vice-versa. If the map is modified while an - * iteration over the set is in progress (except through the iterator's own <tt>remove</tt> operation), the results of the iteration are undefined. The set supports element removal, which removes - * the corresponding mapping from the map, via the <tt>Iterator.remove</tt>, <tt>Set.remove</tt>, <tt>removeAll</tt>, <tt>retainAll</tt>, and <tt>clear</tt> operations. It does not support the - * <tt>add</tt> or <tt>addAll</tt> operations. - * - * @return a set view of the keys contained in this map - */ - Set<String> keySet(); - - /** - * Returns a IPersonalAttributeList of the complex attributes. - * - * @return an IPersonalAttributeList of the complex attributes. - */ - IPersonalAttributeList getComplexAttributes(); - - /** - * Returns a IPersonalAttributeList of the simple value attributes. - * - * @return an IPersonalAttributeList of the simple value attributes. - */ - IPersonalAttributeList getSimpleValueAttributes(); - - /** - * Returns a IPersonalAttributeList of the mandatory attributes in this map. - * - * @return an IPersonalAttributeList of the mandatory attributes contained in this map. - */ - IPersonalAttributeList getMandatoryAttributes(); - - /** - * Returns a IPersonalAttributeList merged with provided one. - * - * @return an IPersonalAttributeList the attribute list to merge with. - */ - IPersonalAttributeList merge(IPersonalAttributeList attrList); - - /** - * Returns a IPersonalAttributeList of the optional attributes in this map. - * - * @return an IPersonalAttributeList of the optional attributes contained in this map. - */ - IPersonalAttributeList getOptionalAttributes(); - - /** - * Returns <tt>true</tt> if this map contains no key-value mappings. - * - * @return <tt>true</tt> if this map contains no key-value mappings. - */ - boolean isEmpty(); - - /** - * Returns <tt>true</tt> if this map contains at least one element that doesn't have value. - * - * @return <tt>true</tt> if this map contains at least one element that doesn't have value. - */ - boolean hasMissingValues(); - - /** - * Returns a copy of this <tt>IPersonalAttributeList</tt> instance. - * - * @return The copy of this IPersonalAttributeList. - */ - Object clone(); - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java deleted file mode 100644 index 1bb8cffa8..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java +++ /dev/null @@ -1,249 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * Interface for stork logging. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $ - */ -public interface IStorkLogger { - - /** - * Getter for SpApplication. - * - * @return The SpApplication value. - */ - String getSpApplication(); - - /** - * Setter for SpApplication. - * - * @param spApplication - * The SP Application. - */ - void setSpApplication(String spApplication); - - /** - * Getter for ProviderName. - * - * @return The ProviderName value. - */ - String getProviderName(); - - /** - * Setter for ProviderName. - * - * @param providerName - * The provider name. - */ - void setProviderName(String providerName); - - /** - * - * Getter for Origin. - * - * @return The Origin value. - * - */ - String getOrigin(); - - /** - * Setter for Origin. - * - * @param origin - * The origin. - */ - void setOrigin(String origin); - - /** - * - * Getter for QAA Level. - * - * @return The QAA Level value. - * - */ - int getQaaLevel(); - - /** - * Setter for QAA Level. - * - * @param qaaLevel - * The qaa level. - */ - void setQaaLevel(int qaaLevel); - - /** - * - * Getter for timestamp. - * - * @return The timestamp value. - * - */ - String getTimestamp(); - - /** - * Setter for timestamp. - * - * @param timestamp - * The request's timestamp. - */ - void setTimestamp(String timestamp); - - /** - * Getter for InResponseTo. - * - * @return The InResponseTo value. - */ - String getInResponseTo(); - - /** - * Setter for InResponseTo. - * - * @param inResponseTo - * The Saml's response id. - */ - void setInResponseTo(String inResponseTo); - - /** - * Getter for InResponseToSPReq. - * - * @return The InResponseToSPReq value. - */ - String getInResponseToSPReq(); - - /** - * Setter for InResponseToSPRequ. - * - * @param inResponseToSPReq - * The Saml's response id. - */ - void setInResponseToSPReq(String inResponseToSPReq); - - /** - * Getter for opType. - * - * @return The opType value. - */ - String getOpType(); - - /** - * Setter for opType. - * - * @param opType - * The operation type. - */ - void setOpType(String opType); - - /** - * Getter for destination. - * - * @return The destination value. - */ - String getDestination(); - - /** - * Setter for destinationIp. - * - * @param destination - * The remote IP. - */ - void setDestination(String destination); - - /** - * Getter for message or assertion consumer. - * - * @return The message or assertion consumer. - */ - String getMessage(); - - /** - * Setter for message or assertion consumer. - * - * @param message - * or assertion consumer. - */ - void setMessage(String message); - - /** - * Getter for country. - * - * @return The country value. - */ - String getCountry(); - - /** - * Setter for country. - * - * @param country - * The country. - */ - void setCountry(String country); - - /** - * Getter for samlHash. - * - * @return The samlHash value. - */ - byte[] getSamlHash(); - - /** - * Setter for samlHash. - * - * @param samlHash - * the encrypted SAML token - */ - void setSamlHash(byte[] samlHash); - - /** - * Getter for msgId. - * - * @return the msgId - */ - String getMsgId(); - - /** - * Setter for msgId. - * - * @param msgId - * the ID of the originator of this message - */ - void setMsgId(String msgId); - - /** - * Getter for sPMsgId. - * - * @return the sPMsgId - */ - String getSPMsgId(); - - /** - * Setter for sPMsgId. - * - * @param sPMsgId - * the ID of the originator of this message - */ - void setSPMsgId(String sPMsgId); - - /** - * The format of the returned String must be the following: "requestCounter#ddMMMyyyykk:mm:ss#opType#originIp#originName #destinationIp#destinationName#samlHash#[originatorName#msgId#]" - * - * The values enclosed in '[]' only apply when logging responses. - * - * @return {@inheritDoc} - */ - @Override - String toString(); -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java deleted file mode 100644 index 33105c58f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * Interface for stork session. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $ - */ -public interface IStorkSession { - - /** - * Returns the object associated the the given key. - * - * @param key - * with which the specified value is to be associated. - * - * @return The object associated the the given key. - */ - Object get(Object key); - - /** - * Associates a key to a value, and inserts them in the session object. - * - * @param key - * with which the specified value is to be associated. - * @param value - * to be associated with the specified key. - * - * @return previous value associated with specified key, or null if there was no mapping for key. A null return can also indicate that the map previously associated null with the specified key. - */ - Object put(String key, Object value); - - /** - * Removes the mapping for this key. - * - * @param key - * with which the specified value is to be associated. - * - * @return previous value associated with specified key, or null if there was no mapping for key. A null return can also indicate that the map previously associated null with the specified key. - */ - Object remove(Object key); - - /** - * Returns the number of key-value mappings in this map. - * - * @return the number of key-value mappings in this map. - */ - int size(); - - /** - * Returns true if this map contains a mapping for the specified key. - * - * @param key - * with which the specified value is to be associated. - * - * @return true if this map contains a mapping for the specified key. - */ - boolean containsKey(Object key); - - /** - * Removes all mappings from this map. - */ - void clear(); - - /** - * Returns true if this map contains no key-value mappings. - * - * @return true if this map contains no key-value mappings. - */ - boolean isEmpty(); -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java deleted file mode 100644 index f326ccfe9..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java +++ /dev/null @@ -1,330 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.apache.log4j.Logger;
-
-/**
- * This class is a bean used to store the information of Attribute Providers, the Attribute List to be requested, the Assertions returned by the Attribute Providers and the values that each Attribute
- * has. This information along with the current status of the Linker (the attribute providers that were queried and the remaining providers) is used by the PEPS actions in order to complete the
- * Attribute gathering.
- *
- * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr)
- *
- * @version $Revision: 1.50 $, $Date: 2013-11-28 $
- */
-public final class Linker implements Serializable {
- /**
- * Unique identifier.
- */
- private static final long serialVersionUID = -3268006381745987237L;
-
- /**
- * Logger object.
- */
- private static final Logger LOG = Logger.getLogger(Linker.class.getName());
-
- /**
- * Attributes Providers map.
- */
- private IAttributeProvidersMap attributeProvidersMap;
-
- /**
- * Assertion map.
- */
- private Map<AttributeSource, List<STORKAttrQueryResponse>> assertions;
-
- /**
- * The current index of local (domestic) Attribute Providers.
- */
- private int localIndex;
-
- /**
- * The current index of remote (foreign) Attribute Providers - countries.
- */
- private int remoteIndex;
-
- /**
- * Constructs an empty Linker object.
- */
- public Linker() {
- localIndex = 0;
- remoteIndex = 0;
-
- assertions = new LinkedHashMap<AttributeSource, List<STORKAttrQueryResponse>>();
- }
-
- /**
- * Based on the internal state of the Linker it returns the next local Attribute Source
- *
- * @return The next Attribute Source or null if not found
- *
- * @see AttributeSource
- */
- public AttributeSource getNextLocalProvider() {
- Iterator<AttributeSource> iterator;
- AttributeSource source, found;
- int curIndex = 0;
-
- found = null;
-
- if (attributeProvidersMap != null && !attributeProvidersMap.isEmpty()) {
- iterator = attributeProvidersMap.keyIterator();
- while (iterator.hasNext()) {
- source = iterator.next();
-
- if (source.getSourceType() == AttributeSource.SOURCE_LOCAL_APROVIDER) {
- if (curIndex >= localIndex) {
- found = source;
-
- break;
- }
-
- curIndex++;
- }
- }
- }
-
- return found;
- }
-
- /**
- * Based on the internal state of the Linker it returns the next remote Attribute Source
- *
- * @return The next Attribute Source or null if not found
- *
- * @see AttributeSource
- */
- public AttributeSource getNextRemoteProvider() {
- Iterator<AttributeSource> iterator;
- AttributeSource source, found;
- int curIndex = 0;
-
- found = null;
-
- if (attributeProvidersMap != null && !attributeProvidersMap.isEmpty()) {
- iterator = attributeProvidersMap.keyIterator();
- while (iterator.hasNext()) {
- source = iterator.next();
-
- if (source.getSourceType() == AttributeSource.SOURCE_REMOTE_COUNTRY) {
- if (curIndex >= remoteIndex) {
- found = source;
-
- break;
- }
-
- curIndex++;
- }
- }
- }
-
- return found;
- }
-
- /**
- * It updates the Linker with the values returned by the Attribute Source. It also advances to the next index in order to mark this attribute source as completed.
- *
- * @param source
- * The Attribute Source that was queried for attribute values.
- * @param attrResponse
- * The attrResponse returned by the Attribute Source that contains the attribute values.
- *
- * @see AttributeSource, STORKAttrQueryResponse
- */
- public void setProviderReponse(AttributeSource source, STORKAttrQueryResponse attrResponse) {
- if (source.getSourceType() == AttributeSource.SOURCE_REMOTE_COUNTRY)
- remoteIndex++;
- else
- localIndex++;
-
- // Assertion storage
- if (this.assertions.containsKey(source)) {
- this.assertions.get(source).add(attrResponse);
- } else {
- List<STORKAttrQueryResponse> temp = new ArrayList<STORKAttrQueryResponse>();
- temp.add(attrResponse);
- this.assertions.put(source, temp);
- }
-
- if (source.getSourceType() == AttributeSource.SOURCE_REMOTE_COUNTRY) {
- this.attributeProvidersMap.put(source, attrResponse.getTotalPersonalAttributeList());
- } else {
- this.attributeProvidersMap.put(source, attrResponse.getPersonalAttributeList());
- }
- }
-
- /**
- * Reset the internal state of the local Attribute Source in order to start over.
- */
- public void resetLocalIndex() {
- localIndex = 0;
- }
-
- /**
- * Reset the internal state of the remote Attribute Source in order to start over.
- */
- public void resetRemoteIndex() {
- remoteIndex = 0;
- }
-
- /**
- * Setter for attributeProvidersMap.
- *
- * @param attributeProvidersMap
- * The attributeProvidersMap to set.
- */
- public void setAttributeProvidersMap(IAttributeProvidersMap attributeProvidersMap) {
- this.attributeProvidersMap = attributeProvidersMap;
- }
-
- /**
- * Getter for attributeProvidersMap.
- *
- * @return attributeProvidersMap
- */
- public IAttributeProvidersMap getAttributeProvidersMap() {
- return attributeProvidersMap;
- }
-
- /**
- * Returns the Personal Attribute list of the provided Attribute Source.
- *
- * @param source
- * The attributeSource in reference
- *
- * @return The IPersonalAttributeList assosiated with this source or null if empty
- *
- * @see IPersonalAttributeList
- */
- public IPersonalAttributeList getProviderAttributes(AttributeSource source) {
- if (attributeProvidersMap.containsKey(source))
- return attributeProvidersMap.get(source);
- else
- return null;
- }
-
- /**
- * Returns the merged Personal Attribute list from all the Attribute Sources.
- *
- * @return The IPersonalAttributeList merged Personal Attribute list or null if empty
- *
- * @see IPersonalAttributeList
- */
- public IPersonalAttributeList getAllAttributes() {
- Iterator<AttributeSource> iterator;
- AttributeSource source;
- IPersonalAttributeList list, merged;
-
- merged = null;
-
- if (attributeProvidersMap != null && !attributeProvidersMap.isEmpty()) {
- iterator = attributeProvidersMap.keyIterator();
-
- merged = new PersonalAttributeList();
- while (iterator.hasNext()) {
- source = iterator.next();
- list = this.getProviderAttributes(source);
-
- for (final PersonalAttribute pa : list) {
- merged.add(pa);
- }
- }
- }
-
- return merged;
- }
-
- /**
- * Returns a List with all the assertions gathered by the AAS-PEPS module returned both by local APs or remote A-PEPS.
- *
- * @return The assertions returned from the APs and A-PEPS
- */
- public List<STORKAttrQueryResponse> getAttrQueryResponseList() {
- List<STORKAttrQueryResponse> originalAssertions;
-
- originalAssertions = new ArrayList<STORKAttrQueryResponse>();
-
- // Gather all assertions
- for (List<STORKAttrQueryResponse> element : this.assertions.values()) {
- originalAssertions.addAll(element);
- }
- return originalAssertions;
- }
-
- /**
- * Checks the internal state of the Linker and if all Attribute Sources where visited returns true, otherwise it returns false. So if you go directly from AtPLinkerAction to MoreAttributesAction
- * the call will have, since the method setProviderReponse was not executed from every Attribute Source.
- *
- * @return true if everything is OK, false otherwise
- */
- public boolean isComplete() {
- boolean outcome = false;
-
- LOG.debug("Check if linkder is complete: R[" + remoteIndex + "], L[" + localIndex + "], S[" + attributeProvidersMap.size() + "]");
- if (attributeProvidersMap != null && !attributeProvidersMap.isEmpty()) {
- if ((remoteIndex + localIndex) == attributeProvidersMap.size())
- outcome = true;
- } else {
- outcome = true;
- }
-
- return outcome;
- }
-
- /**
- * Merge the two Linker objects.
- *
- * @param previous
- * The other Linker object to merge with this one.
- */
- public void mergeWith(Linker previous) {
- // BEFORE
- if (LOG.isDebugEnabled()) {
- LOG.debug("The attributeProvidersMap from the current object.");
- ((AttributeProvidersMap) this.attributeProvidersMap).trace();
- LOG.debug("The attributeProvidersMap from the provided object.");
- ((AttributeProvidersMap) previous.getAttributeProvidersMap()).trace();
- }
-
- IAttributeProvidersMap map = previous.getAttributeProvidersMap();
- Iterator<AttributeSource> items = map.keyIterator();
- while (items.hasNext()) {
- AttributeSource item = items.next();
- IPersonalAttributeList pal = map.get(item);
-
- if (this.attributeProvidersMap.containsKey(item)) {
- IPersonalAttributeList new_pal = this.attributeProvidersMap.get(item);
-
- for (PersonalAttribute pa : pal)
- new_pal.add(pa);
- } else {
- if (item.getSourceType() == AttributeSource.SOURCE_REMOTE_COUNTRY)
- remoteIndex++;
- else
- localIndex++;
-
- this.attributeProvidersMap.put(item, pal);
- }
- }
-
- // AFTER
- if (LOG.isDebugEnabled()) {
- LOG.debug("The attributeProvidersMap after the merge.");
- ((AttributeProvidersMap) this.attributeProvidersMap).trace();
- }
-
- for (AttributeSource as : previous.assertions.keySet()) {
- if (!assertions.containsKey(as)) {
- assertions.put(as, previous.assertions.get(as));
- } else {
- assertions.get(as).addAll(previous.assertions.get(as));
- }
- }
- }
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java deleted file mode 100644 index 7d758d754..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java +++ /dev/null @@ -1,394 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains all the STORK PEPS, Commons and Specific errors constant identifiers. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $ - */ -public enum PEPSErrors { - - /** - * Represents the 'authenticationFailed' constant error identifier. - */ - AUTHENTICATION_FAILED_ERROR("authenticationFailed"), - /** - * Represents the 'spCountrySelector.errorCreatingSAML' constant error identifier. - */ - SP_COUNTRY_SELECTOR_ERROR_CREATE_SAML("spCountrySelector.errorCreatingSAML"), - /** - * Represents the 'spCountrySelector.destNull' constant error identifier. - */ - SP_COUNTRY_SELECTOR_DESTNULL("spCountrySelector.destNull"), - /** - * Represents the 'spCountrySelector.invalidAttr' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_ATTR("spCountrySelector.invalidAttr"), - /** - * Represents the 'spCountrySelector.invalidProviderName' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_PROVIDER_NAME("spCountrySelector.invalidProviderName"), - /** - * Represents the 'spCountrySelector.invalidQaaSPid' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_QAASPID("spCountrySelector.invalidQaaSPid"), - /** - * Represents the 'spCountrySelector.invalidSpId' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_SPID("spCountrySelector.invalidSpId"), - /** - * Represents the 'spCountrySelector.invalidSPQAA' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_SPQAA("spCountrySelector.invalidSPQAA"), - /** - * Represents the 'spCountrySelector.invalidSpURL' constant error identifier. - */ - SP_COUNTRY_SELECTOR_INVALID_SPURL("spCountrySelector.invalidSpURL"), - /** - * Represents the 'spCountrySelector.spNotAllowed' constant error identifier. - */ - SP_COUNTRY_SELECTOR_SPNOTALLOWED("spCountrySelector.spNotAllowed"), - - /** - * Represents the 'sProviderAction.errorCreatingSAML' constant error identifier. - */ - SPROVIDER_SELECTOR_ERROR_CREATE_SAML("sProviderAction.errorCreatingSAML"), - /** - * Represents the 'sProviderAction.attr' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_ATTR("sProviderAction.invalidAttr"), - /** - * Represents the 'sProviderAction.country' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_COUNTRY("sProviderAction.invalidCountry"), - /** - * Represents the 'sProviderAction.relayState' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_RELAY_STATE("sProviderAction.invalidRelayState"), - /** - * Represents the 'sProviderAction.saml' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SAML("sProviderAction.invalidSaml"), - /** - * Represents the 'sProviderAction.spAlias' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPALIAS("sProviderAction.invalidSPAlias"), - /** - * Represents the 'sProviderAction.spDomain' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPDOMAIN("sProviderAction.invalidSPDomain"), - /** - * Represents the 'sProviderAction.spId' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPID("sProviderAction.invalidSPId"), - /** - * Represents the 'sProviderAction.spQAA' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPQAA("sProviderAction.invalidSPQAA"), - /** - * Represents the 'sProviderAction.spQAAId' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPQAAID("sProviderAction.invalidSPQAAId"), - /** - * Represents the 'sProviderAction.spRedirect' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SPREDIRECT("sProviderAction.invalidSPRedirect"), - /** - * Represents the 'sPPowerValidationAction.invalidSPPVAttrList' constant error identifier. - */ - SPPOWERVALIDATION_SELECTOR_INVALID_SP_PV_ATTR_LIST("sPPowerValidationAction.invalidSPPVAttrList"), - - /** - * Represents the 'sProviderAction.invalidSPProviderName' constant error identifier. - */ - SPROVIDER_SELECTOR_INVALID_SP_PROVIDERNAME("sProviderAction.invalidSPProviderName"), - /** - * Represents the 'sProviderAction.spNotAllowed' constant error identifier. - */ - SPROVIDER_SELECTOR_SPNOTALLOWED("sProviderAction.spNotAllowed"), - - /** - * Represents the 'internalError' constant error identifier. - */ - INTERNAL_ERROR("internalError"), - - /** - * Represents the 'colleagueRequest.attrNull' constant error identifier. - */ - COLLEAGUE_REQ_ATTR_NULL("colleagueRequest.attrNull"), - /** - * Represents the 'colleagueRequest.errorCreatingSAML' constant error identifier. - */ - COLLEAGUE_REQ_ERROR_CREATE_SAML("colleagueRequest.errorCreatingSAML"), - /** - * Represents the 'colleagueRequest.invalidCountryCode' constant error identifier. - */ - COLLEAGUE_REQ_INVALID_COUNTRYCODE("colleagueRequest.invalidCountryCode"), - /** - * Represents the 'colleagueRequest.invalidDestUrl' constant error identifier. - */ - COLLEAGUE_REQ_INVALID_DEST_URL("colleagueRequest.invalidDestUrl"), - /** - * Represents the 'colleagueRequest.invalidQaa' constant error identifier. - */ - COLLEAGUE_REQ_INVALID_QAA("colleagueRequest.invalidQaa"), - /** - * Represents the 'colleagueRequest.invalidRedirect' constant error identifier. - */ - COLLEAGUE_REQ_INVALID_REDIRECT("colleagueRequest.invalidRedirect"), - /** - * Represents the 'colleagueRequest.invalidSAML' constant error identifier. - */ - COLLEAGUE_REQ_INVALID_SAML("colleagueRequest.invalidSAML"), - - /** - * Represents the 'colleaguePVRequest.invalidPVAttrList' constant error identifier. - */ - COLLEAGUE_PV_REQ_INVALID_PV_ATTR_LIST("colleaguePVRequest.invalidPVAttrList"), - - /** - * Represents the 'cpepsRedirectUrl' constant error identifier. - */ - CPEPS_REDIRECT_URL("cpepsRedirectUrl"), - /** - * Represents the 'spepsRedirectUrl' constant error identifier. - */ - SPEPS_REDIRECT_URL("spepsRedirectUrl"), - /** - * Represents the 'sProviderAction.invCountry' constant error identifier. - */ - SP_ACTION_INV_COUNTRY("sProviderAction.invCountry"), - - /** - * Represents the 'providernameAlias.invalid' constant error identifier. - */ - PROVIDER_ALIAS_INVALID("providernameAlias.invalid"), - - /** - * Represents the 'cPeps.attrNull' constant error identifier. - */ - CPEPS_ATTR_NULL("cPeps.attrNull"), - - /** - * Represents the 'colleagueResponse.invalidSAML' constant error identifier. - */ - COLLEAGUE_RESP_INVALID_SAML("colleagueResponse.invalidSAML"), - - /** - * Represents the 'citizenNoConsent.mandatory' constant error identifier. - */ - CITIZEN_NO_CONSENT_MANDATORY("citizenNoConsent.mandatory"), - /** - * Represents the 'citizenResponse.mandatory' constant error identifier. - */ - CITIZEN_RESPONSE_MANDATORY("citizenResponse.mandatory"), - /** - * Represents the 'attVerification.mandatory' constant error identifier. - */ - ATT_VERIFICATION_MANDATORY("attVerification.mandatory"), - /** - * Represents the 'attrValue.verification' constant error identifier. - */ - ATTR_VALUE_VERIFICATION("attrValue.verification"), - - /** - * Represents the 'audienceRestrictionError' constant error identifier. - */ - AUDIENCE_RESTRICTION("audienceRestrictionError"), - /** - * Represents the 'auRequestIdError' constant error identifier. - */ - AU_REQUEST_ID("auRequestIdError"), - /** - * Represents the 'domain' constant error identifier. - */ - DOMAIN("domain"), - /** - * Represents the 'hash.error' constant error identifier. - */ - HASH_ERROR("hash.error"), - /** - * Represents the 'invalidAttributeList' constant error identifier. - */ - INVALID_ATTRIBUTE_LIST("invalidAttributeList"), - /** - * Represents the 'invalidAttributeValue' constant error identifier. - */ - INVALID_ATTRIBUTE_VALUE("invalidAttributeValue"), - /** - * Represents the 'qaaLevel' constant error identifier. - */ - QAALEVEL("qaaLevel"), - /** - * Represents the 'requests' constant error identifier. - */ - REQUESTS("requests"), - /** - * Represents the 'SPSAMLRequest' constant error identifier. - */ - SP_SAML_REQUEST("SPSAMLRequest"), - /** - * Represents the 'spepsSAMLRequest' constant error identifier. - */ - SPEPS_SAML_REQUEST("spepsSAMLRequest"), - /** - * Represents the 'IdPSAMLResponse' constant error identifier. - */ - IDP_SAML_RESPONSE("IdPSAMLResponse"), - /** - * Represents the 'cpepsSAMLResponse' constant error identifier. - */ - CPEPS_SAML_RESPONSE("cpepsSAMLResponse"), - /** - * Represents the 'cpepsSAMLResponse' constant error identifier. - */ - SPEPS_SAML_RESPONSE("spepsSAMLResponse"), - /** - * Represents the 'session' constant error identifier. - */ - SESSION("session"), - /** - * Represents the 'invalid.session' constant error identifier. - */ - INVALID_SESSION("invalid.session"), - /** - * Represents the 'invalid.sessionId' constant error identifier. - */ - INVALID_SESSION_ID("invalid.sessionId"), - /** - * Represents the 'missing.sessionId' constant error identifier. - */ - MISSING_SESSION_ID("sessionError"), - /** - * Represents the 'missing.mandate' constant error identifier. - */ - MISSING_MANDATE("missing.mandate"), - /** - * Represents the 'AtPSAMLResponse' constant error identifier. - */ - ATP_SAML_RESPONSE("AtPSAMLResponse"), - - /** - * Represents the 'AtPSAMLResponse' constant error identifier. - */ - ATP_RESPONSE_ERROR("atp.response.error"), - - /** - * Represents the 'apepsSAMLRequest' constant error identifier. - */ - APEPS_SAML_REQUEST("apepsSAMLRequest"), - - /** - * Represents the 'apepsSAMLResponse' constant error identifier. - */ - APEPS_SAML_RESPONSE("apepsSAMLResponse"), - - /** - * Represents the 'invalid.apepsRedirectUrl' constant error identifier. - */ - INVALID_APEPS_REDIRECT_URL("invalid.apepsRedirectUrl"), - - /** - * Represents the 'invalid.apepsCallbackUrl' constant error identifier. - */ - INVALID_APEPS_CALLBACK_URL("invalid.apepsCallbackUrl"), - - /** - * Represents the 'colleagueAttributeRequest.invalidSAML' constant error identifier. - */ - COLLEAGUE_ATTR_REQ_INVALID_SAML("colleagueAttributeRequest.invalidSAML"), - - /** - * Represents the 'invalid.attr.country.code' constant error identifier. - */ - INVALID_COUNTRY_CODE("invalid.attr.country.code"), - /** - * DTL error codes. - */ - DTL_ERROR_ADD("dtl.error.adding.doc"), DTL_ERROR_GET("dtl.error.getting.doc"), DTL_ERROR_REQUEST("dtl.error.request.attribute"), DTL_INVALID_XML("dtl.invalid.xml"), DTL_EMPTY_REQUEST( - "dtl.empty.request"), DTL_ERROR_DOCUMENT_URL("dtl.error.no.document.url"), DTL_ERROR_NO_DOCUMENT("dtl.error.no.document"), DTL_ERROR_MARSHALL_SIGNREQUEST("dtl.error.marshall.signrequest"), DTL_ERROR_MARSHALL_SIGNRESPONSE( - "dtl.error.marshall.signresponse"), - /** - * Represents the 'colleagueAttributeRequest.invalidSAML' constant error identifier. - */ - COLLEAGUE_LOGOUT_INVALID_SAML("colleagueLogoutRequest.invalidSAML"); - - /** - * Represents the constant's value. - */ - private String error; - - /** - * Solo Constructor. - * - * @param nError - * The Constant error value. - */ - PEPSErrors(final String nError) { - this.error = nError; - } - - /** - * Construct the errorCode Constant value. - * - * @return The errorCode Constant. - */ - public String errorCode() { - return error + ".code"; - } - - /** - * Construct the errorCode Constant value with the given code text. - * - * @param text - * the code text to append to the constant. - * - * @return The errorCode Constant for the given code text. - */ - public String errorCode(final String text) { - return error + "." + text + ".code"; - } - - /** - * Construct the errorMessage constant value. - * - * @return The errorMessage constant. - */ - public String errorMessage() { - return error + ".message"; - } - - /** - * Construct the errorMessage Constant value with the given message text. - * - * @param text - * the message text to append to the constant. - * - * @return The errorMessage Constant for the given text. - */ - public String errorMessage(final String text) { - return error + "." + text + ".message"; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - return error; - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java deleted file mode 100644 index 6b876b680..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java +++ /dev/null @@ -1,651 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains all the STORK PEPS, Commons and Specific Parameters. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.13 $, $Date: 2011-07-07 20:48:45 $ - */ -public enum PEPSParameters { - - /** - * Represents the 'apId' parameter constant. - */ - AP_ID("apId"), - /** - * Represents the 'apUrl' parameter constant. - */ - AP_URL("apUrl"), - /** - * Represents the 'ap.number' parameter constant. - */ - AP_NUMBER("ap.number"), - - /** - * Represents the 'assertionConsumerServiceURL' parameter constant. - */ - ASSERTION_CONSUMER_S_URL("assertionConsumerServiceURL"), - - /** - * Represents the 'auth' parameter constant. - */ - AUTHENTICATION("auth"), - - /** - * Represents the 'attr' parameter constant. - */ - ATTRIBUTE("attr"), - /** - * Represents the 'attrName' parameter constant. - */ - ATTRIBUTE_NAME("attrName"), - /** - * Represents the 'attrStatus' parameter constant. - */ - ATTRIBUTE_STATUS("attrStatus"), - /** - * Represents the 'attrType' parameter constant. - */ - ATTRIBUTE_TYPE("attrType"), - /** - * Represents the 'attrValue' parameter constant. - */ - ATTRIBUTE_VALUE("attrValue"), - /** - * Represents the 'attrList' parameter constant. - */ - ATTRIBUTE_LIST("attrList"), - /** - * Represents the 'allAttrList' parameter constant. - */ - ALL_ATTRIBUTE_LIST("allAttrList"), - /** - * Represents the 'apMandAttrList' parameter constant. - */ - AP_MANDATORY_ATTRIBUTE_LIST("apMandAttrList"), - /** - * Represents the 'attrTuple' parameter constant. - */ - ATTRIBUTE_TUPLE("attrTuple"), - /** - * Represents the 'attribute-missing' parameter constant. - */ - ATTRIBUTE_MISSING("attribute-missing"), - /** - * Represents the 'attributesNotAllowed' parameter constant. - */ - ATTRIBUTES_NOT_ALLOWED("attributesNotAllowed"), - /** - * Represents the 'authnRequest' parameter constant. - */ - AUTH_REQUEST("authnRequest"), - - /** - * Represents the 'attrValue.number' parameter constant. - */ - ATTR_VALUE_NUMBER("attrValue.number"), - - /** - * Represents the 'derivation.date.format' parameter constant. - */ - DERIVATION_DATE_FORMAT("derivation.date.format"), - /** - * Represents the 'deriveAttr.number' parameter constant. - */ - DERIVE_ATTRIBUTE_NUMBER("deriveAttr.number"), - - /** - * Represents the complex attributes parameter constant. - */ - COMPLEX_ADDRESS_VALUE("canonicalResidenceAddress"), COMPLEX_NEWATTRIBUTE_VALUE("newAttribute2"), COMPLEX_HASDEGREE_VALUE("hasDegree"), COMPLEX_MANDATECONTENT_VALUE("mandate"), - /** - * Represents the 'consent-type' parameter constant. - */ - CONSENT_TYPE("consent-type"), - /** - * Represents the 'consent-value' parameter constant. - */ - CONSENT_VALUE("consent-value"), - /** - * Represents the 'country' parameter constant. - */ - COUNTRY("country"), - /** - * Represents the 'countryOrigin' parameter constant. - */ - COUNTRY_ORIGIN("countryOrigin"), - - /** - * Represents the 'cpepsURL' parameter constant. - */ - CPEPS_URL("cpepsURL"), - /** - * Represents the 'callback' parameter constant. - */ - CPEPS_CALLBACK("callback"), - /** - * Represents the 'peps.specificidpredirect.url' parameter constant. - */ - CPEPS_IDP_CALLBACK_VALUE("peps.specificidpredirect.url"), - /** - * Represents the 'peps.specificapredirect.url' parameter constant. - */ - CPEPS_AP_CALLBACK_VALUE("peps.specificapredirect.url"), - - /** - * Represents the 'errorCode' parameter constant. - */ - ERROR_CODE("errorCode"), - /** - * Represents the 'subCode' parameter constant. - */ - ERROR_SUBCODE("subCode"), - /** - * Represents the 'errorMessage' parameter constant. - */ - ERROR_MESSAGE("errorMessage"), - /** - * Represents the 'errorRedirectUrl' parameter constant. - */ - ERROR_REDIRECT_URL("errorRedirectUrl"), - - /** - * errorRedirectUrl Represents the 'external-authentication' parameter constant. - */ - EXTERNAL_AUTH("external-authentication"), - /** - * Represents the 'external-ap' parameter constant. - */ - EXTERNAL_AP("external-ap"), - /** - * Represents the 'external-pv' parameter constant. - */ - EXTERNAL_PV("external-pv"), - /** - * Represents the 'external-sig-module' parameter constant. - */ - EXT_SIG_CREATOR_MOD("external-sig-module"), - - /** - * Represents the 'http-x-forwarded-for' parameter constant. - */ - HTTP_X_FORWARDED_FOR("http-x-forwarded-for"), - - /** - * Represents the 'idp.url' parameter constant. - */ - IDP_URL("idp.url"), - /** - * Represents the 'internal-authentication' parameter constant. - */ - INTERNAL_AUTH("internal-authentication"), - /** - * Represents the 'internal-ap' parameter constant. - */ - INTERNAL_AP("internal-ap"), - /** - * Represents the 'internal-pv' parameter constant. - */ - INTERNAL_PV("internal-pv"), - - /** - * Represents the 'samlIssuer' parameter constant. - */ - ISSUER("samlIssuer"), - /** - * Represents the 'samlIssuer.idp' parameter constant. - */ - ISSUER_IDP("samlIssuer.idp"), - /** - * Represents the 'samlIssuer.atp' parameter constant. - */ - ISSUER_ATP("samlIssuer.atp"), - - /** - * Represents the 'mandatory' parameter constant. - */ - MANDATORY("mandatory"), - /** - * Represents the 'mandatoryAttributeMissing' parameter constant. - */ - MANDATORY_ATTR_MISSING("mandatoryAttributeMissing"), - /** - * Represents the 'mandatoryConsentAttrMissing' parameter constant. - */ - MANDATORY_CONSENT_MISSING("mandatoryConsentAttrMissing"), - /** - * Represents the 'missing-attrs' parameter constant. - */ - MISSING_ATTRS("missing-attrs"), - /** - * Represents the 'no-more-attrs' parameter constant. - */ - NO_MORE_ATTRS("no-more-attrs"), - - /** - * Represents the 'optional' parameter constant. - */ - OPTIONAL("optional"), - - /** - * Represents the 'no-consent-type' parameter constant. - */ - NO_CONSENT_TYPE("no-consent-type"), - /** - * Represents the 'no-consent-value' parameter constant. - */ - NO_CONSENT_VALUE("no-consent-value"), - - /** - * Represents the 'provider.name' parameter constant. - */ - PROVIDER_NAME_VALUE("providerName"), - /** - * Represents the 'cpeps.askconsent' parameter constant. - */ - PEPS_ASK_CONSENT("cpeps.askconsent"), - /** - * Represents the 'cpeps.askconsentvalue' parameter constant. - */ - PEPS_ASK_CONSENT_VALUE("cpeps.askconsentvalue"), - /** - * Represents the 'pepsAuth' parameter constant. - */ - PEPS_AUTH_CONSENT("pepsAuth"), - /** - * Represents the 'validation.bypass' parameter constant. - */ - PEPS_BYPASS("validation.bypass"), - /** - * Represents the 'cpeps.number' parameter constant. - */ - PEPS_NUMBER("cpeps.number"), - /** - * Represents the 'cpeps.specificapredirect.url' parameter constant. - */ - PEPS_SPECIFIC_URL("cpeps.specificapredirect.url"), - /** - * Represents the 'pv.url' parameter constant. - */ - PV_URL("pv.url"), - - /** - * Represents the 'qaaLevel' parameter constant. - */ - QAALEVEL("qaaLevel"), - - /** - * Represents the 'speps.redirectUrl' parameter constant. - */ - SPEPS_REDIRECT_URL("speps.redirectUrl"), - - /** - * Represents the 'sp.redirectUrl' parameter constant. - */ - SP_REDIRECT_URL("sp.redirectUrl"), - /** - * Represents the 'cpeps.redirectUrl' parameter constant. - */ - CPEPS_REDIRECT_URL("cpeps.redirectUrl"), - /** - * Represents the 'RelayState' parameter constant. - */ - RELAY_STATE("RelayState"), - /** - * Represents the 'remoteAddr' parameter constant. - */ - REMOTE_ADDR("remoteAddr"), - /** - * Represents the 'remoteUser' parameter constant. - */ - REMOTE_USER("remoteUser"), - - /** - * Represents the 'SAMLRequest' parameter constant. - */ - SAML_REQUEST("SAMLRequest"), - /** - * Represents the 'SAMLResponse' parameter constant. - */ - SAML_RESPONSE("SAMLResponse"), - /** - * Represents the 'SAMLFail' parameter constant. - */ - SAML_TOKEN_FAIL("SAMLFail"), - /** - * Represents the 'TokenId' parameter constant. - */ - SAML_TOKEN_ID("TokenId"), - /** - * Represents the 'inResponseTo' parameter constant. - */ - SAML_IN_RESPONSE_TO("inResponseTo"), - /** - * Represents the 'inResponseTo.idp' parameter constant. - */ - SAML_IN_RESPONSE_TO_IDP("inResponseTo.idp"), - /** - * Represents the 'inResponseTo.atp' parameter constant. - */ - SAML_IN_RESPONSE_TO_ATP("inResponseTo.atp"), - /** - * Represents the 'SignatureResponse' parameter constant. - */ - SIGNATURE_RESPONSE("SignatureResponse"), - - /** - * Represents the 'cPepsSession' parameter constant. - */ - SESSION_ID_URL("cPepsSession"), - /** - * Represents the 'spId' parameter constant. - */ - SP_ID("spId"), - /** - * Represents the 'spQaaLevel' parameter constant. - */ - SP_QAALEVEL("spQaaLevel"), - /** - * Represents the 'spUrl' parameter constant. - */ - SP_URL("spUrl"), - - /** - * Represents the 'allow.derivation.all' parameter constant. - */ - SPECIFIC_ALLOW_DERIVATION_ALL("allow.derivation.all"), - /** - * Represents the ''allow.unknowns parameter constant. - */ - SPECIFIC_ALLOW_UNKNOWNS("allow.unknowns"), - /** - * Represents the 'derivation.date.separator' parameter constant. - */ - SPECIFIC_DERIVATION_DATE_SEP("derivation.date.separator"), - /** - * Represents the 'derivation.month.position' parameter constant. - */ - SPECIFIC_DERIVATION_MONTH_POS("derivation.month.position"), - /** - * Represents the 'derivation.day.position' parameter constant. - */ - SPECIFIC_DERIVATION_DAY_POS("derivation.day.position"), - /** - * Represents the 'derivation.year.position' parameter constant. - */ - SPECIFIC_DERIVATION_YEAR_POS("derivation.year.position"), - - /** - * sp.authorized.parameters Represents the '' parameter constant. - */ - SPEPS_AUTHORIZED("sp.authorized.parameters"), - - /** - * Represents the 'spSector' constant value. - */ - SPSECTOR("spSector"), - /** - * Represents the 'spApplication' constant value. - */ - SPAPPLICATION("spApplication"), - /** - * Represents the 'spCountry' constant value. - */ - SPCOUNTRY("spCountry"), - - /** - * Represents the 'spInstitution' constant value. - */ - SPINSTITUTION("spInstitution"), - - /** - * Represents the 'spCountryCode' constant value. - */ - SP_COUNTRY_CODE("spCountryCode"), - - /** - * Represents the 'storkAttribute.number' parameter constant. - */ - STORK_ATTRIBUTE_NUMBER("storkAttribute.number"), - /** - * Represents the 'storkAttributeValue.number' parameter constant. - */ - STORK_ATTRIBUTE_VALUE_NUMBER("storkAttributeValue.number"), - - /** - * Represents the 'username' parameter constant. - */ - USERNAME("username"), - - /** - * Represents the 'tooManyParameters' parameter constant. - */ - TOO_MANY_PARAMETERS("tooManyParameters"), - /** - * Represents the 'validation.active' parameter constant. - */ - VALIDATION_ACTIVE("validation.active"), - - /** - * Represents the 'x-forwarded-for' parameter constant. - */ - X_FORWARDED_FOR("x-forwarded-for"), - /** - * Represents the 'x-forwarded-host' parameter constant. - */ - X_FORWARDED_HOST("x-forwarded-host"), - /** - * Represents the 'XMLResponse' parameter constant. - */ - XML_RESPONSE("XMLResponse"), - - /** - * Represents the 'ap-cpeps.number' parameter constant. - */ - AP_PEPS_NUMBER("ap-cpeps.number"), - - /** - * Represents the 'atp.number' parameter constant. - */ - ATTRIBUTE_PROVIDER_NUMBER("atp.number"), - - /** - * Represents the 'atn.number' parameter constant. - */ - ATTRIBUTE_NAME_NUMBER("atn.number"), - - /** - * Represents the 'apLinker' parameter constant. - */ - AP_LINKER("apLinker"), - - /** - * Represents the 'prevApLinker' parameter constant. - */ - PREV_AP_LINKER("prevApLinker"), - - /** - * Represents the 'NOSEL' parameter constant (no attribute provider selected). - */ - AP_NO_SELECTION("NOSEL"), - - /** - * Represents the 'OCSEL' parameter constant (attribute provider in another country). - */ - AP_OTHER_COUNTRY("OCSEL"), - - /** - * Represents the '_provider' suffix parameter constant. - */ - AP_PROVIDER_SELECT_SUFFIX("_provider"), - - /** - * Represents the '_country' suffix parameter constant. - */ - AP_COUNTRY_SELECT_SUFFIX("_country"), - - /** - * Represents the '_name' suffix parameter constant. - */ - AP_NAME_SELECT_SUFFIX("_name"), - - /** - * Represents the 'next-ap' parameter constant. - */ - NEXT_AP("next-ap"), - - /** - * Represents the 'next-apeps' parameter constant. - */ - NEXT_APEPS("next-apeps"), - - /** - * Represents the 'back-to-apeps' parameter constant. - */ - BACK_TO_APEPS("back-to-apeps"), - - /** - * Represents the 'is-remote-apeps' parameter constant. - */ - IS_REMOTE_APEPS("is-remote-apeps"), - - /** - * Represents the 'more-attributes' parameter constant. - */ - MORE_ATTRIBUTES("more-attributes"), - - /** - * Represents the 'attr-filter.number' parameter constant. - */ - ATTRIBUTES_FILTER_NUMBER("attr-filter.number"), - - /** - * Represents the 'attr-group' parameter constant. - */ - ATTRIBUTE_GROUPS("attr-group"), - - /** - * Represents the 'all' parameter constant for attribute groups. - */ - ATTRIBUTE_GROUPS_ALL("all"), - - /** - * Represents the 'none' parameter constant for attribute groups. - */ - ATTRIBUTE_GROUPS_NONE("none"), - - /** - * Represents the 'atp.url' parameter constant. - */ - ATP_URL("atp.url"), - /** - * Represents the 'apepsURL' parameter constant. - */ - APEPS_URL("apepsUrl"), - - /** - * Represents the 'apepsCountry' parameter constant. - */ - APEPS_COUNTRY("apepsCountry"), - - /** - * Represents the 'apepsAuthRequest' parameter constant. - */ - APEPS_ATTR_REQUEST("apepsAttrRequest"), - - /** - * Represents the 'isApepsRequest' parameter constant. - */ - APEPS_REQUEST_COMPLETE("apeps-request-complete"), - - /** - * Represents the 'apeps.callbackUrl' parameter constant. - */ - APEPS_CALLBACK_URL("apeps.callbackUrl"), - /** - * Represents the 'attrListMand' parameter constant. - */ - ATTR_LIST_MAND("attrListMand"), - - /** - * Represents the 'attrListOpt' parameter constant. - */ - ATTR_LIST_OPT("attrListOpt"), - - /** - * Represents the 'simpleAttrListMand' parameter constant. - */ - SIMPLE_ATTR_LIST_MAND("simpleAttrListMand"), - - /** - * Represents the 'simpleAttrListOpt' parameter constant. - */ - SIMPLE_ATTR_LIST_OPT("simpleAttrListOpt"), - - /** - * Represents the 'complexAttrListMand' parameter constant. - */ - COMPLEX_ATTR_LIST_MAND("complexAttrListMand"), - - /** - * Represents the 'complexAttrListOpt' parameter constant. - */ - COMPLEX_ATTR_LIST_OPT("complexAttrListOpt"), - /** - * Represents the 'idPDerivedAttrList' parameter constant. - */ - IDP_DERIVED_ATTR_LIST("idPDerivedAttrList"), - /** - * Represents the 'apRejectedAttrsList' parameter constant. - */ - AP_REJECTED_ATTRS_LIST("apRejectedAttrsList"), - /** - * Represents the 'logoutRequest' parameter constant. - */ - LOGOUT_REQUEST("logoutRequest"), - /** - * Represents the 'logoutRequest' parameter constant. - */ - LOGOUT_RESPONSE("logoutResponse"), - /** - * Represents the 'logoutRequest' parameter constant. - */ - LOGOUT_DEST_URL("speps.logout.destination.url"); - - /** - * Represents the constant's value. - */ - private String value; - - /** - * Solo Constructor. - * - * @param nValue - * The Constant value. - */ - PEPSParameters(final String nValue) { - this.value = nValue; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - return value; - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java deleted file mode 100644 index c026ebdbe..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java +++ /dev/null @@ -1,392 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; -import java.io.UnsupportedEncodingException; -import java.util.Properties; - -import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; -import org.bouncycastle.crypto.Digest; -import org.bouncycastle.util.encoders.Base64; -import org.bouncycastle.util.encoders.UrlBase64; - -import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; -import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException; - -/** - * This class holds static helper methods. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.75 $, $Date: 2010-11-23 00:05:35 $ - */ -public final class PEPSUtil { - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(PEPSUtil.class.getName()); - - /** - * Configurations object. - */ - private static Properties configs; - - /** - * Max prefix. - */ - private static final String MAX_PARAM_PREFIX = "max."; - - /** - * Code prefix to get error code. - */ - private static final String CODE_PARAM_SUFFIX = ".code"; - - /** - * param's size prefix to get max param size. - */ - private static final String MAX_PARAM_SUFFIX = ".size"; - - /** - * Message prefix to get error message. - */ - private static final String MSG_PARAM_SUFFIX = ".message"; - - /** - * Private constructor. Prevents the class from being instantiated. - */ - private PEPSUtil() { - // empty constructor - } - - /** - * Creates a single instance of this class and sets the properties. - * - * @param nConfigs - * The set of available configurations. - * - * @return The created PEPSUtil's class. - */ - public static PEPSUtil createInstance(final Properties nConfigs) { - if (nConfigs != null) { - PEPSUtil.configs = nConfigs; - } - return new PEPSUtil(); - } - - /** - * Getter for the Properties. - * - * @return configs The properties value. - */ - public Properties getConfigs() { - return configs; - } - - /** - * Setter for the Properties. - * - * @param nConfigs - * The new properties value. - */ - public static void setConfigs(final Properties nConfigs) { - if (nConfigs != null) { - PEPSUtil.configs = nConfigs; - } - } - - /** - * Returns the identifier of some configuration given a set of configurations and the corresponding configuration key. - * - * @param configKey - * The key that IDs some configuration. - * - * @return The configuration String value. - */ - public static String getConfig(final String configKey) { - return configs.getProperty(configKey); - } - - /** - * Validates the input paramValue identified by the paramName. - * - * @param paramName - * The name of the parameter to validate. - * @param paramValue - * The value of the parameter to validate. - * - * @return true if the parameter is valid. - */ - public static boolean isValidParameter(final String paramName, final String paramValue) { - - final String validationParam = PEPSUtil.getConfig(PEPSParameters.VALIDATION_ACTIVE.toString()); - boolean retVal = true; - - final String paramConf = MAX_PARAM_PREFIX + paramName + MAX_PARAM_SUFFIX; - - if (PEPSValues.TRUE.toString().equals(validationParam)) { - final String paramSizeStr = PEPSUtil.getConfig(paramConf); - // Checking if the parameter size exists and if it's numeric - if (StringUtils.isNumeric(paramSizeStr)) { - final int maxParamSize = Integer.valueOf(paramSizeStr); - if (StringUtils.isEmpty(paramValue) || paramValue.length() > maxParamSize) { - retVal = false; - LOG.warn("Invalid parameter [" + paramName + "] value " + paramValue); - } - } else { - retVal = false; - LOG.error("Missing " + paramConf + " configuration in the pepsUtils.properties configuration file"); - } - } - return retVal; - } - - /** - * Validates the Parameter and throws an exception if an error occurs. Throws an InvalidParameterPEPSException runtime exception if the parameter is invalid. - * - * @param className - * The Class Name that invoked the method. - * @param paramName - * The name of the parameter to validate. - * @param paramValue - * The value of the parameter to validate. - */ - public static void validateParameter(final String className, final String paramName, final Object paramValue) { - - if (paramValue == null) { - PEPSUtil.validateParameter(className, paramName, ""); - } else { - PEPSUtil.validateParameter(className, paramName, paramValue.toString()); - } - } - - /** - * Validates the Parameters and throws an exception if an error occurs. - * - * @param className - * The Class Name that invoked the method. - * @param paramName - * The name of the parameter to validate. - * @param paramValue - * The value of the parameter to validate. - */ - public static void validateParameter(final String className, final String paramName, final String paramValue) { - - PEPSUtil.validateParameter(className, paramName, paramValue, PEPSUtil.getErrorCode(paramName), PEPSUtil.getErrorMessage(paramName)); - } - - /** - * Validates the Parameters and throws an exception if an error occurs. - * - * @param className - * The Class Name that invoked the method. - * @param paramName - * The name of the parameter to validate. - * @param paramValue - * The value of the parameter to validate. - * @param error - * The PEPSError to get error code and messages from configs. - */ - public static void validateParameter(final String className, final String paramName, final String paramValue, final PEPSErrors error) { - - PEPSUtil.validateParameter(className, paramName, paramValue, PEPSUtil.getConfig(error.errorCode()), PEPSUtil.getConfig(error.errorMessage())); - } - - /** - * Validates the HTTP Parameter and throws an exception if an error occurs. Throws an InvalidParameterPEPSException runtime exception if the parameter is invalid. - * - * @param className - * The Class Name that invoked the method. - * @param paramName - * The name of the parameter to validate. - * @param paramValue - * The value of the parameter to validate. - * @param errorCode - * The error code to include on the exception. - * @param errorMessage - * The error message to include on the exception. - */ - public static void validateParameter(final String className, final String paramName, final String paramValue, final String errorCode, final String errorMessage) { - - if (!isValidParameter(paramName, paramValue)) { - LOG.warn("Invalid parameter [" + paramName + "] value found at " + className); - throw new InvalidParameterPEPSException(errorCode, errorMessage); - } - } - - /** - * Getter for the error code of some given error related to the input param. - * - * @param paramName - * The name of the parameter associated with the error. - * - * @return The code of the error. - */ - private static String getErrorCode(final String paramName) { - return getConfig(paramName + CODE_PARAM_SUFFIX); - } - - /** - * Getter for the error message of some given error related to the input parameter. - * - * @param paramName - * The name of the parameter associated with the message. - * - * @return The message for the error. - */ - private static String getErrorMessage(final String paramName) { - return getConfig(paramName + MSG_PARAM_SUFFIX); - } - - /** - * {@link Base64} encodes the input samlToken parameter. - * - * @param samlToken - * the SAML Token to be encoded. - * - * @return The Base64 String representing the samlToken. - * - * @see Base64#encode - */ - public static String encodeSAMLToken(final byte[] samlToken) { - try { - return new String(Base64.encode(samlToken), "UTF8"); - } catch (final UnsupportedEncodingException e) { - LOG.error(PEPSErrors.INTERNAL_ERROR.errorMessage(), e); - return null; - } - } - - /** - * Encode samltoken url safe - * - * @param samlToken - * the saml token to encode - * @return the bas64 encoded string - */ - public static String encodeSAMLTokenUrlSafe(final byte[] samlToken) { - try { - return new String(UrlBase64.encode(samlToken), "UTF8"); - } catch (final UnsupportedEncodingException e) { - LOG.error(PEPSErrors.INTERNAL_ERROR.errorMessage(), e); - return null; - } - } - - /** - * Decodes the {@link Base64} String input parameter representing a samlToken. - * - * @param samlToken - * the SAML Token to be decoded. - * - * @return The samlToken decoded bytes. - * - * @see Base64#decode - */ - public static byte[] decodeSAMLToken(final String samlToken) { - return Base64.decode(samlToken); - } - - /** - * Decode URL save base64 saml token - * - * @param samlToken - * the SAML toke to decode - * @return The decoded bytes - */ - public static byte[] decodeSAMLTokenUrlSafe(final String samlToken) { - return UrlBase64.decode(samlToken); - } - - /** - * Hashes a SAML token. Throws an InternalErrorPEPSException runtime exception if the Cryptographic Engine fails. - * - * @param samlToken - * the SAML Token to be hashed. - * - * @return byte[] with the hashed SAML Token. - */ - public static byte[] hashPersonalToken(final byte[] samlToken) { - try { - final String className = PEPSUtil.getConfig(PEPSValues.HASH_DIGEST_CLASS.toString()); - - final Digest digest = (Digest) Class.forName(className).getConstructor().newInstance((Object[]) null); - digest.update(samlToken, 0, samlToken.length); - - final int retLength = digest.getDigestSize(); - final byte[] ret = new byte[retLength]; - - digest.doFinal(ret, 0); - return ret; - - } catch (final Exception e) { - // For all those exceptions that could be thrown, we always log it and - // thrown an InternalErrorPEPSException. - LOG.error(PEPSErrors.HASH_ERROR.errorMessage(), e); - throw new InternalErrorPEPSException(PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorCode()), PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorMessage()), e); - } - } - - /** - * Gets the Stork error code in the error message if exists! - * - * @param errorMessage - * The message to get the error code if exists; - * - * @return the error code if exists. Returns null otherwise. - */ - public static String getStorkErrorCode(final String errorMessage) { - if (StringUtils.isNotBlank(errorMessage) && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) { - final String[] msgSplitted = errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString()); - if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) { - return msgSplitted[0]; - } - } - return null; - } - - /** - * Gets the Stork error message in the saml message if exists! - * - * @param errorMessage - * The message to get in the saml message if exists; - * - * @return the error message if exists. Returns the original message otherwise. - */ - public static String getStorkErrorMessage(final String errorMessage) { - if (StringUtils.isNotBlank(errorMessage) && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) { - final String[] msgSplitted = errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString()); - if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) { - return msgSplitted[1]; - } - } - return errorMessage; - } - - /** - * Get inputstream from string - * - * @param string - * the string to convert - * @param codePage - * the codepage of string - * @return an inputstream - * @throws UnsupportedEncodingException - */ - public static InputStream getStream(final String string, final String codePage) throws UnsupportedEncodingException { - return new ByteArrayInputStream(string.getBytes(codePage)); - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java deleted file mode 100644 index a63db12e1..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java +++ /dev/null @@ -1,345 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains all the value constants. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.17 $, $Date: 2011-07-07 20:48:45 $ - */ -public enum PEPSValues { - - /** - * Represents the 'all' constant value. - */ - ALL("all"), - /** - * Represents the 'none' constant value. - */ - NONE("none"), - /** - * Represents the 'true' constant value. - */ - TRUE("true"), - /** - * Represents the 'false' constant value. - */ - FALSE("false"), - /** - * Represents the empty string constant value. - */ - EMPTY_STRING(""), - - /** - * Represents the ',' separator constant value. - */ - ATTRIBUTE_VALUE_SEP(","), - /** - * Represents the ';' separator constant value. - */ - ATTRIBUTE_SEP(";"), - /** - * Represents the ':' separator constant value. - */ - ATTRIBUTE_TUPLE_SEP(":"), - /** - * Represents the '/' separator constant value. - */ - EID_SEPARATOR("/"), - /** - * Represents the ' - ' separator constant value. - */ - ERROR_MESSAGE_SEP(" - "), - /** - * Represents the '#' parameter constant value. - */ - LOGGER_SEP("#"), - /** - * Represents the 'NOT_AVAILABLE' parameter constant value. - */ - NOT_AVAILABLE("NotAvailable"), - /** - * Represents the ';' parameter constant value. - */ - SPEPS_AUTHORIZED_SEP(";"), - - /** - * Represents the 'ap' constant value. - */ - AP("ap"), - /** - * Represents the 'C-PEPS' constant value. - */ - CPEPS("C-PEPS"), - /** - * Represents the 'cpeps' constant value. - */ - CPEPS_PREFIX("cpeps"), - /** - * Represents the 'peps' constant value. - */ - PEPS("peps"), - /** - * Represents the '-PEPS' constant value. - */ - PEPS_SUFFIX("-PEPS"), - /** - * Represents the 'SP' constant value. - */ - SP("SP"), - /** - * Represents the 'S-PEPS' constant value. - */ - SPEPS("S-PEPS"), - /** - * Represents the 'speps' constant value. - */ - SPEPS_PREFIX("speps"), - /** - * Represents the 'sp.default.parameters' constant value. - */ - DEFAULT("sp.default.parameters"), - /** - * Represents the default saml id constant value. - */ - DEFAULT_SAML_ID("1"), - /** - * Represents the 'hashDigest.className' constant value. - */ - HASH_DIGEST_CLASS("hashDigest.className"), - - /** - * Represents the 'eu.stork.communication.requests' constant value. - */ - STORK_PACKAGE_REQUEST_LOGGER_VALUE("eu.stork.communication.requests"), - /** - * Represents the 'eu.stork.communication.responses' constant value. - */ - STORK_PACKAGE_RESPONSE_LOGGER_VALUE("eu.stork.communication.responses"), - - /** - * Represents the 'S-PEPS receives request from SP' constant value. - */ - SP_REQUEST("S-PEPS receives request from SP"), - /** - * Represents the 'Get Citizen Consent' constant value. - */ - CITIZEN_CONSENT_LOG("Get Citizen Consent"), - /** - * Represents the 'C-PEPS receives request from S-PEPS' constant value. - */ - CPEPS_REQUEST("C-PEPS receives request from S-PEPS"), - /** - * Represents the 'C-PEPS generates response to S-PEPS' constant value. - */ - CPEPS_RESPONSE("C-PEPS generates response to S-PEPS"), - /** - * Represents the 'S-PEPS generates request to C-PEPS' constant value. - */ - SPEPS_REQUEST("S-PEPS generates request to C-PEPS"), - /** - * Represents the 'S-PEPS receives response from C-PEPS' constant value. - */ - SPEPS_RESPONSE("S-PEPS receives response from C-PEPS"), - /** - * Represents the 'S-PEPS generates response to SP' constant value. - */ - SP_RESPONSE("S-PEPS generates response to SP"), - /** - * Represents the 'Success' constant value. - */ - SUCCESS("Success"), - /** - * Represents the December's month number constant value. - */ - LAST_MONTH("12"), - /** - * Represents the yyyyMM constant value. - */ - NO_DAY_DATE_FORMAT("yyyyMM"), - - /** - * Represents the 'attrValue' constant value. - */ - ATTRIBUTE("attrValue"), - /** - * Represents the 'derivedAttr' constant value. - */ - DERIVE_ATTRIBUTE("deriveAttr"), - /** - * Represents the 'storkAttribute' constant value. - */ - STORK_ATTRIBUTE("storkAttribute"), - - /** - * Represents the 'properties' constant value. - */ - PROPERTIES("properties"), - /** - * Represents the 'referer' constant value. - */ - REFERER("referer"), - /** - * Represents the 'host' constant value. - */ - HOST("host"), - /** - * Represents the 'spid' constant value. - */ - SPID("spid"), - /** - * Represents the 'domain' constant value. - */ - DOMAIN("domain"), - /** - * Represents the '.validation' constant value. - */ - VALIDATION_SUFFIX(".validation"), - /** - * Represents the 'jsessionid' constant value. - */ - EQUAL("="), - /** - * Represents the 'HttpOnly' constant value. - */ - HTTP_ONLY("HttpOnly"), - /** - * Represents the 'SET-COOKIE' constant value. - */ - JSSESSION("JSESSIONID"), - /** - * Represents the '=' constant value. - */ - SETCOOKIE("SET-COOKIE"), - /** - * Represents the ';' constant value. - */ - SEMICOLON(";"), - /** - * Represents the ' ' constant value. - */ - SPACE(" "), - /** - * Represents the 'atp' constant value. - */ - APROVIDER_PREFIX("atp"), - /** - * Represents the 'atn' constant value. - */ - ANAME_PREFIX("atn"), - /** - * Represents the 'ap-cpeps' constant value. - */ - AP_CPEPS_PREFIX("ap-cpeps"), - /** - * Represents the 'attr-filter' constant value. - */ - AP_ATTRFILTER_PREFIX("attr-filter"), - /** - * Represents the 'save-session' constant value. - */ - SAVED_SESSION("saved-session"); - - /** - * Represents the constant's value. - */ - private String value; - - /** - * Solo Constructor. - * - * @param val - * The Constant value. - */ - PEPSValues(final String val) { - - this.value = val; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - - return value; - } - - /** - * Construct the return value with the following structure CONSTANT_VALUE+index+".id". - * - * @param index - * the number. - * - * @return The concatenated String value. - */ - public String index(final int index) { - - return value + index + ".id"; - } - - /** - * Construct the return value with the following structure CONSTANT_VALUE+index+".value". - * - * @param index - * the number. - * - * @return The concatenated string value. - */ - public String value(final int index) { - - return value + index + ".value"; - } - - /** - * Construct the return value with the following structure CONSTANT_VALUE+index+".name". - * - * @param index - * the number. - * - * @return The concatenated String value. - */ - public String name(final int index) { - - return value + index + ".name"; - } - - /** - * Construct the return value with the following structure CONSTANT_VALUE+index+".url". - * - * @param index - * the number. - * - * @return The concatenated String value. - */ - public String url(final int index) { - - return value + index + ".url"; - } - - /** - * Construct the return value with the following structure CONSTANT_VALUE+index+".allowedGroups". - * - * @param index - * the number. - * - * @return The concatenated String value. - */ - public String allowedGroups(final int index) { - - return value + index + ".allowedGroups"; - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java deleted file mode 100644 index 8d1482f05..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java +++ /dev/null @@ -1,391 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Vector; - -import org.apache.log4j.Logger; - -import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; - -/** - * This class is a bean used to store the information relative to the PersonalAttribute. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.22 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class PersonalAttribute implements Serializable, Cloneable { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 2612951678412632174L; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(PersonalAttribute.class.getName()); - - /** - * Name of the personal attribute. - */ - private String name; - - /** - * Values of the personal attribute. - */ - private List<String> value = new ArrayList<String>(); - - /** - * Type of the personal attribute. - */ - private String type; - - /** - * Complex values of the personal attribute. - */ - private List<Map<String, String>> complexValue = new Vector<Map<String, String>>(); - - /** - * Is the personal attribute mandatory? - */ - private boolean required; - - /** - * Returned status of the attribute from the IdP. - */ - private String status; - - /** - * Name of the personal attribute. - */ - private String friendlyName; - - /** - * Empty Constructor. - */ - public PersonalAttribute() { - super(); - } - - /** - * PersonalAttribute Constructor for complex values. - * - * @param attrName - * The attribute name. - * @param attrIsRequired - * The attribute type value. - * @param attrComplexValue - * The attribute's value. - * @param attrStatus - * The attribute's status value. - */ - public PersonalAttribute(final String attrName, final boolean attrIsRequired, final List<String> attrComplexValue, final String attrStatus) { - this.setName(attrName); - this.setIsRequired(attrIsRequired); - this.setValue(attrComplexValue); - this.setStatus(attrStatus); - } - - /** - * PersonalAttribute Constructor for complex values. - * - * @param attrName - * The attribute name. - * @param attrIsRequired - * The attribute type value. - * @param attrComplexValue - * The attribute's complex value. - * @param attrStatus - * The attribute's status value. - */ - public PersonalAttribute(final String attrName, final boolean attrIsRequired, final Map<String, String> attrComplexValue, final String attrStatus) { - this.setName(attrName); - this.setIsRequired(attrIsRequired); - this.setComplexValue(attrComplexValue); - this.setStatus(attrStatus); - } - - /** - * {@inheritDoc} - */ - @SuppressWarnings("unchecked") - public Object clone() { - - try { - final PersonalAttribute personalAttr = (PersonalAttribute) super.clone(); - personalAttr.setIsRequired(this.isRequired()); - personalAttr.setName(this.getName()); - personalAttr.setStatus(this.getStatus()); - if (!isEmptyValue()) { - final List<String> val = (List<String>) ((ArrayList<String>) this.getValue()).clone(); - personalAttr.setValue(val); - } - if (!isEmptyComplexValue()) { - personalAttr.addComplexValues(this.getComplexValues()); - } - return personalAttr; - } catch (final CloneNotSupportedException e) { - // assert false; - LOG.trace("Nothing to do."); - throw new InternalErrorPEPSException(PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorCode()), PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorMessage()), e); - } - } - - /** - * Getter for the required value. - * - * @return The required value. - */ - public boolean isRequired() { - return required; - } - - /** - * Setter for the required value. - * - * @param attrIsRequired - * this attribute? - */ - public void setIsRequired(final boolean attrIsRequired) { - this.required = attrIsRequired; - } - - /** - * Getter for the name value. - * - * @return The name value. - */ - public String getName() { - return name; - } - - /** - * Setter for the name value. - * - * @param attrName - * The personal attribute name. - */ - public void setName(final String attrName) { - this.name = attrName; - } - - /** - * Getter for the value. - * - * @return The list of values. - */ - public List<String> getValue() { - return value; - } - - /** - * Setter for the list of values. - * - * @param attrValue - * The personal attribute value. - */ - public void setValue(final List<String> attrValue) { - if (attrValue != null) { - this.value = attrValue; - } - } - - /** - * Add new value to list of values. - * - * @param attrValue - * The personal attribute value. - */ - public void addValue(final String attrValue) { - if (attrValue != null) { - this.value.add(attrValue); - } - } - - /** - * Getter for the type value. - * - * @return The name value. - */ - public String getType() { - return type; - } - - /** - * Setter for the type value. - * - * @param attrName - * The personal attribute type. - */ - public void setType(final String attrType) { - this.type = attrType; - } - - /** - * Getter for the status. - * - * @return The status value. - */ - public String getStatus() { - return status; - } - - /** - * Setter for the status value. - * - * @param attrStatus - * The personal attribute status. - */ - public void setStatus(final String attrStatus) { - this.status = attrStatus; - } - - /** - * Getter for the complex value. - * - * @return The complex value. - */ - public Map<String, String> getComplexValue() { - if (complexValue.size() > 0) { - return complexValue.get(0); - } else { - return new HashMap<String, String>(); - } - } - - /** - * Getter for the complex values. - * - * @return The complex value. - */ - public List<Map<String, String>> getComplexValues() { - return complexValue; - } - - /** - * Setter for the complex value. - * - * @param complexVal - * The personal attribute Complex value. - */ - public void setComplexValue(final Map<String, String> complexVal) { - if (complexVal != null) { - this.complexValue.add(complexVal); - } - } - - /** - * Setter for the complex values. - * - * @param complexVal - * The personal attribute Complex values. - */ - public void addComplexValues(final List<Map<String, String>> complexVals) { - this.complexValue.addAll(complexVals); - } - - /** - * Getter for the personal's friendly name. - * - * @return The personal's friendly name value. - */ - public String getFriendlyName() { - return friendlyName; - } - - /** - * Setter for the personal's friendly name. - * - * @param fName - * The personal's friendly name. - */ - public void setFriendlyName(final String fName) { - this.friendlyName = fName; - } - - /** - * Return true the value is empty. - * - * @return True if the value is empty "[]"; - */ - public boolean isEmptyValue() { - return value.isEmpty() || (value.size() == 1 && value.get(0).length() == 0); - } - - /** - * Returns true if the Complex Value is empty. - * - * @return True if the Complex Value is empty; - */ - public boolean isEmptyComplexValue() { - return complexValue.isEmpty() || complexValue.get(0).isEmpty(); - } - - /** - * Returns true if the Status is empty. - * - * @return True if the Status is empty; - */ - public boolean isEmptyStatus() { - return (status == null || status.length() == 0); - } - - /** - * Prints the PersonalAttribute in the following format. name:required:[v,a,l,u,e,s]|[v=a,l=u,e=s]:status; - * - * @return The PersonalAttribute as a string. - */ - public String toString() { - final StringBuilder strBuild = new StringBuilder(); - - AttributeUtil.appendIfNotNull(strBuild, getName()); - strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); - AttributeUtil.appendIfNotNull(strBuild, String.valueOf(isRequired())); - strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); - strBuild.append('['); - - if (isEmptyValue()) { - if (!isEmptyComplexValue()) { - AttributeUtil.appendIfNotNull(strBuild, AttributeUtil.mapToString(getComplexValue(), PEPSValues.ATTRIBUTE_VALUE_SEP.toString())); - } - } else { - AttributeUtil.appendIfNotNull(strBuild, AttributeUtil.listToString(getValue(), PEPSValues.ATTRIBUTE_VALUE_SEP.toString())); - } - - strBuild.append(']'); - strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); - AttributeUtil.appendIfNotNull(strBuild, getStatus()); - strBuild.append(PEPSValues.ATTRIBUTE_SEP.toString()); - - return strBuild.toString(); - } - - /** - * Empties the Value or ComplexValue field of a PersonalAttribute - */ - public void setEmptyValue() { - if (this.isEmptyValue()) { - this.complexValue = new Vector<Map<String, String>>(); - } else { - this.value = new ArrayList<String>(); - } - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java deleted file mode 100644 index 1ddc02e15..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java +++ /dev/null @@ -1,454 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.concurrent.ConcurrentHashMap; -import java.util.StringTokenizer; - -import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; - -/** - * This class is a bean used to store the information relative to the PersonalAttributeList. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.27 $, $Date: 2010-11-18 22:54:56 $ - * - * @see PersonalAttribute - */ -@SuppressWarnings("PMD") -public final class PersonalAttributeList extends ConcurrentHashMap<String, PersonalAttribute> implements IPersonalAttributeList { - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(PersonalAttributeList.class.getName()); - - /** - * Serial id. - */ - private static final long serialVersionUID = 7375127363889975062L; - - /** - * Hash with the latest fetched attribute name alias. - */ - private final Map<String, Integer> latestAttrAlias = new HashMap<String, Integer>(); - - /** - * Hash with mapping number of alias or the attribute name. - */ - private final Map<String, List<String>> attrAliasNumber = new HashMap<String, List<String>>(); - - /** - * Default constructor. - */ - public PersonalAttributeList() { - // The best practices recommend to call the super constructor. - super(); - } - - /** - * Constructor with initial capacity for the PersonalAttributeList size. - * - * @param capacity - * The initial capacity for the PersonalAttributeList. - */ - public PersonalAttributeList(final int capacity) { - super(capacity); - } - - /** - * {@inheritDoc} - */ - public Iterator<PersonalAttribute> iterator() { - return this.values().iterator(); - } - - /** - * {@inheritDoc} - */ - public PersonalAttribute get(final Object key) { - String attrName = (String) key; - - if (this.latestAttrAlias.containsKey(key)) { - int index = this.latestAttrAlias.get(key); - if ((index + 1) > this.attrAliasNumber.get(key).size()) { - index = 0; - } - - attrName = this.attrAliasNumber.get(key).get(index); - this.latestAttrAlias.put((String) key, Integer.valueOf(++index)); - } else { - if (this.attrAliasNumber.containsKey(key)) { - this.latestAttrAlias.put((String) key, Integer.valueOf(0)); - attrName = this.attrAliasNumber.get(key).get(0); - } - } - return super.get(attrName); - } - - /** - * {@inheritDoc} - */ - public void add(final PersonalAttribute value) { - if (value != null) { - this.put(value.getName(), value); - } - } - - /** - * {@inheritDoc} - */ - public PersonalAttribute replace(final String key, final PersonalAttribute val) { - return super.put(key, val); - } - - /** - * {@inheritDoc} - */ - public PersonalAttribute put(final String key, final PersonalAttribute val) { - PersonalAttribute attr = val; - if (this.containsKey(key)) { - attr = this.get(key); - - if (!attr.isEmptyValue()) { - if (!attr.getValue().containsAll(val.getValue())) { - attr.getValue().addAll(val.getValue()); - } - } else { - - if (!attr.isEmptyComplexValue()) { - for (Map<String, String> valTemp : val.getComplexValues()) { - if (!attr.getComplexValues().contains(valTemp)) { - attr.setComplexValue(valTemp); - } - } - } else { - if (STORKStatusCode.STATUS_NOT_AVAILABLE.toString().equals(attr.getStatus())) { - attr = val; - } - } - } - } - return super.put(key, attr); - } - - /** - * Escape method for attributes with double comma - * - * @return escaped attribute list - * - */ - private String attrListEncoder(String attrList) { - StringBuilder finalAttr = new StringBuilder(); - String boolAttr = PEPSValues.TRUE.toString(); - String reqRegex = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString() + PEPSValues.TRUE.toString() + PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); - - String reqRegexSeparator = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString() + PEPSValues.TRUE.toString() + PEPSValues.ATTRIBUTE_TUPLE_SEP.toString() + "|" + PEPSValues.ATTRIBUTE_TUPLE_SEP.toString() - + PEPSValues.FALSE.toString() + PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); - - for (String s : attrList.split(PEPSValues.ATTRIBUTE_SEP.toString())) { - StringBuilder tempBuilder = new StringBuilder(s); - if (s.split(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()).length > 4) { - LOG.info("Found attributes with special characters, escaping special characters"); - - if (s.split(reqRegex) == null) { - boolAttr = PEPSValues.FALSE.toString(); - } - - tempBuilder.setLength(0); - tempBuilder.append(AttributeUtil.escape(s.split(reqRegexSeparator)[0])); - tempBuilder.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); - tempBuilder.append(boolAttr); - tempBuilder.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); - tempBuilder.append(s.split(reqRegexSeparator)[1]); - - } - - finalAttr.append(tempBuilder.toString()); - finalAttr.append(PEPSValues.ATTRIBUTE_SEP.toString()); - } - return finalAttr.toString(); - } - - /** - * Unescape a string - * - * @see PersonalAttributeList#attrListEncoder - * - */ - private String attrListDecoder(String string) { - return AttributeUtil.unescape(string); - } - - public void populate(final String attrList) { - - final StringTokenizer strToken = new StringTokenizer(attrListEncoder(attrList), PEPSValues.ATTRIBUTE_SEP.toString()); - - while (strToken.hasMoreTokens()) { - final PersonalAttribute persAttr = new PersonalAttribute(); - String[] tuples = strToken.nextToken().split(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(), AttributeConstants.NUMBER_TUPLES.intValue()); - - // Convert to the new format if needed! - tuples = convertFormat(tuples); - - if (AttributeUtil.hasValidTuples(tuples)) { - final int attrValueIndex = AttributeConstants.ATTR_VALUE_INDEX.intValue(); - final String tmpAttrValue = tuples[attrValueIndex].substring(1, tuples[attrValueIndex].length() - 1); - final String[] vals = tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - persAttr.setName(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()]); - persAttr.setIsRequired(Boolean.valueOf(tuples[AttributeConstants.ATTR_TYPE_INDEX.intValue()])); - - // check if it is a complex value - if (isComplexValue(vals)) { - persAttr.setComplexValue(createComplexValue(vals)); - } else { - persAttr.setValue(createValues(vals)); - } - - if (tuples.length == AttributeConstants.NUMBER_TUPLES.intValue()) { - tuples[0] = attrListDecoder(tuples[0]); - persAttr.setName(attrListDecoder(persAttr.getName())); - - persAttr.setStatus(tuples[AttributeConstants.ATTR_STATUS_INDEX.intValue()]); - } - this.put(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()], persAttr); - - } else { - LOG.warn("Invalid personal attribute list tuples"); - } - - } - } - - /** - * Returns a copy of this <tt>IPersonalAttributeList</tt> instance. - * - * @return The copy of this IPersonalAttributeList. - */ - public Object clone() { - // This implementation may have an bug! - try { - return (PersonalAttributeList) super.clone(); - } catch (CloneNotSupportedException e) { - return null; - } - } - - /** - * Creates a string in the following format. - * - * attrName:attrType:[attrValue1,attrValue2=attrComplexValue]:attrStatus; - * - * @return {@inheritDoc} - */ - @Override - public String toString() { - final Iterator<Entry<String, PersonalAttribute>> itAttrs = this.entrySet().iterator(); - final StringBuilder strBuilder = new StringBuilder(); - - while (itAttrs.hasNext()) { - final Entry<String, PersonalAttribute> attrEntry = itAttrs.next(); - final PersonalAttribute attr = attrEntry.getValue(); - // strBuilder.append(attr.toString()); - strBuilder.insert(0, attr.toString()); - } - - return strBuilder.toString(); - } - - /** - * Validates and creates the attribute's complex values. - * - * @param values - * The complex values. - * - * @return The {@link Map} with the complex values. - * - * @see Map - */ - private Map<String, String> createComplexValue(final String[] values) { - final Map<String, String> complexValue = new HashMap<String, String>(); - for (final String val : values) { - final String[] tVal = val.split("="); - if (StringUtils.isNotEmpty(val) && tVal.length == 2) { - complexValue.put(tVal[0], AttributeUtil.unescape(tVal[1])); - } - } - return complexValue; - } - - /** - * Checks if value is complex or not - * - * @param values - * The values to check - * @return True if succesful - */ - private boolean isComplexValue(final String[] values) { - boolean isComplex = false; - if (values.length > 0) { - final String[] tVal = values[0].split("="); - if (StringUtils.isNotEmpty(values[0]) && tVal.length == 2) { - isComplex = true; - } - } - return isComplex; - } - - /** - * Validates and creates the attribute values. - * - * @param vals - * The attribute values. - * - * @return The {@link List} with the attribute values. - * - * @see List - */ - private List<String> createValues(final String[] vals) { - final List<String> values = new ArrayList<String>(); - for (final String val : vals) { - if (StringUtils.isNotEmpty(val)) { - values.add(AttributeUtil.unescape(val)); - } - } - return values; - } - - /** - * Converts the attribute tuple (attrName:attrType...) to the new format. - * - * @param tuples - * The attribute tuples to convert. - * - * @return The attribute tuples in the new format. - */ - private String[] convertFormat(final String[] tuples) { - final String[] newFormatTuples = new String[AttributeConstants.NUMBER_TUPLES.intValue()]; - if (tuples != null) { - System.arraycopy(tuples, 0, newFormatTuples, 0, tuples.length); - - for (int i = tuples.length; i < newFormatTuples.length; i++) { - if (i == AttributeConstants.ATTR_VALUE_INDEX.intValue()) { - newFormatTuples[i] = "[]"; - } else { - newFormatTuples[i] = ""; - } - } - } - return newFormatTuples; - } - - /** - * Returns a IPersonalAttributeList of the complex attributes in this map. - * - * @return an IPersonalAttributeList of the complex attributes contained in this map. - */ - public IPersonalAttributeList getComplexAttributes() { - LOG.info("get complex attributes"); - IPersonalAttributeList attrList = new PersonalAttributeList(); - for (PersonalAttribute attr : this) { - if (!attr.getComplexValue().isEmpty()) { - attrList.put(attr.getName(), attr); - LOG.info("adding complex attribute:" + attr.getName()); - } - } - return attrList; - } - - /** - * {@inheritDoc} - */ - public IPersonalAttributeList merge(IPersonalAttributeList attrList1) { - - for (PersonalAttribute attr : attrList1) { - this.add(attr); - } - return this; - } - - /** - * Returns a IPersonalAttributeList of the mandatory attributes in this map. - * - * @return an IPersonalAttributeList of the mandatory attributes contained in this map. - */ - public IPersonalAttributeList getSimpleValueAttributes() { - LOG.info("get simple attributes"); - IPersonalAttributeList attrList = new PersonalAttributeList(); - for (PersonalAttribute attr : this) { - if (!attr.getValue().isEmpty()) { - attrList.put(attr.getName(), attr); - LOG.info("adding simple attribute:" + attr.getName()); - } - } - return attrList; - } - - /** - * Returns a IPersonalAttributeList of the mandatory attributes in this map. - * - * @return an IPersonalAttributeList of the mandatory attributes contained in this map. - */ - public IPersonalAttributeList getMandatoryAttributes() { - return getAttributesByParam(true); - } - - /** - * Returns a IPersonalAttributeList of the attributes in this map by parameter value. - * - * @param compareValue - * The boolean to get mandatory (true) or optional (false) attributes. - * - * @return an IPersonalAttributeList of the mandatory attributes contained in this map if compareValue is true or optional otherwise. - */ - private IPersonalAttributeList getAttributesByParam(final boolean compareValue) { - LOG.info("get attributes by param :" + compareValue); - IPersonalAttributeList attrList = new PersonalAttributeList(); - for (PersonalAttribute attr : this) { - if (attr.isRequired() == compareValue) { - attrList.put(attr.getName(), attr); - LOG.info("adding attribute:" + attr.getName()); - } - } - return attrList; - } - - /** - * Returns a IPersonalAttributeList of the optional attributes in this map. - * - * @return an IPersonalAttributeList of the optional attributes contained in this map. - */ - public IPersonalAttributeList getOptionalAttributes() { - return getAttributesByParam(false); - } - - /** - * {@inheritDoc} - */ - public boolean hasMissingValues() { - for (PersonalAttribute attr : this) { - if (attr.isEmptyValue() && attr.isEmptyComplexValue()) { - return true; - } - } - return false; - } -}
\ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java deleted file mode 100644 index 33ae4c743..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java +++ /dev/null @@ -1,452 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.io.Serializable;
-
-public class STORKAttrQueryRequest implements Serializable, Cloneable {
-
- /** The Constant serialVersionUID. */
- private static final long serialVersionUID = 4778480781609392750L;
-
- /** The samlId. */
- private String samlId;
-
- /** The destination. */
- private String destination;
-
- /** The assertion consumer service url. */
- private String serviceURL;
-
- /** The distinguished name. */
- private String distinguishedName;
-
- /** The e id sector share. */
- private boolean eIDSectorShare;
-
- /** The e id cross sector share. */
- private boolean eIDCrossSectorShare;
-
- /** The e id cross border share. */
- private boolean eIDCrossBorderShare;
-
- /** The personal attribute list. */
- private IPersonalAttributeList attributeList = new PersonalAttributeList();
-
- /** The qaa. */
- private int qaa;
-
- /** The token saml. */
- private byte[] tokenSaml = new byte[0];
-
- /** The issuer. */
- private String issuer;
-
- /** The service provider sector. */
- private String spSector;
-
- /** The service provider institution. */
- private String spInstitution;
-
- /** The service provider application. */
- private String spApplication;
-
- /** The service provider country. */
- private String spCountry;
-
- /** The country. */
- private String country;
-
- /** The citizen country code. */
- private String citizenCountry;
-
- /** The Service Provider ID. */
- private String sPID;
-
- /** The Alias used at the keystore for saving this certificate. */
- private String alias;
-
- /**
- * Gets the SP's Certificate Alias.
- *
- * @return alias The SP's Certificate Alias.
- */
- public String getAlias() {
- return alias;
- }
-
- /**
- * Sets the SP's Certificate Alias.
- *
- * @param nAlias
- * The SP's Certificate Alias.
- */
- public void setAlias(final String nAlias) {
- this.alias = nAlias;
- }
-
- /**
- * Gets the SP ID.
- *
- * @return sPID The SP ID.
- */
- public String getSPID() {
- return sPID;
- }
-
- /**
- * Sets the SP ID.
- *
- * @param sPId
- * The new sp samlId.
- */
- public void setSPID(final String sPId) {
- this.sPID = sPId;
- }
-
- /**
- * Gets the citizen country code.
- *
- * @return The citizen country code value.
- */
- public String getCitizenCountryCode() {
- return citizenCountry;
- }
-
- /**
- * Sets the citizen country code.
- *
- * @param countryCode
- * the new citizen country code value.
- */
- public void setCitizenCountryCode(final String countryCode) {
- this.citizenCountry = countryCode;
- }
-
- /**
- * Gets the sp country.
- *
- * @return The sp country value.
- */
- public String getSpCountry() {
- return spCountry;
- }
-
- /**
- * Sets the sp country.
- *
- * @param sPCountry
- * the new sp country value.
- */
- public void setSpCountry(final String sPCountry) {
- this.spCountry = sPCountry;
- }
-
- /**
- * Gets the issuer.
- *
- * @return The issuer value.
- */
- public String getIssuer() {
- return issuer;
- }
-
- /**
- * Sets the issuer.
- *
- * @param samlIssuer
- * the new issuer value.
- */
- public void setIssuer(final String samlIssuer) {
- this.issuer = samlIssuer;
- }
-
- /**
- * Gets the SAML Token.
- *
- * @return The SAML Token value.
- */
- public byte[] getTokenSaml() {
- return tokenSaml.clone();
- }
-
- /**
- * Sets the SAML Token.
- *
- * @param samlToken
- * The new SAML Token value.
- */
- public void setTokenSaml(final byte[] samlToken) {
- if (samlToken != null) {
- this.tokenSaml = samlToken.clone();
- }
- }
-
- /**
- * Gets the country.
- *
- * @return The country value.
- */
- public String getCountry() {
- return country;
- }
-
- /**
- * Sets the country.
- *
- * @param nCountry
- * the new country value.
- */
- public void setCountry(final String nCountry) {
- this.country = nCountry;
- }
-
- /**
- * Getter for the qaa value.
- *
- * @return The qaa value value.
- */
- public int getQaa() {
- return qaa;
- }
-
- /**
- * Setter for the qaa value.
- *
- * @param qaaLevel
- * The new qaa value.
- */
- public void setQaa(final int qaaLevel) {
- this.qaa = qaaLevel;
- }
-
- /**
- * Getter for the serviceURL value.
- *
- * @return The serviceURL value.
- */
- public String getAssertionConsumerServiceURL() {
- return serviceURL;
- }
-
- /**
- * Setter for the serviceURL value.
- *
- * @param newServiceURL
- * the assertion consumer service URL.
- */
- public void setAssertionConsumerServiceURL(final String newServiceURL) {
- this.serviceURL = newServiceURL;
- }
-
- /**
- * Getter for the destination value.
- *
- * @return The destination value.
- */
- public String getDestination() {
- return destination;
- }
-
- /**
- * Setter for the destination value.
- *
- * @param detination
- * the new destination value.
- */
- public void setDestination(final String detination) {
- this.destination = detination;
- }
-
- /**
- * Getter for the samlId value.
- *
- * @return The samlId value.
- */
- public String getSamlId() {
- return samlId;
- }
-
- /**
- * Setter for the samlId value.
- *
- * @param newSamlId
- * the new samlId value.
- */
- public void setSamlId(final String newSamlId) {
- this.samlId = newSamlId;
- }
-
- /**
- * Getter for the attributeList value.
- *
- * @return The attributeList value.
- *
- * @see IPersonalAttributeList
- */
- public IPersonalAttributeList getPersonalAttributeList() {
- return (IPersonalAttributeList) attributeList.clone();
- }
-
- /**
- * Setter for the attributeList value.
- *
- * @param attrList
- * the personal attribute list value.
- *
- * @see IPersonalAttributeList
- */
- public void setPersonalAttributeList(final IPersonalAttributeList attrList) {
- if (attrList != null) {
- this.attributeList = attrList;
- }
- }
-
- /**
- * Getter for the distinguishedName value.
- *
- * @return The distinguishedName value.
- */
- public String getDistinguishedName() {
- return distinguishedName;
- }
-
- /**
- * Setter for the distinguishedName value.
- *
- * @param certDN
- * the distinguished name value.
- */
- public void setDistinguishedName(final String certDN) {
- this.distinguishedName = certDN;
- }
-
- /**
- * Gets the service provider sector.
- *
- * @return The service provider sector value.
- */
- public String getSpSector() {
- return spSector;
- }
-
- /**
- * Sets the service provider sector.
- *
- * @param samlSPSector
- * the new service provider sector value.
- */
- public void setSpSector(final String samlSPSector) {
- this.spSector = samlSPSector;
- }
-
- /**
- * Gets the service provider institution.
- *
- * @return The service provider institution value.
- */
- public String getSpInstitution() {
- return spInstitution;
- }
-
- /**
- * Sets the service provider institution.
- *
- * @param samlSPInst
- * the new service provider institution value.
- */
- public void setSpInstitution(final String samlSPInst) {
- this.spInstitution = samlSPInst;
- }
-
- /**
- * Gets the service provider application.
- *
- * @return The service provider application value.
- */
- public String getSpApplication() {
- return spApplication;
- }
-
- /**
- * Sets the service provider application.
- *
- * @param samlSPApp
- * the new service provider application value.
- */
- public void setSpApplication(final String samlSPApp) {
- this.spApplication = samlSPApp;
- }
-
- /**
- * Checks if is eId sector share.
- *
- * @return true, if is eId sector share.
- */
- public boolean isEIDSectorShare() {
- return eIDSectorShare;
- }
-
- /**
- * Sets the eId sector share.
- *
- * @param eIdSectorShare
- * the new eId sector share value.
- */
- public void setEIDSectorShare(final boolean eIdSectorShare) {
- this.eIDSectorShare = eIdSectorShare;
- }
-
- /**
- * Checks if is eId cross sector share.
- *
- * @return true, if is eId cross sector share.
- */
- public boolean isEIDCrossSectorShare() {
- return eIDCrossSectorShare;
- }
-
- /**
- * Sets the eId cross sector share.
- *
- * @param eIdCrossSectorShare
- * the new eId cross sector share value.
- */
- public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) {
- this.eIDCrossSectorShare = eIdCrossSectorShare;
- }
-
- /**
- * Checks if is eId cross border share.
- *
- * @return true, if is eId cross border share.
- */
- public boolean isEIDCrossBorderShare() {
- return eIDCrossBorderShare;
- }
-
- /**
- * Sets the eId cross border share.
- *
- * @param eIdCrossBorderShare
- * the new eId cross border share value.
- */
- public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) {
- this.eIDCrossBorderShare = eIdCrossBorderShare;
- }
-
- /**
- * Returns a copy of this <tt>STORKAttrQueryRequest</tt> instance.
- *
- * @return The copy of this STORKAttrQueryRequest.
- * @throws CloneNotSupportedException
- * on clone exception
- */
- @Override
- public Object clone() throws CloneNotSupportedException {
- STORKAttrQueryRequest storkAttrQueryReq = null;
- storkAttrQueryReq = (STORKAttrQueryRequest) super.clone();
- storkAttrQueryReq.setPersonalAttributeList(getPersonalAttributeList());
- storkAttrQueryReq.setTokenSaml(getTokenSaml());
- return storkAttrQueryReq;
- }
-
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java deleted file mode 100644 index ac4663eaf..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java +++ /dev/null @@ -1,393 +0,0 @@ -/*
- * This work is Open Source and licensed by the European Commission under the
- * conditions of the European Public License v1.1
- *
- * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1);
- *
- * any use of this file implies acceptance of the conditions of this license.
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
- */
-package eu.stork.peps.auth.commons;
-
-import java.io.Serializable;
-import java.util.List;
-
-import org.apache.log4j.Logger;
-import org.joda.time.DateTime;
-import org.opensaml.saml2.core.Assertion;
-
-public class STORKAttrQueryResponse implements Serializable {
-
- /** The Constant serialVersionUID. */
- private static final long serialVersionUID = 7653893041391541235L;
-
- /** Response Id. */
- private String samlId;
-
- /** Request failed? */
- private boolean fail;
-
- /** Status code. */
- private String statusCode;
-
- /** Secondary status code. */
- private String subStatusCode;
-
- /** Audience restriction. */
- private String audienceRest;
-
- /** Error message. */
- private String message;
-
- /** Id of the request that originated this response. */
- private String inResponseTo;
-
- /** Expiration date. */
- private DateTime notOnOrAfter;
-
- /** Creation date. */
- private DateTime notBefore;
-
- /** The SAML token. */
- private byte[] tokenSaml = new byte[0];
-
- /** Country. */
- private String country;
-
- /** The complete assertion **/
- private Assertion assertion;
-
- /** List of all assertions in response **/
- private List<Assertion> assertions;
-
- /** The complete list from all assertions **/
- private IPersonalAttributeList totalAttributeList = new PersonalAttributeList();
-
- /** All personal attribute lists **/
- private List<IPersonalAttributeList> attributeLists;
-
- /** Citizen's personal attribute list. */
- private IPersonalAttributeList attributeList = new PersonalAttributeList();
-
- /**
- * Logger object.
- */
- private static final Logger LOG = Logger.getLogger(STORKAttrQueryResponse.class.getName());
-
- /**
- * Getter for the subStatusCode.
- *
- * @return The subStatusCode value.
- */
- public String getSubStatusCode() {
- return subStatusCode;
- }
-
- /**
- * Setter for the subStatusCode.
- *
- * @param samlSubStatusCode
- * the new subStatusCode value.
- */
- public void setSubStatusCode(final String samlSubStatusCode) {
- this.subStatusCode = samlSubStatusCode;
- }
-
- /**
- * Getter for audienceRest.
- *
- * @return The audienceRest value.
- */
- public String getAudienceRestriction() {
- return audienceRest;
- }
-
- /**
- * Setter for audienceRest.
- *
- * @param audRest
- * the new audienceRest value.
- */
- public void setAudienceRestriction(final String audRest) {
- this.audienceRest = audRest;
- }
-
- /**
- * Getter for the samlToken.
- *
- * @return The samlToken value.
- */
- public byte[] getTokenSaml() {
- return tokenSaml.clone();
- }
-
- /**
- * Setter for samlToken.
- *
- * @param samlToken
- * the new tokenSaml value.
- */
- public void setTokenSaml(final byte[] samlToken) {
- if (samlToken != null) {
- this.tokenSaml = samlToken.clone();
- }
- }
-
- /**
- * Getter for the country name.
- *
- * @return The country name value.
- */
- public String getCountry() {
- return country;
- }
-
- /**
- * Setter for the country name.
- *
- * @param cCountry
- * the new country name value.
- */
- public void setCountry(final String cCountry) {
- this.country = cCountry;
- }
-
- /**
- * Getter for pal value.
- *
- * @return The pal value.
- *
- * @see PersonalAttributeList
- */
- public IPersonalAttributeList getPersonalAttributeList() {
- return (IPersonalAttributeList) attributeList.clone();
- }
-
- /**
- * Setter for the Personal Attribute List value.
- *
- * @param attrList
- * the new value.
- *
- * @see PersonalAttributeList
- */
- public void setPersonalAttributeList(final IPersonalAttributeList attrList) {
- if (attrList != null) {
- this.attributeList = attrList;
- }
- }
-
- /**
- * Getter for the inResponseTo value.
- *
- * @return The inResponseTo value.
- */
- public String getInResponseTo() {
- return inResponseTo;
- }
-
- /**
- * Setter for the inResponseTo value.
- *
- * @param samlInResponseTo
- * the new inResponseTo value.
- */
- public void setInResponseTo(final String samlInResponseTo) {
- this.inResponseTo = samlInResponseTo;
- }
-
- /**
- * Getter for the fail value.
- *
- * @return The fail value.
- */
- public boolean isFail() {
- return fail;
- }
-
- /**
- * Setter for the fail value.
- *
- * @param failVal
- * the new fail value.
- */
- public void setFail(final boolean failVal) {
- this.fail = failVal;
- }
-
- /**
- * Getter for the message value.
- *
- * @return The message value.
- */
- public String getMessage() {
- return message;
- }
-
- /**
- * Setter for the message value.
- *
- * @param msg
- * the new message value.
- */
- public void setMessage(final String msg) {
- this.message = msg;
- }
-
- /**
- * Getter for the statusCode value.
- *
- * @return The statusCode value.
- */
- public String getStatusCode() {
- return statusCode;
- }
-
- /**
- * Setter for the statusCode value.
- *
- * @param status
- * the new statusCode value.
- */
- public void setStatusCode(final String status) {
- this.statusCode = status;
- }
-
- /**
- * Getter for the samlId value.
- *
- * @return The samlId value.
- */
- public String getSamlId() {
- return samlId;
- }
-
- /**
- * Setter for the samlId value.
- *
- * @param nSamlId
- * the new samlId value.
- */
- public void setSamlId(final String nSamlId) {
- this.samlId = nSamlId;
- }
-
- /**
- * Getter for the notOnOrAfter value.
- *
- * @return The notOnOrAfter value.
- *
- * @see DateTime
- */
- public DateTime getNotOnOrAfter() {
- return this.notOnOrAfter;
- }
-
- /**
- * Setter for the notOnOrAfter value.
- *
- * @param nOnOrAfter
- * the new notOnOrAfter value.
- *
- * @see DateTime
- */
- public void setNotOnOrAfter(final DateTime nOnOrAfter) {
- this.notOnOrAfter = nOnOrAfter;
- }
-
- /**
- * Getter for the notBefore value.
- *
- * @return The notBefore value.
- *
- * @see DateTime
- */
- public DateTime getNotBefore() {
- return notBefore;
- }
-
- /**
- * Setter for the notBefore value.
- *
- * @param nBefore
- * the new notBefore value.
- *
- * @see DateTime
- */
- public void setNotBefore(final DateTime nBefore) {
- this.notBefore = nBefore;
- }
-
- /** Get the assertion from the response **/
- public Assertion getAssertion() {
- return assertion;
- }
-
- /** Set the assertion in the response **/
- public void setAssertion(final Assertion nAssertion) {
- this.assertion = nAssertion;
- }
-
- public void setAssertions(List<Assertion> newAssert) {
- this.assertions = newAssert;
- }
-
- public List<Assertion> getAssertions() {
- return assertions;
- }
-
- /**
- * Getter for the toal pal value.
- *
- * @return The total pal value.
- *
- * @see PersonalAttributeList
- */
- public IPersonalAttributeList getTotalPersonalAttributeList() {
- return (IPersonalAttributeList) totalAttributeList.clone();
- }
-
- /**
- * Setter for the total Personal Attribute List value.
- *
- * @param attrList
- * the new value.
- *
- * @see PersonalAttributeList
- */
- public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) {
- if (attrList != null) {
- this.totalAttributeList = attrList;
- }
- }
-
- /**
- * Getter for personal attribute lists
- *
- * @return The lists
- *
- * @see PersonalAttributeList
- */
- public List<IPersonalAttributeList> getPersonalAttributeLists() {
- return attributeLists;
- }
-
- /**
- * Setter for the Personal Attribute List value.
- *
- * @param attrList
- * the new value.
- *
- * @see PersonalAttributeList
- */
- public void setPersonalAttributeLists(final List<IPersonalAttributeList> attrLists) {
- if (attrLists != null) {
- this.attributeLists = attrLists;
- }
- }
-
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java deleted file mode 100644 index c3223ec40..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java +++ /dev/null @@ -1,506 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; - -import org.apache.log4j.Logger; - -/** - * This class is a bean used to store the information relative to the STORKAuthnRequest (SAML Token Request). - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.21 $, $Date: 2011-02-17 22:44:34 $ - */ -public final class STORKAuthnRequest implements Serializable, Cloneable { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 4778480781609392750L; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(STORKAuthnRequest.class.getName()); - - /** The samlId. */ - private String samlId; - - /** The assertion consumer service url. */ - private String serviceURL; - - /** The destination. */ - private String destination; - - /** The provider name. */ - private String providerName; - - /** The distinguished name. */ - private String distinguishedName; - - /** The e id sector share. */ - private boolean eIDSectorShare; - - /** The e id cross sector share. */ - private boolean eIDCrossSectorShare; - - /** The e id cross border share. */ - private boolean eIDCrossBorderShare; - - /** The personal attribute list. */ - private IPersonalAttributeList attributeList = new PersonalAttributeList(); - - /** The qaa. */ - private int qaa; - - /** The token saml. */ - private byte[] tokenSaml = new byte[0]; - - /** The issuer. */ - private String issuer; - - /** The service provider sector. */ - private String spSector; - - /** The service provider institution. */ - private String spInstitution; - - /** The service provider application. */ - private String spApplication; - - /** The service provider country. */ - private String spCountry; - - /** The country. */ - private String country; - - /** The citizen country code. */ - private String citizenCountry; - - /** The Service Provider ID. */ - private String sPID; - - /** The Alias used at the keystore for saving this certificate. */ - private String alias; - - /** - * Gets the SP's Certificate Alias. - * - * @return alias The SP's Certificate Alias. - */ - public String getAlias() { - return alias; - } - - /** - * Sets the SP's Certificate Alias. - * - * @param nAlias - * The SP's Certificate Alias. - */ - public void setAlias(final String nAlias) { - this.alias = nAlias; - } - - /** - * Gets the SP ID. - * - * @return sPID The SP ID. - */ - public String getSPID() { - return sPID; - } - - /** - * Sets the SP ID. - * - * @param sPId - * The new sp samlId. - */ - public void setSPID(final String sPId) { - this.sPID = sPId; - } - - /** - * Gets the citizen country code. - * - * @return The citizen country code value. - */ - public String getCitizenCountryCode() { - return citizenCountry; - } - - /** - * Sets the citizen country code. - * - * @param countryCode - * the new citizen country code value. - */ - public void setCitizenCountryCode(final String countryCode) { - this.citizenCountry = countryCode; - } - - /** - * Gets the sp country. - * - * @return The sp country value. - */ - public String getSpCountry() { - return spCountry; - } - - /** - * Sets the sp country. - * - * @param sPCountry - * the new sp country value. - */ - public void setSpCountry(final String sPCountry) { - this.spCountry = sPCountry; - } - - /** - * Gets the issuer. - * - * @return The issuer value. - */ - public String getIssuer() { - return issuer; - } - - /** - * Sets the issuer. - * - * @param samlIssuer - * the new issuer value. - */ - public void setIssuer(final String samlIssuer) { - this.issuer = samlIssuer; - } - - /** - * Gets the SAML Token. - * - * @return The SAML Token value. - */ - public byte[] getTokenSaml() { - return tokenSaml.clone(); - } - - /** - * Sets the SAML Token. - * - * @param samlToken - * The new SAML Token value. - */ - public void setTokenSaml(final byte[] samlToken) { - if (samlToken != null) { - this.tokenSaml = samlToken.clone(); - } - } - - /** - * Gets the country. - * - * @return The country value. - */ - public String getCountry() { - return country; - } - - /** - * Sets the country. - * - * @param nCountry - * the new country value. - */ - public void setCountry(final String nCountry) { - this.country = nCountry; - } - - /** - * Getter for the qaa value. - * - * @return The qaa value value. - */ - public int getQaa() { - return qaa; - } - - /** - * Setter for the qaa value. - * - * @param qaaLevel - * The new qaa value. - */ - public void setQaa(final int qaaLevel) { - this.qaa = qaaLevel; - } - - /** - * Getter for the serviceURL value. - * - * @return The serviceURL value. - */ - public String getAssertionConsumerServiceURL() { - return serviceURL; - } - - /** - * Setter for the serviceURL value. - * - * @param newServiceURL - * the assertion consumer service URL. - */ - public void setAssertionConsumerServiceURL(final String newServiceURL) { - this.serviceURL = newServiceURL; - } - - /** - * Getter for the destination value. - * - * @return The destination value. - */ - public String getDestination() { - return destination; - } - - /** - * Setter for the destination value. - * - * @param detination - * the new destination value. - */ - public void setDestination(final String detination) { - this.destination = detination; - } - - /** - * Getter for the samlId value. - * - * @return The samlId value. - */ - public String getSamlId() { - return samlId; - } - - /** - * Setter for the samlId value. - * - * @param newSamlId - * the new samlId value. - */ - public void setSamlId(final String newSamlId) { - this.samlId = newSamlId; - } - - /** - * Getter for the providerName value. - * - * @return The provider name value. - */ - public String getProviderName() { - return providerName; - } - - /** - * Setter for the providerName value. - * - * @param samlProvider - * the provider name value. - */ - public void setProviderName(final String samlProvider) { - this.providerName = samlProvider; - } - - /** - * Getter for the attributeList value. - * - * @return The attributeList value. - * - * @see IPersonalAttributeList - */ - public IPersonalAttributeList getPersonalAttributeList() { - return (IPersonalAttributeList) attributeList.clone(); - } - - /** - * Setter for the attributeList value. - * - * @param attrList - * the personal attribute list value. - * - * @see IPersonalAttributeList - */ - public void setPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.attributeList = attrList; - } - } - - /** - * Getter for the distinguishedName value. - * - * @return The distinguishedName value. - */ - public String getDistinguishedName() { - return distinguishedName; - } - - /** - * Setter for the distinguishedName value. - * - * @param certDN - * the distinguished name value. - */ - public void setDistinguishedName(final String certDN) { - this.distinguishedName = certDN; - } - - /** - * Gets the service provider sector. - * - * @return The service provider sector value. - */ - public String getSpSector() { - return spSector; - } - - /** - * Sets the service provider sector. - * - * @param samlSPSector - * the new service provider sector value. - */ - public void setSpSector(final String samlSPSector) { - this.spSector = samlSPSector; - } - - /** - * Gets the service provider institution. - * - * @return The service provider institution value. - */ - public String getSpInstitution() { - return spInstitution; - } - - /** - * Sets the service provider institution. - * - * @param samlSPInst - * the new service provider institution value. - */ - public void setSpInstitution(final String samlSPInst) { - this.spInstitution = samlSPInst; - } - - /** - * Gets the service provider application. - * - * @return The service provider application value. - */ - public String getSpApplication() { - return spApplication; - } - - /** - * Sets the service provider application. - * - * @param samlSPApp - * the new service provider application value. - */ - public void setSpApplication(final String samlSPApp) { - this.spApplication = samlSPApp; - } - - /** - * Checks if is eId sector share. - * - * @return true, if is eId sector share. - */ - public boolean isEIDSectorShare() { - return eIDSectorShare; - } - - /** - * Sets the eId sector share. - * - * @param eIdSectorShare - * the new eId sector share value. - */ - public void setEIDSectorShare(final boolean eIdSectorShare) { - this.eIDSectorShare = eIdSectorShare; - } - - /** - * Checks if is eId cross sector share. - * - * @return true, if is eId cross sector share. - */ - public boolean isEIDCrossSectorShare() { - return eIDCrossSectorShare; - } - - /** - * Sets the eId cross sector share. - * - * @param eIdCrossSectorShare - * the new eId cross sector share value. - */ - public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) { - this.eIDCrossSectorShare = eIdCrossSectorShare; - } - - /** - * Checks if is eId cross border share. - * - * @return true, if is eId cross border share. - */ - public boolean isEIDCrossBorderShare() { - return eIDCrossBorderShare; - } - - /** - * Sets the eId cross border share. - * - * @param eIdCrossBorderShare - * the new eId cross border share value. - */ - public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) { - this.eIDCrossBorderShare = eIdCrossBorderShare; - } - - /** - * Returns a copy of this <tt>STORKAuthnRequest</tt> instance. - * - * @return The copy of this STORKAuthnRequest. - * @throws CloneNotSupportedException - * on clone exception - */ - @Override - public Object clone() throws CloneNotSupportedException { - STORKAuthnRequest storkAuthnReq = null; - try { - storkAuthnReq = (STORKAuthnRequest) super.clone(); - storkAuthnReq.setPersonalAttributeList(getPersonalAttributeList()); - storkAuthnReq.setTokenSaml(getTokenSaml()); - } catch (final CloneNotSupportedException e) { - // assert false; - LOG.trace("[PersonalAttribute] Nothing to do."); - } - - return storkAuthnReq; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java deleted file mode 100644 index 32bfd0df0..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java +++ /dev/null @@ -1,405 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.List; - -import org.apache.log4j.Logger; -import org.joda.time.DateTime; -import org.opensaml.saml2.core.Assertion; - -/** - * This class is a bean used to store the information relative to the STORKAuthnResponse. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class STORKAuthnResponse implements Serializable, Cloneable { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = -9100982727074068660L; - - /** Response Id. */ - private String samlId; - - /** Authentication failed? */ - private boolean fail; - - /** Status code. */ - private String statusCode; - - /** Secondary status code. */ - private String subStatusCode; - - /** Audience restriction. */ - private String audienceRest; - - /** Error message. */ - private String message; - - /** Id of the request that originated this response. */ - private String inResponseTo; - - /** Expiration date. */ - private DateTime notOnOrAfter; - - /** Creation date. */ - private DateTime notBefore; - - /** The SAML token. */ - private byte[] tokenSaml = new byte[0]; - - /** Country. */ - private String country; - - /** Citizen's personal attribute list. */ - private IPersonalAttributeList attributeList = new PersonalAttributeList(); - - /** List of all assertions in response **/ - private List<Assertion> assertions; - - /** The complete list from all assertions **/ - private IPersonalAttributeList totalAttributeList = new PersonalAttributeList(); - - /** All personal attribute lists **/ - private List<IPersonalAttributeList> attributeLists; - - /** - * Logger object. - */ - private static final Logger LOG = Logger.getLogger(STORKAuthnResponse.class.getName()); - - /** - * Getter for the subStatusCode. - * - * @return The subStatusCode value. - */ - public String getSubStatusCode() { - return subStatusCode; - } - - /** - * Setter for the subStatusCode. - * - * @param samlSubStatusCode - * the new subStatusCode value. - */ - public void setSubStatusCode(final String samlSubStatusCode) { - this.subStatusCode = samlSubStatusCode; - } - - /** - * Getter for audienceRest. - * - * @return The audienceRest value. - */ - public String getAudienceRestriction() { - return audienceRest; - } - - /** - * Setter for audienceRest. - * - * @param audRest - * the new audienceRest value. - */ - public void setAudienceRestriction(final String audRest) { - this.audienceRest = audRest; - } - - /** - * Getter for the samlToken. - * - * @return The samlToken value. - */ - public byte[] getTokenSaml() { - return tokenSaml.clone(); - } - - /** - * Setter for samlToken. - * - * @param samlToken - * the new tokenSaml value. - */ - public void setTokenSaml(final byte[] samlToken) { - if (samlToken != null) { - this.tokenSaml = samlToken.clone(); - } - } - - /** - * Getter for the country name. - * - * @return The country name value. - */ - public String getCountry() { - return country; - } - - /** - * Setter for the country name. - * - * @param cCountry - * the new country name value. - */ - public void setCountry(final String cCountry) { - this.country = cCountry; - } - - /** - * Getter for pal value. - * - * @return The pal value. - * - * @see PersonalAttributeList - */ - public IPersonalAttributeList getPersonalAttributeList() { - return (IPersonalAttributeList) attributeList.clone(); - } - - /** - * Setter for the Personal Attribute List value. - * - * @param attrList - * the new value. - * - * @see PersonalAttributeList - */ - public void setPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.attributeList = attrList; - } - } - - /** - * Getter for the inResponseTo value. - * - * @return The inResponseTo value. - */ - public String getInResponseTo() { - return inResponseTo; - } - - /** - * Setter for the inResponseTo value. - * - * @param samlInResponseTo - * the new inResponseTo value. - */ - public void setInResponseTo(final String samlInResponseTo) { - this.inResponseTo = samlInResponseTo; - } - - /** - * Getter for the fail value. - * - * @return The fail value. - */ - public boolean isFail() { - return fail; - } - - /** - * Setter for the fail value. - * - * @param failVal - * the new fail value. - */ - public void setFail(final boolean failVal) { - this.fail = failVal; - } - - /** - * Getter for the message value. - * - * @return The message value. - */ - public String getMessage() { - return message; - } - - /** - * Setter for the message value. - * - * @param msg - * the new message value. - */ - public void setMessage(final String msg) { - this.message = msg; - } - - /** - * Getter for the statusCode value. - * - * @return The statusCode value. - */ - public String getStatusCode() { - return statusCode; - } - - /** - * Setter for the statusCode value. - * - * @param status - * the new statusCode value. - */ - public void setStatusCode(final String status) { - this.statusCode = status; - } - - /** - * Getter for the samlId value. - * - * @return The samlId value. - */ - public String getSamlId() { - return samlId; - } - - /** - * Setter for the samlId value. - * - * @param nSamlId - * the new samlId value. - */ - public void setSamlId(final String nSamlId) { - this.samlId = nSamlId; - } - - /** - * Getter for the notOnOrAfter value. - * - * @return The notOnOrAfter value. - * - * @see DateTime - */ - public DateTime getNotOnOrAfter() { - return this.notOnOrAfter; - } - - /** - * Setter for the notOnOrAfter value. - * - * @param nOnOrAfter - * the new notOnOrAfter value. - * - * @see DateTime - */ - public void setNotOnOrAfter(final DateTime nOnOrAfter) { - this.notOnOrAfter = nOnOrAfter; - } - - /** - * Getter for the notBefore value. - * - * @return The notBefore value. - * - * @see DateTime - */ - public DateTime getNotBefore() { - return notBefore; - } - - /** - * Setter for the notBefore value. - * - * @param nBefore - * the new notBefore value. - * - * @see DateTime - */ - public void setNotBefore(final DateTime nBefore) { - this.notBefore = nBefore; - } - - public void setAssertions(List<Assertion> newAssert) { - this.assertions = newAssert; - } - - public List<Assertion> getAssertions() { - return assertions; - } - - /** - * Getter for the toal pal value. - * - * @return The total pal value. - * - * @see PersonalAttributeList - */ - public IPersonalAttributeList getTotalPersonalAttributeList() { - return (IPersonalAttributeList) totalAttributeList.clone(); - } - - public List<PersonalAttribute> getNormalizedPersonalAttributeList() { - List<PersonalAttribute> returnAttrList = new ArrayList<PersonalAttribute>(); - - if (this.totalAttributeList.isEmpty()) { - this.totalAttributeList = this.attributeList; - } - - for (PersonalAttribute pa : this.totalAttributeList) { - // Get the shortname of the attribute by removing - // the attached assertionId, if there is one and - // put the shortname as the attribute name - pa.setName(pa.getName().split("_")[0]); - // We add it to the return list. - returnAttrList.add(pa); - } - return returnAttrList; - } - - /** - * Setter for the total Personal Attribute List value. - * - * @param attrList - * the new value. - * - * @see PersonalAttributeList - */ - public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) { - if (attrList != null) { - this.totalAttributeList = attrList; - } - } - - /** - * Getter for personal attribute lists - * - * @return The lists - * - * @see PersonalAttributeList - */ - public List<IPersonalAttributeList> getPersonalAttributeLists() { - return attributeLists; - } - - /** - * Setter for the Personal Attribute List value. - * - * @param attrList - * the new value. - * - * @see PersonalAttributeList - */ - public void setPersonalAttributeLists(final List<IPersonalAttributeList> attrLists) { - if (attrLists != null) { - this.attributeLists = attrLists; - } - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java deleted file mode 100644 index acb70d365..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java +++ /dev/null @@ -1,205 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.io.Serializable;
-
-public class STORKLogoutRequest implements Serializable, Cloneable {
- private static final long serialVersionUID = 4778480781609392750L;
-
- /** The samlId. */
- private String samlId;
-
- /** The destination. */
- private String destination;
-
- /** The distinguished name. */
- private String distinguishedName;
-
- /** The qaa. */
- private int qaa;
-
- /** The token saml. */
- private byte[] tokenSaml = new byte[0];
-
- /** The issuer. */
- private String issuer;
-
- /** The country. */
- private String country;
-
- /** The Alias used at the keystore for saving this certificate. */
- private String alias;
-
- /** The ID of principal as known to SP **/
- private String spProvidedId;
-
- /**
- * Gets the SP's Certificate Alias.
- *
- * @return alias The SP's Certificate Alias.
- */
- public String getAlias() {
- return alias;
- }
-
- /**
- * Sets the SP's Certificate Alias.
- *
- * @param nAlias
- * The SP's Certificate Alias.
- */
- public void setAlias(final String nAlias) {
- this.alias = nAlias;
- }
-
- /**
- * Gets the issuer.
- *
- * @return The issuer value.
- */
- public String getIssuer() {
- return issuer;
- }
-
- /**
- * Sets the issuer.
- *
- * @param samlIssuer
- * the new issuer value.
- */
- public void setIssuer(final String samlIssuer) {
- this.issuer = samlIssuer;
- }
-
- /**
- * Gets the SAML Token.
- *
- * @return The SAML Token value.
- */
- public byte[] getTokenSaml() {
- return tokenSaml.clone();
- }
-
- /**
- * Sets the SAML Token.
- *
- * @param samlToken
- * The new SAML Token value.
- */
- public void setTokenSaml(final byte[] samlToken) {
- if (samlToken != null) {
- this.tokenSaml = samlToken.clone();
- }
- }
-
- /**
- * Gets the country.
- *
- * @return The country value.
- */
- public String getCountry() {
- return country;
- }
-
- /**
- * Sets the country.
- *
- * @param nCountry
- * the new country value.
- */
- public void setCountry(final String nCountry) {
- this.country = nCountry;
- }
-
- /**
- * Getter for the qaa value.
- *
- * @return The qaa value value.
- */
- public int getQaa() {
- return qaa;
- }
-
- /**
- * Setter for the qaa value.
- *
- * @param qaaLevel
- * The new qaa value.
- */
- public void setQaa(final int qaaLevel) {
- this.qaa = qaaLevel;
- }
-
- /**
- * Getter for the destination value.
- *
- * @return The destination value.
- */
- public String getDestination() {
- return destination;
- }
-
- /**
- * Setter for the destination value.
- *
- * @param detination
- * the new destination value.
- */
- public void setDestination(final String detination) {
- this.destination = detination;
- }
-
- /**
- * Getter for the samlId value.
- *
- * @return The samlId value.
- */
- public String getSamlId() {
- return samlId;
- }
-
- /**
- * Setter for the samlId value.
- *
- * @param newSamlId
- * the new samlId value.
- */
- public void setSamlId(final String newSamlId) {
- this.samlId = newSamlId;
- }
-
- /**
- * Getter for the distinguishedName value.
- *
- * @return The distinguishedName value.
- */
- public String getDistinguishedName() {
- return distinguishedName;
- }
-
- /**
- * Setter for the distinguishedName value.
- *
- * @param certDN
- * the distinguished name value.
- */
- public void setDistinguishedName(final String certDN) {
- this.distinguishedName = certDN;
- }
-
- /** Getter for spProvidedId **/
- public String getSpProvidedId() {
- return spProvidedId;
- }
-
- public void setSpProvidedId(final String nSpProvidedId) {
- this.spProvidedId = nSpProvidedId;
- }
-
- @Override
- public Object clone() throws CloneNotSupportedException {
- STORKLogoutRequest storkLogoutRequest = null;
- storkLogoutRequest = (STORKLogoutRequest) super.clone();
- storkLogoutRequest.setTokenSaml(getTokenSaml());
- return storkLogoutRequest;
- }
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java deleted file mode 100644 index 8606b6389..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java +++ /dev/null @@ -1,281 +0,0 @@ -package eu.stork.peps.auth.commons;
-
-import java.io.Serializable;
-
-public class STORKLogoutResponse implements Serializable, Cloneable {
- private static final long serialVersionUID = 4778480781609392750L;
-
- /** The samlId. */
- private String samlId;
-
- /** The destination. */
- private String destination;
-
- /** The distinguished name. */
- private String distinguishedName;
-
- /** The token saml. */
- private byte[] tokenSaml = new byte[0];
-
- /** The issuer. */
- private String issuer;
-
- /** The country. */
- private String country;
-
- /** The Alias used at the keystore for saving this certificate. */
- private String alias;
-
- /** Status code. */
- private String statusCode;
-
- /** Secondary status code. */
- private String subStatusCode;
-
- /** Status message. */
- private String statusMessage;
-
- /** Logout failed? */
- private boolean fail;
-
- /** The inResponseTo */
- private String inResponseTo;
-
- /**
- * Gets the SP's Certificate Alias.
- *
- * @return alias The SP's Certificate Alias.
- */
- public String getAlias() {
- return alias;
- }
-
- /**
- * Sets the SP's Certificate Alias.
- *
- * @param nAlias
- * The SP's Certificate Alias.
- */
- public void setAlias(final String nAlias) {
- this.alias = nAlias;
- }
-
- /**
- * Gets the issuer.
- *
- * @return The issuer value.
- */
- public String getIssuer() {
- return issuer;
- }
-
- /**
- * Sets the issuer.
- *
- * @param samlIssuer
- * the new issuer value.
- */
- public void setIssuer(final String samlIssuer) {
- this.issuer = samlIssuer;
- }
-
- /**
- * Gets the SAML Token.
- *
- * @return The SAML Token value.
- */
- public byte[] getTokenSaml() {
- return tokenSaml.clone();
- }
-
- /**
- * Sets the SAML Token.
- *
- * @param samlToken
- * The new SAML Token value.
- */
- public void setTokenSaml(final byte[] samlToken) {
- if (samlToken != null) {
- this.tokenSaml = samlToken.clone();
- }
- }
-
- /**
- * Gets the country.
- *
- * @return The country value.
- */
- public String getCountry() {
- return country;
- }
-
- /**
- * Sets the country.
- *
- * @param nCountry
- * the new country value.
- */
- public void setCountry(final String nCountry) {
- this.country = nCountry;
- }
-
- /**
- * Getter for the destination value.
- *
- * @return The destination value.
- */
- public String getDestination() {
- return destination;
- }
-
- /**
- * Setter for the destination value.
- *
- * @param detination
- * the new destination value.
- */
- public void setDestination(final String detination) {
- this.destination = detination;
- }
-
- /**
- * Getter for the samlId value.
- *
- * @return The samlId value.
- */
- public String getSamlId() {
- return samlId;
- }
-
- /**
- * Setter for the samlId value.
- *
- * @param newSamlId
- * the new samlId value.
- */
- public void setSamlId(final String newSamlId) {
- this.samlId = newSamlId;
- }
-
- /**
- * Getter for the distinguishedName value.
- *
- * @return The distinguishedName value.
- */
- public String getDistinguishedName() {
- return distinguishedName;
- }
-
- /**
- * Setter for the distinguishedName value.
- *
- * @param certDN
- * the distinguished name value.
- */
- public void setDistinguishedName(final String certDN) {
- this.distinguishedName = certDN;
- }
-
- /**
- * Getter for the fail value.
- *
- * @return The fail value.
- */
- public boolean isFail() {
- return fail;
- }
-
- /**
- * Setter for the fail value.
- *
- * @param failVal
- * the new fail value.
- */
- public void setFail(final boolean failVal) {
- this.fail = failVal;
- }
-
- /**
- * Getter for the statusCode value.
- *
- * @return The statusCode value.
- */
- public String getStatusCode() {
- return statusCode;
- }
-
- /**
- * Getter for the subStatusCode.
- *
- * @return The subStatusCode value.
- */
- public String getSubStatusCode() {
- return subStatusCode;
- }
-
- /**
- * Setter for the subStatusCode.
- *
- * @param samlSubStatusCode
- * the new subStatusCode value.
- */
- public void setSubStatusCode(final String samlSubStatusCode) {
- this.subStatusCode = samlSubStatusCode;
- }
-
- /**
- * Setter for the statusMessage value.
- *
- * @param status
- * the new statusMessage value.
- */
- public void setStatusMessage(final String status) {
- this.statusMessage = status;
- }
-
- /**
- * Getter for the statusMessage value.
- *
- * @return The statusMessage value.
- */
- public String getStatusMessage() {
- return statusMessage;
- }
-
- /**
- * Setter for the statusCode value.
- *
- * @param status
- * the new statusCode value.
- */
- public void setStatusCode(final String status) {
- this.statusCode = status;
- }
-
- @Override
- public Object clone() throws CloneNotSupportedException {
- STORKLogoutResponse storkLogoutResponse = null;
- storkLogoutResponse = (STORKLogoutResponse) super.clone();
- storkLogoutResponse.setTokenSaml(getTokenSaml());
- return storkLogoutResponse;
- }
-
-
- /**
- * Getter for the inResponseTo value.
- *
- * @return The inResponseTo value.
- */
- public String getInResponseTo() {
- return inResponseTo;
- }
-
- /**
- * Setter for the inResponseTo value.
- *
- * @param inResponseTo the new inResponseTo value.
- */
- public void setInResponseTo(String inResponseTo) {
- this.inResponseTo = inResponseTo;
- }
-}
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java deleted file mode 100644 index 98781828e..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains the SAML Token Status Code. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ - */ -public enum STORKStatusCode { - - /** URI for Requester status code. */ - REQUESTER_URI("urn:oasis:names:tc:SAML:2.0:status:Requester"), - - /** URI for Responder status code. */ - RESPONDER_URI("urn:oasis:names:tc:SAML:2.0:status:Responder"), - - /** URI for Success status code. */ - SUCCESS_URI("urn:oasis:names:tc:SAML:2.0:status:Success"), - - /** Attribute is Available. */ - STATUS_AVAILABLE("Available"), - - /** Attribute is NotAvailable. */ - STATUS_NOT_AVAILABLE("NotAvailable"), - - /** Attribute is Withheld. */ - STATUS_WITHHELD("Withheld"); - - /** - * Represents the constant's value. - */ - private String value; - - /** - * Solo Constructor. - * - * @param val - * The Constant value. - */ - private STORKStatusCode(final String val) { - - this.value = val; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - - return value; - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java deleted file mode 100644 index 0d5d72a0e..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons; - -/** - * This enum class contains the SAML Token Sub Status Code. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.7 $, $Date: 2010-11-17 05:15:28 $ - */ -public enum STORKSubStatusCode { - - /** URI for AuthnFailed status code. */ - AUTHN_FAILED_URI("urn:oasis:names:tc:SAML:2.0:status:AuthnFailed"), - - /** URI for InvalidAttrNameOrValue status code. */ - INVALID_ATTR_NAME_VALUE_URI("urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue"), - - /** URI for InvalidNameIDPolicy status code. */ - INVALID_NAMEID_POLICY_URI("urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy"), - - /** URI for VersionMismatch status code. */ - VERSION_MISMATCH_URI("urn:oasis:names:tc:SAML:2.0:status:VersionMismatch"), - - /** URI for RequestDenied status code. */ - REQUEST_DENIED_URI("urn:oasis:names:tc:SAML:2.0:status:RequestDenied"), - - /** URI for QaaNotSupported status code. */ - QAA_NOT_SUPPORTED("http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported"); - - /** - * Represents the constant's value. - */ - private String value; - - /** - * Solo Constructor. - * - * @param val - * The Constant value. - */ - private STORKSubStatusCode(final String val) { - - this.value = val; - } - - /** - * Return the Constant Value. - * - * @return The constant value. - */ - public String toString() { - - return value; - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java deleted file mode 100644 index 97b43cf67..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java +++ /dev/null @@ -1,177 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -import java.io.Serializable; - -/** - * Abstract class to represent the various PEPS exceptions. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ - */ -public abstract class AbstractPEPSException extends RuntimeException implements Serializable { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = -1884417567740138022L; - - /** - * Error code. - */ - private String errorCode; - - /** - * Error message. - */ - private String errorMessage; - - /** - * SAML token. - */ - private String samlTokenFail; - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters. - * - * @param code - * The error code value. - * @param message - * The error message value. - */ - public AbstractPEPSException(final String code, final String message) { - - super(message); - this.errorCode = code; - this.errorMessage = message; - } - - /** - * Exception Constructor with the errorMessage as parameters and the Throwable cause. - * - * @param message - * The error message value. - * @param cause - * The throwable object. - */ - public AbstractPEPSException(final String message, final Throwable cause) { - - super(message, cause); - this.errorMessage = message; - } - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters and the Throwable cause. - * - * @param code - * The error code value. - * @param message - * The error message value. - * @param cause - * The throwable object. - */ - public AbstractPEPSException(final String code, final String message, final Throwable cause) { - - super(message, cause); - this.errorCode = code; - this.errorMessage = message; - } - - /** - * Exception Constructor with three Strings representing the errorCode, errorMessage and encoded samlToken as parameters. - * - * @param code - * The error code value. - * @param message - * The error message value. - * @param samlToken - * The error SAML Token. - */ - public AbstractPEPSException(final String code, final String message, final String samlToken) { - - super(message); - this.errorCode = code; - this.errorMessage = message; - this.samlTokenFail = samlToken; - } - - /** - * Constructor with SAML Token as argument. Error message and error code are embedded in the SAML. - * - * @param samlToken - * The error SAML Token. - */ - public AbstractPEPSException(final String samlToken) { - super(); - this.samlTokenFail = samlToken; - } - - /** - * Getter for errorCode. - * - * @return The errorCode value. - */ - public final String getErrorCode() { - return errorCode; - } - - /** - * Setter for errorCode. - * - * @param code - * The error code value. - */ - public final void setErrorCode(final String code) { - this.errorCode = code; - } - - /** - * Getter for errorMessage. - * - * @return The error Message value. - */ - public final String getErrorMessage() { - return errorMessage; - } - - /** - * Setter for errorMessage. - * - * @param message - * The error message value. - */ - public final void setErrorMessage(final String message) { - this.errorMessage = message; - } - - /** - * Getter for SAMLTokenFail. - * - * @return The error SAML Token. - */ - public final String getSamlTokenFail() { - return samlTokenFail; - } - - /** - * Setter for SAMLTokenFail. - * - * @param samlToken - * The error SAML token. - */ - public final void setSamlTokenFail(final String samlToken) { - this.samlTokenFail = samlToken; - } -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java deleted file mode 100644 index 3479a33b8..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java +++ /dev/null @@ -1,146 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * This exception is thrown by the C-PEPS service and holds the relative information to present to the citizen. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $ - */ -public final class CPEPSException extends RuntimeException { - - /** - * Serial id. - */ - private static final long serialVersionUID = -4012295047127999362L; - - /** - * Error code. - */ - private String errorCode; - - /** - * Error message. - */ - private String errorMessage; - - /** - * SAML token. - */ - private String samlTokenFail; - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters. - * - * @param samlToken - * The SAML Token. - * @param code - * The error code value. - * @param message - * The error message value. - */ - public CPEPSException(final String samlToken, final String code, final String message) { - - super(message); - this.setErrorCode(code); - this.setErrorMessage(message); - this.setSamlTokenFail(samlToken); - } - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters. - * - * @param samlToken - * The SAML Token. - * @param code - * The error code value. - * @param message - * The error message value. - * @param cause - * The original exception; - */ - public CPEPSException(final String samlToken, final String code, final String message, final Throwable cause) { - - super(message, cause); - this.setErrorCode(code); - this.setErrorMessage(message); - this.setSamlTokenFail(samlToken); - } - - /** - * {@inheritDoc} - */ - public String getMessage() { - return this.getErrorMessage() + " (" + this.getErrorCode() + ")"; - } - - /** - * Getter for the error code. - * - * @return The errorCode value. - */ - public String getErrorCode() { - return errorCode; - } - - /** - * Setter for the error code. - * - * @param code - * The error code. - */ - public void setErrorCode(final String code) { - this.errorCode = code; - } - - /** - * Getter for the error message. - * - * @return The errorMessage value. - */ - public String getErrorMessage() { - return errorMessage; - } - - /** - * Setter for the error message. - * - * @param message - * The error message. - */ - public void setErrorMessage(final String message) { - this.errorMessage = message; - } - - /** - * Getter for the samlTokenFail. - * - * @return The samlTokenFail value. - */ - public String getSamlTokenFail() { - return samlTokenFail; - } - - /** - * Setter for the samlTokenFail. - * - * @param samlToken - * The error Saml Token. - */ - public void setSamlTokenFail(final String samlToken) { - this.samlTokenFail = samlToken; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java deleted file mode 100644 index f1bccb277..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java +++ /dev/null @@ -1,74 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Internal Error Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ - * - * @see AbstractPEPSException - */ -public final class InternalErrorPEPSException extends AbstractPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 1193001455410319795L; - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters and the Throwable cause. - * - * @param errorCode - * The error code value. - * @param errorMessage - * The error message value. - * @param cause - * The throwable object. - */ - public InternalErrorPEPSException(final String errorCode, final String errorMessage, final Throwable cause) { - - super(errorCode, errorMessage, cause); - } - - /** - * Exception Constructor with three strings representing the errorCode, errorMessage and encoded samlToken as parameters. - * - * @param errorCode - * The error code value. - * @param errorMessage - * The error message value. - * @param samlTokenFail - * The error SAML Token. - */ - public InternalErrorPEPSException(final String errorCode, final String errorMessage, final String samlTokenFail) { - - super(errorCode, errorMessage, samlTokenFail); - } - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters. - * - * @param errorCode - * The error code value. - * @param errorMessage - * The error message value. - */ - public InternalErrorPEPSException(final String errorCode, final String errorMessage) { - - super(errorCode, errorMessage); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java deleted file mode 100644 index 0aca67d5b..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Invalid Parameter Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.11 $, $Date: 2010-11-17 05:15:28 $ - * - * @see InvalidParameterPEPSException - */ -public class InvalidParameterPEPSException extends AbstractPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 2046282148740524875L; - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters. - * - * @param errorCode - * The error code value. - * @param errorMessage - * The error code message value. - */ - public InvalidParameterPEPSException(final String errorCode, final String errorMessage) { - super(errorCode, errorMessage); - } - - /** - * Exception Constructor with one String representing the encoded samlToken. - * - * @param samlTokenFail - * The error SAML Token. - */ - public InvalidParameterPEPSException(final String samlTokenFail) { - super(samlTokenFail); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java deleted file mode 100644 index a4389da79..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java +++ /dev/null @@ -1,44 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Invalid session Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.14 $, $Date: 2010-11-17 05:15:28 $ - * - * @see InvalidParameterPEPSException - */ -public class InvalidSessionPEPSException extends InvalidParameterPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 7147090160978319016L; - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters. - * - * @param errorCode - * The error code value. - * @param errorMessage - * The error message value. - */ - public InvalidSessionPEPSException(final String errorCode, final String errorMessage) { - - super(errorCode, errorMessage); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java deleted file mode 100644 index 03e7fb72f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Security PEPS Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.18 $, $Date: 2010-11-17 05:15:28 $ - * - * @see AbstractPEPSException - */ -public final class SecurityPEPSException extends AbstractPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 5605743302478554967L; - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters. - * - * @param errorCode - * The error code value. - * @param errorMsg - * The error message value. - */ - public SecurityPEPSException(final String errorCode, final String errorMsg) { - super(errorCode, errorMsg); - } - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters and the Throwable cause. - * - * @param errorCode - * The error code value. - * @param errorMessage - * The error message value. - * @param cause - * The throwable object. - */ - public SecurityPEPSException(final String errorCode, final String errorMessage, final Throwable cause) { - - super(errorCode, errorMessage, cause); - } - - /** - * Exception Constructor with one String representing the encoded samlToken. - * - * @param samlTokenFail - * The error SAML Token. - */ - public SecurityPEPSException(final String samlTokenFail) { - super(samlTokenFail); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java deleted file mode 100644 index 55f4f5a01..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.commons.exceptions; - -/** - * Security PEPS Exception class. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com, paulo.ribeiro@multicert.com - * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ - * - * @see AbstractPEPSException - */ -public final class StorkPEPSException extends AbstractPEPSException { - - /** - * Unique identifier. - */ - private static final long serialVersionUID = 8048033129798427574L; - - /** - * Exception Constructor with two Strings representing the errorCode and errorMessage as parameters. - * - * @param errorCode - * The error code value. - * @param errorMsg - * The error message value. - */ - public StorkPEPSException(final String errorCode, final String errorMsg) { - super(errorCode, errorMsg); - } - - /** - * {@inheritDoc} - */ - public String getMessage() { - - return "Security Error (" + this.getErrorCode() + ") processing request : " + this.getErrorMessage(); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java deleted file mode 100644 index d83068beb..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java +++ /dev/null @@ -1,7 +0,0 @@ -/**
- * Package for the PEPS’ Exceptions handling.
- *
- * @since 1.0
- */
-package eu.stork.peps.auth.commons.exceptions;
-
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java deleted file mode 100644 index d733342d7..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java +++ /dev/null @@ -1,10 +0,0 @@ -/**
- * Common Authentication Service functionalities to be deployed in every PEPS
- * is contained in this package.
- * In particular, it contains the SAML Engine that implements the SAML messages
- * management
- *
- * @since 1.0
- */
-package eu.stork.peps.auth.commons;
-
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java deleted file mode 100644 index d9166458f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java +++ /dev/null @@ -1,235 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import java.util.Map; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.IStorkSession; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnResponse; - -/** - * Interface for Specific Authentication methods. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface IAUService { - - /** - * Prepares the citizen to be redirected to the IdP. - * - * @param personalList - * The Personal Attribute List. - * @param parameters - * The parameters. - * @param session - * The session object. - * @param requestAttributes - * The Requested attributes. - * - * @return byte[] containing a SAML Request. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - byte[] prepareCitizenAuthentication(IPersonalAttributeList personalList, Map<String, Object> parameters, Map<String, Object> requestAttributes, IStorkSession session); - - /** - * Prepares the citizen to be redirected to the PV. - * - * @param personalList - * The Personal Attribute List. - * @param parameters - * The parameters. - * @param session - * The session object. - * @param requestAttributes - * The Requested attributes. - * - * @return byte[] containing a SAML Request. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - byte[] preparePVRequest(IPersonalAttributeList personalList, Map<String, Object> parameters, Map<String, Object> requestAttributes, IStorkSession session); - - /** - * Authenticates a citizen. - * - * @param personalList - * The Personal Attribute List. - * @param parameters - * The parameters. - * @param requestAttributes - * The requested attributes. - * - * @return The updated Personal Attribute List. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList authenticateCitizen(IPersonalAttributeList personalList, Map<String, Object> parameters, Map<String, Object> requestAttributes); - - /** - * Validates a power. - * - * @param personalList - * The Personal Attribute List. - * @param parameters - * The parameters. - * @param requestAttributes - * The requested attributes. - * - * @return The updated Personal Attribute List (power validated). - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList powerValidation(IPersonalAttributeList personalList, Map<String, Object> parameters, Map<String, Object> requestAttributes); - - /** - * Prepares the Citizen browser to be redirected to the AP. - * - * @param personalList - * The Personal Attribute List. - * @param parameters - * The parameters. - * @param session - * The session object. - * @param requestAttributes - * The requested attributes. - * - * @return true in case of no error. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - boolean prepareAPRedirect(IPersonalAttributeList personalList, Map<String, Object> parameters, Map<String, Object> requestAttributes, IStorkSession session); - - /** - * Returns the attributes values from the AP. - * - * @param personalList - * The Personal Attribute List. - * @param parameters - * The parameters. - * @param requestAttributes - * The request attributes. - * - * @return The updated Personal Attribute List. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList getAttributesFromAttributeProviders(IPersonalAttributeList personalList, Map<String, Object> parameters, Map<String, Object> requestAttributes); - - /** - * Get the attributes from the AP with verification. - * - * @param personalList - * The Personal Attribute List. - * @param parameters - * The HTTP Parameters. - * @param requestAttributes - * The requested Attributes. - * @param session - * The session object. - * @param auProcessId - * The SAML identifier. - * - * @return true if the attributes were correctly verified. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - boolean getAttributesWithVerification(IPersonalAttributeList personalList, Map<String, Object> parameters, Map<String, Object> requestAttributes, IStorkSession session, String auProcessId); - - /** - * Validates a SAML Response. - * - * @param samlToken - * The SAML Token. - * @param session - * The session object. - * - * @return the STORKAuthnResponse associated with the validated response. - * - * @see IStorkSession - */ - STORKAuthnResponse processAuthenticationResponse(byte[] samlToken, IStorkSession session); - - /** - * Generates a SAML Response in case of error. - * - * @param inResponseTo - * The SAML's identifier to response. - * @param issuer - * The issuer value. - * @param assertionURL - * The assertion URL. - * @param code - * The error code. - * @param subcode - * The sub error code. - * @param message - * The error message. - * @param ipUserAddress - * The user IP address. - * - * @return byte[] containing the SAML Response. - */ - byte[] generateErrorAuthenticationResponse(String inResponseTo, String issuer, String assertionURL, String code, String subcode, String message, String ipUserAddress); - - /** - * Compares two given personal attribute lists. - * - * @param original - * The original Personal Attribute List. - * @param modified - * The modified Personal Attribute List. - * @return true if the original list contains the modified one. False otherwise. - * - * @see IPersonalAttributeList - */ - boolean comparePersonalAttributeLists(IPersonalAttributeList original, IPersonalAttributeList modified); - - /** - * Prepares the citizen to be redirected to the AtP. - * - * @param personalList - * The Personal Attribute List. - * @param parameters - * The parameters. - * @param session - * The session object. - * - * @return byte[] containing a SAML Request. - * - * @see IPersonalAttributeList - * @see IStorkSession - */ - byte[] prepareAttributeRequest(IPersonalAttributeList personalList, Map<String, Object> parameters, IStorkSession session); - - /** - * Validates a SAML Response. - * - * @param samlToken - * The SAML Token. - * @param session - * The session object. - * - * @return the STORKAttrQueryResponse associated with the validated response. - * - * @see IStorkSession - */ - STORKAttrQueryResponse processAttributeResponse(byte[] samlToken, IStorkSession session); -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java deleted file mode 100644 index ccfcebf43..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import java.util.List; - -/** - * Interface that defines the methods to work with the validation of attributes. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface ICheckAttributeValue { - - /** - * Checks if the list of values contains the expected value. - * - * @param values - * The List of values. - * @param expectedValue - * The value to check if it exists on the list. - * - * @return boolean true, if the value is present in the list. False, otherwise. - */ - boolean checkValue(List<String> values, String expectedValue); - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java deleted file mode 100644 index a661e731b..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import eu.stork.peps.auth.commons.IStorkSession; -import eu.stork.peps.auth.commons.PersonalAttribute; - -/** - * Interface that defines the methods to work with derivation of attributes. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface IDeriveAttribute { - - /** - * Derives the attribute value. Set the Personal Attribute value to null if the value in session or the value of age are invalid (non-numeric or null). - * - * @param personalAttrList - * The Personal Attribute List. - * @param session - * The session object. - * - * @see PersonalAttribute The personal Attribute - * @see IStorkSession The session object. - */ - void deriveAttributeToData(PersonalAttribute personalAttrList, IStorkSession session); - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java deleted file mode 100644 index eaae06481..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java +++ /dev/null @@ -1,35 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import eu.stork.peps.auth.commons.PersonalAttribute; - -/** - * Interface for attribute's value normalisation. - * - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface INormaliseValue { - - /** - * Translates the attribute's value from local format to STORK format. - * - * @param personalAttribute - * The Personal Attribute to normalise the value. - * - * @see PersonalAttribute - */ - void normaliseAttributeValueToStork(PersonalAttribute personalAttribute); -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java deleted file mode 100644 index 4769bba19..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java +++ /dev/null @@ -1,101 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.auth.specific; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.IStorkSession; -import eu.stork.peps.auth.commons.STORKAuthnRequest; - -/** - * Interface for attributes normalization. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, luis.felix@multicert.com, hugo.magalhaes@multicert.com - */ -public interface ITranslatorService { - - /** - * Translates the attributes from local format to STORK format. - * - * @param personalList - * The Personal Attribute List. - * - * @return The Personal Attribute List with normalised attributes. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList normaliseAttributeNamesToStork(IPersonalAttributeList personalList); - - /** - * Translates the attributes values from local format to STORK format. - * - * @param personalList - * The Personal Attribute List. - * - * @return The PersonalAttributeList with normalised values. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList normaliseAttributeValuesToStork(IPersonalAttributeList personalList); - - /** - * Translates the attributes from STORK format to local format. - * - * @param personalList - * The Personal Attribute List. - * - * @return The PersonalAttributeList with normalised attributes. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList normaliseAttributeNamesFromStork(IPersonalAttributeList personalList); - - /** - * Derive Attribute Names To Stork format. - * - * @param personalList - * The Personal Attribute List, - * - * @return The PersonalAttributeList with derived attributes. - * - * @see IPersonalAttributeList - */ - IPersonalAttributeList deriveAttributeFromStork(IPersonalAttributeList personalList); - - /** - * Derive Attribute Names from Stork format. - * - * @param session - * The session object. - * @param modifiedList - * The Personal Attribute List. - * - * @return The PersonalAttributeList with derived attributes. - * - * @see IStorkSession - * @see IPersonalAttributeList - */ - IPersonalAttributeList deriveAttributeToStork(IStorkSession session, IPersonalAttributeList modifiedList); - - /** - * Validate the values of the attributes. - * - * @param pal - * The attribute list - * - * @return True, if all the attributes have values. False, otherwise. - * - * @see STORKAuthnRequest - */ - boolean checkAttributeValues(IPersonalAttributeList pa); -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java deleted file mode 100644 index a25c52311..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java +++ /dev/null @@ -1,8 +0,0 @@ -/**
- * Specific PEPS Interfaces that implements functionality of the Authentication
- * Service.
- *
- * @since 1.0
- */
-package eu.stork.peps.auth.specific;
-
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AdditionalInformationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AdditionalInformationType.java deleted file mode 100644 index 87268f991..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AdditionalInformationType.java +++ /dev/null @@ -1,90 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Additional information - * - * <p> - * Java class for AdditionalInformationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AdditionalInformationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="SpecificInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="OtherSources" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AdditionalInformationType", propOrder = { "specificInformation", "otherSources" }) -public class AdditionalInformationType { - - @XmlElement(name = "SpecificInformation") - protected RichTextTagType specificInformation; - @XmlElement(name = "OtherSources") - protected RichTextTagType otherSources; - - /** - * Gets the value of the specificInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getSpecificInformation() { - return specificInformation; - } - - /** - * Sets the value of the specificInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setSpecificInformation(RichTextTagType value) { - this.specificInformation = value; - } - - /** - * Gets the value of the otherSources property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getOtherSources() { - return otherSources; - } - - /** - * Sets the value of the otherSources property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setOtherSources(RichTextTagType value) { - this.otherSources = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AddressType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AddressType.java deleted file mode 100644 index 044fd0a04..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AddressType.java +++ /dev/null @@ -1,254 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * Address - * - * <p> - * Java class for AddressType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AddressType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Line" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" maxOccurs="unbounded"/> - * <element name="City" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="StateOrRegion" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="PostalCode" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Country"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="country" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AddressType", propOrder = { "line", "city", "stateOrRegion", "postalCode", "country" }) -public class AddressType { - - @XmlElement(name = "Line", required = true) - protected List<String> line; - @XmlElement(name = "City", required = true) - protected String city; - @XmlElement(name = "StateOrRegion", required = true) - protected String stateOrRegion; - @XmlElement(name = "PostalCode", required = true) - protected String postalCode; - @XmlElement(name = "Country", required = true) - protected AddressType.Country country; - - /** - * Gets the value of the line property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the line property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getLine().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getLine() { - if (line == null) { - line = new ArrayList<String>(); - } - return this.line; - } - - /** - * Gets the value of the city property. - * - * @return possible object is {@link String } - * - */ - public String getCity() { - return city; - } - - /** - * Sets the value of the city property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCity(String value) { - this.city = value; - } - - /** - * Gets the value of the stateOrRegion property. - * - * @return possible object is {@link String } - * - */ - public String getStateOrRegion() { - return stateOrRegion; - } - - /** - * Sets the value of the stateOrRegion property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStateOrRegion(String value) { - this.stateOrRegion = value; - } - - /** - * Gets the value of the postalCode property. - * - * @return possible object is {@link String } - * - */ - public String getPostalCode() { - return postalCode; - } - - /** - * Sets the value of the postalCode property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setPostalCode(String value) { - this.postalCode = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link AddressType.Country } - * - */ - public AddressType.Country getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link AddressType.Country } - * - */ - public void setCountry(AddressType.Country value) { - this.country = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="country" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Country { - - @XmlValue - protected String value; - @XmlAttribute(name = "country", required = true) - protected CountryType country; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link CountryType } - * - */ - public CountryType getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link CountryType } - * - */ - public void setCountry(CountryType value) { - this.country = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedFileDataType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedFileDataType.java deleted file mode 100644 index 17212282b..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedFileDataType.java +++ /dev/null @@ -1,112 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Data file - * - * <p> - * Java class for AttachedFileDataType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedFileDataType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Mime" type="{urn:crue:academic:xsd:language:diplomasupplement}MimeType"/> - * <element name="Data" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedFileDataType", propOrder = { "description", "mime", "data" }) -public class AttachedFileDataType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlElement(name = "Mime", required = true) - protected MimeType mime; - @XmlElement(name = "Data", required = true) - protected byte[] data; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the mime property. - * - * @return possible object is {@link MimeType } - * - */ - public MimeType getMime() { - return mime; - } - - /** - * Sets the value of the mime property. - * - * @param value - * allowed object is {@link MimeType } - * - */ - public void setMime(MimeType value) { - this.mime = value; - } - - /** - * Gets the value of the data property. - * - * @return possible object is byte[] - */ - public byte[] getData() { - return data; - } - - /** - * Sets the value of the data property. - * - * @param value - * allowed object is byte[] - */ - public void setData(byte[] value) { - this.data = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedFileURLType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedFileURLType.java deleted file mode 100644 index 5cae1a677..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedFileURLType.java +++ /dev/null @@ -1,114 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * URL reference to the file - * - * <p> - * Java class for AttachedFileURLType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedFileURLType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Mime" type="{urn:crue:academic:xsd:language:diplomasupplement}MimeType"/> - * <element name="URL" type="{urn:crue:academic:xsd:language:diplomasupplement}URLType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedFileURLType", propOrder = { "description", "mime", "url" }) -public class AttachedFileURLType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlElement(name = "Mime", required = true) - protected MimeType mime; - @XmlElement(name = "URL", required = true) - protected String url; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the mime property. - * - * @return possible object is {@link MimeType } - * - */ - public MimeType getMime() { - return mime; - } - - /** - * Sets the value of the mime property. - * - * @param value - * allowed object is {@link MimeType } - * - */ - public void setMime(MimeType value) { - this.mime = value; - } - - /** - * Gets the value of the url property. - * - * @return possible object is {@link String } - * - */ - public String getURL() { - return url; - } - - /** - * Sets the value of the url property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setURL(String value) { - this.url = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedImageDataType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedImageDataType.java deleted file mode 100644 index 24b2df121..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedImageDataType.java +++ /dev/null @@ -1,112 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Image data file - * - * <p> - * Java class for AttachedImageDataType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedImageDataType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Mime" type="{urn:crue:academic:xsd:language:diplomasupplement}ImageMimeType"/> - * <element name="Data" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedImageDataType", propOrder = { "description", "mime", "data" }) -public class AttachedImageDataType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlElement(name = "Mime", required = true) - protected ImageMimeType mime; - @XmlElement(name = "Data", required = true) - protected byte[] data; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the mime property. - * - * @return possible object is {@link ImageMimeType } - * - */ - public ImageMimeType getMime() { - return mime; - } - - /** - * Sets the value of the mime property. - * - * @param value - * allowed object is {@link ImageMimeType } - * - */ - public void setMime(ImageMimeType value) { - this.mime = value; - } - - /** - * Gets the value of the data property. - * - * @return possible object is byte[] - */ - public byte[] getData() { - return data; - } - - /** - * Sets the value of the data property. - * - * @param value - * allowed object is byte[] - */ - public void setData(byte[] value) { - this.data = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedImageURLType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedImageURLType.java deleted file mode 100644 index 2a13c9332..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedImageURLType.java +++ /dev/null @@ -1,114 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * URL reference to the image file - * - * <p> - * Java class for AttachedImageURLType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedImageURLType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Mime" type="{urn:crue:academic:xsd:language:diplomasupplement}ImageMimeType"/> - * <element name="URL" type="{urn:crue:academic:xsd:language:diplomasupplement}URLType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedImageURLType", propOrder = { "description", "mime", "url" }) -public class AttachedImageURLType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlElement(name = "Mime", required = true) - protected ImageMimeType mime; - @XmlElement(name = "URL", required = true) - protected String url; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the mime property. - * - * @return possible object is {@link ImageMimeType } - * - */ - public ImageMimeType getMime() { - return mime; - } - - /** - * Sets the value of the mime property. - * - * @param value - * allowed object is {@link ImageMimeType } - * - */ - public void setMime(ImageMimeType value) { - this.mime = value; - } - - /** - * Gets the value of the url property. - * - * @return possible object is {@link String } - * - */ - public String getURL() { - return url; - } - - /** - * Sets the value of the url property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setURL(String value) { - this.url = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedType.java deleted file mode 100644 index 9f9cca5d7..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachedType.java +++ /dev/null @@ -1,170 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * Attachment resource - * - * <p> - * Java class for AttachedType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice> - * <element name="FileData" type="{urn:crue:academic:xsd:language:diplomasupplement}AttachedFileDataType"/> - * <element name="FileURI" type="{urn:crue:academic:xsd:language:diplomasupplement}AttachedFileURLType"/> - * <element name="ImageData" type="{urn:crue:academic:xsd:language:diplomasupplement}AttachedImageDataType"/> - * <element name="ImageURI" type="{urn:crue:academic:xsd:language:diplomasupplement}AttachedImageURLType"/> - * </choice> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedType", propOrder = { "fileData", "fileURI", "imageData", "imageURI" }) -public class AttachedType { - - @XmlElement(name = "FileData") - protected AttachedFileDataType fileData; - @XmlElement(name = "FileURI") - protected AttachedFileURLType fileURI; - @XmlElement(name = "ImageData") - protected AttachedImageDataType imageData; - @XmlElement(name = "ImageURI") - protected AttachedImageURLType imageURI; - @XmlAttribute(name = "attachedID", required = true) - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String attachedID; - - /** - * Gets the value of the fileData property. - * - * @return possible object is {@link AttachedFileDataType } - * - */ - public AttachedFileDataType getFileData() { - return fileData; - } - - /** - * Sets the value of the fileData property. - * - * @param value - * allowed object is {@link AttachedFileDataType } - * - */ - public void setFileData(AttachedFileDataType value) { - this.fileData = value; - } - - /** - * Gets the value of the fileURI property. - * - * @return possible object is {@link AttachedFileURLType } - * - */ - public AttachedFileURLType getFileURI() { - return fileURI; - } - - /** - * Sets the value of the fileURI property. - * - * @param value - * allowed object is {@link AttachedFileURLType } - * - */ - public void setFileURI(AttachedFileURLType value) { - this.fileURI = value; - } - - /** - * Gets the value of the imageData property. - * - * @return possible object is {@link AttachedImageDataType } - * - */ - public AttachedImageDataType getImageData() { - return imageData; - } - - /** - * Sets the value of the imageData property. - * - * @param value - * allowed object is {@link AttachedImageDataType } - * - */ - public void setImageData(AttachedImageDataType value) { - this.imageData = value; - } - - /** - * Gets the value of the imageURI property. - * - * @return possible object is {@link AttachedImageURLType } - * - */ - public AttachedImageURLType getImageURI() { - return imageURI; - } - - /** - * Sets the value of the imageURI property. - * - * @param value - * allowed object is {@link AttachedImageURLType } - * - */ - public void setImageURI(AttachedImageURLType value) { - this.imageURI = value; - } - - /** - * Gets the value of the attachedID property. - * - * @return possible object is {@link String } - * - */ - public String getAttachedID() { - return attachedID; - } - - /** - * Sets the value of the attachedID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAttachedID(String value) { - this.attachedID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachmentsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachmentsType.java deleted file mode 100644 index 751482eba..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/AttachmentsType.java +++ /dev/null @@ -1,74 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Attachments resources - * - * <p> - * Java class for AttachmentsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachmentsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Attached" type="{urn:crue:academic:xsd:language:diplomasupplement}AttachedType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachmentsType", propOrder = { "attached" }) -public class AttachmentsType { - - @XmlElement(name = "Attached", required = true) - protected List<AttachedType> attached; - - /** - * Gets the value of the attached property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the attached property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getAttached().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link AttachedType } - * - * - */ - public List<AttachedType> getAttached() { - if (attached == null) { - attached = new ArrayList<AttachedType>(); - } - return this.attached; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CertificationOfTheSupplementType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CertificationOfTheSupplementType.java deleted file mode 100644 index e2d0d51f7..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CertificationOfTheSupplementType.java +++ /dev/null @@ -1,115 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * Certification of the Supplement - * - * <p> - * Java class for CertificationOfTheSupplementType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CertificationOfTheSupplementType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CertificationDate" type="{urn:crue:academic:xsd:language:diplomasupplement}DateType"/> - * <element name="OfficialsCertifying" type="{urn:crue:academic:xsd:language:diplomasupplement}OfficialsCertifyingType"/> - * <element name="OfficialStamp" type="{urn:crue:academic:xsd:language:diplomasupplement}OfficialStampType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CertificationOfTheSupplementType", propOrder = { "certificationDate", "officialsCertifying", "officialStamp" }) -public class CertificationOfTheSupplementType { - - @XmlElement(name = "CertificationDate", required = true) - protected XMLGregorianCalendar certificationDate; - @XmlElement(name = "OfficialsCertifying", required = true) - protected OfficialsCertifyingType officialsCertifying; - @XmlElement(name = "OfficialStamp") - protected OfficialStampType officialStamp; - - /** - * Gets the value of the certificationDate property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getCertificationDate() { - return certificationDate; - } - - /** - * Sets the value of the certificationDate property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setCertificationDate(XMLGregorianCalendar value) { - this.certificationDate = value; - } - - /** - * Gets the value of the officialsCertifying property. - * - * @return possible object is {@link OfficialsCertifyingType } - * - */ - public OfficialsCertifyingType getOfficialsCertifying() { - return officialsCertifying; - } - - /** - * Sets the value of the officialsCertifying property. - * - * @param value - * allowed object is {@link OfficialsCertifyingType } - * - */ - public void setOfficialsCertifying(OfficialsCertifyingType value) { - this.officialsCertifying = value; - } - - /** - * Gets the value of the officialStamp property. - * - * @return possible object is {@link OfficialStampType } - * - */ - public OfficialStampType getOfficialStamp() { - return officialStamp; - } - - /** - * Sets the value of the officialStamp property. - * - * @param value - * allowed object is {@link OfficialStampType } - * - */ - public void setOfficialStamp(OfficialStampType value) { - this.officialStamp = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ContactInformationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ContactInformationType.java deleted file mode 100644 index 63df83402..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ContactInformationType.java +++ /dev/null @@ -1,158 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Contact information - * - * <p> - * Java class for ContactInformationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ContactInformationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Address" type="{urn:crue:academic:xsd:language:diplomasupplement}AddressType"/> - * <element name="PhoneNumber" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" maxOccurs="unbounded" minOccurs="0"/> - * <element name="Email" type="{urn:crue:academic:xsd:language:diplomasupplement}EmailAddressType" maxOccurs="unbounded" minOccurs="0"/> - * <element name="WebSite" type="{urn:crue:academic:xsd:language:diplomasupplement}URLType" maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ContactInformationType", propOrder = { "address", "phoneNumber", "email", "webSite" }) -public class ContactInformationType { - - @XmlElement(name = "Address", required = true) - protected AddressType address; - @XmlElement(name = "PhoneNumber") - protected List<String> phoneNumber; - @XmlElement(name = "Email") - protected List<String> email; - @XmlElement(name = "WebSite") - protected List<String> webSite; - - /** - * Gets the value of the address property. - * - * @return possible object is {@link AddressType } - * - */ - public AddressType getAddress() { - return address; - } - - /** - * Sets the value of the address property. - * - * @param value - * allowed object is {@link AddressType } - * - */ - public void setAddress(AddressType value) { - this.address = value; - } - - /** - * Gets the value of the phoneNumber property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the phoneNumber property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getPhoneNumber().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getPhoneNumber() { - if (phoneNumber == null) { - phoneNumber = new ArrayList<String>(); - } - return this.phoneNumber; - } - - /** - * Gets the value of the email property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the email property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getEmail().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getEmail() { - if (email == null) { - email = new ArrayList<String>(); - } - return this.email; - } - - /** - * Gets the value of the webSite property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the webSite property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getWebSite().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getWebSite() { - if (webSite == null) { - webSite = new ArrayList<String>(); - } - return this.webSite; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CountryType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CountryType.java deleted file mode 100644 index 5988f5ef7..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CountryType.java +++ /dev/null @@ -1,1420 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CountryType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="CountryType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="AD"/> - * <enumeration value="AE"/> - * <enumeration value="AF"/> - * <enumeration value="AG"/> - * <enumeration value="AL"/> - * <enumeration value="AM"/> - * <enumeration value="AO"/> - * <enumeration value="AR"/> - * <enumeration value="AT"/> - * <enumeration value="AU"/> - * <enumeration value="AZ"/> - * <enumeration value="BA"/> - * <enumeration value="BB"/> - * <enumeration value="BD"/> - * <enumeration value="BE"/> - * <enumeration value="BF"/> - * <enumeration value="BG"/> - * <enumeration value="BH"/> - * <enumeration value="BI"/> - * <enumeration value="BJ"/> - * <enumeration value="BN"/> - * <enumeration value="BO"/> - * <enumeration value="BR"/> - * <enumeration value="BS"/> - * <enumeration value="BT"/> - * <enumeration value="BW"/> - * <enumeration value="BY"/> - * <enumeration value="BZ"/> - * <enumeration value="CA"/> - * <enumeration value="CD"/> - * <enumeration value="CF"/> - * <enumeration value="CG"/> - * <enumeration value="CH"/> - * <enumeration value="CI"/> - * <enumeration value="CL"/> - * <enumeration value="CM"/> - * <enumeration value="CN"/> - * <enumeration value="CO"/> - * <enumeration value="CR"/> - * <enumeration value="CU"/> - * <enumeration value="CV"/> - * <enumeration value="CY"/> - * <enumeration value="CZ"/> - * <enumeration value="DE"/> - * <enumeration value="DJ"/> - * <enumeration value="DK"/> - * <enumeration value="DM"/> - * <enumeration value="DO"/> - * <enumeration value="DZ"/> - * <enumeration value="EC"/> - * <enumeration value="EE"/> - * <enumeration value="EG"/> - * <enumeration value="ER"/> - * <enumeration value="ES"/> - * <enumeration value="ET"/> - * <enumeration value="FI"/> - * <enumeration value="FJ"/> - * <enumeration value="FM"/> - * <enumeration value="FR"/> - * <enumeration value="GA"/> - * <enumeration value="GB"/> - * <enumeration value="GD"/> - * <enumeration value="GE"/> - * <enumeration value="GH"/> - * <enumeration value="GL"/> - * <enumeration value="GM"/> - * <enumeration value="GN"/> - * <enumeration value="GQ"/> - * <enumeration value="GR"/> - * <enumeration value="GT"/> - * <enumeration value="GW"/> - * <enumeration value="GY"/> - * <enumeration value="HN"/> - * <enumeration value="HR"/> - * <enumeration value="HT"/> - * <enumeration value="HU"/> - * <enumeration value="ID"/> - * <enumeration value="IE"/> - * <enumeration value="IL"/> - * <enumeration value="IN"/> - * <enumeration value="IQ"/> - * <enumeration value="IR"/> - * <enumeration value="IS"/> - * <enumeration value="IT"/> - * <enumeration value="JM"/> - * <enumeration value="JO"/> - * <enumeration value="JP"/> - * <enumeration value="KE"/> - * <enumeration value="KG"/> - * <enumeration value="KH"/> - * <enumeration value="KI"/> - * <enumeration value="KM"/> - * <enumeration value="KN"/> - * <enumeration value="KP"/> - * <enumeration value="KR"/> - * <enumeration value="KW"/> - * <enumeration value="KZ"/> - * <enumeration value="LA"/> - * <enumeration value="LB"/> - * <enumeration value="LC"/> - * <enumeration value="LI"/> - * <enumeration value="LK"/> - * <enumeration value="LR"/> - * <enumeration value="LS"/> - * <enumeration value="LT"/> - * <enumeration value="LU"/> - * <enumeration value="LV"/> - * <enumeration value="LY"/> - * <enumeration value="MA"/> - * <enumeration value="MC"/> - * <enumeration value="MD"/> - * <enumeration value="ME"/> - * <enumeration value="MG"/> - * <enumeration value="MH"/> - * <enumeration value="MK"/> - * <enumeration value="ML"/> - * <enumeration value="MM"/> - * <enumeration value="MN"/> - * <enumeration value="MR"/> - * <enumeration value="MT"/> - * <enumeration value="MU"/> - * <enumeration value="MV"/> - * <enumeration value="MW"/> - * <enumeration value="MX"/> - * <enumeration value="MY"/> - * <enumeration value="MZ"/> - * <enumeration value="NA"/> - * <enumeration value="NE"/> - * <enumeration value="NG"/> - * <enumeration value="NI"/> - * <enumeration value="NL"/> - * <enumeration value="NO"/> - * <enumeration value="NP"/> - * <enumeration value="NR"/> - * <enumeration value="NU"/> - * <enumeration value="NZ"/> - * <enumeration value="OM"/> - * <enumeration value="PA"/> - * <enumeration value="PE"/> - * <enumeration value="PG"/> - * <enumeration value="PH"/> - * <enumeration value="PK"/> - * <enumeration value="PL"/> - * <enumeration value="PR"/> - * <enumeration value="PS"/> - * <enumeration value="PT"/> - * <enumeration value="PW"/> - * <enumeration value="PY"/> - * <enumeration value="QA"/> - * <enumeration value="RO"/> - * <enumeration value="RS"/> - * <enumeration value="RU"/> - * <enumeration value="RW"/> - * <enumeration value="SA"/> - * <enumeration value="SB"/> - * <enumeration value="SC"/> - * <enumeration value="SD"/> - * <enumeration value="SE"/> - * <enumeration value="SG"/> - * <enumeration value="SI"/> - * <enumeration value="SK"/> - * <enumeration value="SL"/> - * <enumeration value="SM"/> - * <enumeration value="SN"/> - * <enumeration value="SO"/> - * <enumeration value="SR"/> - * <enumeration value="ST"/> - * <enumeration value="SV"/> - * <enumeration value="SY"/> - * <enumeration value="SZ"/> - * <enumeration value="TD"/> - * <enumeration value="TG"/> - * <enumeration value="TH"/> - * <enumeration value="TJ"/> - * <enumeration value="TL"/> - * <enumeration value="TM"/> - * <enumeration value="TN"/> - * <enumeration value="TO"/> - * <enumeration value="TR"/> - * <enumeration value="TT"/> - * <enumeration value="TV"/> - * <enumeration value="TZ"/> - * <enumeration value="UA"/> - * <enumeration value="UG"/> - * <enumeration value="US"/> - * <enumeration value="UY"/> - * <enumeration value="UZ"/> - * <enumeration value="VA"/> - * <enumeration value="VC"/> - * <enumeration value="VE"/> - * <enumeration value="VN"/> - * <enumeration value="VU"/> - * <enumeration value="WS"/> - * <enumeration value="YE"/> - * <enumeration value="ZA"/> - * <enumeration value="ZM"/> - * <enumeration value="ZW"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "CountryType") -@XmlEnum -public enum CountryType { - - /** - * Andorra - * - */ - AD, - - /** - * United Arab Emirates - * - */ - AE, - - /** - * Afghanistan - * - */ - AF, - - /** - * Antigua and Barbuda - * - */ - AG, - - /** - * Albania - * - */ - AL, - - /** - * Armenia - * - */ - AM, - - /** - * Angola - * - */ - AO, - - /** - * Argentina - * - */ - AR, - - /** - * Austria - * - */ - AT, - - /** - * Australia - * - */ - AU, - - /** - * Azerbaijan - * - */ - AZ, - - /** - * Bosnia and Herzegovina - * - */ - BA, - - /** - * Barbados - * - */ - BB, - - /** - * Bangladesh - * - */ - BD, - - /** - * Belgium - * - */ - BE, - - /** - * Burkina Faso - * - */ - BF, - - /** - * Bulgaria - * - */ - BG, - - /** - * Bahrain - * - */ - BH, - - /** - * Burundi - * - */ - BI, - - /** - * Benin - * - */ - BJ, - - /** - * Brunei Darussalam - * - */ - BN, - - /** - * Bolivia - * - */ - BO, - - /** - * Brazil - * - */ - BR, - - /** - * Bahamas - * - */ - BS, - - /** - * Bhutan - * - */ - BT, - - /** - * Botswana - * - */ - BW, - - /** - * Belarus - * - */ - BY, - - /** - * Belize - * - */ - BZ, - - /** - * Canada - * - */ - CA, - - /** - * Congo, Democratic Republic of the - * - */ - CD, - - /** - * Central African Republic - * - */ - CF, - - /** - * Congo, Republic of the - * - */ - CG, - - /** - * Switzerland - * - */ - CH, - - /** - * Cote d/Ivoire - * - */ - CI, - - /** - * Chile - * - */ - CL, - - /** - * Cameroon - * - */ - CM, - - /** - * China - * - */ - CN, - - /** - * Colombia - * - */ - CO, - - /** - * Costa Rica - * - */ - CR, - - /** - * Cuba - * - */ - CU, - - /** - * Cape Verde - * - */ - CV, - - /** - * Cyprus - * - */ - CY, - - /** - * Czech Republic - * - */ - CZ, - - /** - * Germany - * - */ - DE, - - /** - * Djibouti - * - */ - DJ, - - /** - * Denmark - * - */ - DK, - - /** - * Dominica - * - */ - DM, - - /** - * Dominican Republic - * - */ - DO, - - /** - * Algeria - * - */ - DZ, - - /** - * Ecuador - * - */ - EC, - - /** - * Estonia - * - */ - EE, - - /** - * Egypt - * - */ - EG, - - /** - * Eritrea - * - */ - ER, - - /** - * Spain - * - */ - ES, - - /** - * Ethiopia - * - */ - ET, - - /** - * Finland - * - */ - FI, - - /** - * Fiji - * - */ - FJ, - - /** - * Federated States of Micronesia - * - */ - FM, - - /** - * France - * - */ - FR, - - /** - * Gabon - * - */ - GA, - - /** - * United Kingdom - * - */ - GB, - - /** - * Grenada - * - */ - GD, - - /** - * Georgia - * - */ - GE, - - /** - * Ghana - * - */ - GH, - - /** - * Greenland - * - */ - GL, - - /** - * Gambia - * - */ - GM, - - /** - * Guinea - * - */ - GN, - - /** - * Equatorial Guinea - * - */ - GQ, - - /** - * Greece - * - */ - GR, - - /** - * Guatemala - * - */ - GT, - - /** - * Guinea-Bissau - * - */ - GW, - - /** - * Guyana - * - */ - GY, - - /** - * Honduras - * - */ - HN, - - /** - * Croatia - * - */ - HR, - - /** - * Haiti - * - */ - HT, - - /** - * Hungary - * - */ - HU, - - /** - * Indonesia - * - */ - ID, - - /** - * Ireland - * - */ - IE, - - /** - * Israel - * - */ - IL, - - /** - * India - * - */ - IN, - - /** - * Iraq - * - */ - IQ, - - /** - * Iran - * - */ - IR, - - /** - * Iceland - * - */ - IS, - - /** - * Italy - * - */ - IT, - - /** - * Jamaica - * - */ - JM, - - /** - * Jordan - * - */ - JO, - - /** - * Japan - * - */ - JP, - - /** - * Kenya - * - */ - KE, - - /** - * Kyrgyzstan - * - */ - KG, - - /** - * Cambodia - * - */ - KH, - - /** - * Kiribati - * - */ - KI, - - /** - * Comoros - * - */ - KM, - - /** - * Saint Kitts and Nevis - * - */ - KN, - - /** - * Korea, Democratic People/s Republic - * - */ - KP, - - /** - * Korea, Republic of - * - */ - KR, - - /** - * Kuwait - * - */ - KW, - - /** - * Kazakstan - * - */ - KZ, - - /** - * Lao People/s Democratic Republic - * - */ - LA, - - /** - * Lebanon - * - */ - LB, - - /** - * Saint Lucia - * - */ - LC, - - /** - * Liechtenstein - * - */ - LI, - - /** - * Sri Lanka - * - */ - LK, - - /** - * Liberia - * - */ - LR, - - /** - * Lesotho - * - */ - LS, - - /** - * Lithuania - * - */ - LT, - - /** - * Luxembourg - * - */ - LU, - - /** - * Latvia - * - */ - LV, - - /** - * Libyan Arab Jamahiriya - * - */ - LY, - - /** - * Morocco - * - */ - MA, - - /** - * Monaco - * - */ - MC, - - /** - * Moldova, Republic of - * - */ - MD, - - /** - * Montenegro - * - */ - ME, - - /** - * Madagascar - * - */ - MG, - - /** - * Marshall Islands - * - */ - MH, - - /** - * Macedonia, the former Yugoslav Republic of - * - */ - MK, - - /** - * Mali - * - */ - ML, - - /** - * Myanmar - * - */ - MM, - - /** - * Mongolia - * - */ - MN, - - /** - * Mauritania - * - */ - MR, - - /** - * Malta - * - */ - MT, - - /** - * Mauritius - * - */ - MU, - - /** - * Maldives - * - */ - MV, - - /** - * Malawi - * - */ - MW, - - /** - * Mexico - * - */ - MX, - - /** - * Malaysia - * - */ - MY, - - /** - * Mozambique - * - */ - MZ, - - /** - * Namibia - * - */ - NA, - - /** - * Niger - * - */ - NE, - - /** - * Nigeria - * - */ - NG, - - /** - * Nicaragua - * - */ - NI, - - /** - * Netherlands - * - */ - NL, - - /** - * Norway - * - */ - NO, - - /** - * Nepal - * - */ - NP, - - /** - * Nauru - * - */ - NR, - - /** - * Niue - * - */ - NU, - - /** - * New Zealand - * - */ - NZ, - - /** - * Oman - * - */ - OM, - - /** - * Panama - * - */ - PA, - - /** - * Peru - * - */ - PE, - - /** - * Papua New Guinea - * - */ - PG, - - /** - * Philippines - * - */ - PH, - - /** - * Pakistan - * - */ - PK, - - /** - * Poland - * - */ - PL, - - /** - * Puerto Rico - * - */ - PR, - - /** - * Palestinian Territory, Occupied - * - */ - PS, - - /** - * Portugal - * - */ - PT, - - /** - * Palau - * - */ - PW, - - /** - * Paraguay - * - */ - PY, - - /** - * Qatar - * - */ - QA, - - /** - * Romania - * - */ - RO, - - /** - * Serbia - * - */ - RS, - - /** - * Russian Federation - * - */ - RU, - - /** - * Rwanda - * - */ - RW, - - /** - * Saudi Arabia - * - */ - SA, - - /** - * Solomon Islands - * - */ - SB, - - /** - * Seychelles - * - */ - SC, - - /** - * Sudan - * - */ - SD, - - /** - * Sweden - * - */ - SE, - - /** - * Singapore - * - */ - SG, - - /** - * Slovenia - * - */ - SI, - - /** - * Slovakia - * - */ - SK, - - /** - * Sierra Leone - * - */ - SL, - - /** - * San Marino - * - */ - SM, - - /** - * Senegal - * - */ - SN, - - /** - * Somalia - * - */ - SO, - - /** - * Suriname - * - */ - SR, - - /** - * Sao Tome and Principe - * - */ - ST, - - /** - * El Salvador - * - */ - SV, - - /** - * Syrian Arab Republic - * - */ - SY, - - /** - * Swaziland - * - */ - SZ, - - /** - * Chad - * - */ - TD, - - /** - * Togo - * - */ - TG, - - /** - * Thailand - * - */ - TH, - - /** - * Tajikistan - * - */ - TJ, - - /** - * Timor-Leste - * - */ - TL, - - /** - * Turkmenistan - * - */ - TM, - - /** - * Tunisia - * - */ - TN, - - /** - * Tonga - * - */ - TO, - - /** - * Turkey - * - */ - TR, - - /** - * Trindidad and Tobago - * - */ - TT, - - /** - * Tuvalu - * - */ - TV, - - /** - * Tanzania, United republic of - * - */ - TZ, - - /** - * Ukraina - * - */ - UA, - - /** - * Uganda - * - */ - UG, - - /** - * United States - * - */ - US, - - /** - * Uruguay - * - */ - UY, - - /** - * Uzbekistan - * - */ - UZ, - - /** - * Holy See (Vatican City State) - * - */ - VA, - - /** - * Saint Vincent and the Granadines - * - */ - VC, - - /** - * Venezuela - * - */ - VE, - - /** - * Viet Nam - * - */ - VN, - - /** - * Vanuatu - * - */ - VU, - - /** - * Samoa - * - */ - WS, - - /** - * Yemen - * - */ - YE, - - /** - * South Africa - * - */ - ZA, - - /** - * Zambia - * - */ - ZM, - - /** - * Zimbabwe - * - */ - ZW; - - public String value() { - return name(); - } - - public static CountryType fromValue(String v) { - return valueOf(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseStructureDiagramType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseStructureDiagramType.java deleted file mode 100644 index 1438d6f1e..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseStructureDiagramType.java +++ /dev/null @@ -1,90 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Course structure diagram - * - * <p> - * Java class for CourseStructureDiagramType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseStructureDiagramType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CoursesGroups" type="{urn:crue:academic:xsd:language:diplomasupplement}CoursesGroupsType"/> - * <element name="CoursesUnits" type="{urn:crue:academic:xsd:language:diplomasupplement}CoursesUnitsType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseStructureDiagramType", propOrder = { "coursesGroups", "coursesUnits" }) -public class CourseStructureDiagramType { - - @XmlElement(name = "CoursesGroups", required = true) - protected CoursesGroupsType coursesGroups; - @XmlElement(name = "CoursesUnits") - protected CoursesUnitsType coursesUnits; - - /** - * Gets the value of the coursesGroups property. - * - * @return possible object is {@link CoursesGroupsType } - * - */ - public CoursesGroupsType getCoursesGroups() { - return coursesGroups; - } - - /** - * Sets the value of the coursesGroups property. - * - * @param value - * allowed object is {@link CoursesGroupsType } - * - */ - public void setCoursesGroups(CoursesGroupsType value) { - this.coursesGroups = value; - } - - /** - * Gets the value of the coursesUnits property. - * - * @return possible object is {@link CoursesUnitsType } - * - */ - public CoursesUnitsType getCoursesUnits() { - return coursesUnits; - } - - /** - * Sets the value of the coursesUnits property. - * - * @param value - * allowed object is {@link CoursesUnitsType } - * - */ - public void setCoursesUnits(CoursesUnitsType value) { - this.coursesUnits = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitLanguageOfInstructionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitLanguageOfInstructionType.java deleted file mode 100644 index 69e63c4d3..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitLanguageOfInstructionType.java +++ /dev/null @@ -1,90 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * Language of instruction - * - * <p> - * Java class for CourseUnitLanguageOfInstructionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitLanguageOfInstructionType"> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="language" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}LanguageType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitLanguageOfInstructionType", propOrder = { "value" }) -public class CourseUnitLanguageOfInstructionType { - - @XmlValue - protected String value; - @XmlAttribute(name = "language", required = true) - protected LanguageType language; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the language property. - * - * @return possible object is {@link LanguageType } - * - */ - public LanguageType getLanguage() { - return language; - } - - /** - * Sets the value of the language property. - * - * @param value - * allowed object is {@link LanguageType } - * - */ - public void setLanguage(LanguageType value) { - this.language = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitLanguagesOfInstructionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitLanguagesOfInstructionType.java deleted file mode 100644 index 94db5baa0..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitLanguagesOfInstructionType.java +++ /dev/null @@ -1,74 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Language of instruction - * - * <p> - * Java class for CourseUnitLanguagesOfInstructionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitLanguagesOfInstructionType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Language" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseUnitLanguageOfInstructionType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitLanguagesOfInstructionType", propOrder = { "language" }) -public class CourseUnitLanguagesOfInstructionType { - - @XmlElement(name = "Language", required = true) - protected List<CourseUnitLanguageOfInstructionType> language; - - /** - * Gets the value of the language property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the language property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getLanguage().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CourseUnitLanguageOfInstructionType } - * - * - */ - public List<CourseUnitLanguageOfInstructionType> getLanguage() { - if (language == null) { - language = new ArrayList<CourseUnitLanguageOfInstructionType>(); - } - return this.language; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitStudentPerformanceType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitStudentPerformanceType.java deleted file mode 100644 index 1a5562a63..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitStudentPerformanceType.java +++ /dev/null @@ -1,90 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Student performance - * - * <p> - * Java class for CourseUnitStudentPerformanceType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitStudentPerformanceType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="LocalGrade" type="{urn:crue:academic:xsd:language:diplomasupplement}LocalGradeType"/> - * <element name="ECTSGrade" type="{urn:crue:academic:xsd:language:diplomasupplement}ECTSGradingScaleType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitStudentPerformanceType", propOrder = { "localGrade", "ectsGrade" }) -public class CourseUnitStudentPerformanceType { - - @XmlElement(name = "LocalGrade", required = true) - protected LocalGradeType localGrade; - @XmlElement(name = "ECTSGrade") - protected ECTSGradingScaleType ectsGrade; - - /** - * Gets the value of the localGrade property. - * - * @return possible object is {@link LocalGradeType } - * - */ - public LocalGradeType getLocalGrade() { - return localGrade; - } - - /** - * Sets the value of the localGrade property. - * - * @param value - * allowed object is {@link LocalGradeType } - * - */ - public void setLocalGrade(LocalGradeType value) { - this.localGrade = value; - } - - /** - * Gets the value of the ectsGrade property. - * - * @return possible object is {@link ECTSGradingScaleType } - * - */ - public ECTSGradingScaleType getECTSGrade() { - return ectsGrade; - } - - /** - * Sets the value of the ectsGrade property. - * - * @param value - * allowed object is {@link ECTSGradingScaleType } - * - */ - public void setECTSGrade(ECTSGradingScaleType value) { - this.ectsGrade = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitType.java deleted file mode 100644 index 8c0d96fe2..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitType.java +++ /dev/null @@ -1,1003 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * Course unit - * - * <p> - * Java class for CourseUnitType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Code" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="ScientificArea" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" minOccurs="0"/> - * <element name="Title" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Theme" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" minOccurs="0"/> - * <element name="Type"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="type" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseUnitTypeType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="YearOfStudy" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="year" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="Level" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="eheaFramework" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}EHEAFrameworkType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="ECTSCredits" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" minOccurs="0"/> - * <element name="LocalCredits" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" minOccurs="0"/> - * <element name="Hours" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" minOccurs="0"/> - * <element name="LanguagesOfInstruction" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseUnitLanguagesOfInstructionType" minOccurs="0"/> - * <element name="ModeOfDelivery" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="modeOfDelivery" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}ModeOfDeliveryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="WorkPlacements" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseUnitWorkPlacementsType" minOccurs="0"/> - * <element name="StudentPerformance" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseUnitStudentPerformanceType" minOccurs="0"/> - * <element name="NameOfLecturers" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="LearningOutcomes" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="PrerequisitesAndCorequisites" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="RecomendedOptionalProgrammeComponents" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="CourseContents" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="RecomendedOrRequiredReading" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="PlanedLearningActivitiesAndTeachingMethod" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="AssesmentMethodsAndCriteria" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="Observations" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * </sequence> - * <attribute name="groupID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * <attribute name="institutionAdministeringStudiesID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * <attribute name="isRequiredByTheProgramme" type="{http://www.w3.org/2001/XMLSchema}boolean" default="true" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitType", propOrder = { "code", "scientificArea", "title", "theme", "type", "yearOfStudy", "level", "ectsCredits", "localCredits", "hours", "languagesOfInstruction", - "modeOfDelivery", "workPlacements", "studentPerformance", "nameOfLecturers", "learningOutcomes", "prerequisitesAndCorequisites", "recomendedOptionalProgrammeComponents", "courseContents", - "recomendedOrRequiredReading", "planedLearningActivitiesAndTeachingMethod", "assesmentMethodsAndCriteria", "observations" }) -public class CourseUnitType { - - @XmlElement(name = "Code", required = true) - protected String code; - @XmlElement(name = "ScientificArea") - protected String scientificArea; - @XmlElement(name = "Title", required = true) - protected String title; - @XmlElement(name = "Theme") - protected String theme; - @XmlElement(name = "Type", required = true) - protected CourseUnitType.Type type; - @XmlElement(name = "YearOfStudy") - protected CourseUnitType.YearOfStudy yearOfStudy; - @XmlElement(name = "Level") - protected CourseUnitType.Level level; - @XmlElement(name = "ECTSCredits") - protected BigDecimal ectsCredits; - @XmlElement(name = "LocalCredits") - protected BigDecimal localCredits; - @XmlElement(name = "Hours") - protected BigDecimal hours; - @XmlElement(name = "LanguagesOfInstruction") - protected CourseUnitLanguagesOfInstructionType languagesOfInstruction; - @XmlElement(name = "ModeOfDelivery") - protected CourseUnitType.ModeOfDelivery modeOfDelivery; - @XmlElement(name = "WorkPlacements") - protected CourseUnitWorkPlacementsType workPlacements; - @XmlElement(name = "StudentPerformance") - protected CourseUnitStudentPerformanceType studentPerformance; - @XmlElement(name = "NameOfLecturers") - protected RichTextTagType nameOfLecturers; - @XmlElement(name = "LearningOutcomes") - protected RichTextTagType learningOutcomes; - @XmlElement(name = "PrerequisitesAndCorequisites") - protected RichTextTagType prerequisitesAndCorequisites; - @XmlElement(name = "RecomendedOptionalProgrammeComponents") - protected RichTextTagType recomendedOptionalProgrammeComponents; - @XmlElement(name = "CourseContents") - protected RichTextTagType courseContents; - @XmlElement(name = "RecomendedOrRequiredReading") - protected RichTextTagType recomendedOrRequiredReading; - @XmlElement(name = "PlanedLearningActivitiesAndTeachingMethod") - protected RichTextTagType planedLearningActivitiesAndTeachingMethod; - @XmlElement(name = "AssesmentMethodsAndCriteria") - protected RichTextTagType assesmentMethodsAndCriteria; - @XmlElement(name = "Observations") - protected RichTextTagType observations; - @XmlAttribute(name = "groupID", required = true) - protected String groupID; - @XmlAttribute(name = "institutionAdministeringStudiesID", required = true) - protected String institutionAdministeringStudiesID; - @XmlAttribute(name = "isRequiredByTheProgramme") - protected Boolean isRequiredByTheProgramme; - - /** - * Gets the value of the code property. - * - * @return possible object is {@link String } - * - */ - public String getCode() { - return code; - } - - /** - * Sets the value of the code property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCode(String value) { - this.code = value; - } - - /** - * Gets the value of the scientificArea property. - * - * @return possible object is {@link String } - * - */ - public String getScientificArea() { - return scientificArea; - } - - /** - * Sets the value of the scientificArea property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setScientificArea(String value) { - this.scientificArea = value; - } - - /** - * Gets the value of the title property. - * - * @return possible object is {@link String } - * - */ - public String getTitle() { - return title; - } - - /** - * Sets the value of the title property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTitle(String value) { - this.title = value; - } - - /** - * Gets the value of the theme property. - * - * @return possible object is {@link String } - * - */ - public String getTheme() { - return theme; - } - - /** - * Sets the value of the theme property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTheme(String value) { - this.theme = value; - } - - /** - * Gets the value of the type property. - * - * @return possible object is {@link CourseUnitType.Type } - * - */ - public CourseUnitType.Type getType() { - return type; - } - - /** - * Sets the value of the type property. - * - * @param value - * allowed object is {@link CourseUnitType.Type } - * - */ - public void setType(CourseUnitType.Type value) { - this.type = value; - } - - /** - * Gets the value of the yearOfStudy property. - * - * @return possible object is {@link CourseUnitType.YearOfStudy } - * - */ - public CourseUnitType.YearOfStudy getYearOfStudy() { - return yearOfStudy; - } - - /** - * Sets the value of the yearOfStudy property. - * - * @param value - * allowed object is {@link CourseUnitType.YearOfStudy } - * - */ - public void setYearOfStudy(CourseUnitType.YearOfStudy value) { - this.yearOfStudy = value; - } - - /** - * Gets the value of the level property. - * - * @return possible object is {@link CourseUnitType.Level } - * - */ - public CourseUnitType.Level getLevel() { - return level; - } - - /** - * Sets the value of the level property. - * - * @param value - * allowed object is {@link CourseUnitType.Level } - * - */ - public void setLevel(CourseUnitType.Level value) { - this.level = value; - } - - /** - * Gets the value of the ectsCredits property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getECTSCredits() { - return ectsCredits; - } - - /** - * Sets the value of the ectsCredits property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setECTSCredits(BigDecimal value) { - this.ectsCredits = value; - } - - /** - * Gets the value of the localCredits property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getLocalCredits() { - return localCredits; - } - - /** - * Sets the value of the localCredits property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setLocalCredits(BigDecimal value) { - this.localCredits = value; - } - - /** - * Gets the value of the hours property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getHours() { - return hours; - } - - /** - * Sets the value of the hours property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setHours(BigDecimal value) { - this.hours = value; - } - - /** - * Gets the value of the languagesOfInstruction property. - * - * @return possible object is {@link CourseUnitLanguagesOfInstructionType } - * - */ - public CourseUnitLanguagesOfInstructionType getLanguagesOfInstruction() { - return languagesOfInstruction; - } - - /** - * Sets the value of the languagesOfInstruction property. - * - * @param value - * allowed object is {@link CourseUnitLanguagesOfInstructionType } - * - */ - public void setLanguagesOfInstruction(CourseUnitLanguagesOfInstructionType value) { - this.languagesOfInstruction = value; - } - - /** - * Gets the value of the modeOfDelivery property. - * - * @return possible object is {@link CourseUnitType.ModeOfDelivery } - * - */ - public CourseUnitType.ModeOfDelivery getModeOfDelivery() { - return modeOfDelivery; - } - - /** - * Sets the value of the modeOfDelivery property. - * - * @param value - * allowed object is {@link CourseUnitType.ModeOfDelivery } - * - */ - public void setModeOfDelivery(CourseUnitType.ModeOfDelivery value) { - this.modeOfDelivery = value; - } - - /** - * Gets the value of the workPlacements property. - * - * @return possible object is {@link CourseUnitWorkPlacementsType } - * - */ - public CourseUnitWorkPlacementsType getWorkPlacements() { - return workPlacements; - } - - /** - * Sets the value of the workPlacements property. - * - * @param value - * allowed object is {@link CourseUnitWorkPlacementsType } - * - */ - public void setWorkPlacements(CourseUnitWorkPlacementsType value) { - this.workPlacements = value; - } - - /** - * Gets the value of the studentPerformance property. - * - * @return possible object is {@link CourseUnitStudentPerformanceType } - * - */ - public CourseUnitStudentPerformanceType getStudentPerformance() { - return studentPerformance; - } - - /** - * Sets the value of the studentPerformance property. - * - * @param value - * allowed object is {@link CourseUnitStudentPerformanceType } - * - */ - public void setStudentPerformance(CourseUnitStudentPerformanceType value) { - this.studentPerformance = value; - } - - /** - * Gets the value of the nameOfLecturers property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getNameOfLecturers() { - return nameOfLecturers; - } - - /** - * Sets the value of the nameOfLecturers property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setNameOfLecturers(RichTextTagType value) { - this.nameOfLecturers = value; - } - - /** - * Gets the value of the learningOutcomes property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getLearningOutcomes() { - return learningOutcomes; - } - - /** - * Sets the value of the learningOutcomes property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setLearningOutcomes(RichTextTagType value) { - this.learningOutcomes = value; - } - - /** - * Gets the value of the prerequisitesAndCorequisites property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getPrerequisitesAndCorequisites() { - return prerequisitesAndCorequisites; - } - - /** - * Sets the value of the prerequisitesAndCorequisites property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setPrerequisitesAndCorequisites(RichTextTagType value) { - this.prerequisitesAndCorequisites = value; - } - - /** - * Gets the value of the recomendedOptionalProgrammeComponents property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getRecomendedOptionalProgrammeComponents() { - return recomendedOptionalProgrammeComponents; - } - - /** - * Sets the value of the recomendedOptionalProgrammeComponents property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setRecomendedOptionalProgrammeComponents(RichTextTagType value) { - this.recomendedOptionalProgrammeComponents = value; - } - - /** - * Gets the value of the courseContents property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getCourseContents() { - return courseContents; - } - - /** - * Sets the value of the courseContents property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setCourseContents(RichTextTagType value) { - this.courseContents = value; - } - - /** - * Gets the value of the recomendedOrRequiredReading property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getRecomendedOrRequiredReading() { - return recomendedOrRequiredReading; - } - - /** - * Sets the value of the recomendedOrRequiredReading property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setRecomendedOrRequiredReading(RichTextTagType value) { - this.recomendedOrRequiredReading = value; - } - - /** - * Gets the value of the planedLearningActivitiesAndTeachingMethod property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getPlanedLearningActivitiesAndTeachingMethod() { - return planedLearningActivitiesAndTeachingMethod; - } - - /** - * Sets the value of the planedLearningActivitiesAndTeachingMethod property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setPlanedLearningActivitiesAndTeachingMethod(RichTextTagType value) { - this.planedLearningActivitiesAndTeachingMethod = value; - } - - /** - * Gets the value of the assesmentMethodsAndCriteria property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAssesmentMethodsAndCriteria() { - return assesmentMethodsAndCriteria; - } - - /** - * Sets the value of the assesmentMethodsAndCriteria property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAssesmentMethodsAndCriteria(RichTextTagType value) { - this.assesmentMethodsAndCriteria = value; - } - - /** - * Gets the value of the observations property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getObservations() { - return observations; - } - - /** - * Sets the value of the observations property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setObservations(RichTextTagType value) { - this.observations = value; - } - - /** - * Gets the value of the groupID property. - * - * @return possible object is {@link String } - * - */ - public String getGroupID() { - return groupID; - } - - /** - * Sets the value of the groupID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setGroupID(String value) { - this.groupID = value; - } - - /** - * Gets the value of the institutionAdministeringStudiesID property. - * - * @return possible object is {@link String } - * - */ - public String getInstitutionAdministeringStudiesID() { - return institutionAdministeringStudiesID; - } - - /** - * Sets the value of the institutionAdministeringStudiesID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setInstitutionAdministeringStudiesID(String value) { - this.institutionAdministeringStudiesID = value; - } - - /** - * Gets the value of the isRequiredByTheProgramme property. - * - * @return possible object is {@link Boolean } - * - */ - public boolean isIsRequiredByTheProgramme() { - if (isRequiredByTheProgramme == null) { - return true; - } else { - return isRequiredByTheProgramme; - } - } - - /** - * Sets the value of the isRequiredByTheProgramme property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setIsRequiredByTheProgramme(Boolean value) { - this.isRequiredByTheProgramme = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="eheaFramework" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}EHEAFrameworkType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Level { - - @XmlValue - protected String value; - @XmlAttribute(name = "eheaFramework", required = true) - protected EHEAFrameworkType eheaFramework; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the eheaFramework property. - * - * @return possible object is {@link EHEAFrameworkType } - * - */ - public EHEAFrameworkType getEheaFramework() { - return eheaFramework; - } - - /** - * Sets the value of the eheaFramework property. - * - * @param value - * allowed object is {@link EHEAFrameworkType } - * - */ - public void setEheaFramework(EHEAFrameworkType value) { - this.eheaFramework = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="modeOfDelivery" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}ModeOfDeliveryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class ModeOfDelivery { - - @XmlValue - protected String value; - @XmlAttribute(name = "modeOfDelivery", required = true) - protected ModeOfDeliveryType modeOfDelivery; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the modeOfDelivery property. - * - * @return possible object is {@link ModeOfDeliveryType } - * - */ - public ModeOfDeliveryType getModeOfDelivery() { - return modeOfDelivery; - } - - /** - * Sets the value of the modeOfDelivery property. - * - * @param value - * allowed object is {@link ModeOfDeliveryType } - * - */ - public void setModeOfDelivery(ModeOfDeliveryType value) { - this.modeOfDelivery = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="type" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseUnitTypeType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Type { - - @XmlValue - protected String value; - @XmlAttribute(name = "type") - protected CourseUnitTypeType type; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the type property. - * - * @return possible object is {@link CourseUnitTypeType } - * - */ - public CourseUnitTypeType getType() { - return type; - } - - /** - * Sets the value of the type property. - * - * @param value - * allowed object is {@link CourseUnitTypeType } - * - */ - public void setType(CourseUnitTypeType value) { - this.type = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="year" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class YearOfStudy { - - @XmlValue - protected String value; - @XmlAttribute(name = "year", required = true) - protected BigDecimal year; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the year property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getYear() { - return year; - } - - /** - * Sets the value of the year property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setYear(BigDecimal value) { - this.year = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitTypeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitTypeType.java deleted file mode 100644 index 5978cb2c7..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitTypeType.java +++ /dev/null @@ -1,68 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CourseUnitTypeType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="CourseUnitTypeType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="Compulsory"/> - * <enumeration value="Optional"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "CourseUnitTypeType") -@XmlEnum -public enum CourseUnitTypeType { - - /** - * Compulsory - * - */ - @XmlEnumValue("Compulsory") - COMPULSORY("Compulsory"), - - /** - * Optional - * - */ - @XmlEnumValue("Optional") - OPTIONAL("Optional"); - private final String value; - - CourseUnitTypeType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static CourseUnitTypeType fromValue(String v) { - for (CourseUnitTypeType c : CourseUnitTypeType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitWorkPlacementType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitWorkPlacementType.java deleted file mode 100644 index f2d424667..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitWorkPlacementType.java +++ /dev/null @@ -1,140 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * Course unit work placement - * - * <p> - * Java class for CourseUnitWorkPlacementType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitWorkPlacementType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CollaboratingInstitution" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="DateFrom" type="{urn:crue:academic:xsd:language:diplomasupplement}DateType" minOccurs="0"/> - * <element name="DateTo" type="{urn:crue:academic:xsd:language:diplomasupplement}DateType" minOccurs="0"/> - * <element name="TrainingHours" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitWorkPlacementType", propOrder = { "collaboratingInstitution", "dateFrom", "dateTo", "trainingHours" }) -public class CourseUnitWorkPlacementType { - - @XmlElement(name = "CollaboratingInstitution", required = true) - protected String collaboratingInstitution; - @XmlElement(name = "DateFrom") - protected XMLGregorianCalendar dateFrom; - @XmlElement(name = "DateTo") - protected XMLGregorianCalendar dateTo; - @XmlElement(name = "TrainingHours") - protected BigDecimal trainingHours; - - /** - * Gets the value of the collaboratingInstitution property. - * - * @return possible object is {@link String } - * - */ - public String getCollaboratingInstitution() { - return collaboratingInstitution; - } - - /** - * Sets the value of the collaboratingInstitution property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCollaboratingInstitution(String value) { - this.collaboratingInstitution = value; - } - - /** - * Gets the value of the dateFrom property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateFrom() { - return dateFrom; - } - - /** - * Sets the value of the dateFrom property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateFrom(XMLGregorianCalendar value) { - this.dateFrom = value; - } - - /** - * Gets the value of the dateTo property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateTo() { - return dateTo; - } - - /** - * Sets the value of the dateTo property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateTo(XMLGregorianCalendar value) { - this.dateTo = value; - } - - /** - * Gets the value of the trainingHours property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getTrainingHours() { - return trainingHours; - } - - /** - * Sets the value of the trainingHours property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setTrainingHours(BigDecimal value) { - this.trainingHours = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitWorkPlacementsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitWorkPlacementsType.java deleted file mode 100644 index 9a894f184..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CourseUnitWorkPlacementsType.java +++ /dev/null @@ -1,74 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Course unit work placements - * - * <p> - * Java class for CourseUnitWorkPlacementsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitWorkPlacementsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="WorkPlacement" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseUnitWorkPlacementType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitWorkPlacementsType", propOrder = { "workPlacement" }) -public class CourseUnitWorkPlacementsType { - - @XmlElement(name = "WorkPlacement", required = true) - protected List<CourseUnitWorkPlacementType> workPlacement; - - /** - * Gets the value of the workPlacement property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the workPlacement property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getWorkPlacement().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CourseUnitWorkPlacementType } - * - * - */ - public List<CourseUnitWorkPlacementType> getWorkPlacement() { - if (workPlacement == null) { - workPlacement = new ArrayList<CourseUnitWorkPlacementType>(); - } - return this.workPlacement; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesAttendedInOtherInstitutionInMobilityProgramsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesAttendedInOtherInstitutionInMobilityProgramsType.java deleted file mode 100644 index de5325960..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesAttendedInOtherInstitutionInMobilityProgramsType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CoursesAttendedInOtherInstitutionInMobilityProgramsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CoursesAttendedInOtherInstitutionInMobilityProgramsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="MobilityProgramme" type="{urn:crue:academic:xsd:language:diplomasupplement}MobilityProgrammeType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CoursesAttendedInOtherInstitutionInMobilityProgramsType", propOrder = { "mobilityProgramme" }) -public class CoursesAttendedInOtherInstitutionInMobilityProgramsType { - - @XmlElement(name = "MobilityProgramme", required = true) - protected List<MobilityProgrammeType> mobilityProgramme; - - /** - * Gets the value of the mobilityProgramme property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the mobilityProgramme property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getMobilityProgramme().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link MobilityProgrammeType } - * - * - */ - public List<MobilityProgrammeType> getMobilityProgramme() { - if (mobilityProgramme == null) { - mobilityProgramme = new ArrayList<MobilityProgrammeType>(); - } - return this.mobilityProgramme; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesGroupType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesGroupType.java deleted file mode 100644 index 8cafa0346..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesGroupType.java +++ /dev/null @@ -1,171 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Courses group - * - * <p> - * Java class for CoursesGroupType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CoursesGroupType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="HeaderInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="CoursesGroup" type="{urn:crue:academic:xsd:language:diplomasupplement}CoursesGroupType" maxOccurs="unbounded" minOccurs="0"/> - * <element name="FooterInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * </sequence> - * <attribute name="groupID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CoursesGroupType", propOrder = { "name", "headerInformation", "coursesGroup", "footerInformation" }) -public class CoursesGroupType { - - @XmlElement(name = "Name", required = true) - protected String name; - @XmlElement(name = "HeaderInformation") - protected RichTextTagType headerInformation; - @XmlElement(name = "CoursesGroup") - protected List<CoursesGroupType> coursesGroup; - @XmlElement(name = "FooterInformation") - protected RichTextTagType footerInformation; - @XmlAttribute(name = "groupID", required = true) - protected String groupID; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the headerInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getHeaderInformation() { - return headerInformation; - } - - /** - * Sets the value of the headerInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setHeaderInformation(RichTextTagType value) { - this.headerInformation = value; - } - - /** - * Gets the value of the coursesGroup property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the coursesGroup property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getCoursesGroup().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CoursesGroupType } - * - * - */ - public List<CoursesGroupType> getCoursesGroup() { - if (coursesGroup == null) { - coursesGroup = new ArrayList<CoursesGroupType>(); - } - return this.coursesGroup; - } - - /** - * Gets the value of the footerInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getFooterInformation() { - return footerInformation; - } - - /** - * Sets the value of the footerInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setFooterInformation(RichTextTagType value) { - this.footerInformation = value; - } - - /** - * Gets the value of the groupID property. - * - * @return possible object is {@link String } - * - */ - public String getGroupID() { - return groupID; - } - - /** - * Sets the value of the groupID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setGroupID(String value) { - this.groupID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesGroupsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesGroupsType.java deleted file mode 100644 index 56ae13b33..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesGroupsType.java +++ /dev/null @@ -1,146 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Courses groups - * - * <p> - * Java class for CoursesGroupsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CoursesGroupsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" minOccurs="0"/> - * <element name="HeaderInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="CoursesGroup" type="{urn:crue:academic:xsd:language:diplomasupplement}CoursesGroupType" maxOccurs="unbounded" minOccurs="0"/> - * <element name="FooterInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CoursesGroupsType", propOrder = { "name", "headerInformation", "coursesGroup", "footerInformation" }) -public class CoursesGroupsType { - - @XmlElement(name = "Name") - protected String name; - @XmlElement(name = "HeaderInformation") - protected RichTextTagType headerInformation; - @XmlElement(name = "CoursesGroup") - protected List<CoursesGroupType> coursesGroup; - @XmlElement(name = "FooterInformation") - protected RichTextTagType footerInformation; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the headerInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getHeaderInformation() { - return headerInformation; - } - - /** - * Sets the value of the headerInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setHeaderInformation(RichTextTagType value) { - this.headerInformation = value; - } - - /** - * Gets the value of the coursesGroup property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the coursesGroup property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getCoursesGroup().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CoursesGroupType } - * - * - */ - public List<CoursesGroupType> getCoursesGroup() { - if (coursesGroup == null) { - coursesGroup = new ArrayList<CoursesGroupType>(); - } - return this.coursesGroup; - } - - /** - * Gets the value of the footerInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getFooterInformation() { - return footerInformation; - } - - /** - * Sets the value of the footerInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setFooterInformation(RichTextTagType value) { - this.footerInformation = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesUnitsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesUnitsType.java deleted file mode 100644 index 38ccacc0b..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/CoursesUnitsType.java +++ /dev/null @@ -1,74 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Course units - * - * <p> - * Java class for CoursesUnitsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CoursesUnitsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CourseUnit" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseUnitType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CoursesUnitsType", propOrder = { "courseUnit" }) -public class CoursesUnitsType { - - @XmlElement(name = "CourseUnit", required = true) - protected List<CourseUnitType> courseUnit; - - /** - * Gets the value of the courseUnit property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the courseUnit property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getCourseUnit().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CourseUnitType } - * - * - */ - public List<CourseUnitType> getCourseUnit() { - if (courseUnit == null) { - courseUnit = new ArrayList<CourseUnitType>(); - } - return this.courseUnit; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/DiplomaSupplementType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/DiplomaSupplementType.java deleted file mode 100644 index 57e9a4dfb..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/DiplomaSupplementType.java +++ /dev/null @@ -1,367 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig.SignatureType; - -/** - * Diploma Supplement - * - * <p> - * Java class for DiplomaSupplementType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="DiplomaSupplementType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="InformationIdentifyingTheHolderOfTheQualification" type="{urn:crue:academic:xsd:language:diplomasupplement}InformationIdentifyingTheHolderOfTheQualificationType"/> - * <element name="InformationIdentifyingTheQualification" type="{urn:crue:academic:xsd:language:diplomasupplement}InformationIdentifyingTheQualificationType"/> - * <element name="InformationOnTheLevelOfTheQualification" type="{urn:crue:academic:xsd:language:diplomasupplement}InformationOnTheLevelOfTheQualificationType"/> - * <element name="InformationOnTheContentsAndResultsGained" type="{urn:crue:academic:xsd:language:diplomasupplement}InformationOnTheContentsAndResultsGainedType"/> - * <element name="InformationOnTheFunctionOfTheQualification" type="{urn:crue:academic:xsd:language:diplomasupplement}InformationOnTheFunctionOfTheQualificationType"/> - * <element name="AdditionalInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}AdditionalInformationType"/> - * <element name="CertificationOfTheSupplement" type="{urn:crue:academic:xsd:language:diplomasupplement}CertificationOfTheSupplementType"/> - * <element name="InformationOnTheNationalHigherEducationSystem" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"/> - * <element name="Attachments" type="{urn:crue:academic:xsd:language:diplomasupplement}AttachmentsType" minOccurs="0"/> - * <element name="ExtensionContent" type="{urn:crue:academic:xsd:language:diplomasupplement}ExtensionContentType" maxOccurs="unbounded" minOccurs="0"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Signature" maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * <attribute name="language" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}LanguageType" /> - * <attribute name="isTheOriginalLanguage" use="required" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "DiplomaSupplementType", propOrder = { "informationIdentifyingTheHolderOfTheQualification", "informationIdentifyingTheQualification", "informationOnTheLevelOfTheQualification", - "informationOnTheContentsAndResultsGained", "informationOnTheFunctionOfTheQualification", "additionalInformation", "certificationOfTheSupplement", - "informationOnTheNationalHigherEducationSystem", "attachments", "extensionContent", "signature" }) -public class DiplomaSupplementType { - - @XmlElement(name = "InformationIdentifyingTheHolderOfTheQualification", required = true) - protected InformationIdentifyingTheHolderOfTheQualificationType informationIdentifyingTheHolderOfTheQualification; - @XmlElement(name = "InformationIdentifyingTheQualification", required = true) - protected InformationIdentifyingTheQualificationType informationIdentifyingTheQualification; - @XmlElement(name = "InformationOnTheLevelOfTheQualification", required = true) - protected InformationOnTheLevelOfTheQualificationType informationOnTheLevelOfTheQualification; - @XmlElement(name = "InformationOnTheContentsAndResultsGained", required = true) - protected InformationOnTheContentsAndResultsGainedType informationOnTheContentsAndResultsGained; - @XmlElement(name = "InformationOnTheFunctionOfTheQualification", required = true) - protected InformationOnTheFunctionOfTheQualificationType informationOnTheFunctionOfTheQualification; - @XmlElement(name = "AdditionalInformation", required = true) - protected AdditionalInformationType additionalInformation; - @XmlElement(name = "CertificationOfTheSupplement", required = true) - protected CertificationOfTheSupplementType certificationOfTheSupplement; - @XmlElement(name = "InformationOnTheNationalHigherEducationSystem", required = true) - protected RichTextTagType informationOnTheNationalHigherEducationSystem; - @XmlElement(name = "Attachments") - protected AttachmentsType attachments; - @XmlElement(name = "ExtensionContent") - protected List<ExtensionContentType> extensionContent; - @XmlElement(name = "Signature", namespace = "http://www.w3.org/2000/09/xmldsig#") - protected List<SignatureType> signature; - @XmlAttribute(name = "language", required = true) - protected LanguageType language; - @XmlAttribute(name = "isTheOriginalLanguage", required = true) - protected boolean isTheOriginalLanguage; - - /** - * Gets the value of the informationIdentifyingTheHolderOfTheQualification property. - * - * @return possible object is {@link InformationIdentifyingTheHolderOfTheQualificationType } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType getInformationIdentifyingTheHolderOfTheQualification() { - return informationIdentifyingTheHolderOfTheQualification; - } - - /** - * Sets the value of the informationIdentifyingTheHolderOfTheQualification property. - * - * @param value - * allowed object is {@link InformationIdentifyingTheHolderOfTheQualificationType } - * - */ - public void setInformationIdentifyingTheHolderOfTheQualification(InformationIdentifyingTheHolderOfTheQualificationType value) { - this.informationIdentifyingTheHolderOfTheQualification = value; - } - - /** - * Gets the value of the informationIdentifyingTheQualification property. - * - * @return possible object is {@link InformationIdentifyingTheQualificationType } - * - */ - public InformationIdentifyingTheQualificationType getInformationIdentifyingTheQualification() { - return informationIdentifyingTheQualification; - } - - /** - * Sets the value of the informationIdentifyingTheQualification property. - * - * @param value - * allowed object is {@link InformationIdentifyingTheQualificationType } - * - */ - public void setInformationIdentifyingTheQualification(InformationIdentifyingTheQualificationType value) { - this.informationIdentifyingTheQualification = value; - } - - /** - * Gets the value of the informationOnTheLevelOfTheQualification property. - * - * @return possible object is {@link InformationOnTheLevelOfTheQualificationType } - * - */ - public InformationOnTheLevelOfTheQualificationType getInformationOnTheLevelOfTheQualification() { - return informationOnTheLevelOfTheQualification; - } - - /** - * Sets the value of the informationOnTheLevelOfTheQualification property. - * - * @param value - * allowed object is {@link InformationOnTheLevelOfTheQualificationType } - * - */ - public void setInformationOnTheLevelOfTheQualification(InformationOnTheLevelOfTheQualificationType value) { - this.informationOnTheLevelOfTheQualification = value; - } - - /** - * Gets the value of the informationOnTheContentsAndResultsGained property. - * - * @return possible object is {@link InformationOnTheContentsAndResultsGainedType } - * - */ - public InformationOnTheContentsAndResultsGainedType getInformationOnTheContentsAndResultsGained() { - return informationOnTheContentsAndResultsGained; - } - - /** - * Sets the value of the informationOnTheContentsAndResultsGained property. - * - * @param value - * allowed object is {@link InformationOnTheContentsAndResultsGainedType } - * - */ - public void setInformationOnTheContentsAndResultsGained(InformationOnTheContentsAndResultsGainedType value) { - this.informationOnTheContentsAndResultsGained = value; - } - - /** - * Gets the value of the informationOnTheFunctionOfTheQualification property. - * - * @return possible object is {@link InformationOnTheFunctionOfTheQualificationType } - * - */ - public InformationOnTheFunctionOfTheQualificationType getInformationOnTheFunctionOfTheQualification() { - return informationOnTheFunctionOfTheQualification; - } - - /** - * Sets the value of the informationOnTheFunctionOfTheQualification property. - * - * @param value - * allowed object is {@link InformationOnTheFunctionOfTheQualificationType } - * - */ - public void setInformationOnTheFunctionOfTheQualification(InformationOnTheFunctionOfTheQualificationType value) { - this.informationOnTheFunctionOfTheQualification = value; - } - - /** - * Gets the value of the additionalInformation property. - * - * @return possible object is {@link AdditionalInformationType } - * - */ - public AdditionalInformationType getAdditionalInformation() { - return additionalInformation; - } - - /** - * Sets the value of the additionalInformation property. - * - * @param value - * allowed object is {@link AdditionalInformationType } - * - */ - public void setAdditionalInformation(AdditionalInformationType value) { - this.additionalInformation = value; - } - - /** - * Gets the value of the certificationOfTheSupplement property. - * - * @return possible object is {@link CertificationOfTheSupplementType } - * - */ - public CertificationOfTheSupplementType getCertificationOfTheSupplement() { - return certificationOfTheSupplement; - } - - /** - * Sets the value of the certificationOfTheSupplement property. - * - * @param value - * allowed object is {@link CertificationOfTheSupplementType } - * - */ - public void setCertificationOfTheSupplement(CertificationOfTheSupplementType value) { - this.certificationOfTheSupplement = value; - } - - /** - * Gets the value of the informationOnTheNationalHigherEducationSystem property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getInformationOnTheNationalHigherEducationSystem() { - return informationOnTheNationalHigherEducationSystem; - } - - /** - * Sets the value of the informationOnTheNationalHigherEducationSystem property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setInformationOnTheNationalHigherEducationSystem(RichTextTagType value) { - this.informationOnTheNationalHigherEducationSystem = value; - } - - /** - * Gets the value of the attachments property. - * - * @return possible object is {@link AttachmentsType } - * - */ - public AttachmentsType getAttachments() { - return attachments; - } - - /** - * Sets the value of the attachments property. - * - * @param value - * allowed object is {@link AttachmentsType } - * - */ - public void setAttachments(AttachmentsType value) { - this.attachments = value; - } - - /** - * Gets the value of the extensionContent property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the extensionContent property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getExtensionContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link ExtensionContentType } - * - * - */ - public List<ExtensionContentType> getExtensionContent() { - if (extensionContent == null) { - extensionContent = new ArrayList<ExtensionContentType>(); - } - return this.extensionContent; - } - - /** - * Digital signature Gets the value of the signature property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the signature property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getSignature().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link SignatureType } - * - * - */ - public List<SignatureType> getSignature() { - if (signature == null) { - signature = new ArrayList<SignatureType>(); - } - return this.signature; - } - - /** - * Gets the value of the language property. - * - * @return possible object is {@link LanguageType } - * - */ - public LanguageType getLanguage() { - return language; - } - - /** - * Sets the value of the language property. - * - * @param value - * allowed object is {@link LanguageType } - * - */ - public void setLanguage(LanguageType value) { - this.language = value; - } - - /** - * Gets the value of the isTheOriginalLanguage property. - * - */ - public boolean isIsTheOriginalLanguage() { - return isTheOriginalLanguage; - } - - /** - * Sets the value of the isTheOriginalLanguage property. - * - */ - public void setIsTheOriginalLanguage(boolean value) { - this.isTheOriginalLanguage = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ECTSGradingScaleType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ECTSGradingScaleType.java deleted file mode 100644 index 7916ead8d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ECTSGradingScaleType.java +++ /dev/null @@ -1,90 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ECTSGradingScaleType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="ECTSGradingScaleType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="A"/> - * <enumeration value="B"/> - * <enumeration value="C"/> - * <enumeration value="D"/> - * <enumeration value="E"/> - * <enumeration value="FX"/> - * <enumeration value="F"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "ECTSGradingScaleType") -@XmlEnum -public enum ECTSGradingScaleType { - - /** - * Top 10% - * - */ - A, - - /** - * Next 25% - * - */ - B, - - /** - * Next 30% - * - */ - C, - - /** - * Next 25% - * - */ - D, - - /** - * Lowest 10% - * - */ - E, - - /** - * Fail - * - */ - FX, - - /** - * Fail - * - */ - F; - - public String value() { - return name(); - } - - public static ECTSGradingScaleType fromValue(String v) { - return valueOf(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/EHEAFrameworkType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/EHEAFrameworkType.java deleted file mode 100644 index 49a5a74ee..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/EHEAFrameworkType.java +++ /dev/null @@ -1,76 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for EHEAFrameworkType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="EHEAFrameworkType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="FirstCycle"/> - * <enumeration value="SecondCycle"/> - * <enumeration value="ThirdCycle"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "EHEAFrameworkType") -@XmlEnum -public enum EHEAFrameworkType { - - /** - * First Cycle - * - */ - @XmlEnumValue("FirstCycle") - FIRST_CYCLE("FirstCycle"), - - /** - * Second Cycle - * - */ - @XmlEnumValue("SecondCycle") - SECOND_CYCLE("SecondCycle"), - - /** - * Third Cycle - * - */ - @XmlEnumValue("ThirdCycle") - THIRD_CYCLE("ThirdCycle"); - private final String value; - - EHEAFrameworkType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static EHEAFrameworkType fromValue(String v) { - for (EHEAFrameworkType c : EHEAFrameworkType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ExtensionContentType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ExtensionContentType.java deleted file mode 100644 index 588017469..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ExtensionContentType.java +++ /dev/null @@ -1,102 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlType; -import org.w3c.dom.Element; - -/** - * Extension content - * - * <p> - * Java class for ExtensionContentType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ExtensionContentType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence maxOccurs="unbounded" minOccurs="0"> - * <any processContents='lax'/> - * </sequence> - * <attribute name="id" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ExtensionContentType", propOrder = { "content" }) -public class ExtensionContentType { - - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "id") - protected String id; - - /** - * Extension content Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } {@link Element } {@link String } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/FamilyNameType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/FamilyNameType.java deleted file mode 100644 index 7efeaaf15..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/FamilyNameType.java +++ /dev/null @@ -1,74 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Family name(s) - * - * <p> - * Java class for FamilyNameType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="FamilyNameType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Surname" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "FamilyNameType", propOrder = { "surname" }) -public class FamilyNameType { - - @XmlElement(name = "Surname", required = true) - protected List<String> surname; - - /** - * Gets the value of the surname property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the surname property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getSurname().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getSurname() { - if (surname == null) { - surname = new ArrayList<String>(); - } - return this.surname; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GenderType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GenderType.java deleted file mode 100644 index 8aa5feaf0..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GenderType.java +++ /dev/null @@ -1,68 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for GenderType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="GenderType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="Female"/> - * <enumeration value="Male"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "GenderType") -@XmlEnum -public enum GenderType { - - /** - * Female - * - */ - @XmlEnumValue("Female") - FEMALE("Female"), - - /** - * Male - * - */ - @XmlEnumValue("Male") - MALE("Male"); - private final String value; - - GenderType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static GenderType fromValue(String v) { - for (GenderType c : GenderType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GivenNameType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GivenNameType.java deleted file mode 100644 index 169c94455..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GivenNameType.java +++ /dev/null @@ -1,74 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Given name(s) - * - * <p> - * Java class for GivenNameType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="GivenNameType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "GivenNameType", propOrder = { "name" }) -public class GivenNameType { - - @XmlElement(name = "Name", required = true) - protected List<String> name; - - /** - * Gets the value of the name property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the name property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getName().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getName() { - if (name == null) { - name = new ArrayList<String>(); - } - return this.name; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GradingSchemeAndGradeDistributionGuidanceType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GradingSchemeAndGradeDistributionGuidanceType.java deleted file mode 100644 index a853aec65..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/GradingSchemeAndGradeDistributionGuidanceType.java +++ /dev/null @@ -1,90 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Grading scheme and grade distribution guidance - * - * <p> - * Java class for GradingSchemeAndGradeDistributionGuidanceType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="GradingSchemeAndGradeDistributionGuidanceType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="GradingScheme" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"/> - * <element name="GradeDistributionGuidance" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "GradingSchemeAndGradeDistributionGuidanceType", propOrder = { "gradingScheme", "gradeDistributionGuidance" }) -public class GradingSchemeAndGradeDistributionGuidanceType { - - @XmlElement(name = "GradingScheme", required = true) - protected RichTextTagType gradingScheme; - @XmlElement(name = "GradeDistributionGuidance") - protected RichTextTagType gradeDistributionGuidance; - - /** - * Gets the value of the gradingScheme property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getGradingScheme() { - return gradingScheme; - } - - /** - * Sets the value of the gradingScheme property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setGradingScheme(RichTextTagType value) { - this.gradingScheme = value; - } - - /** - * Gets the value of the gradeDistributionGuidance property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getGradeDistributionGuidance() { - return gradeDistributionGuidance; - } - - /** - * Sets the value of the gradeDistributionGuidance property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setGradeDistributionGuidance(RichTextTagType value) { - this.gradeDistributionGuidance = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ImageMimeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ImageMimeType.java deleted file mode 100644 index 4908eab0a..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ImageMimeType.java +++ /dev/null @@ -1,92 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ImageMimeType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="ImageMimeType"> - * <restriction base="{urn:crue:academic:xsd:language:diplomasupplement}MimeType"> - * <enumeration value="image/gif"/> - * <enumeration value="image/jpeg"/> - * <enumeration value="image/pjpeg"/> - * <enumeration value="image/png"/> - * <enumeration value="image/tiff"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "ImageMimeType") -@XmlEnum(MimeType.class) -public enum ImageMimeType { - - /** - * GIF image - * - */ - @XmlEnumValue("image/gif") - IMAGE_GIF(MimeType.IMAGE_GIF), - - /** - * JPEG JFIF image - * - */ - @XmlEnumValue("image/jpeg") - IMAGE_JPEG(MimeType.IMAGE_JPEG), - - /** - * JPEG JFIF image - * - */ - @XmlEnumValue("image/pjpeg") - IMAGE_PJPEG(MimeType.IMAGE_PJPEG), - - /** - * Portable Network Graphics - * - */ - @XmlEnumValue("image/png") - IMAGE_PNG(MimeType.IMAGE_PNG), - - /** - * Tag Image File Format - * - */ - @XmlEnumValue("image/tiff") - IMAGE_TIFF(MimeType.IMAGE_TIFF); - private final MimeType value; - - ImageMimeType(MimeType v) { - value = v; - } - - public MimeType value() { - return value; - } - - public static ImageMimeType fromValue(MimeType v) { - for (ImageMimeType c : ImageMimeType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v.toString()); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationIdentifyingTheHolderOfTheQualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationIdentifyingTheHolderOfTheQualificationType.java deleted file mode 100644 index f43574139..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationIdentifyingTheHolderOfTheQualificationType.java +++ /dev/null @@ -1,378 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * Information identifying the holder of the qualification - * - * <p> - * Java class for InformationIdentifyingTheHolderOfTheQualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationIdentifyingTheHolderOfTheQualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="FamilyName" type="{urn:crue:academic:xsd:language:diplomasupplement}FamilyNameType"/> - * <element name="GivenName" type="{urn:crue:academic:xsd:language:diplomasupplement}GivenNameType"/> - * <element name="DateOfBirth" type="{urn:crue:academic:xsd:language:diplomasupplement}DateType"/> - * <element name="StudentIdentificationNumber" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" minOccurs="0"/> - * <element name="CountryOfBirth" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="country" type="{urn:crue:academic:xsd:language:diplomasupplement}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="PlaceOfBirth" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" minOccurs="0"/> - * <element name="Gender" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="gender" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}GenderType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationIdentifyingTheHolderOfTheQualificationType", propOrder = { "familyName", "givenName", "dateOfBirth", "studentIdentificationNumber", "countryOfBirth", "placeOfBirth", - "gender" }) -public class InformationIdentifyingTheHolderOfTheQualificationType { - - @XmlElement(name = "FamilyName", required = true) - protected FamilyNameType familyName; - @XmlElement(name = "GivenName", required = true) - protected GivenNameType givenName; - @XmlElement(name = "DateOfBirth", required = true) - protected XMLGregorianCalendar dateOfBirth; - @XmlElement(name = "StudentIdentificationNumber") - protected String studentIdentificationNumber; - @XmlElement(name = "CountryOfBirth") - protected InformationIdentifyingTheHolderOfTheQualificationType.CountryOfBirth countryOfBirth; - @XmlElement(name = "PlaceOfBirth") - protected String placeOfBirth; - @XmlElement(name = "Gender") - protected InformationIdentifyingTheHolderOfTheQualificationType.Gender gender; - - /** - * Gets the value of the familyName property. - * - * @return possible object is {@link FamilyNameType } - * - */ - public FamilyNameType getFamilyName() { - return familyName; - } - - /** - * Sets the value of the familyName property. - * - * @param value - * allowed object is {@link FamilyNameType } - * - */ - public void setFamilyName(FamilyNameType value) { - this.familyName = value; - } - - /** - * Gets the value of the givenName property. - * - * @return possible object is {@link GivenNameType } - * - */ - public GivenNameType getGivenName() { - return givenName; - } - - /** - * Sets the value of the givenName property. - * - * @param value - * allowed object is {@link GivenNameType } - * - */ - public void setGivenName(GivenNameType value) { - this.givenName = value; - } - - /** - * Gets the value of the dateOfBirth property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateOfBirth() { - return dateOfBirth; - } - - /** - * Sets the value of the dateOfBirth property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateOfBirth(XMLGregorianCalendar value) { - this.dateOfBirth = value; - } - - /** - * Gets the value of the studentIdentificationNumber property. - * - * @return possible object is {@link String } - * - */ - public String getStudentIdentificationNumber() { - return studentIdentificationNumber; - } - - /** - * Sets the value of the studentIdentificationNumber property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStudentIdentificationNumber(String value) { - this.studentIdentificationNumber = value; - } - - /** - * Gets the value of the countryOfBirth property. - * - * @return possible object is {@link InformationIdentifyingTheHolderOfTheQualificationType.CountryOfBirth } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType.CountryOfBirth getCountryOfBirth() { - return countryOfBirth; - } - - /** - * Sets the value of the countryOfBirth property. - * - * @param value - * allowed object is {@link InformationIdentifyingTheHolderOfTheQualificationType.CountryOfBirth } - * - */ - public void setCountryOfBirth(InformationIdentifyingTheHolderOfTheQualificationType.CountryOfBirth value) { - this.countryOfBirth = value; - } - - /** - * Gets the value of the placeOfBirth property. - * - * @return possible object is {@link String } - * - */ - public String getPlaceOfBirth() { - return placeOfBirth; - } - - /** - * Sets the value of the placeOfBirth property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setPlaceOfBirth(String value) { - this.placeOfBirth = value; - } - - /** - * Gets the value of the gender property. - * - * @return possible object is {@link InformationIdentifyingTheHolderOfTheQualificationType.Gender } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType.Gender getGender() { - return gender; - } - - /** - * Sets the value of the gender property. - * - * @param value - * allowed object is {@link InformationIdentifyingTheHolderOfTheQualificationType.Gender } - * - */ - public void setGender(InformationIdentifyingTheHolderOfTheQualificationType.Gender value) { - this.gender = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="country" type="{urn:crue:academic:xsd:language:diplomasupplement}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class CountryOfBirth { - - @XmlValue - protected String value; - @XmlAttribute(name = "country") - protected CountryType country; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link CountryType } - * - */ - public CountryType getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link CountryType } - * - */ - public void setCountry(CountryType value) { - this.country = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="gender" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}GenderType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Gender { - - @XmlValue - protected String value; - @XmlAttribute(name = "gender", required = true) - protected GenderType gender; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the gender property. - * - * @return possible object is {@link GenderType } - * - */ - public GenderType getGender() { - return gender; - } - - /** - * Sets the value of the gender property. - * - * @param value - * allowed object is {@link GenderType } - * - */ - public void setGender(GenderType value) { - this.gender = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationIdentifyingTheQualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationIdentifyingTheQualificationType.java deleted file mode 100644 index 31a38bbc4..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationIdentifyingTheQualificationType.java +++ /dev/null @@ -1,187 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Information identifying the qualification - * - * <p> - * Java class for InformationIdentifyingTheQualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationIdentifyingTheQualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Qualification" type="{urn:crue:academic:xsd:language:diplomasupplement}QualificationType"/> - * <element name="TitleConferred" type="{urn:crue:academic:xsd:language:diplomasupplement}TitleConferredType" minOccurs="0"/> - * <element name="MainFieldsOfStudy" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"/> - * <element name="NameAndStatusOfAwardingInstitution" type="{urn:crue:academic:xsd:language:diplomasupplement}NameAndStatusOfAwardingInstitutionType"/> - * <element name="NameAndStatusOfInstitutionAdministeringStudies" type="{urn:crue:academic:xsd:language:diplomasupplement}NameAndStatusOfInstitutionAdministeringStudiesType"/> - * <element name="LanguagesOfInstructionAndExamination" type="{urn:crue:academic:xsd:language:diplomasupplement}LanguagesOfInstructionAndExaminationType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationIdentifyingTheQualificationType", propOrder = { "qualification", "titleConferred", "mainFieldsOfStudy", "nameAndStatusOfAwardingInstitution", - "nameAndStatusOfInstitutionAdministeringStudies", "languagesOfInstructionAndExamination" }) -public class InformationIdentifyingTheQualificationType { - - @XmlElement(name = "Qualification", required = true) - protected QualificationType qualification; - @XmlElement(name = "TitleConferred") - protected TitleConferredType titleConferred; - @XmlElement(name = "MainFieldsOfStudy", required = true) - protected RichTextTagType mainFieldsOfStudy; - @XmlElement(name = "NameAndStatusOfAwardingInstitution", required = true) - protected NameAndStatusOfAwardingInstitutionType nameAndStatusOfAwardingInstitution; - @XmlElement(name = "NameAndStatusOfInstitutionAdministeringStudies", required = true) - protected NameAndStatusOfInstitutionAdministeringStudiesType nameAndStatusOfInstitutionAdministeringStudies; - @XmlElement(name = "LanguagesOfInstructionAndExamination", required = true) - protected LanguagesOfInstructionAndExaminationType languagesOfInstructionAndExamination; - - /** - * Gets the value of the qualification property. - * - * @return possible object is {@link QualificationType } - * - */ - public QualificationType getQualification() { - return qualification; - } - - /** - * Sets the value of the qualification property. - * - * @param value - * allowed object is {@link QualificationType } - * - */ - public void setQualification(QualificationType value) { - this.qualification = value; - } - - /** - * Gets the value of the titleConferred property. - * - * @return possible object is {@link TitleConferredType } - * - */ - public TitleConferredType getTitleConferred() { - return titleConferred; - } - - /** - * Sets the value of the titleConferred property. - * - * @param value - * allowed object is {@link TitleConferredType } - * - */ - public void setTitleConferred(TitleConferredType value) { - this.titleConferred = value; - } - - /** - * Gets the value of the mainFieldsOfStudy property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getMainFieldsOfStudy() { - return mainFieldsOfStudy; - } - - /** - * Sets the value of the mainFieldsOfStudy property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setMainFieldsOfStudy(RichTextTagType value) { - this.mainFieldsOfStudy = value; - } - - /** - * Gets the value of the nameAndStatusOfAwardingInstitution property. - * - * @return possible object is {@link NameAndStatusOfAwardingInstitutionType } - * - */ - public NameAndStatusOfAwardingInstitutionType getNameAndStatusOfAwardingInstitution() { - return nameAndStatusOfAwardingInstitution; - } - - /** - * Sets the value of the nameAndStatusOfAwardingInstitution property. - * - * @param value - * allowed object is {@link NameAndStatusOfAwardingInstitutionType } - * - */ - public void setNameAndStatusOfAwardingInstitution(NameAndStatusOfAwardingInstitutionType value) { - this.nameAndStatusOfAwardingInstitution = value; - } - - /** - * Gets the value of the nameAndStatusOfInstitutionAdministeringStudies property. - * - * @return possible object is {@link NameAndStatusOfInstitutionAdministeringStudiesType } - * - */ - public NameAndStatusOfInstitutionAdministeringStudiesType getNameAndStatusOfInstitutionAdministeringStudies() { - return nameAndStatusOfInstitutionAdministeringStudies; - } - - /** - * Sets the value of the nameAndStatusOfInstitutionAdministeringStudies property. - * - * @param value - * allowed object is {@link NameAndStatusOfInstitutionAdministeringStudiesType } - * - */ - public void setNameAndStatusOfInstitutionAdministeringStudies(NameAndStatusOfInstitutionAdministeringStudiesType value) { - this.nameAndStatusOfInstitutionAdministeringStudies = value; - } - - /** - * Gets the value of the languagesOfInstructionAndExamination property. - * - * @return possible object is {@link LanguagesOfInstructionAndExaminationType } - * - */ - public LanguagesOfInstructionAndExaminationType getLanguagesOfInstructionAndExamination() { - return languagesOfInstructionAndExamination; - } - - /** - * Sets the value of the languagesOfInstructionAndExamination property. - * - * @param value - * allowed object is {@link LanguagesOfInstructionAndExaminationType } - * - */ - public void setLanguagesOfInstructionAndExamination(LanguagesOfInstructionAndExaminationType value) { - this.languagesOfInstructionAndExamination = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheContentsAndResultsGainedType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheContentsAndResultsGainedType.java deleted file mode 100644 index 274a01e32..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheContentsAndResultsGainedType.java +++ /dev/null @@ -1,221 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Information on the contents and results gained - * - * <p> - * Java class for InformationOnTheContentsAndResultsGainedType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationOnTheContentsAndResultsGainedType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="ModeOfStudy"> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="modeOfStudy" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}ModeOfStudyType" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * <element name="ProgrammeRequirements" type="{urn:crue:academic:xsd:language:diplomasupplement}ProgrammeRequirementsType"/> - * <element name="ProgrammeDetails" type="{urn:crue:academic:xsd:language:diplomasupplement}ProgrammeDetailsType"/> - * <element name="GradingSchemeAndGradeDistributionGuidance" type="{urn:crue:academic:xsd:language:diplomasupplement}GradingSchemeAndGradeDistributionGuidanceType"/> - * <element name="OverallClassificationOfTheQualification" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationOnTheContentsAndResultsGainedType", propOrder = { "modeOfStudy", "programmeRequirements", "programmeDetails", "gradingSchemeAndGradeDistributionGuidance", - "overallClassificationOfTheQualification" }) -public class InformationOnTheContentsAndResultsGainedType { - - @XmlElement(name = "ModeOfStudy", required = true) - protected InformationOnTheContentsAndResultsGainedType.ModeOfStudy modeOfStudy; - @XmlElement(name = "ProgrammeRequirements", required = true) - protected ProgrammeRequirementsType programmeRequirements; - @XmlElement(name = "ProgrammeDetails", required = true) - protected ProgrammeDetailsType programmeDetails; - @XmlElement(name = "GradingSchemeAndGradeDistributionGuidance", required = true) - protected GradingSchemeAndGradeDistributionGuidanceType gradingSchemeAndGradeDistributionGuidance; - @XmlElement(name = "OverallClassificationOfTheQualification", required = true) - protected RichTextTagType overallClassificationOfTheQualification; - - /** - * Gets the value of the modeOfStudy property. - * - * @return possible object is {@link InformationOnTheContentsAndResultsGainedType.ModeOfStudy } - * - */ - public InformationOnTheContentsAndResultsGainedType.ModeOfStudy getModeOfStudy() { - return modeOfStudy; - } - - /** - * Sets the value of the modeOfStudy property. - * - * @param value - * allowed object is {@link InformationOnTheContentsAndResultsGainedType.ModeOfStudy } - * - */ - public void setModeOfStudy(InformationOnTheContentsAndResultsGainedType.ModeOfStudy value) { - this.modeOfStudy = value; - } - - /** - * Gets the value of the programmeRequirements property. - * - * @return possible object is {@link ProgrammeRequirementsType } - * - */ - public ProgrammeRequirementsType getProgrammeRequirements() { - return programmeRequirements; - } - - /** - * Sets the value of the programmeRequirements property. - * - * @param value - * allowed object is {@link ProgrammeRequirementsType } - * - */ - public void setProgrammeRequirements(ProgrammeRequirementsType value) { - this.programmeRequirements = value; - } - - /** - * Gets the value of the programmeDetails property. - * - * @return possible object is {@link ProgrammeDetailsType } - * - */ - public ProgrammeDetailsType getProgrammeDetails() { - return programmeDetails; - } - - /** - * Sets the value of the programmeDetails property. - * - * @param value - * allowed object is {@link ProgrammeDetailsType } - * - */ - public void setProgrammeDetails(ProgrammeDetailsType value) { - this.programmeDetails = value; - } - - /** - * Gets the value of the gradingSchemeAndGradeDistributionGuidance property. - * - * @return possible object is {@link GradingSchemeAndGradeDistributionGuidanceType } - * - */ - public GradingSchemeAndGradeDistributionGuidanceType getGradingSchemeAndGradeDistributionGuidance() { - return gradingSchemeAndGradeDistributionGuidance; - } - - /** - * Sets the value of the gradingSchemeAndGradeDistributionGuidance property. - * - * @param value - * allowed object is {@link GradingSchemeAndGradeDistributionGuidanceType } - * - */ - public void setGradingSchemeAndGradeDistributionGuidance(GradingSchemeAndGradeDistributionGuidanceType value) { - this.gradingSchemeAndGradeDistributionGuidance = value; - } - - /** - * Gets the value of the overallClassificationOfTheQualification property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getOverallClassificationOfTheQualification() { - return overallClassificationOfTheQualification; - } - - /** - * Sets the value of the overallClassificationOfTheQualification property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setOverallClassificationOfTheQualification(RichTextTagType value) { - this.overallClassificationOfTheQualification = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="modeOfStudy" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}ModeOfStudyType" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class ModeOfStudy extends RichTextTagType { - - @XmlAttribute(name = "modeOfStudy", required = true) - protected ModeOfStudyType modeOfStudy; - - /** - * Gets the value of the modeOfStudy property. - * - * @return possible object is {@link ModeOfStudyType } - * - */ - public ModeOfStudyType getModeOfStudy() { - return modeOfStudy; - } - - /** - * Sets the value of the modeOfStudy property. - * - * @param value - * allowed object is {@link ModeOfStudyType } - * - */ - public void setModeOfStudy(ModeOfStudyType value) { - this.modeOfStudy = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheFunctionOfTheQualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheFunctionOfTheQualificationType.java deleted file mode 100644 index 383caae19..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheFunctionOfTheQualificationType.java +++ /dev/null @@ -1,148 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Information on the function of the qualification type - * - * <p> - * Java class for InformationOnTheFunctionOfTheQualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationOnTheFunctionOfTheQualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="AccessToFurtherStudy" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"/> - * <element name="ProfessionalStatus" minOccurs="0"> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="isRegulatedProfession" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationOnTheFunctionOfTheQualificationType", propOrder = { "accessToFurtherStudy", "professionalStatus" }) -public class InformationOnTheFunctionOfTheQualificationType { - - @XmlElement(name = "AccessToFurtherStudy", required = true) - protected RichTextTagType accessToFurtherStudy; - @XmlElement(name = "ProfessionalStatus") - protected InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus professionalStatus; - - /** - * Gets the value of the accessToFurtherStudy property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAccessToFurtherStudy() { - return accessToFurtherStudy; - } - - /** - * Sets the value of the accessToFurtherStudy property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAccessToFurtherStudy(RichTextTagType value) { - this.accessToFurtherStudy = value; - } - - /** - * Gets the value of the professionalStatus property. - * - * @return possible object is {@link InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus } - * - */ - public InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus getProfessionalStatus() { - return professionalStatus; - } - - /** - * Sets the value of the professionalStatus property. - * - * @param value - * allowed object is {@link InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus } - * - */ - public void setProfessionalStatus(InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus value) { - this.professionalStatus = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="isRegulatedProfession" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class ProfessionalStatus extends RichTextTagType { - - @XmlAttribute(name = "isRegulatedProfession") - protected Boolean isRegulatedProfession; - - /** - * Gets the value of the isRegulatedProfession property. - * - * @return possible object is {@link Boolean } - * - */ - public Boolean isIsRegulatedProfession() { - return isRegulatedProfession; - } - - /** - * Sets the value of the isRegulatedProfession property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setIsRegulatedProfession(Boolean value) { - this.isRegulatedProfession = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheLevelOfTheQualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheLevelOfTheQualificationType.java deleted file mode 100644 index 27282fe36..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InformationOnTheLevelOfTheQualificationType.java +++ /dev/null @@ -1,355 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Information on the level of the qualification - * - * <p> - * Java class for InformationOnTheLevelOfTheQualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationOnTheLevelOfTheQualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Level"> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="isced1997" type="{urn:crue:academic:xsd:language:diplomasupplement}ISCED1997Type" /> - * <attribute name="isced2011" type="{urn:crue:academic:xsd:language:diplomasupplement}ISCED2011Type" /> - * <attribute name="eheaFramework" type="{urn:crue:academic:xsd:language:diplomasupplement}EHEAFrameworkType" /> - * <attribute name="nfq" type="{urn:crue:academic:xsd:language:diplomasupplement}NFQType" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * <element name="OfficialLengthOfProgramme"> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="ectsCredits" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" /> - * <attribute name="years" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" /> - * <attribute name="semesters" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveIntegerType" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * <element name="AccessRequirements" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationOnTheLevelOfTheQualificationType", propOrder = { "level", "officialLengthOfProgramme", "accessRequirements" }) -public class InformationOnTheLevelOfTheQualificationType { - - @XmlElement(name = "Level", required = true) - protected InformationOnTheLevelOfTheQualificationType.Level level; - @XmlElement(name = "OfficialLengthOfProgramme", required = true) - protected InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme officialLengthOfProgramme; - @XmlElement(name = "AccessRequirements", required = true) - protected RichTextTagType accessRequirements; - - /** - * Gets the value of the level property. - * - * @return possible object is {@link InformationOnTheLevelOfTheQualificationType.Level } - * - */ - public InformationOnTheLevelOfTheQualificationType.Level getLevel() { - return level; - } - - /** - * Sets the value of the level property. - * - * @param value - * allowed object is {@link InformationOnTheLevelOfTheQualificationType.Level } - * - */ - public void setLevel(InformationOnTheLevelOfTheQualificationType.Level value) { - this.level = value; - } - - /** - * Gets the value of the officialLengthOfProgramme property. - * - * @return possible object is {@link InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme } - * - */ - public InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme getOfficialLengthOfProgramme() { - return officialLengthOfProgramme; - } - - /** - * Sets the value of the officialLengthOfProgramme property. - * - * @param value - * allowed object is {@link InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme } - * - */ - public void setOfficialLengthOfProgramme(InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme value) { - this.officialLengthOfProgramme = value; - } - - /** - * Gets the value of the accessRequirements property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAccessRequirements() { - return accessRequirements; - } - - /** - * Sets the value of the accessRequirements property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAccessRequirements(RichTextTagType value) { - this.accessRequirements = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="isced1997" type="{urn:crue:academic:xsd:language:diplomasupplement}ISCED1997Type" /> - * <attribute name="isced2011" type="{urn:crue:academic:xsd:language:diplomasupplement}ISCED2011Type" /> - * <attribute name="eheaFramework" type="{urn:crue:academic:xsd:language:diplomasupplement}EHEAFrameworkType" /> - * <attribute name="nfq" type="{urn:crue:academic:xsd:language:diplomasupplement}NFQType" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class Level extends RichTextTagType { - - @XmlAttribute(name = "isced1997") - protected String isced1997; - @XmlAttribute(name = "isced2011") - protected String isced2011; - @XmlAttribute(name = "eheaFramework") - protected EHEAFrameworkType eheaFramework; - @XmlAttribute(name = "nfq") - protected String nfq; - - /** - * Gets the value of the isced1997 property. - * - * @return possible object is {@link String } - * - */ - public String getIsced1997() { - return isced1997; - } - - /** - * Sets the value of the isced1997 property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setIsced1997(String value) { - this.isced1997 = value; - } - - /** - * Gets the value of the isced2011 property. - * - * @return possible object is {@link String } - * - */ - public String getIsced2011() { - return isced2011; - } - - /** - * Sets the value of the isced2011 property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setIsced2011(String value) { - this.isced2011 = value; - } - - /** - * Gets the value of the eheaFramework property. - * - * @return possible object is {@link EHEAFrameworkType } - * - */ - public EHEAFrameworkType getEheaFramework() { - return eheaFramework; - } - - /** - * Sets the value of the eheaFramework property. - * - * @param value - * allowed object is {@link EHEAFrameworkType } - * - */ - public void setEheaFramework(EHEAFrameworkType value) { - this.eheaFramework = value; - } - - /** - * Gets the value of the nfq property. - * - * @return possible object is {@link String } - * - */ - public String getNfq() { - return nfq; - } - - /** - * Sets the value of the nfq property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNfq(String value) { - this.nfq = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="ectsCredits" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" /> - * <attribute name="years" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" /> - * <attribute name="semesters" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveIntegerType" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class OfficialLengthOfProgramme extends RichTextTagType { - - @XmlAttribute(name = "ectsCredits") - protected BigDecimal ectsCredits; - @XmlAttribute(name = "years", required = true) - protected BigDecimal years; - @XmlAttribute(name = "semesters") - protected Integer semesters; - - /** - * Gets the value of the ectsCredits property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getEctsCredits() { - return ectsCredits; - } - - /** - * Sets the value of the ectsCredits property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setEctsCredits(BigDecimal value) { - this.ectsCredits = value; - } - - /** - * Gets the value of the years property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getYears() { - return years; - } - - /** - * Sets the value of the years property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setYears(BigDecimal value) { - this.years = value; - } - - /** - * Gets the value of the semesters property. - * - * @return possible object is {@link Integer } - * - */ - public Integer getSemesters() { - return semesters; - } - - /** - * Sets the value of the semesters property. - * - * @param value - * allowed object is {@link Integer } - * - */ - public void setSemesters(Integer value) { - this.semesters = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InstitutionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InstitutionType.java deleted file mode 100644 index a99aca0f7..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/InstitutionType.java +++ /dev/null @@ -1,407 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlIDREF; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlSeeAlso; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * Name and status of the institution - * - * <p> - * Java class for InstitutionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InstitutionType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Status" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Country"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="country" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="AdditionalInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * <element name="ContactInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}ContactInformationType" minOccurs="0"/> - * <element name="AttachedImageRef" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}IDREF" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </sequence> - * <attribute name="nationalID" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" /> - * <attribute name="erasmusID" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InstitutionType", propOrder = { "name", "status", "country", "additionalInformation", "contactInformation", "attachedImageRef" }) -@XmlSeeAlso({ eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.NameAndStatusOfAwardingInstitutionType.AwardingInstitution.class, - eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies.class }) -public class InstitutionType { - - @XmlElement(name = "Name", required = true) - protected String name; - @XmlElement(name = "Status", required = true) - protected String status; - @XmlElement(name = "Country", required = true) - protected InstitutionType.Country country; - @XmlElement(name = "AdditionalInformation") - protected RichTextTagType additionalInformation; - @XmlElement(name = "ContactInformation") - protected ContactInformationType contactInformation; - @XmlElement(name = "AttachedImageRef") - protected InstitutionType.AttachedImageRef attachedImageRef; - @XmlAttribute(name = "nationalID") - protected String nationalID; - @XmlAttribute(name = "erasmusID") - protected String erasmusID; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the status property. - * - * @return possible object is {@link String } - * - */ - public String getStatus() { - return status; - } - - /** - * Sets the value of the status property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStatus(String value) { - this.status = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link InstitutionType.Country } - * - */ - public InstitutionType.Country getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link InstitutionType.Country } - * - */ - public void setCountry(InstitutionType.Country value) { - this.country = value; - } - - /** - * Gets the value of the additionalInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAdditionalInformation() { - return additionalInformation; - } - - /** - * Sets the value of the additionalInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAdditionalInformation(RichTextTagType value) { - this.additionalInformation = value; - } - - /** - * Gets the value of the contactInformation property. - * - * @return possible object is {@link ContactInformationType } - * - */ - public ContactInformationType getContactInformation() { - return contactInformation; - } - - /** - * Sets the value of the contactInformation property. - * - * @param value - * allowed object is {@link ContactInformationType } - * - */ - public void setContactInformation(ContactInformationType value) { - this.contactInformation = value; - } - - /** - * Gets the value of the attachedImageRef property. - * - * @return possible object is {@link InstitutionType.AttachedImageRef } - * - */ - public InstitutionType.AttachedImageRef getAttachedImageRef() { - return attachedImageRef; - } - - /** - * Sets the value of the attachedImageRef property. - * - * @param value - * allowed object is {@link InstitutionType.AttachedImageRef } - * - */ - public void setAttachedImageRef(InstitutionType.AttachedImageRef value) { - this.attachedImageRef = value; - } - - /** - * Gets the value of the nationalID property. - * - * @return possible object is {@link String } - * - */ - public String getNationalID() { - return nationalID; - } - - /** - * Sets the value of the nationalID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNationalID(String value) { - this.nationalID = value; - } - - /** - * Gets the value of the erasmusID property. - * - * @return possible object is {@link String } - * - */ - public String getErasmusID() { - return erasmusID; - } - - /** - * Sets the value of the erasmusID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setErasmusID(String value) { - this.erasmusID = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}IDREF" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class AttachedImageRef { - - @XmlValue - protected String value; - @XmlAttribute(name = "attachedID", required = true) - @XmlIDREF - @XmlSchemaType(name = "IDREF") - protected Object attachedID; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the attachedID property. - * - * @return possible object is {@link Object } - * - */ - public Object getAttachedID() { - return attachedID; - } - - /** - * Sets the value of the attachedID property. - * - * @param value - * allowed object is {@link Object } - * - */ - public void setAttachedID(Object value) { - this.attachedID = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="country" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Country { - - @XmlValue - protected String value; - @XmlAttribute(name = "country", required = true) - protected CountryType country; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link CountryType } - * - */ - public CountryType getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link CountryType } - * - */ - public void setCountry(CountryType value) { - this.country = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LanguageType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LanguageType.java deleted file mode 100644 index 7efdf9488..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LanguageType.java +++ /dev/null @@ -1,836 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for LanguageType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="LanguageType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="ab"/> - * <enumeration value="af"/> - * <enumeration value="an"/> - * <enumeration value="ar"/> - * <enumeration value="as"/> - * <enumeration value="az"/> - * <enumeration value="be"/> - * <enumeration value="bg"/> - * <enumeration value="bn"/> - * <enumeration value="bo"/> - * <enumeration value="br"/> - * <enumeration value="bs"/> - * <enumeration value="ca"/> - * <enumeration value="ce"/> - * <enumeration value="co"/> - * <enumeration value="cs"/> - * <enumeration value="cy"/> - * <enumeration value="da"/> - * <enumeration value="de"/> - * <enumeration value="el"/> - * <enumeration value="en"/> - * <enumeration value="es"/> - * <enumeration value="et"/> - * <enumeration value="eu"/> - * <enumeration value="fa"/> - * <enumeration value="fi"/> - * <enumeration value="fj"/> - * <enumeration value="fo"/> - * <enumeration value="fr"/> - * <enumeration value="fy"/> - * <enumeration value="ga"/> - * <enumeration value="gd"/> - * <enumeration value="gl"/> - * <enumeration value="gv"/> - * <enumeration value="grc"/> - * <enumeration value="gsw"/> - * <enumeration value="he"/> - * <enumeration value="hi"/> - * <enumeration value="hr"/> - * <enumeration value="ht"/> - * <enumeration value="hu"/> - * <enumeration value="hy"/> - * <enumeration value="id"/> - * <enumeration value="is"/> - * <enumeration value="it"/> - * <enumeration value="ja"/> - * <enumeration value="jv"/> - * <enumeration value="ka"/> - * <enumeration value="kg"/> - * <enumeration value="ko"/> - * <enumeration value="ku"/> - * <enumeration value="kw"/> - * <enumeration value="ky"/> - * <enumeration value="lb"/> - * <enumeration value="li"/> - * <enumeration value="ln"/> - * <enumeration value="lt"/> - * <enumeration value="lv"/> - * <enumeration value="mg"/> - * <enumeration value="mk"/> - * <enumeration value="mn"/> - * <enumeration value="mo"/> - * <enumeration value="ms"/> - * <enumeration value="mt"/> - * <enumeration value="my"/> - * <enumeration value="nb"/> - * <enumeration value="ne"/> - * <enumeration value="nl"/> - * <enumeration value="nn"/> - * <enumeration value="no"/> - * <enumeration value="pl"/> - * <enumeration value="pt"/> - * <enumeration value="rm"/> - * <enumeration value="ro"/> - * <enumeration value="ru"/> - * <enumeration value="sc"/> - * <enumeration value="se"/> - * <enumeration value="sk"/> - * <enumeration value="sl"/> - * <enumeration value="so"/> - * <enumeration value="sq"/> - * <enumeration value="sr"/> - * <enumeration value="sv"/> - * <enumeration value="sw"/> - * <enumeration value="tk"/> - * <enumeration value="tr"/> - * <enumeration value="ty"/> - * <enumeration value="uk"/> - * <enumeration value="ur"/> - * <enumeration value="uz"/> - * <enumeration value="vi"/> - * <enumeration value="yi"/> - * <enumeration value="zh"/> - * <enumeration value="cu"/> - * <enumeration value="eo"/> - * <enumeration value="la"/> - * <enumeration value="oc"/> - * <enumeration value="vo"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "LanguageType") -@XmlEnum -public enum LanguageType { - - /** - * Abkhazian - * - */ - @XmlEnumValue("ab") - AB("ab"), - - /** - * Afrikaans - * - */ - @XmlEnumValue("af") - AF("af"), - - /** - * Aragonese - * - */ - @XmlEnumValue("an") - AN("an"), - - /** - * Arabic - * - */ - @XmlEnumValue("ar") - AR("ar"), - - /** - * Assamese - * - */ - @XmlEnumValue("as") - AS("as"), - - /** - * Azerbaijani - * - */ - @XmlEnumValue("az") - AZ("az"), - - /** - * Belarusian - * - */ - @XmlEnumValue("be") - BE("be"), - - /** - * Bulgarian - * - */ - @XmlEnumValue("bg") - BG("bg"), - - /** - * Bengali - * - */ - @XmlEnumValue("bn") - BN("bn"), - - /** - * Tibetan - * - */ - @XmlEnumValue("bo") - BO("bo"), - - /** - * Breton - * - */ - @XmlEnumValue("br") - BR("br"), - - /** - * Bosnian - * - */ - @XmlEnumValue("bs") - BS("bs"), - - /** - * Catalan / Valencian - * - */ - @XmlEnumValue("ca") - CA("ca"), - - /** - * Chechen - * - */ - @XmlEnumValue("ce") - CE("ce"), - - /** - * Corsican - * - */ - @XmlEnumValue("co") - CO("co"), - - /** - * Czech - * - */ - @XmlEnumValue("cs") - CS("cs"), - - /** - * Welsh - * - */ - @XmlEnumValue("cy") - CY("cy"), - - /** - * Danish - * - */ - @XmlEnumValue("da") - DA("da"), - - /** - * German - * - */ - @XmlEnumValue("de") - DE("de"), - - /** - * Greek - * - */ - @XmlEnumValue("el") - EL("el"), - - /** - * English - * - */ - @XmlEnumValue("en") - EN("en"), - - /** - * Spanish / Castilian - * - */ - @XmlEnumValue("es") - ES("es"), - - /** - * Estonian - * - */ - @XmlEnumValue("et") - ET("et"), - - /** - * Basque - * - */ - @XmlEnumValue("eu") - EU("eu"), - - /** - * Persian - * - */ - @XmlEnumValue("fa") - FA("fa"), - - /** - * Finnish - * - */ - @XmlEnumValue("fi") - FI("fi"), - - /** - * Fijian - * - */ - @XmlEnumValue("fj") - FJ("fj"), - - /** - * Faroese - * - */ - @XmlEnumValue("fo") - FO("fo"), - - /** - * French - * - */ - @XmlEnumValue("fr") - FR("fr"), - - /** - * Western Frisian - * - */ - @XmlEnumValue("fy") - FY("fy"), - - /** - * Irish - * - */ - @XmlEnumValue("ga") - GA("ga"), - - /** - * Gaelic / Scottish Gaelic - * - */ - @XmlEnumValue("gd") - GD("gd"), - - /** - * Galician - * - */ - @XmlEnumValue("gl") - GL("gl"), - - /** - * Manx - * - */ - @XmlEnumValue("gv") - GV("gv"), - - /** - * Ancient Greek - * - */ - @XmlEnumValue("grc") - GRC("grc"), - - /** - * Alemanic; Swiss German - * - */ - @XmlEnumValue("gsw") - GSW("gsw"), - - /** - * Hebrew - * - */ - @XmlEnumValue("he") - HE("he"), - - /** - * Hindi - * - */ - @XmlEnumValue("hi") - HI("hi"), - - /** - * Croatian - * - */ - @XmlEnumValue("hr") - HR("hr"), - - /** - * Haitian; Haitian Creole - * - */ - @XmlEnumValue("ht") - HT("ht"), - - /** - * Hungarian - * - */ - @XmlEnumValue("hu") - HU("hu"), - - /** - * Armenian - * - */ - @XmlEnumValue("hy") - HY("hy"), - - /** - * Indonesian - * - */ - @XmlEnumValue("id") - ID("id"), - - /** - * Icelandic - * - */ - @XmlEnumValue("is") - IS("is"), - - /** - * Italian - * - */ - @XmlEnumValue("it") - IT("it"), - - /** - * Japanese - * - */ - @XmlEnumValue("ja") - JA("ja"), - - /** - * Javanese - * - */ - @XmlEnumValue("jv") - JV("jv"), - - /** - * Georgian - * - */ - @XmlEnumValue("ka") - KA("ka"), - - /** - * Kongo - * - */ - @XmlEnumValue("kg") - KG("kg"), - - /** - * Korean - * - */ - @XmlEnumValue("ko") - KO("ko"), - - /** - * Kurdish - * - */ - @XmlEnumValue("ku") - KU("ku"), - - /** - * Cornish - * - */ - @XmlEnumValue("kw") - KW("kw"), - - /** - * Kirghiz - * - */ - @XmlEnumValue("ky") - KY("ky"), - - /** - * Luxembourgish; Letzeburgesch - * - */ - @XmlEnumValue("lb") - LB("lb"), - - /** - * Limburgan; Limburger; Limburgish - * - */ - @XmlEnumValue("li") - LI("li"), - - /** - * Lingala - * - */ - @XmlEnumValue("ln") - LN("ln"), - - /** - * Lithuanian - * - */ - @XmlEnumValue("lt") - LT("lt"), - - /** - * Latvian - * - */ - @XmlEnumValue("lv") - LV("lv"), - - /** - * Malagasy - * - */ - @XmlEnumValue("mg") - MG("mg"), - - /** - * Macedonian - * - */ - @XmlEnumValue("mk") - MK("mk"), - - /** - * Mongolian - * - */ - @XmlEnumValue("mn") - MN("mn"), - - /** - * Moldavian - * - */ - @XmlEnumValue("mo") - MO("mo"), - - /** - * Malay - * - */ - @XmlEnumValue("ms") - MS("ms"), - - /** - * Maltese - * - */ - @XmlEnumValue("mt") - MT("mt"), - - /** - * Burmese - * - */ - @XmlEnumValue("my") - MY("my"), - - /** - * Norwegian - * - */ - @XmlEnumValue("nb") - NB("nb"), - - /** - * Nepali - * - */ - @XmlEnumValue("ne") - NE("ne"), - - /** - * Dutch - * - */ - @XmlEnumValue("nl") - NL("nl"), - - /** - * Norwegian (Nynorsk) - * - */ - @XmlEnumValue("nn") - NN("nn"), - - /** - * Norwegian - * - */ - @XmlEnumValue("no") - NO("no"), - - /** - * Polish - * - */ - @XmlEnumValue("pl") - PL("pl"), - - /** - * Portuguese - * - */ - @XmlEnumValue("pt") - PT("pt"), - - /** - * Raeto-Romance - * - */ - @XmlEnumValue("rm") - RM("rm"), - - /** - * Romanian - * - */ - @XmlEnumValue("ro") - RO("ro"), - - /** - * Russian - * - */ - @XmlEnumValue("ru") - RU("ru"), - - /** - * Sardinian - * - */ - @XmlEnumValue("sc") - SC("sc"), - - /** - * Northern Sami - * - */ - @XmlEnumValue("se") - SE("se"), - - /** - * Slovak - * - */ - @XmlEnumValue("sk") - SK("sk"), - - /** - * Slovenian - * - */ - @XmlEnumValue("sl") - SL("sl"), - - /** - * Somali - * - */ - @XmlEnumValue("so") - SO("so"), - - /** - * Albanian - * - */ - @XmlEnumValue("sq") - SQ("sq"), - - /** - * Serbian - * - */ - @XmlEnumValue("sr") - SR("sr"), - - /** - * Swedish - * - */ - @XmlEnumValue("sv") - SV("sv"), - - /** - * Swahili - * - */ - @XmlEnumValue("sw") - SW("sw"), - - /** - * Turkmen - * - */ - @XmlEnumValue("tk") - TK("tk"), - - /** - * Turkish - * - */ - @XmlEnumValue("tr") - TR("tr"), - - /** - * Tahitian - * - */ - @XmlEnumValue("ty") - TY("ty"), - - /** - * Ukrainian - * - */ - @XmlEnumValue("uk") - UK("uk"), - - /** - * Urdu - * - */ - @XmlEnumValue("ur") - UR("ur"), - - /** - * Uzbek - * - */ - @XmlEnumValue("uz") - UZ("uz"), - - /** - * Vietnamese - * - */ - @XmlEnumValue("vi") - VI("vi"), - - /** - * Yiddish - * - */ - @XmlEnumValue("yi") - YI("yi"), - - /** - * Chinese - * - */ - @XmlEnumValue("zh") - ZH("zh"), - - /** - * Church Slavic - * - */ - @XmlEnumValue("cu") - CU("cu"), - - /** - * Esperanto - * - */ - @XmlEnumValue("eo") - EO("eo"), - - /** - * Latin - * - */ - @XmlEnumValue("la") - LA("la"), - - /** - * Occitan (post 1500); - * - */ - @XmlEnumValue("oc") - OC("oc"), - - /** - * VVola - * - */ - @XmlEnumValue("vo") - VO("vo"); - private final String value; - - LanguageType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static LanguageType fromValue(String v) { - for (LanguageType c : LanguageType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LanguagesOfInstructionAndExaminationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LanguagesOfInstructionAndExaminationType.java deleted file mode 100644 index 6920b52de..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LanguagesOfInstructionAndExaminationType.java +++ /dev/null @@ -1,158 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.math.BigDecimal; -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Language of instruction and examination - * - * <p> - * Java class for LanguagesOfInstructionAndExaminationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="LanguagesOfInstructionAndExaminationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Language" maxOccurs="unbounded"> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="language" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}LanguageType" /> - * <attribute name="percent" type="{urn:crue:academic:xsd:language:diplomasupplement}PercentType" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "LanguagesOfInstructionAndExaminationType", propOrder = { "language" }) -public class LanguagesOfInstructionAndExaminationType { - - @XmlElement(name = "Language", required = true) - protected List<LanguagesOfInstructionAndExaminationType.Language> language; - - /** - * Gets the value of the language property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the language property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getLanguage().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link LanguagesOfInstructionAndExaminationType.Language } - * - * - */ - public List<LanguagesOfInstructionAndExaminationType.Language> getLanguage() { - if (language == null) { - language = new ArrayList<LanguagesOfInstructionAndExaminationType.Language>(); - } - return this.language; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"> - * <attribute name="language" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}LanguageType" /> - * <attribute name="percent" type="{urn:crue:academic:xsd:language:diplomasupplement}PercentType" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class Language extends RichTextTagType { - - @XmlAttribute(name = "language", required = true) - protected LanguageType language; - @XmlAttribute(name = "percent") - protected BigDecimal percent; - - /** - * Gets the value of the language property. - * - * @return possible object is {@link LanguageType } - * - */ - public LanguageType getLanguage() { - return language; - } - - /** - * Sets the value of the language property. - * - * @param value - * allowed object is {@link LanguageType } - * - */ - public void setLanguage(LanguageType value) { - this.language = value; - } - - /** - * Gets the value of the percent property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getPercent() { - return percent; - } - - /** - * Sets the value of the percent property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setPercent(BigDecimal value) { - this.percent = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LocalGradeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LocalGradeType.java deleted file mode 100644 index 49291e403..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/LocalGradeType.java +++ /dev/null @@ -1,223 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * Local grade - * - * <p> - * Java class for LocalGradeType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="LocalGradeType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="AcademicYear" type="{urn:crue:academic:xsd:language:diplomasupplement}AcademicYearType"/> - * <element name="DateIssued" type="{urn:crue:academic:xsd:language:diplomasupplement}DateType" minOccurs="0"/> - * <element name="Grade" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Source" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="source" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}SourceGradeType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "LocalGradeType", propOrder = { "academicYear", "dateIssued", "grade", "source" }) -public class LocalGradeType { - - @XmlElement(name = "AcademicYear", required = true) - protected String academicYear; - @XmlElement(name = "DateIssued") - protected XMLGregorianCalendar dateIssued; - @XmlElement(name = "Grade", required = true) - protected String grade; - @XmlElement(name = "Source") - protected LocalGradeType.Source source; - - /** - * Gets the value of the academicYear property. - * - * @return possible object is {@link String } - * - */ - public String getAcademicYear() { - return academicYear; - } - - /** - * Sets the value of the academicYear property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAcademicYear(String value) { - this.academicYear = value; - } - - /** - * Gets the value of the dateIssued property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateIssued() { - return dateIssued; - } - - /** - * Sets the value of the dateIssued property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateIssued(XMLGregorianCalendar value) { - this.dateIssued = value; - } - - /** - * Gets the value of the grade property. - * - * @return possible object is {@link String } - * - */ - public String getGrade() { - return grade; - } - - /** - * Sets the value of the grade property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setGrade(String value) { - this.grade = value; - } - - /** - * Gets the value of the source property. - * - * @return possible object is {@link LocalGradeType.Source } - * - */ - public LocalGradeType.Source getSource() { - return source; - } - - /** - * Sets the value of the source property. - * - * @param value - * allowed object is {@link LocalGradeType.Source } - * - */ - public void setSource(LocalGradeType.Source value) { - this.source = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="source" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}SourceGradeType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Source { - - @XmlValue - protected String value; - @XmlAttribute(name = "source", required = true) - protected SourceGradeType source; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the source property. - * - * @return possible object is {@link SourceGradeType } - * - */ - public SourceGradeType getSource() { - return source; - } - - /** - * Sets the value of the source property. - * - * @param value - * allowed object is {@link SourceGradeType } - * - */ - public void setSource(SourceGradeType value) { - this.source = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MimeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MimeType.java deleted file mode 100644 index c4e131862..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MimeType.java +++ /dev/null @@ -1,108 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for MimeType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="MimeType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="image/gif"/> - * <enumeration value="image/jpeg"/> - * <enumeration value="image/pjpeg"/> - * <enumeration value="image/png"/> - * <enumeration value="image/tiff"/> - * <enumeration value="text/html"/> - * <enumeration value="application/pdf"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "MimeType") -@XmlEnum -public enum MimeType { - - /** - * GIF image - * - */ - @XmlEnumValue("image/gif") - IMAGE_GIF("image/gif"), - - /** - * JPEG JFIF image - * - */ - @XmlEnumValue("image/jpeg") - IMAGE_JPEG("image/jpeg"), - - /** - * JPEG JFIF image - * - */ - @XmlEnumValue("image/pjpeg") - IMAGE_PJPEG("image/pjpeg"), - - /** - * Portable Network Graphics - * - */ - @XmlEnumValue("image/png") - IMAGE_PNG("image/png"), - - /** - * Tag Image File Format - * - */ - @XmlEnumValue("image/tiff") - IMAGE_TIFF("image/tiff"), - - /** - * HTML - * - */ - @XmlEnumValue("text/html") - TEXT_HTML("text/html"), - - /** - * Portable Document Format - * - */ - @XmlEnumValue("application/pdf") - APPLICATION_PDF("application/pdf"); - private final String value; - - MimeType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static MimeType fromValue(String v) { - for (MimeType c : MimeType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeCourseUnitType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeCourseUnitType.java deleted file mode 100644 index 9ed52c50d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeCourseUnitType.java +++ /dev/null @@ -1,251 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * Mobility programme course unit - * - * <p> - * Java class for MobilityProgrammeCourseUnitType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="MobilityProgrammeCourseUnitType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Code" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" minOccurs="0"/> - * <element name="Title"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="language" type="{urn:crue:academic:xsd:language:diplomasupplement}LanguageType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="ECTSCredits" type="{urn:crue:academic:xsd:language:diplomasupplement}PositiveDecimalType" minOccurs="0"/> - * <element name="AdditionalInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * </sequence> - * <attribute name="isInTheLearningAgreement" type="{http://www.w3.org/2001/XMLSchema}boolean" default="true" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "MobilityProgrammeCourseUnitType", propOrder = { "code", "title", "ectsCredits", "additionalInformation" }) -public class MobilityProgrammeCourseUnitType { - - @XmlElement(name = "Code") - protected String code; - @XmlElement(name = "Title", required = true) - protected MobilityProgrammeCourseUnitType.Title title; - @XmlElement(name = "ECTSCredits") - protected BigDecimal ectsCredits; - @XmlElement(name = "AdditionalInformation") - protected RichTextTagType additionalInformation; - @XmlAttribute(name = "isInTheLearningAgreement") - protected Boolean isInTheLearningAgreement; - - /** - * Gets the value of the code property. - * - * @return possible object is {@link String } - * - */ - public String getCode() { - return code; - } - - /** - * Sets the value of the code property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCode(String value) { - this.code = value; - } - - /** - * Gets the value of the title property. - * - * @return possible object is {@link MobilityProgrammeCourseUnitType.Title } - * - */ - public MobilityProgrammeCourseUnitType.Title getTitle() { - return title; - } - - /** - * Sets the value of the title property. - * - * @param value - * allowed object is {@link MobilityProgrammeCourseUnitType.Title } - * - */ - public void setTitle(MobilityProgrammeCourseUnitType.Title value) { - this.title = value; - } - - /** - * Gets the value of the ectsCredits property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getECTSCredits() { - return ectsCredits; - } - - /** - * Sets the value of the ectsCredits property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setECTSCredits(BigDecimal value) { - this.ectsCredits = value; - } - - /** - * Gets the value of the additionalInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAdditionalInformation() { - return additionalInformation; - } - - /** - * Sets the value of the additionalInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAdditionalInformation(RichTextTagType value) { - this.additionalInformation = value; - } - - /** - * Gets the value of the isInTheLearningAgreement property. - * - * @return possible object is {@link Boolean } - * - */ - public boolean isIsInTheLearningAgreement() { - if (isInTheLearningAgreement == null) { - return true; - } else { - return isInTheLearningAgreement; - } - } - - /** - * Sets the value of the isInTheLearningAgreement property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setIsInTheLearningAgreement(Boolean value) { - this.isInTheLearningAgreement = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="language" type="{urn:crue:academic:xsd:language:diplomasupplement}LanguageType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Title { - - @XmlValue - protected String value; - @XmlAttribute(name = "language") - protected LanguageType language; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the language property. - * - * @return possible object is {@link LanguageType } - * - */ - public LanguageType getLanguage() { - return language; - } - - /** - * Sets the value of the language property. - * - * @param value - * allowed object is {@link LanguageType } - * - */ - public void setLanguage(LanguageType value) { - this.language = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeCoursesUnitsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeCoursesUnitsType.java deleted file mode 100644 index 4ec7f4424..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeCoursesUnitsType.java +++ /dev/null @@ -1,74 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Mobility programme courses units - * - * <p> - * Java class for MobilityProgrammeCoursesUnitsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="MobilityProgrammeCoursesUnitsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CourseUnit" type="{urn:crue:academic:xsd:language:diplomasupplement}MobilityProgrammeCourseUnitType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "MobilityProgrammeCoursesUnitsType", propOrder = { "courseUnit" }) -public class MobilityProgrammeCoursesUnitsType { - - @XmlElement(name = "CourseUnit", required = true) - protected List<MobilityProgrammeCourseUnitType> courseUnit; - - /** - * Gets the value of the courseUnit property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the courseUnit property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getCourseUnit().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link MobilityProgrammeCourseUnitType } - * - * - */ - public List<MobilityProgrammeCourseUnitType> getCourseUnit() { - if (courseUnit == null) { - courseUnit = new ArrayList<MobilityProgrammeCourseUnitType>(); - } - return this.courseUnit; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeType.java deleted file mode 100644 index 02528aea2..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MobilityProgrammeType.java +++ /dev/null @@ -1,319 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * Mobility programme - * - * <p> - * Java class for MobilityProgrammeType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="MobilityProgrammeType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Type" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="FieldOfStudy" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" minOccurs="0"/> - * <element name="Country"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="country" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="ReceivingInstitutionName" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="AcademicYear" type="{urn:crue:academic:xsd:language:diplomasupplement}AcademicYearType"/> - * <element name="DateFrom" type="{urn:crue:academic:xsd:language:diplomasupplement}DateType" minOccurs="0"/> - * <element name="DateTo" type="{urn:crue:academic:xsd:language:diplomasupplement}DateType" minOccurs="0"/> - * <element name="CoursesUnits" type="{urn:crue:academic:xsd:language:diplomasupplement}MobilityProgrammeCoursesUnitsType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "MobilityProgrammeType", propOrder = { "type", "fieldOfStudy", "country", "receivingInstitutionName", "academicYear", "dateFrom", "dateTo", "coursesUnits" }) -public class MobilityProgrammeType { - - @XmlElement(name = "Type", required = true) - protected String type; - @XmlElement(name = "FieldOfStudy") - protected String fieldOfStudy; - @XmlElement(name = "Country", required = true) - protected MobilityProgrammeType.Country country; - @XmlElement(name = "ReceivingInstitutionName", required = true) - protected String receivingInstitutionName; - @XmlElement(name = "AcademicYear", required = true) - protected String academicYear; - @XmlElement(name = "DateFrom") - protected XMLGregorianCalendar dateFrom; - @XmlElement(name = "DateTo") - protected XMLGregorianCalendar dateTo; - @XmlElement(name = "CoursesUnits", required = true) - protected MobilityProgrammeCoursesUnitsType coursesUnits; - - /** - * Gets the value of the type property. - * - * @return possible object is {@link String } - * - */ - public String getType() { - return type; - } - - /** - * Sets the value of the type property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setType(String value) { - this.type = value; - } - - /** - * Gets the value of the fieldOfStudy property. - * - * @return possible object is {@link String } - * - */ - public String getFieldOfStudy() { - return fieldOfStudy; - } - - /** - * Sets the value of the fieldOfStudy property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setFieldOfStudy(String value) { - this.fieldOfStudy = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link MobilityProgrammeType.Country } - * - */ - public MobilityProgrammeType.Country getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link MobilityProgrammeType.Country } - * - */ - public void setCountry(MobilityProgrammeType.Country value) { - this.country = value; - } - - /** - * Gets the value of the receivingInstitutionName property. - * - * @return possible object is {@link String } - * - */ - public String getReceivingInstitutionName() { - return receivingInstitutionName; - } - - /** - * Sets the value of the receivingInstitutionName property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setReceivingInstitutionName(String value) { - this.receivingInstitutionName = value; - } - - /** - * Gets the value of the academicYear property. - * - * @return possible object is {@link String } - * - */ - public String getAcademicYear() { - return academicYear; - } - - /** - * Sets the value of the academicYear property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAcademicYear(String value) { - this.academicYear = value; - } - - /** - * Gets the value of the dateFrom property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateFrom() { - return dateFrom; - } - - /** - * Sets the value of the dateFrom property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateFrom(XMLGregorianCalendar value) { - this.dateFrom = value; - } - - /** - * Gets the value of the dateTo property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateTo() { - return dateTo; - } - - /** - * Sets the value of the dateTo property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateTo(XMLGregorianCalendar value) { - this.dateTo = value; - } - - /** - * Gets the value of the coursesUnits property. - * - * @return possible object is {@link MobilityProgrammeCoursesUnitsType } - * - */ - public MobilityProgrammeCoursesUnitsType getCoursesUnits() { - return coursesUnits; - } - - /** - * Sets the value of the coursesUnits property. - * - * @param value - * allowed object is {@link MobilityProgrammeCoursesUnitsType } - * - */ - public void setCoursesUnits(MobilityProgrammeCoursesUnitsType value) { - this.coursesUnits = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="country" use="required" type="{urn:crue:academic:xsd:language:diplomasupplement}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Country { - - @XmlValue - protected String value; - @XmlAttribute(name = "country", required = true) - protected CountryType country; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link CountryType } - * - */ - public CountryType getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link CountryType } - * - */ - public void setCountry(CountryType value) { - this.country = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ModeOfDeliveryType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ModeOfDeliveryType.java deleted file mode 100644 index 23a4152de..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ModeOfDeliveryType.java +++ /dev/null @@ -1,68 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ModeOfDeliveryType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="ModeOfDeliveryType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="FaceToFace"/> - * <enumeration value="DistanceLearning"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "ModeOfDeliveryType") -@XmlEnum -public enum ModeOfDeliveryType { - - /** - * Face-to-face - * - */ - @XmlEnumValue("FaceToFace") - FACE_TO_FACE("FaceToFace"), - - /** - * Distance learning - * - */ - @XmlEnumValue("DistanceLearning") - DISTANCE_LEARNING("DistanceLearning"); - private final String value; - - ModeOfDeliveryType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static ModeOfDeliveryType fromValue(String v) { - for (ModeOfDeliveryType c : ModeOfDeliveryType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ModeOfStudyType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ModeOfStudyType.java deleted file mode 100644 index 5cb0d2646..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ModeOfStudyType.java +++ /dev/null @@ -1,92 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ModeOfStudyType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="ModeOfStudyType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="FullTime"/> - * <enumeration value="ParTime"/> - * <enumeration value="Distance"/> - * <enumeration value="eLearning"/> - * <enumeration value="Another"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "ModeOfStudyType") -@XmlEnum -public enum ModeOfStudyType { - - /** - * Full time - * - */ - @XmlEnumValue("FullTime") - FULL_TIME("FullTime"), - - /** - * Par time - * - */ - @XmlEnumValue("ParTime") - PAR_TIME("ParTime"), - - /** - * Distance - * - */ - @XmlEnumValue("Distance") - DISTANCE("Distance"), - - /** - * eLearning - * - */ - @XmlEnumValue("eLearning") - E_LEARNING("eLearning"), - - /** - * Another - * - */ - @XmlEnumValue("Another") - ANOTHER("Another"); - private final String value; - - ModeOfStudyType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static ModeOfStudyType fromValue(String v) { - for (ModeOfStudyType c : ModeOfStudyType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MultilingualDiplomaSupplementType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MultilingualDiplomaSupplementType.java deleted file mode 100644 index ab83f154e..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/MultilingualDiplomaSupplementType.java +++ /dev/null @@ -1,105 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig.SignatureType; - -/** - * Multilingual Diploma Supplement (DS) - * - * <p> - * Java class for MultilingualDiplomaSupplementType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="MultilingualDiplomaSupplementType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{urn:crue:academic:xsd:language:diplomasupplement}DiplomaSupplement" maxOccurs="unbounded" minOccurs="2"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Signature" maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "MultilingualDiplomaSupplementType", propOrder = { "diplomaSupplement", "signature" }) -public class MultilingualDiplomaSupplementType { - - @XmlElement(name = "DiplomaSupplement", required = true) - protected List<DiplomaSupplementType> diplomaSupplement; - @XmlElement(name = "Signature", namespace = "http://www.w3.org/2000/09/xmldsig#") - protected List<SignatureType> signature; - - /** - * Diploma Supplement Gets the value of the diplomaSupplement property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the diplomaSupplement property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getDiplomaSupplement().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link DiplomaSupplementType } - * - * - */ - public List<DiplomaSupplementType> getDiplomaSupplement() { - if (diplomaSupplement == null) { - diplomaSupplement = new ArrayList<DiplomaSupplementType>(); - } - return this.diplomaSupplement; - } - - /** - * Digital signature Gets the value of the signature property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the signature property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getSignature().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link SignatureType } - * - * - */ - public List<SignatureType> getSignature() { - if (signature == null) { - signature = new ArrayList<SignatureType>(); - } - return this.signature; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/NameAndStatusOfAwardingInstitutionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/NameAndStatusOfAwardingInstitutionType.java deleted file mode 100644 index 8424677c1..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/NameAndStatusOfAwardingInstitutionType.java +++ /dev/null @@ -1,132 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Name and status of awarding institution - * - * <p> - * Java class for NameAndStatusOfAwardingInstitutionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="NameAndStatusOfAwardingInstitutionType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="AwardingInstitution" maxOccurs="unbounded"> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}InstitutionType"> - * <attribute name="awardingInstitutionID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "NameAndStatusOfAwardingInstitutionType", propOrder = { "awardingInstitution" }) -public class NameAndStatusOfAwardingInstitutionType { - - @XmlElement(name = "AwardingInstitution", required = true) - protected List<NameAndStatusOfAwardingInstitutionType.AwardingInstitution> awardingInstitution; - - /** - * Gets the value of the awardingInstitution property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the awardingInstitution property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getAwardingInstitution().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link NameAndStatusOfAwardingInstitutionType.AwardingInstitution } - * - * - */ - public List<NameAndStatusOfAwardingInstitutionType.AwardingInstitution> getAwardingInstitution() { - if (awardingInstitution == null) { - awardingInstitution = new ArrayList<NameAndStatusOfAwardingInstitutionType.AwardingInstitution>(); - } - return this.awardingInstitution; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}InstitutionType"> - * <attribute name="awardingInstitutionID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class AwardingInstitution extends InstitutionType { - - @XmlAttribute(name = "awardingInstitutionID", required = true) - protected String awardingInstitutionID; - - /** - * Gets the value of the awardingInstitutionID property. - * - * @return possible object is {@link String } - * - */ - public String getAwardingInstitutionID() { - return awardingInstitutionID; - } - - /** - * Sets the value of the awardingInstitutionID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAwardingInstitutionID(String value) { - this.awardingInstitutionID = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/NameAndStatusOfInstitutionAdministeringStudiesType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/NameAndStatusOfInstitutionAdministeringStudiesType.java deleted file mode 100644 index 90225c9a0..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/NameAndStatusOfInstitutionAdministeringStudiesType.java +++ /dev/null @@ -1,132 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Name and status of institution administering studies - * - * <p> - * Java class for NameAndStatusOfInstitutionAdministeringStudiesType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="NameAndStatusOfInstitutionAdministeringStudiesType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="InstitutionAdministeringStudies" maxOccurs="unbounded"> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}InstitutionType"> - * <attribute name="institutionAdministeringStudiesID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "NameAndStatusOfInstitutionAdministeringStudiesType", propOrder = { "institutionAdministeringStudies" }) -public class NameAndStatusOfInstitutionAdministeringStudiesType { - - @XmlElement(name = "InstitutionAdministeringStudies", required = true) - protected List<NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies> institutionAdministeringStudies; - - /** - * Gets the value of the institutionAdministeringStudies property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the institutionAdministeringStudies property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getInstitutionAdministeringStudies().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies } - * - * - */ - public List<NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies> getInstitutionAdministeringStudies() { - if (institutionAdministeringStudies == null) { - institutionAdministeringStudies = new ArrayList<NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies>(); - } - return this.institutionAdministeringStudies; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:crue:academic:xsd:language:diplomasupplement}InstitutionType"> - * <attribute name="institutionAdministeringStudiesID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class InstitutionAdministeringStudies extends InstitutionType { - - @XmlAttribute(name = "institutionAdministeringStudiesID", required = true) - protected String institutionAdministeringStudiesID; - - /** - * Gets the value of the institutionAdministeringStudiesID property. - * - * @return possible object is {@link String } - * - */ - public String getInstitutionAdministeringStudiesID() { - return institutionAdministeringStudiesID; - } - - /** - * Sets the value of the institutionAdministeringStudiesID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setInstitutionAdministeringStudiesID(String value) { - this.institutionAdministeringStudiesID = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ObjectFactory.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ObjectFactory.java deleted file mode 100644 index 83b337368..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ObjectFactory.java +++ /dev/null @@ -1,647 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlElementDecl; -import javax.xml.bind.annotation.XmlRegistry; -import javax.xml.namespace.QName; - -/** - * This object contains factory methods for each Java content interface and Java element interface generated in the crue.academic.xsd.language.diplomasupplement package. - * <p> - * An ObjectFactory allows you to programatically construct new instances of the Java representation for XML content. The Java representation of XML content can consist of schema derived interfaces - * and classes representing the binding of schema type definitions, element declarations and model groups. Factory methods for each of these are provided in this class. - * - */ -@XmlRegistry -public class ObjectFactory { - - private final static QName _MultilingualDiplomaSupplement_QNAME = new QName("urn:crue:academic:xsd:language:diplomasupplement", "MultilingualDiplomaSupplement"); - private final static QName _DiplomaSupplement_QNAME = new QName("urn:crue:academic:xsd:language:diplomasupplement", "DiplomaSupplement"); - private final static QName _RichTextTagTypeItalic_QNAME = new QName("urn:crue:academic:xsd:language:diplomasupplement", "Italic"); - private final static QName _RichTextTagTypeBreakLine_QNAME = new QName("urn:crue:academic:xsd:language:diplomasupplement", "BreakLine"); - private final static QName _RichTextTagTypeAttachedRef_QNAME = new QName("urn:crue:academic:xsd:language:diplomasupplement", "AttachedRef"); - private final static QName _RichTextTagTypeUnderline_QNAME = new QName("urn:crue:academic:xsd:language:diplomasupplement", "Underline"); - private final static QName _RichTextTagTypeBold_QNAME = new QName("urn:crue:academic:xsd:language:diplomasupplement", "Bold"); - - /** - * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: crue.academic.xsd.language.diplomasupplement - * - */ - public ObjectFactory() { - } - - /** - * Create an instance of {@link AddressType } - * - */ - public AddressType createAddressType() { - return new AddressType(); - } - - /** - * Create an instance of {@link LanguagesOfInstructionAndExaminationType } - * - */ - public LanguagesOfInstructionAndExaminationType createLanguagesOfInstructionAndExaminationType() { - return new LanguagesOfInstructionAndExaminationType(); - } - - /** - * Create an instance of {@link RichTextTagType } - * - */ - public RichTextTagType createRichTextTagType() { - return new RichTextTagType(); - } - - /** - * Create an instance of {@link MobilityProgrammeType } - * - */ - public MobilityProgrammeType createMobilityProgrammeType() { - return new MobilityProgrammeType(); - } - - /** - * Create an instance of {@link NameAndStatusOfInstitutionAdministeringStudiesType } - * - */ - public NameAndStatusOfInstitutionAdministeringStudiesType createNameAndStatusOfInstitutionAdministeringStudiesType() { - return new NameAndStatusOfInstitutionAdministeringStudiesType(); - } - - /** - * Create an instance of {@link InstitutionType } - * - */ - public InstitutionType createInstitutionType() { - return new InstitutionType(); - } - - /** - * Create an instance of {@link MobilityProgrammeCourseUnitType } - * - */ - public MobilityProgrammeCourseUnitType createMobilityProgrammeCourseUnitType() { - return new MobilityProgrammeCourseUnitType(); - } - - /** - * Create an instance of {@link InformationIdentifyingTheHolderOfTheQualificationType } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType createInformationIdentifyingTheHolderOfTheQualificationType() { - return new InformationIdentifyingTheHolderOfTheQualificationType(); - } - - /** - * Create an instance of {@link CourseUnitType } - * - */ - public CourseUnitType createCourseUnitType() { - return new CourseUnitType(); - } - - /** - * Create an instance of {@link LocalGradeType } - * - */ - public LocalGradeType createLocalGradeType() { - return new LocalGradeType(); - } - - /** - * Create an instance of {@link InformationOnTheContentsAndResultsGainedType } - * - */ - public InformationOnTheContentsAndResultsGainedType createInformationOnTheContentsAndResultsGainedType() { - return new InformationOnTheContentsAndResultsGainedType(); - } - - /** - * Create an instance of {@link InformationOnTheLevelOfTheQualificationType } - * - */ - public InformationOnTheLevelOfTheQualificationType createInformationOnTheLevelOfTheQualificationType() { - return new InformationOnTheLevelOfTheQualificationType(); - } - - /** - * Create an instance of {@link NameAndStatusOfAwardingInstitutionType } - * - */ - public NameAndStatusOfAwardingInstitutionType createNameAndStatusOfAwardingInstitutionType() { - return new NameAndStatusOfAwardingInstitutionType(); - } - - /** - * Create an instance of {@link InformationOnTheFunctionOfTheQualificationType } - * - */ - public InformationOnTheFunctionOfTheQualificationType createInformationOnTheFunctionOfTheQualificationType() { - return new InformationOnTheFunctionOfTheQualificationType(); - } - - /** - * Create an instance of {@link MultilingualDiplomaSupplementType } - * - */ - public MultilingualDiplomaSupplementType createMultilingualDiplomaSupplementType() { - return new MultilingualDiplomaSupplementType(); - } - - /** - * Create an instance of {@link DiplomaSupplementType } - * - */ - public DiplomaSupplementType createDiplomaSupplementType() { - return new DiplomaSupplementType(); - } - - /** - * Create an instance of {@link ExtensionContentType } - * - */ - public ExtensionContentType createExtensionContentType() { - return new ExtensionContentType(); - } - - /** - * Create an instance of {@link AttachedImageURLType } - * - */ - public AttachedImageURLType createAttachedImageURLType() { - return new AttachedImageURLType(); - } - - /** - * Create an instance of {@link CourseStructureDiagramType } - * - */ - public CourseStructureDiagramType createCourseStructureDiagramType() { - return new CourseStructureDiagramType(); - } - - /** - * Create an instance of {@link CourseUnitWorkPlacementType } - * - */ - public CourseUnitWorkPlacementType createCourseUnitWorkPlacementType() { - return new CourseUnitWorkPlacementType(); - } - - /** - * Create an instance of {@link InformationIdentifyingTheQualificationType } - * - */ - public InformationIdentifyingTheQualificationType createInformationIdentifyingTheQualificationType() { - return new InformationIdentifyingTheQualificationType(); - } - - /** - * Create an instance of {@link MobilityProgrammeCoursesUnitsType } - * - */ - public MobilityProgrammeCoursesUnitsType createMobilityProgrammeCoursesUnitsType() { - return new MobilityProgrammeCoursesUnitsType(); - } - - /** - * Create an instance of {@link QualificationType } - * - */ - public QualificationType createQualificationType() { - return new QualificationType(); - } - - /** - * Create an instance of {@link CertificationOfTheSupplementType } - * - */ - public CertificationOfTheSupplementType createCertificationOfTheSupplementType() { - return new CertificationOfTheSupplementType(); - } - - /** - * Create an instance of {@link AttachedFileURLType } - * - */ - public AttachedFileURLType createAttachedFileURLType() { - return new AttachedFileURLType(); - } - - /** - * Create an instance of {@link ProgrammeRequirementsType } - * - */ - public ProgrammeRequirementsType createProgrammeRequirementsType() { - return new ProgrammeRequirementsType(); - } - - /** - * Create an instance of {@link CourseUnitWorkPlacementsType } - * - */ - public CourseUnitWorkPlacementsType createCourseUnitWorkPlacementsType() { - return new CourseUnitWorkPlacementsType(); - } - - /** - * Create an instance of {@link AdditionalInformationType } - * - */ - public AdditionalInformationType createAdditionalInformationType() { - return new AdditionalInformationType(); - } - - /** - * Create an instance of {@link GradingSchemeAndGradeDistributionGuidanceType } - * - */ - public GradingSchemeAndGradeDistributionGuidanceType createGradingSchemeAndGradeDistributionGuidanceType() { - return new GradingSchemeAndGradeDistributionGuidanceType(); - } - - /** - * Create an instance of {@link AttachmentsType } - * - */ - public AttachmentsType createAttachmentsType() { - return new AttachmentsType(); - } - - /** - * Create an instance of {@link CourseUnitLanguageOfInstructionType } - * - */ - public CourseUnitLanguageOfInstructionType createCourseUnitLanguageOfInstructionType() { - return new CourseUnitLanguageOfInstructionType(); - } - - /** - * Create an instance of {@link CoursesAttendedInOtherInstitutionInMobilityProgramsType } - * - */ - public CoursesAttendedInOtherInstitutionInMobilityProgramsType createCoursesAttendedInOtherInstitutionInMobilityProgramsType() { - return new CoursesAttendedInOtherInstitutionInMobilityProgramsType(); - } - - /** - * Create an instance of {@link FamilyNameType } - * - */ - public FamilyNameType createFamilyNameType() { - return new FamilyNameType(); - } - - /** - * Create an instance of {@link CoursesGroupsType } - * - */ - public CoursesGroupsType createCoursesGroupsType() { - return new CoursesGroupsType(); - } - - /** - * Create an instance of {@link TitleConferredType } - * - */ - public TitleConferredType createTitleConferredType() { - return new TitleConferredType(); - } - - /** - * Create an instance of {@link OfficialStampType } - * - */ - public OfficialStampType createOfficialStampType() { - return new OfficialStampType(); - } - - /** - * Create an instance of {@link CourseUnitStudentPerformanceType } - * - */ - public CourseUnitStudentPerformanceType createCourseUnitStudentPerformanceType() { - return new CourseUnitStudentPerformanceType(); - } - - /** - * Create an instance of {@link GivenNameType } - * - */ - public GivenNameType createGivenNameType() { - return new GivenNameType(); - } - - /** - * Create an instance of {@link CoursesUnitsType } - * - */ - public CoursesUnitsType createCoursesUnitsType() { - return new CoursesUnitsType(); - } - - /** - * Create an instance of {@link ProgrammeDetailsType } - * - */ - public ProgrammeDetailsType createProgrammeDetailsType() { - return new ProgrammeDetailsType(); - } - - /** - * Create an instance of {@link OfficialCertifyingType } - * - */ - public OfficialCertifyingType createOfficialCertifyingType() { - return new OfficialCertifyingType(); - } - - /** - * Create an instance of {@link CourseUnitLanguagesOfInstructionType } - * - */ - public CourseUnitLanguagesOfInstructionType createCourseUnitLanguagesOfInstructionType() { - return new CourseUnitLanguagesOfInstructionType(); - } - - /** - * Create an instance of {@link AttachedImageDataType } - * - */ - public AttachedImageDataType createAttachedImageDataType() { - return new AttachedImageDataType(); - } - - /** - * Create an instance of {@link AttachedType } - * - */ - public AttachedType createAttachedType() { - return new AttachedType(); - } - - /** - * Create an instance of {@link CoursesGroupType } - * - */ - public CoursesGroupType createCoursesGroupType() { - return new CoursesGroupType(); - } - - /** - * Create an instance of {@link AttachedFileDataType } - * - */ - public AttachedFileDataType createAttachedFileDataType() { - return new AttachedFileDataType(); - } - - /** - * Create an instance of {@link ContactInformationType } - * - */ - public ContactInformationType createContactInformationType() { - return new ContactInformationType(); - } - - /** - * Create an instance of {@link OfficialsCertifyingType } - * - */ - public OfficialsCertifyingType createOfficialsCertifyingType() { - return new OfficialsCertifyingType(); - } - - /** - * Create an instance of {@link AddressType.Country } - * - */ - public AddressType.Country createAddressTypeCountry() { - return new AddressType.Country(); - } - - /** - * Create an instance of {@link LanguagesOfInstructionAndExaminationType.Language } - * - */ - public LanguagesOfInstructionAndExaminationType.Language createLanguagesOfInstructionAndExaminationTypeLanguage() { - return new LanguagesOfInstructionAndExaminationType.Language(); - } - - /** - * Create an instance of {@link RichTextTagType.AttachedRef } - * - */ - public RichTextTagType.AttachedRef createRichTextTagTypeAttachedRef() { - return new RichTextTagType.AttachedRef(); - } - - /** - * Create an instance of {@link MobilityProgrammeType.Country } - * - */ - public MobilityProgrammeType.Country createMobilityProgrammeTypeCountry() { - return new MobilityProgrammeType.Country(); - } - - /** - * Create an instance of {@link NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies } - * - */ - public NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies createNameAndStatusOfInstitutionAdministeringStudiesTypeInstitutionAdministeringStudies() { - return new NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies(); - } - - /** - * Create an instance of {@link InstitutionType.Country } - * - */ - public InstitutionType.Country createInstitutionTypeCountry() { - return new InstitutionType.Country(); - } - - /** - * Create an instance of {@link InstitutionType.AttachedImageRef } - * - */ - public InstitutionType.AttachedImageRef createInstitutionTypeAttachedImageRef() { - return new InstitutionType.AttachedImageRef(); - } - - /** - * Create an instance of {@link MobilityProgrammeCourseUnitType.Title } - * - */ - public MobilityProgrammeCourseUnitType.Title createMobilityProgrammeCourseUnitTypeTitle() { - return new MobilityProgrammeCourseUnitType.Title(); - } - - /** - * Create an instance of {@link InformationIdentifyingTheHolderOfTheQualificationType.CountryOfBirth } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType.CountryOfBirth createInformationIdentifyingTheHolderOfTheQualificationTypeCountryOfBirth() { - return new InformationIdentifyingTheHolderOfTheQualificationType.CountryOfBirth(); - } - - /** - * Create an instance of {@link InformationIdentifyingTheHolderOfTheQualificationType.Gender } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType.Gender createInformationIdentifyingTheHolderOfTheQualificationTypeGender() { - return new InformationIdentifyingTheHolderOfTheQualificationType.Gender(); - } - - /** - * Create an instance of {@link CourseUnitType.Type } - * - */ - public CourseUnitType.Type createCourseUnitTypeType() { - return new CourseUnitType.Type(); - } - - /** - * Create an instance of {@link CourseUnitType.YearOfStudy } - * - */ - public CourseUnitType.YearOfStudy createCourseUnitTypeYearOfStudy() { - return new CourseUnitType.YearOfStudy(); - } - - /** - * Create an instance of {@link CourseUnitType.Level } - * - */ - public CourseUnitType.Level createCourseUnitTypeLevel() { - return new CourseUnitType.Level(); - } - - /** - * Create an instance of {@link CourseUnitType.ModeOfDelivery } - * - */ - public CourseUnitType.ModeOfDelivery createCourseUnitTypeModeOfDelivery() { - return new CourseUnitType.ModeOfDelivery(); - } - - /** - * Create an instance of {@link LocalGradeType.Source } - * - */ - public LocalGradeType.Source createLocalGradeTypeSource() { - return new LocalGradeType.Source(); - } - - /** - * Create an instance of {@link InformationOnTheContentsAndResultsGainedType.ModeOfStudy } - * - */ - public InformationOnTheContentsAndResultsGainedType.ModeOfStudy createInformationOnTheContentsAndResultsGainedTypeModeOfStudy() { - return new InformationOnTheContentsAndResultsGainedType.ModeOfStudy(); - } - - /** - * Create an instance of {@link InformationOnTheLevelOfTheQualificationType.Level } - * - */ - public InformationOnTheLevelOfTheQualificationType.Level createInformationOnTheLevelOfTheQualificationTypeLevel() { - return new InformationOnTheLevelOfTheQualificationType.Level(); - } - - /** - * Create an instance of {@link InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme } - * - */ - public InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme createInformationOnTheLevelOfTheQualificationTypeOfficialLengthOfProgramme() { - return new InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme(); - } - - /** - * Create an instance of {@link NameAndStatusOfAwardingInstitutionType.AwardingInstitution } - * - */ - public NameAndStatusOfAwardingInstitutionType.AwardingInstitution createNameAndStatusOfAwardingInstitutionTypeAwardingInstitution() { - return new NameAndStatusOfAwardingInstitutionType.AwardingInstitution(); - } - - /** - * Create an instance of {@link InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus } - * - */ - public InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus createInformationOnTheFunctionOfTheQualificationTypeProfessionalStatus() { - return new InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus(); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link MultilingualDiplomaSupplementType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:crue:academic:xsd:language:diplomasupplement", name = "MultilingualDiplomaSupplement") - public JAXBElement<MultilingualDiplomaSupplementType> createMultilingualDiplomaSupplement(MultilingualDiplomaSupplementType value) { - return new JAXBElement<MultilingualDiplomaSupplementType>(_MultilingualDiplomaSupplement_QNAME, MultilingualDiplomaSupplementType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link DiplomaSupplementType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:crue:academic:xsd:language:diplomasupplement", name = "DiplomaSupplement") - public JAXBElement<DiplomaSupplementType> createDiplomaSupplement(DiplomaSupplementType value) { - return new JAXBElement<DiplomaSupplementType>(_DiplomaSupplement_QNAME, DiplomaSupplementType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:crue:academic:xsd:language:diplomasupplement", name = "Italic", scope = RichTextTagType.class) - public JAXBElement<String> createRichTextTagTypeItalic(String value) { - return new JAXBElement<String>(_RichTextTagTypeItalic_QNAME, String.class, RichTextTagType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:crue:academic:xsd:language:diplomasupplement", name = "BreakLine", scope = RichTextTagType.class) - public JAXBElement<String> createRichTextTagTypeBreakLine(String value) { - return new JAXBElement<String>(_RichTextTagTypeBreakLine_QNAME, String.class, RichTextTagType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link RichTextTagType.AttachedRef }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:crue:academic:xsd:language:diplomasupplement", name = "AttachedRef", scope = RichTextTagType.class) - public JAXBElement<RichTextTagType.AttachedRef> createRichTextTagTypeAttachedRef(RichTextTagType.AttachedRef value) { - return new JAXBElement<RichTextTagType.AttachedRef>(_RichTextTagTypeAttachedRef_QNAME, RichTextTagType.AttachedRef.class, RichTextTagType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:crue:academic:xsd:language:diplomasupplement", name = "Underline", scope = RichTextTagType.class) - public JAXBElement<String> createRichTextTagTypeUnderline(String value) { - return new JAXBElement<String>(_RichTextTagTypeUnderline_QNAME, String.class, RichTextTagType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:crue:academic:xsd:language:diplomasupplement", name = "Bold", scope = RichTextTagType.class) - public JAXBElement<String> createRichTextTagTypeBold(String value) { - return new JAXBElement<String>(_RichTextTagTypeBold_QNAME, String.class, RichTextTagType.class, value); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialCertifyingType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialCertifyingType.java deleted file mode 100644 index ddf4b7ecc..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialCertifyingType.java +++ /dev/null @@ -1,139 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Official certifying the DS - * - * <p> - * Java class for OfficialCertifyingType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="OfficialCertifyingType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="FamilyName" type="{urn:crue:academic:xsd:language:diplomasupplement}FamilyNameType"/> - * <element name="GivenName" type="{urn:crue:academic:xsd:language:diplomasupplement}GivenNameType"/> - * <element name="Capacity" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * </sequence> - * <attribute name="awardingInstitutionID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "OfficialCertifyingType", propOrder = { "familyName", "givenName", "capacity" }) -public class OfficialCertifyingType { - - @XmlElement(name = "FamilyName", required = true) - protected FamilyNameType familyName; - @XmlElement(name = "GivenName", required = true) - protected GivenNameType givenName; - @XmlElement(name = "Capacity", required = true) - protected String capacity; - @XmlAttribute(name = "awardingInstitutionID", required = true) - protected String awardingInstitutionID; - - /** - * Gets the value of the familyName property. - * - * @return possible object is {@link FamilyNameType } - * - */ - public FamilyNameType getFamilyName() { - return familyName; - } - - /** - * Sets the value of the familyName property. - * - * @param value - * allowed object is {@link FamilyNameType } - * - */ - public void setFamilyName(FamilyNameType value) { - this.familyName = value; - } - - /** - * Gets the value of the givenName property. - * - * @return possible object is {@link GivenNameType } - * - */ - public GivenNameType getGivenName() { - return givenName; - } - - /** - * Sets the value of the givenName property. - * - * @param value - * allowed object is {@link GivenNameType } - * - */ - public void setGivenName(GivenNameType value) { - this.givenName = value; - } - - /** - * Gets the value of the capacity property. - * - * @return possible object is {@link String } - * - */ - public String getCapacity() { - return capacity; - } - - /** - * Sets the value of the capacity property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCapacity(String value) { - this.capacity = value; - } - - /** - * Gets the value of the awardingInstitutionID property. - * - * @return possible object is {@link String } - * - */ - public String getAwardingInstitutionID() { - return awardingInstitutionID; - } - - /** - * Sets the value of the awardingInstitutionID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAwardingInstitutionID(String value) { - this.awardingInstitutionID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialStampType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialStampType.java deleted file mode 100644 index f92a005d3..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialStampType.java +++ /dev/null @@ -1,91 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Official stamp or seal of the institution - * - * <p> - * Java class for OfficialStampType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="OfficialStampType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * </sequence> - * <attribute name="awardingInstitutionID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "OfficialStampType", propOrder = { "description" }) -public class OfficialStampType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlAttribute(name = "awardingInstitutionID", required = true) - protected String awardingInstitutionID; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the awardingInstitutionID property. - * - * @return possible object is {@link String } - * - */ - public String getAwardingInstitutionID() { - return awardingInstitutionID; - } - - /** - * Sets the value of the awardingInstitutionID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAwardingInstitutionID(String value) { - this.awardingInstitutionID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialsCertifyingType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialsCertifyingType.java deleted file mode 100644 index c77b684c3..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/OfficialsCertifyingType.java +++ /dev/null @@ -1,74 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Officials certifying - * - * <p> - * Java class for OfficialsCertifyingType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="OfficialsCertifyingType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="OfficialCertifying" type="{urn:crue:academic:xsd:language:diplomasupplement}OfficialCertifyingType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "OfficialsCertifyingType", propOrder = { "officialCertifying" }) -public class OfficialsCertifyingType { - - @XmlElement(name = "OfficialCertifying", required = true) - protected List<OfficialCertifyingType> officialCertifying; - - /** - * Gets the value of the officialCertifying property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the officialCertifying property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getOfficialCertifying().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link OfficialCertifyingType } - * - * - */ - public List<OfficialCertifyingType> getOfficialCertifying() { - if (officialCertifying == null) { - officialCertifying = new ArrayList<OfficialCertifyingType>(); - } - return this.officialCertifying; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ProgrammeDetailsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ProgrammeDetailsType.java deleted file mode 100644 index 9c2ac3744..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ProgrammeDetailsType.java +++ /dev/null @@ -1,90 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Programme details - * - * <p> - * Java class for ProgrammeDetailsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ProgrammeDetailsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CourseStructureDiagram" type="{urn:crue:academic:xsd:language:diplomasupplement}CourseStructureDiagramType"/> - * <element name="CoursesAttendedInOtherInstitutionInMobilityPrograms" type="{urn:crue:academic:xsd:language:diplomasupplement}CoursesAttendedInOtherInstitutionInMobilityProgramsType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ProgrammeDetailsType", propOrder = { "courseStructureDiagram", "coursesAttendedInOtherInstitutionInMobilityPrograms" }) -public class ProgrammeDetailsType { - - @XmlElement(name = "CourseStructureDiagram", required = true) - protected CourseStructureDiagramType courseStructureDiagram; - @XmlElement(name = "CoursesAttendedInOtherInstitutionInMobilityPrograms") - protected CoursesAttendedInOtherInstitutionInMobilityProgramsType coursesAttendedInOtherInstitutionInMobilityPrograms; - - /** - * Gets the value of the courseStructureDiagram property. - * - * @return possible object is {@link CourseStructureDiagramType } - * - */ - public CourseStructureDiagramType getCourseStructureDiagram() { - return courseStructureDiagram; - } - - /** - * Sets the value of the courseStructureDiagram property. - * - * @param value - * allowed object is {@link CourseStructureDiagramType } - * - */ - public void setCourseStructureDiagram(CourseStructureDiagramType value) { - this.courseStructureDiagram = value; - } - - /** - * Gets the value of the coursesAttendedInOtherInstitutionInMobilityPrograms property. - * - * @return possible object is {@link CoursesAttendedInOtherInstitutionInMobilityProgramsType } - * - */ - public CoursesAttendedInOtherInstitutionInMobilityProgramsType getCoursesAttendedInOtherInstitutionInMobilityPrograms() { - return coursesAttendedInOtherInstitutionInMobilityPrograms; - } - - /** - * Sets the value of the coursesAttendedInOtherInstitutionInMobilityPrograms property. - * - * @param value - * allowed object is {@link CoursesAttendedInOtherInstitutionInMobilityProgramsType } - * - */ - public void setCoursesAttendedInOtherInstitutionInMobilityPrograms(CoursesAttendedInOtherInstitutionInMobilityProgramsType value) { - this.coursesAttendedInOtherInstitutionInMobilityPrograms = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ProgrammeRequirementsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ProgrammeRequirementsType.java deleted file mode 100644 index e21a8d821..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/ProgrammeRequirementsType.java +++ /dev/null @@ -1,90 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Programme requirements - * - * <p> - * Java class for ProgrammeRequirementsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ProgrammeRequirementsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Requirements" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType"/> - * <element name="KeyLearningOutcomes" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ProgrammeRequirementsType", propOrder = { "requirements", "keyLearningOutcomes" }) -public class ProgrammeRequirementsType { - - @XmlElement(name = "Requirements", required = true) - protected RichTextTagType requirements; - @XmlElement(name = "KeyLearningOutcomes") - protected RichTextTagType keyLearningOutcomes; - - /** - * Gets the value of the requirements property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getRequirements() { - return requirements; - } - - /** - * Sets the value of the requirements property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setRequirements(RichTextTagType value) { - this.requirements = value; - } - - /** - * Gets the value of the keyLearningOutcomes property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getKeyLearningOutcomes() { - return keyLearningOutcomes; - } - - /** - * Sets the value of the keyLearningOutcomes property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setKeyLearningOutcomes(RichTextTagType value) { - this.keyLearningOutcomes = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/QualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/QualificationType.java deleted file mode 100644 index 4414ef05d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/QualificationType.java +++ /dev/null @@ -1,139 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Qualification - * - * <p> - * Java class for QualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="QualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="AdditionalInformation" type="{urn:crue:academic:xsd:language:diplomasupplement}RichTextTagType" minOccurs="0"/> - * </sequence> - * <attribute name="localID" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" /> - * <attribute name="nationalID" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "QualificationType", propOrder = { "name", "additionalInformation" }) -public class QualificationType { - - @XmlElement(name = "Name", required = true) - protected String name; - @XmlElement(name = "AdditionalInformation") - protected RichTextTagType additionalInformation; - @XmlAttribute(name = "localID") - protected String localID; - @XmlAttribute(name = "nationalID") - protected String nationalID; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the additionalInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAdditionalInformation() { - return additionalInformation; - } - - /** - * Sets the value of the additionalInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAdditionalInformation(RichTextTagType value) { - this.additionalInformation = value; - } - - /** - * Gets the value of the localID property. - * - * @return possible object is {@link String } - * - */ - public String getLocalID() { - return localID; - } - - /** - * Sets the value of the localID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setLocalID(String value) { - this.localID = value; - } - - /** - * Gets the value of the nationalID property. - * - * @return possible object is {@link String } - * - */ - public String getNationalID() { - return nationalID; - } - - /** - * Sets the value of the nationalID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNationalID(String value) { - this.nationalID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/RichTextTagType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/RichTextTagType.java deleted file mode 100644 index 68c5ec627..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/RichTextTagType.java +++ /dev/null @@ -1,182 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlElementRefs; -import javax.xml.bind.annotation.XmlIDREF; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlSeeAlso; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * Rich text tag - * - * <p> - * Java class for RichTextTagType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="RichTextTagType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice maxOccurs="unbounded" minOccurs="0"> - * <element name="Bold" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="BreakLine" type="{urn:crue:academic:xsd:language:diplomasupplement}EmptyType"/> - * <element name="Italic" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="Underline" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * <element name="AttachedRef"> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}IDREF" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </choice> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "RichTextTagType", propOrder = { "content" }) -@XmlSeeAlso({ eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus.class, - eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.InformationOnTheLevelOfTheQualificationType.Level.class, - eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme.class, - eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.InformationOnTheContentsAndResultsGainedType.ModeOfStudy.class, - eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.LanguagesOfInstructionAndExaminationType.Language.class }) -public class RichTextTagType { - - @XmlElementRefs({ @XmlElementRef(name = "Underline", namespace = "urn:crue:academic:xsd:language:diplomasupplement", type = JAXBElement.class, required = false), - @XmlElementRef(name = "AttachedRef", namespace = "urn:crue:academic:xsd:language:diplomasupplement", type = JAXBElement.class, required = false), - @XmlElementRef(name = "BreakLine", namespace = "urn:crue:academic:xsd:language:diplomasupplement", type = JAXBElement.class, required = false), - @XmlElementRef(name = "Bold", namespace = "urn:crue:academic:xsd:language:diplomasupplement", type = JAXBElement.class, required = false), - @XmlElementRef(name = "Italic", namespace = "urn:crue:academic:xsd:language:diplomasupplement", type = JAXBElement.class, required = false) }) - @XmlMixed - protected List<Serializable> content; - - /** - * Rich text tag Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link JAXBElement }{@code <}{@link String }{@code >} {@link String } {@link JAXBElement }{@code <}{@link RichTextTagType.AttachedRef } - * {@code >} {@link JAXBElement }{@code <}{@link String }{@code >} {@link JAXBElement }{@code <}{@link String }{@code >} {@link JAXBElement }{@code <}{@link String }{@code >} - * - * - */ - public List<Serializable> getContent() { - if (content == null) { - content = new ArrayList<Serializable>(); - } - return this.content; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:crue:academic:xsd:language:diplomasupplement>PlainTextType"> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}IDREF" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class AttachedRef { - - @XmlValue - protected String value; - @XmlAttribute(name = "attachedID", required = true) - @XmlIDREF - @XmlSchemaType(name = "IDREF") - protected Object attachedID; - - /** - * Plain text constraint - * - * Non empty text - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the attachedID property. - * - * @return possible object is {@link Object } - * - */ - public Object getAttachedID() { - return attachedID; - } - - /** - * Sets the value of the attachedID property. - * - * @param value - * allowed object is {@link Object } - * - */ - public void setAttachedID(Object value) { - this.attachedID = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/SourceGradeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/SourceGradeType.java deleted file mode 100644 index f9bb1708d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/SourceGradeType.java +++ /dev/null @@ -1,76 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for SourceGradeType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="SourceGradeType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="Recognized"/> - * <enumeration value="MobilityProgramme"/> - * <enumeration value="Another"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "SourceGradeType") -@XmlEnum -public enum SourceGradeType { - - /** - * Recognized - * - */ - @XmlEnumValue("Recognized") - RECOGNIZED("Recognized"), - - /** - * Course unit attended in mobility programme - * - */ - @XmlEnumValue("MobilityProgramme") - MOBILITY_PROGRAMME("MobilityProgramme"), - - /** - * Another - * - */ - @XmlEnumValue("Another") - ANOTHER("Another"); - private final String value; - - SourceGradeType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static SourceGradeType fromValue(String v) { - for (SourceGradeType c : SourceGradeType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/TitleConferredType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/TitleConferredType.java deleted file mode 100644 index 4bb02cd12..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/TitleConferredType.java +++ /dev/null @@ -1,66 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * Title conferred - * - * <p> - * Java class for TitleConferredType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="TitleConferredType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:crue:academic:xsd:language:diplomasupplement}PlainTextType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "TitleConferredType", propOrder = { "name" }) -public class TitleConferredType { - - @XmlElement(name = "Name", required = true) - protected String name; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/package-info.java deleted file mode 100644 index 84b6707b7..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/crue/academic/xsd/language/diplomasupplement/package-info.java +++ /dev/null @@ -1,10 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -@javax.xml.bind.annotation.XmlSchema(namespace = "urn:crue:academic:xsd:language:diplomasupplement", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED) -package eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement; - diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/AcTitleType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/AcTitleType.java deleted file mode 100644 index 14d28d64e..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/AcTitleType.java +++ /dev/null @@ -1,83 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for acTitleType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="acTitleType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="titleNormalised" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}titleNormalisedType"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "acTitleType", propOrder = { "titleNormalised", "aqaa" }) -public class AcTitleType { - - @XmlElement(required = true) - protected String titleNormalised; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the titleNormalised property. - * - * @return possible object is {@link String } - * - */ - public String getTitleNormalised() { - return titleNormalised; - } - - /** - * Sets the value of the titleNormalised property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTitleNormalised(String value) { - this.titleNormalised = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/AttributeStatusType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/AttributeStatusType.java deleted file mode 100644 index fe44adaac..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/AttributeStatusType.java +++ /dev/null @@ -1,60 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for AttributeStatusType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="AttributeStatusType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="Available"/> - * <enumeration value="NotAvailable"/> - * <enumeration value="Withheld"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "AttributeStatusType") -@XmlEnum -public enum AttributeStatusType { - - @XmlEnumValue("Available") - AVAILABLE("Available"), @XmlEnumValue("NotAvailable") - NOT_AVAILABLE("NotAvailable"), @XmlEnumValue("Withheld") - WITHHELD("Withheld"); - private final String value; - - AttributeStatusType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static AttributeStatusType fromValue(String v) { - for (AttributeStatusType c : AttributeStatusType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/CanonicalAddressType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/CanonicalAddressType.java deleted file mode 100644 index 981884efa..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/CanonicalAddressType.java +++ /dev/null @@ -1,231 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * <p> - * Java class for canonicalAddressType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="canonicalAddressType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="countryCodeAddress" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}CountryCodeType"/> - * <element name="state" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> - * <element name="municipalityCode" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> - * <element name="town" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="postalCode" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="streetName" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="streetNumber" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> - * <element name="apartmentNumber" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "canonicalAddressType", propOrder = { "countryCodeAddress", "state", "municipalityCode", "town", "postalCode", "streetName", "streetNumber", "apartmentNumber" }) -public class CanonicalAddressType { - - @XmlElement(required = true) - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - protected String countryCodeAddress; - protected String state; - protected String municipalityCode; - @XmlElement(required = true) - protected String town; - @XmlElement(required = true) - protected String postalCode; - @XmlElement(required = true) - protected String streetName; - protected String streetNumber; - protected String apartmentNumber; - - /** - * Gets the value of the countryCodeAddress property. - * - * @return possible object is {@link String } - * - */ - public String getCountryCodeAddress() { - return countryCodeAddress; - } - - /** - * Sets the value of the countryCodeAddress property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCountryCodeAddress(String value) { - this.countryCodeAddress = value; - } - - /** - * Gets the value of the state property. - * - * @return possible object is {@link String } - * - */ - public String getState() { - return state; - } - - /** - * Sets the value of the state property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setState(String value) { - this.state = value; - } - - /** - * Gets the value of the municipalityCode property. - * - * @return possible object is {@link String } - * - */ - public String getMunicipalityCode() { - return municipalityCode; - } - - /** - * Sets the value of the municipalityCode property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setMunicipalityCode(String value) { - this.municipalityCode = value; - } - - /** - * Gets the value of the town property. - * - * @return possible object is {@link String } - * - */ - public String getTown() { - return town; - } - - /** - * Sets the value of the town property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTown(String value) { - this.town = value; - } - - /** - * Gets the value of the postalCode property. - * - * @return possible object is {@link String } - * - */ - public String getPostalCode() { - return postalCode; - } - - /** - * Sets the value of the postalCode property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setPostalCode(String value) { - this.postalCode = value; - } - - /** - * Gets the value of the streetName property. - * - * @return possible object is {@link String } - * - */ - public String getStreetName() { - return streetName; - } - - /** - * Sets the value of the streetName property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStreetName(String value) { - this.streetName = value; - } - - /** - * Gets the value of the streetNumber property. - * - * @return possible object is {@link String } - * - */ - public String getStreetNumber() { - return streetNumber; - } - - /** - * Sets the value of the streetNumber property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStreetNumber(String value) { - this.streetNumber = value; - } - - /** - * Gets the value of the apartmentNumber property. - * - * @return possible object is {@link String } - * - */ - public String getApartmentNumber() { - return apartmentNumber; - } - - /** - * Sets the value of the apartmentNumber property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setApartmentNumber(String value) { - this.apartmentNumber = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/CurrentStudiesType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/CurrentStudiesType.java deleted file mode 100644 index 58e4bf02b..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/CurrentStudiesType.java +++ /dev/null @@ -1,179 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import java.math.BigInteger; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.GeneralDiplomaType; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.MultilingualGeneralDiplomaType; - -/** - * <p> - * Java class for currentStudiesType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="currentStudiesType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <choice> - * <element ref="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}MultilingualGeneralDiploma"/> - * <element ref="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}GeneralDiploma"/> - * </choice> - * <element name="yearOfStudy" type="{http://www.w3.org/2001/XMLSchema}integer"/> - * <element name="isEligibleForInternship" type="{http://www.w3.org/2001/XMLSchema}boolean"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * <any minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "currentStudiesType", propOrder = { "multilingualGeneralDiploma", "generalDiploma", "yearOfStudy", "isEligibleForInternship", "aqaa", "any" }) -public class CurrentStudiesType { - - @XmlElement(name = "MultilingualGeneralDiploma", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma") - protected MultilingualGeneralDiplomaType multilingualGeneralDiploma; - @XmlElement(name = "GeneralDiploma", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma") - protected GeneralDiplomaType generalDiploma; - @XmlElement(required = true) - protected BigInteger yearOfStudy; - protected boolean isEligibleForInternship; - @XmlElement(name = "AQAA") - protected int aqaa; - @XmlAnyElement(lax = true) - protected Object any; - - /** - * Gets the value of the multilingualGeneralDiploma property. - * - * @return possible object is {@link MultilingualGeneralDiplomaType } - * - */ - public MultilingualGeneralDiplomaType getMultilingualGeneralDiploma() { - return multilingualGeneralDiploma; - } - - /** - * Sets the value of the multilingualGeneralDiploma property. - * - * @param value - * allowed object is {@link MultilingualGeneralDiplomaType } - * - */ - public void setMultilingualGeneralDiploma(MultilingualGeneralDiplomaType value) { - this.multilingualGeneralDiploma = value; - } - - /** - * Gets the value of the generalDiploma property. - * - * @return possible object is {@link GeneralDiplomaType } - * - */ - public GeneralDiplomaType getGeneralDiploma() { - return generalDiploma; - } - - /** - * Sets the value of the generalDiploma property. - * - * @param value - * allowed object is {@link GeneralDiplomaType } - * - */ - public void setGeneralDiploma(GeneralDiplomaType value) { - this.generalDiploma = value; - } - - /** - * Gets the value of the yearOfStudy property. - * - * @return possible object is {@link BigInteger } - * - */ - public BigInteger getYearOfStudy() { - return yearOfStudy; - } - - /** - * Sets the value of the yearOfStudy property. - * - * @param value - * allowed object is {@link BigInteger } - * - */ - public void setYearOfStudy(BigInteger value) { - this.yearOfStudy = value; - } - - /** - * Gets the value of the isEligibleForInternship property. - * - */ - public boolean isIsEligibleForInternship() { - return isEligibleForInternship; - } - - /** - * Sets the value of the isEligibleForInternship property. - * - */ - public void setIsEligibleForInternship(boolean value) { - this.isEligibleForInternship = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - - /** - * Gets the value of the any property. - * - * @return possible object is {@link Object } - * - */ - public Object getAny() { - return any; - } - - /** - * Sets the value of the any property. - * - * @param value - * allowed object is {@link Object } - * - */ - public void setAny(Object value) { - this.any = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/DiplomaSupplementType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/DiplomaSupplementType.java deleted file mode 100644 index c02ffc01f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/DiplomaSupplementType.java +++ /dev/null @@ -1,185 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.MultilingualDiplomaSupplementType; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.GeneralDiplomaType; -import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.MultilingualGeneralDiplomaType; - -/** - * <p> - * Java class for diplomaSupplementType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="diplomaSupplementType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <choice> - * <element ref="{urn:crue:academic:xsd:language:diplomasupplement}MultilingualDiplomaSupplement"/> - * <element ref="{urn:crue:academic:xsd:language:diplomasupplement}DiplomaSupplement"/> - * <element ref="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}MultilingualGeneralDiploma"/> - * <element ref="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}GeneralDiploma"/> - * </choice> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * <any minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "diplomaSupplementType", propOrder = { "multilingualDiplomaSupplement", "diplomaSupplement", "multilingualGeneralDiploma", "generalDiploma", "aqaa", "any" }) -public class DiplomaSupplementType { - - @XmlElement(name = "MultilingualDiplomaSupplement", namespace = "urn:crue:academic:xsd:language:diplomasupplement") - protected MultilingualDiplomaSupplementType multilingualDiplomaSupplement; - @XmlElement(name = "DiplomaSupplement", namespace = "urn:crue:academic:xsd:language:diplomasupplement") - protected eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.DiplomaSupplementType diplomaSupplement; - @XmlElement(name = "MultilingualGeneralDiploma", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma") - protected MultilingualGeneralDiplomaType multilingualGeneralDiploma; - @XmlElement(name = "GeneralDiploma", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma") - protected GeneralDiplomaType generalDiploma; - @XmlElement(name = "AQAA") - protected int aqaa; - @XmlAnyElement(lax = true) - protected Object any; - - /** - * Gets the value of the multilingualDiplomaSupplement property. - * - * @return possible object is {@link MultilingualDiplomaSupplementType } - * - */ - public MultilingualDiplomaSupplementType getMultilingualDiplomaSupplement() { - return multilingualDiplomaSupplement; - } - - /** - * Sets the value of the multilingualDiplomaSupplement property. - * - * @param value - * allowed object is {@link MultilingualDiplomaSupplementType } - * - */ - public void setMultilingualDiplomaSupplement(MultilingualDiplomaSupplementType value) { - this.multilingualDiplomaSupplement = value; - } - - /** - * Gets the value of the diplomaSupplement property. - * - * @return possible object is {@link crue.academic.xsd.language.diplomasupplement.DiplomaSupplementType } - * - */ - public eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.DiplomaSupplementType getDiplomaSupplement() { - return diplomaSupplement; - } - - /** - * Sets the value of the diplomaSupplement property. - * - * @param value - * allowed object is {@link crue.academic.xsd.language.diplomasupplement.DiplomaSupplementType } - * - */ - public void setDiplomaSupplement(eu.stork.peps.complex.attributes.crue.academic.xsd.language.diplomasupplement.DiplomaSupplementType value) { - this.diplomaSupplement = value; - } - - /** - * Gets the value of the multilingualGeneralDiploma property. - * - * @return possible object is {@link MultilingualGeneralDiplomaType } - * - */ - public MultilingualGeneralDiplomaType getMultilingualGeneralDiploma() { - return multilingualGeneralDiploma; - } - - /** - * Sets the value of the multilingualGeneralDiploma property. - * - * @param value - * allowed object is {@link MultilingualGeneralDiplomaType } - * - */ - public void setMultilingualGeneralDiploma(MultilingualGeneralDiplomaType value) { - this.multilingualGeneralDiploma = value; - } - - /** - * Gets the value of the generalDiploma property. - * - * @return possible object is {@link GeneralDiplomaType } - * - */ - public GeneralDiplomaType getGeneralDiploma() { - return generalDiploma; - } - - /** - * Sets the value of the generalDiploma property. - * - * @param value - * allowed object is {@link GeneralDiplomaType } - * - */ - public void setGeneralDiploma(GeneralDiplomaType value) { - this.generalDiploma = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - - /** - * Gets the value of the any property. - * - * @return possible object is {@link Object } - * - */ - public Object getAny() { - return any; - } - - /** - * Sets the value of the any property. - * - * @param value - * allowed object is {@link Object } - * - */ - public void setAny(Object value) { - this.any = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/Habilitation.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/Habilitation.java deleted file mode 100644 index dcb37d8f6..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/Habilitation.java +++ /dev/null @@ -1,83 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for habilitation complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="habilitation"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="ability" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "habilitation", propOrder = { "ability", "aqaa" }) -public class Habilitation { - - @XmlElement(required = true) - protected String ability; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the ability property. - * - * @return possible object is {@link String } - * - */ - public String getAbility() { - return ability; - } - - /** - * Sets the value of the ability property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAbility(String value) { - this.ability = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HabilitationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HabilitationType.java deleted file mode 100644 index 736d68b61..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HabilitationType.java +++ /dev/null @@ -1,83 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for habilitationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="habilitationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="ability" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "habilitationType", propOrder = { "ability", "aqaa" }) -public class HabilitationType { - - @XmlElement(required = true) - protected String ability; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the ability property. - * - * @return possible object is {@link String } - * - */ - public String getAbility() { - return ability; - } - - /** - * Sets the value of the ability property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAbility(String value) { - this.ability = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HasAccountInBankType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HasAccountInBankType.java deleted file mode 100644 index 4130094a2..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HasAccountInBankType.java +++ /dev/null @@ -1,83 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for hasAccountInBankType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="hasAccountInBankType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="bankName" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "hasAccountInBankType", propOrder = { "bankName", "aqaa" }) -public class HasAccountInBankType { - - @XmlElement(required = true) - protected String bankName; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the bankName property. - * - * @return possible object is {@link String } - * - */ - public String getBankName() { - return bankName; - } - - /** - * Sets the value of the bankName property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setBankName(String value) { - this.bankName = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HasDegreeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HasDegreeType.java deleted file mode 100644 index c9e387823..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/HasDegreeType.java +++ /dev/null @@ -1,156 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import java.math.BigInteger; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for hasDegreeType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="hasDegreeType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="study" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}studyType"/> - * <element name="level" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}LevelType"/> - * <element name="yearObtained" type="{http://www.w3.org/2001/XMLSchema}integer"/> - * <element name="nameOfInstitution" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "hasDegreeType", propOrder = { "study", "level", "yearObtained", "nameOfInstitution", "aqaa" }) -public class HasDegreeType { - - @XmlElement(required = true) - protected String study; - @XmlElement(required = true) - protected String level; - @XmlElement(required = true) - protected BigInteger yearObtained; - @XmlElement(required = true) - protected String nameOfInstitution; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the study property. - * - * @return possible object is {@link String } - * - */ - public String getStudy() { - return study; - } - - /** - * Sets the value of the study property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStudy(String value) { - this.study = value; - } - - /** - * Gets the value of the level property. - * - * @return possible object is {@link String } - * - */ - public String getLevel() { - return level; - } - - /** - * Sets the value of the level property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setLevel(String value) { - this.level = value; - } - - /** - * Gets the value of the yearObtained property. - * - * @return possible object is {@link BigInteger } - * - */ - public BigInteger getYearObtained() { - return yearObtained; - } - - /** - * Sets the value of the yearObtained property. - * - * @param value - * allowed object is {@link BigInteger } - * - */ - public void setYearObtained(BigInteger value) { - this.yearObtained = value; - } - - /** - * Gets the value of the nameOfInstitution property. - * - * @return possible object is {@link String } - * - */ - public String getNameOfInstitution() { - return nameOfInstitution; - } - - /** - * Sets the value of the nameOfInstitution property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNameOfInstitution(String value) { - this.nameOfInstitution = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsAcademicStaffType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsAcademicStaffType.java deleted file mode 100644 index 6ce45f90d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsAcademicStaffType.java +++ /dev/null @@ -1,130 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for isAcademicStaffType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="isAcademicStaffType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="nameOfInstitution" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="occupation" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}occupationType"/> - * <element name="knowledgeArea" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "isAcademicStaffType", propOrder = { "nameOfInstitution", "occupation", "knowledgeArea", "aqaa" }) -public class IsAcademicStaffType { - - @XmlElement(required = true) - protected String nameOfInstitution; - @XmlElement(required = true) - protected String occupation; - protected String knowledgeArea; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the nameOfInstitution property. - * - * @return possible object is {@link String } - * - */ - public String getNameOfInstitution() { - return nameOfInstitution; - } - - /** - * Sets the value of the nameOfInstitution property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNameOfInstitution(String value) { - this.nameOfInstitution = value; - } - - /** - * Gets the value of the occupation property. - * - * @return possible object is {@link String } - * - */ - public String getOccupation() { - return occupation; - } - - /** - * Sets the value of the occupation property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setOccupation(String value) { - this.occupation = value; - } - - /** - * Gets the value of the knowledgeArea property. - * - * @return possible object is {@link String } - * - */ - public String getKnowledgeArea() { - return knowledgeArea; - } - - /** - * Sets the value of the knowledgeArea property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setKnowledgeArea(String value) { - this.knowledgeArea = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsAdminStaffType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsAdminStaffType.java deleted file mode 100644 index b48f6192f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsAdminStaffType.java +++ /dev/null @@ -1,83 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for isAdminStaffType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="isAdminStaffType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="adminStaff" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "isAdminStaffType", propOrder = { "adminStaff", "aqaa" }) -public class IsAdminStaffType { - - @XmlElement(required = true) - protected String adminStaff; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the adminStaff property. - * - * @return possible object is {@link String } - * - */ - public String getAdminStaff() { - return adminStaff; - } - - /** - * Sets the value of the adminStaff property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAdminStaff(String value) { - this.adminStaff = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsCourseCoordinatorType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsCourseCoordinatorType.java deleted file mode 100644 index 492acfbec..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsCourseCoordinatorType.java +++ /dev/null @@ -1,83 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for isCourseCoordinatorType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="isCourseCoordinatorType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="courseCoodinator" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "isCourseCoordinatorType", propOrder = { "courseCoodinator", "aqaa" }) -public class IsCourseCoordinatorType { - - @XmlElement(required = true) - protected String courseCoodinator; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the courseCoodinator property. - * - * @return possible object is {@link String } - * - */ - public String getCourseCoodinator() { - return courseCoodinator; - } - - /** - * Sets the value of the courseCoodinator property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCourseCoodinator(String value) { - this.courseCoodinator = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsHealthCareProfessionalDeprecatedType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsHealthCareProfessionalDeprecatedType.java deleted file mode 100644 index a448a7bbe..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsHealthCareProfessionalDeprecatedType.java +++ /dev/null @@ -1,131 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.11.27 at 06:17:01 PM CET -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for isHealthCareProfessional_deprecatedType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="isHealthCareProfessional_deprecatedType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="nameOfOrganisation" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element ref="{urn:eu:stork:names:tc:STORK:1.0:assertion}HCPType"/> - * <element ref="{urn:eu:stork:names:tc:STORK:1.0:assertion}specialisation"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "isHealthCareProfessional_deprecatedType", propOrder = { "nameOfOrganisation", "hcpType", "specialisation", "aqaa" }) -public class IsHealthCareProfessionalDeprecatedType { - - @XmlElement(required = true) - protected String nameOfOrganisation; - @XmlElement(name = "HCPType", required = true) - protected String hcpType; - @XmlElement(required = true) - protected String specialisation; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the nameOfOrganisation property. - * - * @return possible object is {@link String } - * - */ - public String getNameOfOrganisation() { - return nameOfOrganisation; - } - - /** - * Sets the value of the nameOfOrganisation property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNameOfOrganisation(String value) { - this.nameOfOrganisation = value; - } - - /** - * Gets the value of the hcpType property. - * - * @return possible object is {@link String } - * - */ - public String getHCPType() { - return hcpType; - } - - /** - * Sets the value of the hcpType property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setHCPType(String value) { - this.hcpType = value; - } - - /** - * Gets the value of the specialisation property. - * - * @return possible object is {@link String } - * - */ - public String getSpecialisation() { - return specialisation; - } - - /** - * Sets the value of the specialisation property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setSpecialisation(String value) { - this.specialisation = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsHealthCareProfessionalType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsHealthCareProfessionalType.java deleted file mode 100644 index 02379d8b0..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsHealthCareProfessionalType.java +++ /dev/null @@ -1,154 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.11.27 at 06:17:01 PM CET -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for isHealthCareProfessionalType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="isHealthCareProfessionalType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="typeOfHCP"> - * <simpleType> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyURI"> - * <enumeration value="dentist"/> - * <enumeration value="nurse"/> - * <enumeration value="pharmacist"/> - * <enumeration value="physician"/> - * <enumeration value="nurse midwife"/> - * <enumeration value="admission clerk"/> - * <enumeration value="ancillary services"/> - * <enumeration value="clinical services"/> - * </restriction> - * </simpleType> - * </element> - * <element name="nameOfOrganisation" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="typeOfOrganisation"> - * <simpleType> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyURI"> - * <enumeration value="Hospital"/> - * <enumeration value="Resident Physician"/> - * <enumeration value="Pharmacy"/> - * <enumeration value="Other"/> - * <enumeration value="Unknown"/> - * </restriction> - * </simpleType> - * </element> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "isHealthCareProfessionalType", propOrder = { "typeOfHCP", "nameOfOrganisation", "typeOfOrganisation", "aqaa" }) -public class IsHealthCareProfessionalType { - - @XmlElement(required = true) - protected String typeOfHCP; - @XmlElement(required = true) - protected String nameOfOrganisation; - @XmlElement(required = true) - protected String typeOfOrganisation; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the typeOfHCP property. - * - * @return possible object is {@link String } - * - */ - public String getTypeOfHCP() { - return typeOfHCP; - } - - /** - * Sets the value of the typeOfHCP property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTypeOfHCP(String value) { - this.typeOfHCP = value; - } - - /** - * Gets the value of the nameOfOrganisation property. - * - * @return possible object is {@link String } - * - */ - public String getNameOfOrganisation() { - return nameOfOrganisation; - } - - /** - * Sets the value of the nameOfOrganisation property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNameOfOrganisation(String value) { - this.nameOfOrganisation = value; - } - - /** - * Gets the value of the typeOfOrganisation property. - * - * @return possible object is {@link String } - * - */ - public String getTypeOfOrganisation() { - return typeOfOrganisation; - } - - /** - * Sets the value of the typeOfOrganisation property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTypeOfOrganisation(String value) { - this.typeOfOrganisation = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsStudentType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsStudentType.java deleted file mode 100644 index 02fed8bc8..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsStudentType.java +++ /dev/null @@ -1,129 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for isStudentType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="isStudentType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{urn:eu:stork:names:tc:STORK:1.0:assertion}study" minOccurs="0"/> - * <element name="nameOfInstitution" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="course" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "isStudentType", propOrder = { "study", "nameOfInstitution", "course", "aqaa" }) -public class IsStudentType { - - protected String study; - @XmlElement(required = true) - protected String nameOfInstitution; - protected String course; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the study property. - * - * @return possible object is {@link String } - * - */ - public String getStudy() { - return study; - } - - /** - * Sets the value of the study property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStudy(String value) { - this.study = value; - } - - /** - * Gets the value of the nameOfInstitution property. - * - * @return possible object is {@link String } - * - */ - public String getNameOfInstitution() { - return nameOfInstitution; - } - - /** - * Sets the value of the nameOfInstitution property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNameOfInstitution(String value) { - this.nameOfInstitution = value; - } - - /** - * Gets the value of the course property. - * - * @return possible object is {@link String } - * - */ - public String getCourse() { - return course; - } - - /** - * Sets the value of the course property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCourse(String value) { - this.course = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsTeacherOfType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsTeacherOfType.java deleted file mode 100644 index 9de9d18c9..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/IsTeacherOfType.java +++ /dev/null @@ -1,131 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for isTeacherOfType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="isTeacherOfType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="nameOfInstitution" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="course" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="role" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}teacherRoleType"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "isTeacherOfType", propOrder = { "nameOfInstitution", "course", "role", "aqaa" }) -public class IsTeacherOfType { - - @XmlElement(required = true) - protected String nameOfInstitution; - @XmlElement(required = true) - protected String course; - @XmlElement(required = true) - protected String role; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the nameOfInstitution property. - * - * @return possible object is {@link String } - * - */ - public String getNameOfInstitution() { - return nameOfInstitution; - } - - /** - * Sets the value of the nameOfInstitution property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNameOfInstitution(String value) { - this.nameOfInstitution = value; - } - - /** - * Gets the value of the course property. - * - * @return possible object is {@link String } - * - */ - public String getCourse() { - return course; - } - - /** - * Sets the value of the course property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCourse(String value) { - this.course = value; - } - - /** - * Gets the value of the role property. - * - * @return possible object is {@link String } - * - */ - public String getRole() { - return role; - } - - /** - * Sets the value of the role property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setRole(String value) { - this.role = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/MandateContentType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/MandateContentType.java deleted file mode 100644 index 824e79c70..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/MandateContentType.java +++ /dev/null @@ -1,276 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.10.29 at 02:15:24 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for mandateContentType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="mandateContentType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="typePower" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="typeOfPower" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="timeRestriction" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}TimeRestrictionType"/> - * <element name="isJoined" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="isJoint" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="isChained" type="{http://www.w3.org/2001/XMLSchema}boolean"/> - * <element name="originalMandateType" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="originalMandate" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * <element name="transactionLimit" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}TransactionLimitRestrictionType"/> - * <element name="AQAA" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}QualityAuthenticationAssuranceLevelType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "mandateContentType", propOrder = { "typePower", "typeOfPower", "timeRestriction", "transactionLimit", "isJoined", "isJoint", "isChained", "originalMandateType", "originalMandate", - "aqaa" }) -public class MandateContentType { - - @XmlElement(required = true) - protected String typePower; - @XmlElement(required = true) - protected String typeOfPower; - @XmlElement(required = true) - protected TimeRestrictionType timeRestriction; - @XmlElement(required = true) - protected String isJoined; - @XmlElement(required = true) - protected String isJoint; - protected boolean isChained; - @XmlElement(required = true) - protected byte[] originalMandate; - @XmlElement(required = true) - protected String originalMandateType; - @XmlElement(required = true) - protected TransactionLimitRestrictionType transactionLimit; - @XmlElement(name = "AQAA") - protected int aqaa; - - /** - * Gets the value of the typePower property. - * - * @return possible object is {@link String } - * - */ - public String getTypePower() { - return typePower; - } - - /** - * Sets the value of the typePower property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTypePower(String value) { - this.typePower = value; - this.typeOfPower = value; - } - - /** - * Gets the value of the typeOfPower property. - * - * @return possible object is {@link String } - * - */ - public String getTypeOfPower() { - return typeOfPower; - } - - /** - * Sets the value of the typeOfPower property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTypeOfPower(String value) { - this.typeOfPower = value; - this.typePower = value; - } - - /** - * Gets the value of the timeRestriction property. - * - * @return possible object is {@link TimeRestrictionType } - * - */ - public TimeRestrictionType getTimeRestriction() { - return timeRestriction; - } - - /** - * Sets the value of the timeRestriction property. - * - * @param value - * allowed object is {@link TimeRestrictionType } - * - */ - public void setTimeRestriction(TimeRestrictionType value) { - this.timeRestriction = value; - } - - /** - * Gets the value of the isJoined property. - * - * @return possible object is {@link String } - * - */ - public String getIsJoined() { - return isJoined; - } - - /** - * Sets the value of the isJoined property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setIsJoined(String value) { - this.isJoined = value; - this.isJoint = value; - } - - /** - * Gets the value of the isJoint property. - * - * @return possible object is {@link String } - * - */ - public String getIsJoint() { - return isJoint; - } - - /** - * Sets the value of the isJoint property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setIsJoint(String value) { - this.isJoint = value; - this.isJoined = value; - } - - /** - * Gets the value of the isChained property. - * - */ - public boolean isIsChained() { - return isChained; - } - - /** - * Sets the value of the isChained property. - * - */ - public void setIsChained(boolean value) { - this.isChained = value; - } - - public void setIschained(boolean value) { - setIsChained(value); - } - - /** - * Gets the value of the originalMandate property. - * - * @return possible object is byte[] - */ - public byte[] getOriginalMandate() { - return originalMandate; - } - - /** - * Sets the value of the originalMandate property. - * - * @param value - * allowed object is byte[] - */ - public void setOriginalMandate(byte[] value) { - this.originalMandate = value; - } - - /** - * Gets the value of the originalMandateType property. - * - * @return possible object is {@link String } - * - */ - public String getOriginalMandateType() { - return originalMandateType; - } - - /** - * Sets the value of the originalMandateType property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setOriginalMandateType(String value) { - this.originalMandateType = value; - } - - /** - * Gets the value of the transactionLimit property. - * - * @return possible object is {@link TransactionLimitRestrictionType } - * - */ - public TransactionLimitRestrictionType getTransactionLimit() { - return transactionLimit; - } - - /** - * Sets the value of the transactionLimit property. - * - * @param value - * allowed object is {@link TransactionLimitRestrictionType } - * - */ - public void setTransactionLimit(TransactionLimitRestrictionType value) { - this.transactionLimit = value; - } - - /** - * Gets the value of the aqaa property. - * - */ - public int getAQAA() { - return aqaa; - } - - /** - * Sets the value of the aqaa property. - * - */ - public void setAQAA(int value) { - this.aqaa = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/MandateType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/MandateType.java deleted file mode 100644 index 94bc2fcff..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/MandateType.java +++ /dev/null @@ -1,146 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.10.09 at 10:11:43 AM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for mandateType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="mandateType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="represented" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}representationPersonType"/> - * <element name="representing" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}representationPersonType"/> - * <element name="representative" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}representationPersonType"/> - * <element name="mandateContent" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}mandateContentType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "mandateType", propOrder = { "represented", "representing", "representative", "mandateContent" }) -public class MandateType { - - @XmlElement(required = true) - protected RepresentationPersonType represented; - @XmlElement(required = true) - protected RepresentationPersonType representing; - @XmlElement(required = true) - protected RepresentationPersonType representative; - @XmlElement(required = true) - protected List<MandateContentType> mandateContent; - - /** - * Gets the value of the represented property. - * - * @return possible object is {@link RepresentationPersonType } - * - */ - public RepresentationPersonType getRepresented() { - return represented; - } - - /** - * Sets the value of the represented property. - * - * @param value - * allowed object is {@link RepresentationPersonType } - * - */ - public void setRepresented(RepresentationPersonType value) { - this.represented = value; - } - - /** - * Gets the value of the representing property. - * - * @return possible object is {@link RepresentationPersonType } - * - */ - public RepresentationPersonType getRepresenting() { - return representing; - } - - /** - * Sets the value of the representing property. - * - * @param value - * allowed object is {@link RepresentationPersonType } - * - */ - public void setRepresenting(RepresentationPersonType value) { - this.representing = value; - this.representative = value; - } - - /** - * Gets the value of the representative property. - * - * @return possible object is {@link RepresentationPersonType } - * - */ - public RepresentationPersonType getRepresentative() { - return representative; - } - - /** - * Sets the value of the representative property. - * - * @param value - * allowed object is {@link RepresentationPersonType } - * - */ - public void setRepresentative(RepresentationPersonType value) { - this.representative = value; - this.representing = value; - } - - /** - * Gets the value of the mandateContent property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the mandateContent property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getMandateContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link MandateContentType } - * - * - */ - public List<MandateContentType> getMandateContent() { - if (mandateContent == null) { - mandateContent = new ArrayList<MandateContentType>(); - } - return this.mandateContent; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/ObjectFactory.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/ObjectFactory.java deleted file mode 100644 index 02db708c6..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/ObjectFactory.java +++ /dev/null @@ -1,488 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.11.27 at 06:25:14 PM CET -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlElementDecl; -import javax.xml.bind.annotation.XmlRegistry; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; -import javax.xml.namespace.QName; - -/** - * This object contains factory methods for each Java content interface and Java element interface generated in the eu.stork.names.tc.stork._1_0.assertion package. - * <p> - * An ObjectFactory allows you to programatically construct new instances of the Java representation for XML content. The Java representation of XML content can consist of schema derived interfaces - * and classes representing the binding of schema type definitions, element declarations and model groups. Factory methods for each of these are provided in this class. - * - */ -@XmlRegistry -public class ObjectFactory { - - private final static QName _Habilitation_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "habilitation"); - private final static QName _SpApplication_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "spApplication"); - private final static QName _Specialisation_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "specialisation"); - private final static QName _AQAA_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "AQAA"); - private final static QName _QualityAuthenticationAssuranceLevel_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "QualityAuthenticationAssuranceLevel"); - private final static QName _IsAcademicStaff_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "isAcademicStaff"); - private final static QName _MandateContent_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "mandateContent"); - private final static QName _CanonicalRegisteredAddress_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "canonicalRegisteredAddress"); - private final static QName _SpCountry_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "spCountry"); - private final static QName _IsAdminStaff_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "isAdminStaff"); - private final static QName _AttributeValue_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "AttributeValue"); - private final static QName _CountryCodeAddress_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "countryCodeAddress"); - private final static QName _HasAccountInBank_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "hasAccountInBank"); - private final static QName _CurrentStudiesSupplement_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "currentStudiesSupplement"); - private final static QName _Mandate_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "mandate"); - private final static QName _RequestedAttribute_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "RequestedAttribute"); - private final static QName _SpSector_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "spSector"); - private final static QName _HasDegree_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "hasDegree"); - private final static QName _DiplomaSupplement_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "diplomaSupplement"); - private final static QName _IsStudent_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "isStudent"); - private final static QName _HCPType_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "HCPType"); - private final static QName _RepresentationPerson_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "representationPerson"); - private final static QName _CanonicalResidenceAddress_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "canonicalResidenceAddress"); - private final static QName _AcTitle_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "acTitle"); - private final static QName _IsTeacherOf_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "isTeacherOf"); - private final static QName _IsCourseCoordinator_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "isCourseCoordinator"); - private final static QName _CitizenCountryCode_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "CitizenCountryCode"); - private final static QName _Study_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "study"); - private final static QName _IsHealthCareProfessional_QNAME = new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "isHealthCareProfessional"); - - /** - * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: eu.stork.names.tc.stork._1_0.assertion - * - */ - public ObjectFactory() { - } - - /** - * Create an instance of {@link CurrentStudiesType } - * - */ - public CurrentStudiesType createCurrentStudiesType() { - return new CurrentStudiesType(); - } - - /** - * Create an instance of {@link RequestedAttributeType } - * - */ - public RequestedAttributeType createRequestedAttributeType() { - return new RequestedAttributeType(); - } - - /** - * Create an instance of {@link MandateType } - * - */ - public MandateType createMandateType() { - return new MandateType(); - } - - /** - * Create an instance of {@link HasAccountInBankType } - * - */ - public HasAccountInBankType createHasAccountInBankType() { - return new HasAccountInBankType(); - } - - /** - * Create an instance of {@link IsHealthCareProfessionalType } - * - */ - public IsHealthCareProfessionalType createIsHealthCareProfessionalType() { - return new IsHealthCareProfessionalType(); - } - - /** - * Create an instance of {@link IsAdminStaffType } - * - */ - public IsAdminStaffType createIsAdminStaffType() { - return new IsAdminStaffType(); - } - - /** - * Create an instance of {@link CanonicalAddressType } - * - */ - public CanonicalAddressType createCanonicalAddressType() { - return new CanonicalAddressType(); - } - - /** - * Create an instance of {@link MandateContentType } - * - */ - public MandateContentType createMandateContentType() { - return new MandateContentType(); - } - - /** - * Create an instance of {@link IsCourseCoordinatorType } - * - */ - public IsCourseCoordinatorType createIsCourseCoordinatorType() { - return new IsCourseCoordinatorType(); - } - - /** - * Create an instance of {@link IsAcademicStaffType } - * - */ - public IsAcademicStaffType createIsAcademicStaffType() { - return new IsAcademicStaffType(); - } - - /** - * Create an instance of {@link IsTeacherOfType } - * - */ - public IsTeacherOfType createIsTeacherOfType() { - return new IsTeacherOfType(); - } - - /** - * Create an instance of {@link AcTitleType } - * - */ - public AcTitleType createAcTitleType() { - return new AcTitleType(); - } - - /** - * Create an instance of {@link RepresentationPersonType } - * - */ - public RepresentationPersonType createRepresentationPersonType() { - return new RepresentationPersonType(); - } - - /** - * Create an instance of {@link IsStudentType } - * - */ - public IsStudentType createIsStudentType() { - return new IsStudentType(); - } - - /** - * Create an instance of {@link HasDegreeType } - * - */ - public HasDegreeType createHasDegreeType() { - return new HasDegreeType(); - } - - /** - * Create an instance of {@link DiplomaSupplementType } - * - */ - public DiplomaSupplementType createDiplomaSupplementType() { - return new DiplomaSupplementType(); - } - - /** - * Create an instance of {@link HabilitationType } - * - */ - public HabilitationType createHabilitationType() { - return new HabilitationType(); - } - - /** - * Create an instance of {@link TimeRestrictionType } - * - */ - public TimeRestrictionType createTimeRestrictionType() { - return new TimeRestrictionType(); - } - - /** - * Create an instance of {@link Habilitation } - * - */ - public Habilitation createHabilitation() { - return new Habilitation(); - } - - /** - * Create an instance of {@link TransactionLimitRestrictionType } - * - */ - public TransactionLimitRestrictionType createTransactionLimitRestrictionType() { - return new TransactionLimitRestrictionType(); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link HabilitationType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "habilitation") - public JAXBElement<HabilitationType> createHabilitation(HabilitationType value) { - return new JAXBElement<HabilitationType>(_Habilitation_QNAME, HabilitationType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "spApplication") - public JAXBElement<String> createSpApplication(String value) { - return new JAXBElement<String>(_SpApplication_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "specialisation") - public JAXBElement<String> createSpecialisation(String value) { - return new JAXBElement<String>(_Specialisation_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link Integer }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "AQAA") - public JAXBElement<Integer> createAQAA(Integer value) { - return new JAXBElement<Integer>(_AQAA_QNAME, Integer.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link Integer }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "QualityAuthenticationAssuranceLevel") - public JAXBElement<Integer> createQualityAuthenticationAssuranceLevel(Integer value) { - return new JAXBElement<Integer>(_QualityAuthenticationAssuranceLevel_QNAME, Integer.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link IsAcademicStaffType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "isAcademicStaff") - public JAXBElement<IsAcademicStaffType> createIsAcademicStaff(IsAcademicStaffType value) { - return new JAXBElement<IsAcademicStaffType>(_IsAcademicStaff_QNAME, IsAcademicStaffType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link MandateContentType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "mandateContent") - public JAXBElement<MandateContentType> createMandateContent(MandateContentType value) { - return new JAXBElement<MandateContentType>(_MandateContent_QNAME, MandateContentType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link CanonicalAddressType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "canonicalRegisteredAddress") - public JAXBElement<CanonicalAddressType> createCanonicalRegisteredAddress(CanonicalAddressType value) { - return new JAXBElement<CanonicalAddressType>(_CanonicalRegisteredAddress_QNAME, CanonicalAddressType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "spCountry") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - public JAXBElement<String> createSpCountry(String value) { - return new JAXBElement<String>(_SpCountry_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link IsAdminStaffType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "isAdminStaff") - public JAXBElement<IsAdminStaffType> createIsAdminStaff(IsAdminStaffType value) { - return new JAXBElement<IsAdminStaffType>(_IsAdminStaff_QNAME, IsAdminStaffType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link Object }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "AttributeValue") - public JAXBElement<Object> createAttributeValue(Object value) { - return new JAXBElement<Object>(_AttributeValue_QNAME, Object.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "countryCodeAddress") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - public JAXBElement<String> createCountryCodeAddress(String value) { - return new JAXBElement<String>(_CountryCodeAddress_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link HasAccountInBankType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "hasAccountInBank") - public JAXBElement<HasAccountInBankType> createHasAccountInBank(HasAccountInBankType value) { - return new JAXBElement<HasAccountInBankType>(_HasAccountInBank_QNAME, HasAccountInBankType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link CurrentStudiesType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "currentStudiesSupplement") - public JAXBElement<CurrentStudiesType> createCurrentStudiesSupplement(CurrentStudiesType value) { - return new JAXBElement<CurrentStudiesType>(_CurrentStudiesSupplement_QNAME, CurrentStudiesType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link RequestedAttributeType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "RequestedAttribute") - public JAXBElement<RequestedAttributeType> createRequestedAttribute(RequestedAttributeType value) { - return new JAXBElement<RequestedAttributeType>(_RequestedAttribute_QNAME, RequestedAttributeType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link MandateType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "mandate") - public JAXBElement<MandateType> createMandate(MandateType value) { - return new JAXBElement<MandateType>(_Mandate_QNAME, MandateType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "spSector") - public JAXBElement<String> createSpSector(String value) { - return new JAXBElement<String>(_SpSector_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link HasDegreeType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "hasDegree") - public JAXBElement<HasDegreeType> createHasDegree(HasDegreeType value) { - return new JAXBElement<HasDegreeType>(_HasDegree_QNAME, HasDegreeType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link DiplomaSupplementType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "diplomaSupplement") - public JAXBElement<DiplomaSupplementType> createDiplomaSupplement(DiplomaSupplementType value) { - return new JAXBElement<DiplomaSupplementType>(_DiplomaSupplement_QNAME, DiplomaSupplementType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link IsStudentType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "isStudent") - public JAXBElement<IsStudentType> createIsStudent(IsStudentType value) { - return new JAXBElement<IsStudentType>(_IsStudent_QNAME, IsStudentType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "HCPType") - public JAXBElement<String> createHCPType(String value) { - return new JAXBElement<String>(_HCPType_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link RepresentationPersonType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "representationPerson") - public JAXBElement<RepresentationPersonType> createRepresentationPerson(RepresentationPersonType value) { - return new JAXBElement<RepresentationPersonType>(_RepresentationPerson_QNAME, RepresentationPersonType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link CanonicalAddressType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "canonicalResidenceAddress") - public JAXBElement<CanonicalAddressType> createCanonicalResidenceAddress(CanonicalAddressType value) { - return new JAXBElement<CanonicalAddressType>(_CanonicalResidenceAddress_QNAME, CanonicalAddressType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link AcTitleType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "acTitle") - public JAXBElement<AcTitleType> createAcTitle(AcTitleType value) { - return new JAXBElement<AcTitleType>(_AcTitle_QNAME, AcTitleType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link IsTeacherOfType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "isTeacherOf") - public JAXBElement<IsTeacherOfType> createIsTeacherOf(IsTeacherOfType value) { - return new JAXBElement<IsTeacherOfType>(_IsTeacherOf_QNAME, IsTeacherOfType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link IsCourseCoordinatorType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "isCourseCoordinator") - public JAXBElement<IsCourseCoordinatorType> createIsCourseCoordinator(IsCourseCoordinatorType value) { - return new JAXBElement<IsCourseCoordinatorType>(_IsCourseCoordinator_QNAME, IsCourseCoordinatorType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "CitizenCountryCode") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - public JAXBElement<String> createCitizenCountryCode(String value) { - return new JAXBElement<String>(_CitizenCountryCode_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "study") - public JAXBElement<String> createStudy(String value) { - return new JAXBElement<String>(_Study_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link IsHealthCareProfessionalType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", name = "isHealthCareProfessional") - public JAXBElement<IsHealthCareProfessionalType> createIsHealthCareProfessional(IsHealthCareProfessionalType value) { - return new JAXBElement<IsHealthCareProfessionalType>(_IsHealthCareProfessional_QNAME, IsHealthCareProfessionalType.class, null, value); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/OriginalMandateType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/OriginalMandateType.java deleted file mode 100644 index ddcb6bb19..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/OriginalMandateType.java +++ /dev/null @@ -1,84 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.10.09 at 10:11:43 AM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * <p> - * Java class for originalMandateType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="originalMandateType"> - * <simpleContent> - * <extension base="<http://www.w3.org/2001/XMLSchema>base64Binary"> - * <attribute name="mimeType" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "originalMandateType", propOrder = { "value" }) -public class OriginalMandateType { - - @XmlValue - protected byte[] value; - @XmlAttribute(name = "mimeType") - protected String mimeType; - - /** - * Gets the value of the value property. - * - * @return possible object is byte[] - */ - public byte[] getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is byte[] - */ - public void setValue(byte[] value) { - this.value = value; - } - - /** - * Gets the value of the mimeType property. - * - * @return possible object is {@link String } - * - */ - public String getMimeType() { - return mimeType; - } - - /** - * Sets the value of the mimeType property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setMimeType(String value) { - this.mimeType = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/RepresentationPersonType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/RepresentationPersonType.java deleted file mode 100644 index 23046f431..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/RepresentationPersonType.java +++ /dev/null @@ -1,253 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.10.29 at 02:15:24 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for representationPersonType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="representationPersonType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice> - * <sequence> - * <element name="eIdentifier" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="givenName" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="surname" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="dateOfBirth" type="{http://www.w3.org/2001/XMLSchema}string"/> - * </sequence> - * <sequence> - * <element name="eLPIdentifier" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="legalName" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="textRegisteredAddress" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="canonicalRegisteredAddress" type="{urn:eu:stork:names:tc:STORK:1.0:assertion}canonicalAddressType"/> - * <element name="legalForm" type="{http://www.w3.org/2001/XMLSchema}string"/> - * </sequence> - * </choice> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "representationPersonType", propOrder = { "eIdentifier", "givenName", "surname", "dateOfBirth", "elpIdentifier", "legalName", "textRegisteredAddress", "canonicalRegisteredAddress", - "legalForm" }) -public class RepresentationPersonType { - - protected String eIdentifier; - protected String givenName; - protected String surname; - protected String dateOfBirth; - @XmlElement(name = "eLPIdentifier") - protected String elpIdentifier; - protected String legalName; - protected String textRegisteredAddress; - protected CanonicalAddressType canonicalRegisteredAddress; - protected String legalForm; - - /** - * Gets the value of the eIdentifier property. - * - * @return possible object is {@link String } - * - */ - public String getEIdentifier() { - return eIdentifier; - } - - /** - * Sets the value of the eIdentifier property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setEIdentifier(String value) { - this.eIdentifier = value; - } - - /** - * Gets the value of the givenName property. - * - * @return possible object is {@link String } - * - */ - public String getGivenName() { - return givenName; - } - - /** - * Sets the value of the givenName property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setGivenName(String value) { - this.givenName = value; - } - - /** - * Gets the value of the surname property. - * - * @return possible object is {@link String } - * - */ - public String getSurname() { - return surname; - } - - /** - * Sets the value of the surname property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setSurname(String value) { - this.surname = value; - } - - /** - * Gets the value of the dateOfBirth property. - * - * @return possible object is {@link String } - * - */ - public String getDateOfBirth() { - return dateOfBirth; - } - - /** - * Sets the value of the dateOfBirth property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDateOfBirth(String value) { - this.dateOfBirth = value; - } - - /** - * Gets the value of the elpIdentifier property. - * - * @return possible object is {@link String } - * - */ - public String getELPIdentifier() { - return elpIdentifier; - } - - /** - * Sets the value of the elpIdentifier property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setELPIdentifier(String value) { - this.elpIdentifier = value; - } - - /** - * Gets the value of the legalName property. - * - * @return possible object is {@link String } - * - */ - public String getLegalName() { - return legalName; - } - - /** - * Sets the value of the legalName property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setLegalName(String value) { - this.legalName = value; - } - - /** - * Gets the value of the textRegisteredAddress property. - * - * @return possible object is {@link String } - * - */ - public String getTextRegisteredAddress() { - return textRegisteredAddress; - } - - /** - * Sets the value of the textRegisteredAddress property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTextRegisteredAddress(String value) { - this.textRegisteredAddress = value; - } - - /** - * Gets the value of the canonicalRegisteredAddress property. - * - * @return possible object is {@link CanonicalAddressType } - * - */ - public CanonicalAddressType getCanonicalRegisteredAddress() { - return canonicalRegisteredAddress; - } - - /** - * Sets the value of the canonicalRegisteredAddress property. - * - * @param value - * allowed object is {@link CanonicalAddressType } - * - */ - public void setCanonicalRegisteredAddress(CanonicalAddressType value) { - this.canonicalRegisteredAddress = value; - } - - /** - * Gets the value of the legalForm property. - * - * @return possible object is {@link String } - * - */ - public String getLegalForm() { - return legalForm; - } - - /** - * Sets the value of the legalForm property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setLegalForm(String value) { - this.legalForm = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/RequestedAttributeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/RequestedAttributeType.java deleted file mode 100644 index 88146c90d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/RequestedAttributeType.java +++ /dev/null @@ -1,193 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyAttribute; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.namespace.QName; - -/** - * <p> - * Java class for RequestedAttributeType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="RequestedAttributeType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{urn:eu:stork:names:tc:STORK:1.0:assertion}AttributeValue" maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * <attribute name="Name" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * <attribute name="NameFormat" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * <attribute name="FriendlyName" type="{http://www.w3.org/2001/XMLSchema}string" /> - * <attribute name="isRequired" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * <anyAttribute processContents='lax' namespace='##other'/> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "RequestedAttributeType", propOrder = { "attributeValue" }) -public class RequestedAttributeType { - - @XmlElement(name = "AttributeValue") - protected List<Object> attributeValue; - @XmlAttribute(name = "Name", required = true) - protected String name; - @XmlAttribute(name = "NameFormat", required = true) - @XmlSchemaType(name = "anyURI") - protected String nameFormat; - @XmlAttribute(name = "FriendlyName") - protected String friendlyName; - @XmlAttribute(name = "isRequired") - protected Boolean isRequired; - @XmlAnyAttribute - private Map<QName, String> otherAttributes = new HashMap<QName, String>(); - - /** - * Gets the value of the attributeValue property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the attributeValue property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getAttributeValue().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } - * - * - */ - public List<Object> getAttributeValue() { - if (attributeValue == null) { - attributeValue = new ArrayList<Object>(); - } - return this.attributeValue; - } - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the nameFormat property. - * - * @return possible object is {@link String } - * - */ - public String getNameFormat() { - return nameFormat; - } - - /** - * Sets the value of the nameFormat property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNameFormat(String value) { - this.nameFormat = value; - } - - /** - * Gets the value of the friendlyName property. - * - * @return possible object is {@link String } - * - */ - public String getFriendlyName() { - return friendlyName; - } - - /** - * Sets the value of the friendlyName property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setFriendlyName(String value) { - this.friendlyName = value; - } - - /** - * Gets the value of the isRequired property. - * - * @return possible object is {@link Boolean } - * - */ - public Boolean isIsRequired() { - return isRequired; - } - - /** - * Sets the value of the isRequired property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setIsRequired(Boolean value) { - this.isRequired = value; - } - - /** - * Gets a map that contains attributes that aren't bound to any typed property on this class. - * - * <p> - * the map is keyed by the name of the attribute and the value is the string value of the attribute. - * - * the map returned by this method is live, and you can add new attribute by updating the map directly. Because of this design, there's no setter. - * - * - * @return always non-null - */ - public Map<QName, String> getOtherAttributes() { - return otherAttributes; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/TimeRestrictionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/TimeRestrictionType.java deleted file mode 100644 index 2ae80c697..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/TimeRestrictionType.java +++ /dev/null @@ -1,92 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.05.12 at 10:04:52 AM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * <p> - * Java class for TimeRestrictionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="TimeRestrictionType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="validFrom" type="{http://www.w3.org/2001/XMLSchema}date"/> - * <element name="validTo" type="{http://www.w3.org/2001/XMLSchema}date"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "TimeRestrictionType", propOrder = { "validFrom", "validTo" }) -public class TimeRestrictionType { - - @XmlElement(required = true) - @XmlSchemaType(name = "date") - protected XMLGregorianCalendar validFrom; - @XmlElement(required = true) - @XmlSchemaType(name = "date") - protected XMLGregorianCalendar validTo; - - /** - * Gets the value of the validFrom property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getValidFrom() { - return validFrom; - } - - /** - * Sets the value of the validFrom property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setValidFrom(XMLGregorianCalendar value) { - this.validFrom = value; - } - - /** - * Gets the value of the validTo property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getValidTo() { - return validTo; - } - - /** - * Sets the value of the validTo property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setValidTo(XMLGregorianCalendar value) { - this.validTo = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/TransactionLimitRestrictionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/TransactionLimitRestrictionType.java deleted file mode 100644 index 39a20c7c2..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/TransactionLimitRestrictionType.java +++ /dev/null @@ -1,89 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.05.12 at 10:04:52 AM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for TransactionLimitRestrictionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="TransactionLimitRestrictionType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="amount" type="{http://www.w3.org/2001/XMLSchema}decimal"/> - * <element name="currency" type="{http://www.w3.org/2001/XMLSchema}string"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "TransactionLimitRestrictionType", propOrder = { "amount", "currency" }) -public class TransactionLimitRestrictionType { - - @XmlElement(required = true) - protected BigDecimal amount; - @XmlElement(required = true) - protected String currency; - - /** - * Gets the value of the amount property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getAmount() { - return amount; - } - - /** - * Sets the value of the amount property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setAmount(BigDecimal value) { - this.amount = value; - } - - /** - * Gets the value of the currency property. - * - * @return possible object is {@link String } - * - */ - public String getCurrency() { - return currency; - } - - /** - * Sets the value of the currency property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCurrency(String value) { - this.currency = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/package-info.java deleted file mode 100644 index 075851135..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_1_0/assertion/package-info.java +++ /dev/null @@ -1,10 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -@javax.xml.bind.annotation.XmlSchema(namespace = "urn:eu:stork:names:tc:STORK:1.0:assertion", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED) -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion; - diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AdditionalInformationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AdditionalInformationType.java deleted file mode 100644 index c636217ca..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AdditionalInformationType.java +++ /dev/null @@ -1,88 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for AdditionalInformationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AdditionalInformationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="SpecificInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="OtherSources" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AdditionalInformationType", propOrder = { "specificInformation", "otherSources" }) -public class AdditionalInformationType { - - @XmlElement(name = "SpecificInformation") - protected RichTextTagType specificInformation; - @XmlElement(name = "OtherSources") - protected RichTextTagType otherSources; - - /** - * Gets the value of the specificInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getSpecificInformation() { - return specificInformation; - } - - /** - * Sets the value of the specificInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setSpecificInformation(RichTextTagType value) { - this.specificInformation = value; - } - - /** - * Gets the value of the otherSources property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getOtherSources() { - return otherSources; - } - - /** - * Sets the value of the otherSources property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setOtherSources(RichTextTagType value) { - this.otherSources = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AddressType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AddressType.java deleted file mode 100644 index 67ef6d2dc..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AddressType.java +++ /dev/null @@ -1,168 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for AddressType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AddressType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Line" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" maxOccurs="unbounded"/> - * <element name="City" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="StateOrRegion" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="PostalCode" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="Country" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CountryTextCodeType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AddressType", propOrder = { "line", "city", "stateOrRegion", "postalCode", "country" }) -public class AddressType { - - @XmlElement(name = "Line", required = true) - protected List<String> line; - @XmlElement(name = "City") - protected String city; - @XmlElement(name = "StateOrRegion") - protected String stateOrRegion; - @XmlElement(name = "PostalCode") - protected String postalCode; - @XmlElement(name = "Country") - protected CountryTextCodeType country; - - /** - * Gets the value of the line property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the line property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getLine().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getLine() { - if (line == null) { - line = new ArrayList<String>(); - } - return this.line; - } - - /** - * Gets the value of the city property. - * - * @return possible object is {@link String } - * - */ - public String getCity() { - return city; - } - - /** - * Sets the value of the city property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCity(String value) { - this.city = value; - } - - /** - * Gets the value of the stateOrRegion property. - * - * @return possible object is {@link String } - * - */ - public String getStateOrRegion() { - return stateOrRegion; - } - - /** - * Sets the value of the stateOrRegion property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStateOrRegion(String value) { - this.stateOrRegion = value; - } - - /** - * Gets the value of the postalCode property. - * - * @return possible object is {@link String } - * - */ - public String getPostalCode() { - return postalCode; - } - - /** - * Sets the value of the postalCode property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setPostalCode(String value) { - this.postalCode = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link CountryTextCodeType } - * - */ - public CountryTextCodeType getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link CountryTextCodeType } - * - */ - public void setCountry(CountryTextCodeType value) { - this.country = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedFileDataType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedFileDataType.java deleted file mode 100644 index f0114d912..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedFileDataType.java +++ /dev/null @@ -1,110 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for AttachedFileDataType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedFileDataType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="Mime" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}MimeType"/> - * <element name="Data" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedFileDataType", propOrder = { "description", "mime", "data" }) -public class AttachedFileDataType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlElement(name = "Mime", required = true) - protected MimeType mime; - @XmlElement(name = "Data", required = true) - protected byte[] data; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the mime property. - * - * @return possible object is {@link MimeType } - * - */ - public MimeType getMime() { - return mime; - } - - /** - * Sets the value of the mime property. - * - * @param value - * allowed object is {@link MimeType } - * - */ - public void setMime(MimeType value) { - this.mime = value; - } - - /** - * Gets the value of the data property. - * - * @return possible object is byte[] - */ - public byte[] getData() { - return data; - } - - /** - * Sets the value of the data property. - * - * @param value - * allowed object is byte[] - */ - public void setData(byte[] value) { - this.data = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedFileURLType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedFileURLType.java deleted file mode 100644 index 4e9bf3c4b..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedFileURLType.java +++ /dev/null @@ -1,112 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for AttachedFileURLType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedFileURLType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="Mime" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}MimeType"/> - * <element name="URL" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}URLType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedFileURLType", propOrder = { "description", "mime", "url" }) -public class AttachedFileURLType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlElement(name = "Mime", required = true) - protected MimeType mime; - @XmlElement(name = "URL", required = true) - protected String url; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the mime property. - * - * @return possible object is {@link MimeType } - * - */ - public MimeType getMime() { - return mime; - } - - /** - * Sets the value of the mime property. - * - * @param value - * allowed object is {@link MimeType } - * - */ - public void setMime(MimeType value) { - this.mime = value; - } - - /** - * Gets the value of the url property. - * - * @return possible object is {@link String } - * - */ - public String getURL() { - return url; - } - - /** - * Sets the value of the url property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setURL(String value) { - this.url = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedImageDataType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedImageDataType.java deleted file mode 100644 index 61be0a30a..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedImageDataType.java +++ /dev/null @@ -1,110 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for AttachedImageDataType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedImageDataType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="Mime" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ImageMimeType"/> - * <element name="Data" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedImageDataType", propOrder = { "description", "mime", "data" }) -public class AttachedImageDataType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlElement(name = "Mime", required = true) - protected ImageMimeType mime; - @XmlElement(name = "Data", required = true) - protected byte[] data; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the mime property. - * - * @return possible object is {@link ImageMimeType } - * - */ - public ImageMimeType getMime() { - return mime; - } - - /** - * Sets the value of the mime property. - * - * @param value - * allowed object is {@link ImageMimeType } - * - */ - public void setMime(ImageMimeType value) { - this.mime = value; - } - - /** - * Gets the value of the data property. - * - * @return possible object is byte[] - */ - public byte[] getData() { - return data; - } - - /** - * Sets the value of the data property. - * - * @param value - * allowed object is byte[] - */ - public void setData(byte[] value) { - this.data = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedImageURLType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedImageURLType.java deleted file mode 100644 index e6c11edda..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedImageURLType.java +++ /dev/null @@ -1,112 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for AttachedImageURLType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedImageURLType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="Mime" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ImageMimeType"/> - * <element name="URL" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}URLType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedImageURLType", propOrder = { "description", "mime", "url" }) -public class AttachedImageURLType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlElement(name = "Mime", required = true) - protected ImageMimeType mime; - @XmlElement(name = "URL", required = true) - protected String url; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the mime property. - * - * @return possible object is {@link ImageMimeType } - * - */ - public ImageMimeType getMime() { - return mime; - } - - /** - * Sets the value of the mime property. - * - * @param value - * allowed object is {@link ImageMimeType } - * - */ - public void setMime(ImageMimeType value) { - this.mime = value; - } - - /** - * Gets the value of the url property. - * - * @return possible object is {@link String } - * - */ - public String getURL() { - return url; - } - - /** - * Sets the value of the url property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setURL(String value) { - this.url = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedType.java deleted file mode 100644 index a4e64d560..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachedType.java +++ /dev/null @@ -1,168 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * <p> - * Java class for AttachedType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachedType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice> - * <element name="FileData" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AttachedFileDataType"/> - * <element name="FileURI" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AttachedFileURLType"/> - * <element name="ImageData" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AttachedImageDataType"/> - * <element name="ImageURI" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AttachedImageURLType"/> - * </choice> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachedType", propOrder = { "fileData", "fileURI", "imageData", "imageURI" }) -public class AttachedType { - - @XmlElement(name = "FileData") - protected AttachedFileDataType fileData; - @XmlElement(name = "FileURI") - protected AttachedFileURLType fileURI; - @XmlElement(name = "ImageData") - protected AttachedImageDataType imageData; - @XmlElement(name = "ImageURI") - protected AttachedImageURLType imageURI; - @XmlAttribute(name = "attachedID", required = true) - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String attachedID; - - /** - * Gets the value of the fileData property. - * - * @return possible object is {@link AttachedFileDataType } - * - */ - public AttachedFileDataType getFileData() { - return fileData; - } - - /** - * Sets the value of the fileData property. - * - * @param value - * allowed object is {@link AttachedFileDataType } - * - */ - public void setFileData(AttachedFileDataType value) { - this.fileData = value; - } - - /** - * Gets the value of the fileURI property. - * - * @return possible object is {@link AttachedFileURLType } - * - */ - public AttachedFileURLType getFileURI() { - return fileURI; - } - - /** - * Sets the value of the fileURI property. - * - * @param value - * allowed object is {@link AttachedFileURLType } - * - */ - public void setFileURI(AttachedFileURLType value) { - this.fileURI = value; - } - - /** - * Gets the value of the imageData property. - * - * @return possible object is {@link AttachedImageDataType } - * - */ - public AttachedImageDataType getImageData() { - return imageData; - } - - /** - * Sets the value of the imageData property. - * - * @param value - * allowed object is {@link AttachedImageDataType } - * - */ - public void setImageData(AttachedImageDataType value) { - this.imageData = value; - } - - /** - * Gets the value of the imageURI property. - * - * @return possible object is {@link AttachedImageURLType } - * - */ - public AttachedImageURLType getImageURI() { - return imageURI; - } - - /** - * Sets the value of the imageURI property. - * - * @param value - * allowed object is {@link AttachedImageURLType } - * - */ - public void setImageURI(AttachedImageURLType value) { - this.imageURI = value; - } - - /** - * Gets the value of the attachedID property. - * - * @return possible object is {@link String } - * - */ - public String getAttachedID() { - return attachedID; - } - - /** - * Sets the value of the attachedID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAttachedID(String value) { - this.attachedID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachmentsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachmentsType.java deleted file mode 100644 index abb61728a..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/AttachmentsType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for AttachmentsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="AttachmentsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Attached" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AttachedType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "AttachmentsType", propOrder = { "attached" }) -public class AttachmentsType { - - @XmlElement(name = "Attached", required = true) - protected List<AttachedType> attached; - - /** - * Gets the value of the attached property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the attached property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getAttached().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link AttachedType } - * - * - */ - public List<AttachedType> getAttached() { - if (attached == null) { - attached = new ArrayList<AttachedType>(); - } - return this.attached; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CertificationOfTheSupplementType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CertificationOfTheSupplementType.java deleted file mode 100644 index 0ca2d1a02..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CertificationOfTheSupplementType.java +++ /dev/null @@ -1,113 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * <p> - * Java class for CertificationOfTheSupplementType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CertificationOfTheSupplementType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CertificationDate" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}DateType" minOccurs="0"/> - * <element name="OfficialsCertifying" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}OfficialsCertifyingType" minOccurs="0"/> - * <element name="OfficialStamp" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}OfficialStampType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CertificationOfTheSupplementType", propOrder = { "certificationDate", "officialsCertifying", "officialStamp" }) -public class CertificationOfTheSupplementType { - - @XmlElement(name = "CertificationDate") - protected XMLGregorianCalendar certificationDate; - @XmlElement(name = "OfficialsCertifying") - protected OfficialsCertifyingType officialsCertifying; - @XmlElement(name = "OfficialStamp") - protected OfficialStampType officialStamp; - - /** - * Gets the value of the certificationDate property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getCertificationDate() { - return certificationDate; - } - - /** - * Sets the value of the certificationDate property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setCertificationDate(XMLGregorianCalendar value) { - this.certificationDate = value; - } - - /** - * Gets the value of the officialsCertifying property. - * - * @return possible object is {@link OfficialsCertifyingType } - * - */ - public OfficialsCertifyingType getOfficialsCertifying() { - return officialsCertifying; - } - - /** - * Sets the value of the officialsCertifying property. - * - * @param value - * allowed object is {@link OfficialsCertifyingType } - * - */ - public void setOfficialsCertifying(OfficialsCertifyingType value) { - this.officialsCertifying = value; - } - - /** - * Gets the value of the officialStamp property. - * - * @return possible object is {@link OfficialStampType } - * - */ - public OfficialStampType getOfficialStamp() { - return officialStamp; - } - - /** - * Sets the value of the officialStamp property. - * - * @param value - * allowed object is {@link OfficialStampType } - * - */ - public void setOfficialStamp(OfficialStampType value) { - this.officialStamp = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ContactInformationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ContactInformationType.java deleted file mode 100644 index 155849e3f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ContactInformationType.java +++ /dev/null @@ -1,156 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ContactInformationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ContactInformationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Address" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AddressType" minOccurs="0"/> - * <element name="PhoneNumber" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" maxOccurs="unbounded" minOccurs="0"/> - * <element name="Email" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}EmailAddressType" maxOccurs="unbounded" minOccurs="0"/> - * <element name="WebSite" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}URLType" maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ContactInformationType", propOrder = { "address", "phoneNumber", "email", "webSite" }) -public class ContactInformationType { - - @XmlElement(name = "Address") - protected AddressType address; - @XmlElement(name = "PhoneNumber") - protected List<String> phoneNumber; - @XmlElement(name = "Email") - protected List<String> email; - @XmlElement(name = "WebSite") - protected List<String> webSite; - - /** - * Gets the value of the address property. - * - * @return possible object is {@link AddressType } - * - */ - public AddressType getAddress() { - return address; - } - - /** - * Sets the value of the address property. - * - * @param value - * allowed object is {@link AddressType } - * - */ - public void setAddress(AddressType value) { - this.address = value; - } - - /** - * Gets the value of the phoneNumber property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the phoneNumber property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getPhoneNumber().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getPhoneNumber() { - if (phoneNumber == null) { - phoneNumber = new ArrayList<String>(); - } - return this.phoneNumber; - } - - /** - * Gets the value of the email property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the email property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getEmail().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getEmail() { - if (email == null) { - email = new ArrayList<String>(); - } - return this.email; - } - - /** - * Gets the value of the webSite property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the webSite property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getWebSite().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getWebSite() { - if (webSite == null) { - webSite = new ArrayList<String>(); - } - return this.webSite; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CountryTextCodeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CountryTextCodeType.java deleted file mode 100644 index 25aa0d5d2..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CountryTextCodeType.java +++ /dev/null @@ -1,86 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * <p> - * Java class for CountryTextCodeType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CountryTextCodeType"> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="country" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CountryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CountryTextCodeType", propOrder = { "value" }) -public class CountryTextCodeType { - - @XmlValue - protected String value; - @XmlAttribute(name = "country") - protected CountryType country; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link CountryType } - * - */ - public CountryType getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link CountryType } - * - */ - public void setCountry(CountryType value) { - this.country = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CountryType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CountryType.java deleted file mode 100644 index 141788f5b..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CountryType.java +++ /dev/null @@ -1,240 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CountryType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="CountryType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="AD"/> - * <enumeration value="AE"/> - * <enumeration value="AF"/> - * <enumeration value="AG"/> - * <enumeration value="AL"/> - * <enumeration value="AM"/> - * <enumeration value="AO"/> - * <enumeration value="AR"/> - * <enumeration value="AT"/> - * <enumeration value="AU"/> - * <enumeration value="AZ"/> - * <enumeration value="BA"/> - * <enumeration value="BB"/> - * <enumeration value="BD"/> - * <enumeration value="BE"/> - * <enumeration value="BF"/> - * <enumeration value="BG"/> - * <enumeration value="BH"/> - * <enumeration value="BI"/> - * <enumeration value="BJ"/> - * <enumeration value="BN"/> - * <enumeration value="BO"/> - * <enumeration value="BR"/> - * <enumeration value="BS"/> - * <enumeration value="BT"/> - * <enumeration value="BW"/> - * <enumeration value="BY"/> - * <enumeration value="BZ"/> - * <enumeration value="CA"/> - * <enumeration value="CD"/> - * <enumeration value="CF"/> - * <enumeration value="CG"/> - * <enumeration value="CH"/> - * <enumeration value="CI"/> - * <enumeration value="CL"/> - * <enumeration value="CM"/> - * <enumeration value="CN"/> - * <enumeration value="CO"/> - * <enumeration value="CR"/> - * <enumeration value="CU"/> - * <enumeration value="CV"/> - * <enumeration value="CY"/> - * <enumeration value="CZ"/> - * <enumeration value="DE"/> - * <enumeration value="DJ"/> - * <enumeration value="DK"/> - * <enumeration value="DM"/> - * <enumeration value="DO"/> - * <enumeration value="DZ"/> - * <enumeration value="EC"/> - * <enumeration value="EE"/> - * <enumeration value="EG"/> - * <enumeration value="ER"/> - * <enumeration value="ES"/> - * <enumeration value="ET"/> - * <enumeration value="FI"/> - * <enumeration value="FJ"/> - * <enumeration value="FM"/> - * <enumeration value="FR"/> - * <enumeration value="GA"/> - * <enumeration value="GB"/> - * <enumeration value="GD"/> - * <enumeration value="GE"/> - * <enumeration value="GH"/> - * <enumeration value="GL"/> - * <enumeration value="GM"/> - * <enumeration value="GN"/> - * <enumeration value="GQ"/> - * <enumeration value="GR"/> - * <enumeration value="GT"/> - * <enumeration value="GW"/> - * <enumeration value="GY"/> - * <enumeration value="HN"/> - * <enumeration value="HR"/> - * <enumeration value="HT"/> - * <enumeration value="HU"/> - * <enumeration value="ID"/> - * <enumeration value="IE"/> - * <enumeration value="IL"/> - * <enumeration value="IN"/> - * <enumeration value="IQ"/> - * <enumeration value="IR"/> - * <enumeration value="IS"/> - * <enumeration value="IT"/> - * <enumeration value="JM"/> - * <enumeration value="JO"/> - * <enumeration value="JP"/> - * <enumeration value="KE"/> - * <enumeration value="KG"/> - * <enumeration value="KH"/> - * <enumeration value="KI"/> - * <enumeration value="KM"/> - * <enumeration value="KN"/> - * <enumeration value="KP"/> - * <enumeration value="KR"/> - * <enumeration value="KW"/> - * <enumeration value="KZ"/> - * <enumeration value="LA"/> - * <enumeration value="LB"/> - * <enumeration value="LC"/> - * <enumeration value="LI"/> - * <enumeration value="LK"/> - * <enumeration value="LR"/> - * <enumeration value="LS"/> - * <enumeration value="LT"/> - * <enumeration value="LU"/> - * <enumeration value="LV"/> - * <enumeration value="LY"/> - * <enumeration value="MA"/> - * <enumeration value="MC"/> - * <enumeration value="MD"/> - * <enumeration value="ME"/> - * <enumeration value="MG"/> - * <enumeration value="MH"/> - * <enumeration value="MK"/> - * <enumeration value="ML"/> - * <enumeration value="MM"/> - * <enumeration value="MN"/> - * <enumeration value="MR"/> - * <enumeration value="MT"/> - * <enumeration value="MU"/> - * <enumeration value="MV"/> - * <enumeration value="MW"/> - * <enumeration value="MX"/> - * <enumeration value="MY"/> - * <enumeration value="MZ"/> - * <enumeration value="NA"/> - * <enumeration value="NE"/> - * <enumeration value="NG"/> - * <enumeration value="NI"/> - * <enumeration value="NL"/> - * <enumeration value="NO"/> - * <enumeration value="NP"/> - * <enumeration value="NR"/> - * <enumeration value="NU"/> - * <enumeration value="NZ"/> - * <enumeration value="OM"/> - * <enumeration value="PA"/> - * <enumeration value="PE"/> - * <enumeration value="PG"/> - * <enumeration value="PH"/> - * <enumeration value="PK"/> - * <enumeration value="PL"/> - * <enumeration value="PR"/> - * <enumeration value="PS"/> - * <enumeration value="PT"/> - * <enumeration value="PW"/> - * <enumeration value="PY"/> - * <enumeration value="QA"/> - * <enumeration value="RO"/> - * <enumeration value="RS"/> - * <enumeration value="RU"/> - * <enumeration value="RW"/> - * <enumeration value="SA"/> - * <enumeration value="SB"/> - * <enumeration value="SC"/> - * <enumeration value="SD"/> - * <enumeration value="SE"/> - * <enumeration value="SG"/> - * <enumeration value="SI"/> - * <enumeration value="SK"/> - * <enumeration value="SL"/> - * <enumeration value="SM"/> - * <enumeration value="SN"/> - * <enumeration value="SO"/> - * <enumeration value="SR"/> - * <enumeration value="ST"/> - * <enumeration value="SV"/> - * <enumeration value="SY"/> - * <enumeration value="SZ"/> - * <enumeration value="TD"/> - * <enumeration value="TG"/> - * <enumeration value="TH"/> - * <enumeration value="TJ"/> - * <enumeration value="TL"/> - * <enumeration value="TM"/> - * <enumeration value="TN"/> - * <enumeration value="TO"/> - * <enumeration value="TR"/> - * <enumeration value="TT"/> - * <enumeration value="TV"/> - * <enumeration value="TZ"/> - * <enumeration value="UA"/> - * <enumeration value="UG"/> - * <enumeration value="US"/> - * <enumeration value="UY"/> - * <enumeration value="UZ"/> - * <enumeration value="VA"/> - * <enumeration value="VC"/> - * <enumeration value="VE"/> - * <enumeration value="VN"/> - * <enumeration value="VU"/> - * <enumeration value="WS"/> - * <enumeration value="YE"/> - * <enumeration value="ZA"/> - * <enumeration value="ZM"/> - * <enumeration value="ZW"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "CountryType") -@XmlEnum -public enum CountryType { - - AD, AE, AF, AG, AL, AM, AO, AR, AT, AU, AZ, BA, BB, BD, BE, BF, BG, BH, BI, BJ, BN, BO, BR, BS, BT, BW, BY, BZ, CA, CD, CF, CG, CH, CI, CL, CM, CN, CO, CR, CU, CV, CY, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ER, ES, ET, FI, FJ, FM, FR, GA, GB, GD, GE, GH, GL, GM, GN, GQ, GR, GT, GW, GY, HN, HR, HT, HU, ID, IE, IL, IN, IQ, IR, IS, IT, JM, JO, JP, KE, KG, KH, KI, KM, KN, KP, KR, KW, KZ, LA, LB, LC, LI, LK, LR, LS, LT, LU, LV, LY, MA, MC, MD, ME, MG, MH, MK, ML, MM, MN, MR, MT, MU, MV, MW, MX, MY, MZ, NA, NE, NG, NI, NL, NO, NP, NR, NU, NZ, OM, PA, PE, PG, PH, PK, PL, PR, PS, PT, PW, PY, QA, RO, RS, RU, RW, SA, SB, SC, SD, SE, SG, SI, SK, SL, SM, SN, SO, SR, ST, SV, SY, SZ, TD, TG, TH, TJ, TL, TM, TN, TO, TR, TT, TV, TZ, UA, UG, US, UY, UZ, VA, VC, VE, VN, VU, WS, YE, ZA, ZM, ZW; - - public String value() { - return name(); - } - - public static CountryType fromValue(String v) { - return valueOf(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseStructureDiagramType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseStructureDiagramType.java deleted file mode 100644 index 619985a7e..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseStructureDiagramType.java +++ /dev/null @@ -1,88 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CourseStructureDiagramType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseStructureDiagramType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CoursesGroups" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CoursesGroupsType" minOccurs="0"/> - * <element name="CoursesUnits" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CoursesUnitsType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseStructureDiagramType", propOrder = { "coursesGroups", "coursesUnits" }) -public class CourseStructureDiagramType { - - @XmlElement(name = "CoursesGroups") - protected CoursesGroupsType coursesGroups; - @XmlElement(name = "CoursesUnits") - protected CoursesUnitsType coursesUnits; - - /** - * Gets the value of the coursesGroups property. - * - * @return possible object is {@link CoursesGroupsType } - * - */ - public CoursesGroupsType getCoursesGroups() { - return coursesGroups; - } - - /** - * Sets the value of the coursesGroups property. - * - * @param value - * allowed object is {@link CoursesGroupsType } - * - */ - public void setCoursesGroups(CoursesGroupsType value) { - this.coursesGroups = value; - } - - /** - * Gets the value of the coursesUnits property. - * - * @return possible object is {@link CoursesUnitsType } - * - */ - public CoursesUnitsType getCoursesUnits() { - return coursesUnits; - } - - /** - * Sets the value of the coursesUnits property. - * - * @param value - * allowed object is {@link CoursesUnitsType } - * - */ - public void setCoursesUnits(CoursesUnitsType value) { - this.coursesUnits = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitLanguageOfInstructionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitLanguageOfInstructionType.java deleted file mode 100644 index c531ead90..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitLanguageOfInstructionType.java +++ /dev/null @@ -1,86 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * <p> - * Java class for CourseUnitLanguageOfInstructionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitLanguageOfInstructionType"> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="language" use="required" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}LanguageType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitLanguageOfInstructionType", propOrder = { "value" }) -public class CourseUnitLanguageOfInstructionType { - - @XmlValue - protected String value; - @XmlAttribute(name = "language", required = true) - protected LanguageType language; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the language property. - * - * @return possible object is {@link LanguageType } - * - */ - public LanguageType getLanguage() { - return language; - } - - /** - * Sets the value of the language property. - * - * @param value - * allowed object is {@link LanguageType } - * - */ - public void setLanguage(LanguageType value) { - this.language = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitLanguagesOfInstructionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitLanguagesOfInstructionType.java deleted file mode 100644 index 5d90755d9..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitLanguagesOfInstructionType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CourseUnitLanguagesOfInstructionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitLanguagesOfInstructionType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Language" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseUnitLanguageOfInstructionType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitLanguagesOfInstructionType", propOrder = { "language" }) -public class CourseUnitLanguagesOfInstructionType { - - @XmlElement(name = "Language", required = true) - protected List<CourseUnitLanguageOfInstructionType> language; - - /** - * Gets the value of the language property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the language property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getLanguage().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CourseUnitLanguageOfInstructionType } - * - * - */ - public List<CourseUnitLanguageOfInstructionType> getLanguage() { - if (language == null) { - language = new ArrayList<CourseUnitLanguageOfInstructionType>(); - } - return this.language; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitStudentPerformanceType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitStudentPerformanceType.java deleted file mode 100644 index 25aaf29da..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitStudentPerformanceType.java +++ /dev/null @@ -1,88 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CourseUnitStudentPerformanceType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitStudentPerformanceType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="LocalGrade" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}LocalGradeType"/> - * <element name="ECTSGrade" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ECTSGradingScaleType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitStudentPerformanceType", propOrder = { "localGrade", "ectsGrade" }) -public class CourseUnitStudentPerformanceType { - - @XmlElement(name = "LocalGrade", required = true) - protected LocalGradeType localGrade; - @XmlElement(name = "ECTSGrade") - protected ECTSGradingScaleType ectsGrade; - - /** - * Gets the value of the localGrade property. - * - * @return possible object is {@link LocalGradeType } - * - */ - public LocalGradeType getLocalGrade() { - return localGrade; - } - - /** - * Sets the value of the localGrade property. - * - * @param value - * allowed object is {@link LocalGradeType } - * - */ - public void setLocalGrade(LocalGradeType value) { - this.localGrade = value; - } - - /** - * Gets the value of the ectsGrade property. - * - * @return possible object is {@link ECTSGradingScaleType } - * - */ - public ECTSGradingScaleType getECTSGrade() { - return ectsGrade; - } - - /** - * Sets the value of the ectsGrade property. - * - * @param value - * allowed object is {@link ECTSGradingScaleType } - * - */ - public void setECTSGrade(ECTSGradingScaleType value) { - this.ectsGrade = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitType.java deleted file mode 100644 index 925f89d3a..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitType.java +++ /dev/null @@ -1,1045 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * <p> - * Java class for CourseUnitType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Code" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="ScientificArea" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="Title" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="Theme" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="Type" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="type" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseUnitTypeType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="YearOfStudy" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="year" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="Level" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="eheaFramework" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}EHEAFrameworkType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="ECTSCredits" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" minOccurs="0"/> - * <element name="LocalCredits" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" minOccurs="0"/> - * <element name="Hours" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" minOccurs="0"/> - * <element name="LanguagesOfInstruction" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseUnitLanguagesOfInstructionType" minOccurs="0"/> - * <element name="ModeOfDelivery" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="modeOfDelivery" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ModeOfDeliveryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="WorkPlacements" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseUnitWorkPlacementsType" minOccurs="0"/> - * <element name="StudentPerformance" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseUnitStudentPerformanceType" minOccurs="0"/> - * <element name="NameOfLecturers" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="LearningOutcomes" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="PrerequisitesAndCorequisites" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="PrerequisitesScholarshipLevel" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="PrerequisitesOtherTitles" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="RecomendedOptionalProgrammeComponents" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="CourseContents" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="RecomendedOrRequiredReading" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="PlanedLearningActivitiesAndTeachingMethod" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="AssesmentMethodsAndCriteria" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="Observations" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * <attribute name="groupID" type="{http://www.w3.org/2001/XMLSchema}string" /> - * <attribute name="institutionAdministeringStudiesID" type="{http://www.w3.org/2001/XMLSchema}string" default="DEF-IAS" /> - * <attribute name="isRequiredByTheProgramme" type="{http://www.w3.org/2001/XMLSchema}boolean" default="true" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitType", propOrder = { "code", "scientificArea", "title", "theme", "type", "yearOfStudy", "level", "ectsCredits", "localCredits", "hours", "languagesOfInstruction", - "modeOfDelivery", "workPlacements", "studentPerformance", "nameOfLecturers", "learningOutcomes", "prerequisitesAndCorequisites", "prerequisitesScholarshipLevel", "prerequisitesOtherTitles", - "recomendedOptionalProgrammeComponents", "courseContents", "recomendedOrRequiredReading", "planedLearningActivitiesAndTeachingMethod", "assesmentMethodsAndCriteria", "observations" }) -public class CourseUnitType { - - @XmlElement(name = "Code") - protected String code; - @XmlElement(name = "ScientificArea") - protected String scientificArea; - @XmlElement(name = "Title", required = true) - protected String title; - @XmlElement(name = "Theme") - protected String theme; - @XmlElement(name = "Type") - protected CourseUnitType.Type type; - @XmlElement(name = "YearOfStudy") - protected CourseUnitType.YearOfStudy yearOfStudy; - @XmlElement(name = "Level") - protected CourseUnitType.Level level; - @XmlElement(name = "ECTSCredits") - protected BigDecimal ectsCredits; - @XmlElement(name = "LocalCredits") - protected BigDecimal localCredits; - @XmlElement(name = "Hours") - protected BigDecimal hours; - @XmlElement(name = "LanguagesOfInstruction") - protected CourseUnitLanguagesOfInstructionType languagesOfInstruction; - @XmlElement(name = "ModeOfDelivery") - protected CourseUnitType.ModeOfDelivery modeOfDelivery; - @XmlElement(name = "WorkPlacements") - protected CourseUnitWorkPlacementsType workPlacements; - @XmlElement(name = "StudentPerformance") - protected CourseUnitStudentPerformanceType studentPerformance; - @XmlElement(name = "NameOfLecturers") - protected RichTextTagType nameOfLecturers; - @XmlElement(name = "LearningOutcomes") - protected RichTextTagType learningOutcomes; - @XmlElement(name = "PrerequisitesAndCorequisites") - protected RichTextTagType prerequisitesAndCorequisites; - @XmlElement(name = "PrerequisitesScholarshipLevel") - protected RichTextTagType prerequisitesScholarshipLevel; - @XmlElement(name = "PrerequisitesOtherTitles") - protected RichTextTagType prerequisitesOtherTitles; - @XmlElement(name = "RecomendedOptionalProgrammeComponents") - protected RichTextTagType recomendedOptionalProgrammeComponents; - @XmlElement(name = "CourseContents") - protected RichTextTagType courseContents; - @XmlElement(name = "RecomendedOrRequiredReading") - protected RichTextTagType recomendedOrRequiredReading; - @XmlElement(name = "PlanedLearningActivitiesAndTeachingMethod") - protected RichTextTagType planedLearningActivitiesAndTeachingMethod; - @XmlElement(name = "AssesmentMethodsAndCriteria") - protected RichTextTagType assesmentMethodsAndCriteria; - @XmlElement(name = "Observations") - protected RichTextTagType observations; - @XmlAttribute(name = "groupID") - protected String groupID; - @XmlAttribute(name = "institutionAdministeringStudiesID") - protected String institutionAdministeringStudiesID; - @XmlAttribute(name = "isRequiredByTheProgramme") - protected Boolean isRequiredByTheProgramme; - - /** - * Gets the value of the code property. - * - * @return possible object is {@link String } - * - */ - public String getCode() { - return code; - } - - /** - * Sets the value of the code property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCode(String value) { - this.code = value; - } - - /** - * Gets the value of the scientificArea property. - * - * @return possible object is {@link String } - * - */ - public String getScientificArea() { - return scientificArea; - } - - /** - * Sets the value of the scientificArea property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setScientificArea(String value) { - this.scientificArea = value; - } - - /** - * Gets the value of the title property. - * - * @return possible object is {@link String } - * - */ - public String getTitle() { - return title; - } - - /** - * Sets the value of the title property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTitle(String value) { - this.title = value; - } - - /** - * Gets the value of the theme property. - * - * @return possible object is {@link String } - * - */ - public String getTheme() { - return theme; - } - - /** - * Sets the value of the theme property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTheme(String value) { - this.theme = value; - } - - /** - * Gets the value of the type property. - * - * @return possible object is {@link CourseUnitType.Type } - * - */ - public CourseUnitType.Type getType() { - return type; - } - - /** - * Sets the value of the type property. - * - * @param value - * allowed object is {@link CourseUnitType.Type } - * - */ - public void setType(CourseUnitType.Type value) { - this.type = value; - } - - /** - * Gets the value of the yearOfStudy property. - * - * @return possible object is {@link CourseUnitType.YearOfStudy } - * - */ - public CourseUnitType.YearOfStudy getYearOfStudy() { - return yearOfStudy; - } - - /** - * Sets the value of the yearOfStudy property. - * - * @param value - * allowed object is {@link CourseUnitType.YearOfStudy } - * - */ - public void setYearOfStudy(CourseUnitType.YearOfStudy value) { - this.yearOfStudy = value; - } - - /** - * Gets the value of the level property. - * - * @return possible object is {@link CourseUnitType.Level } - * - */ - public CourseUnitType.Level getLevel() { - return level; - } - - /** - * Sets the value of the level property. - * - * @param value - * allowed object is {@link CourseUnitType.Level } - * - */ - public void setLevel(CourseUnitType.Level value) { - this.level = value; - } - - /** - * Gets the value of the ectsCredits property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getECTSCredits() { - return ectsCredits; - } - - /** - * Sets the value of the ectsCredits property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setECTSCredits(BigDecimal value) { - this.ectsCredits = value; - } - - /** - * Gets the value of the localCredits property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getLocalCredits() { - return localCredits; - } - - /** - * Sets the value of the localCredits property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setLocalCredits(BigDecimal value) { - this.localCredits = value; - } - - /** - * Gets the value of the hours property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getHours() { - return hours; - } - - /** - * Sets the value of the hours property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setHours(BigDecimal value) { - this.hours = value; - } - - /** - * Gets the value of the languagesOfInstruction property. - * - * @return possible object is {@link CourseUnitLanguagesOfInstructionType } - * - */ - public CourseUnitLanguagesOfInstructionType getLanguagesOfInstruction() { - return languagesOfInstruction; - } - - /** - * Sets the value of the languagesOfInstruction property. - * - * @param value - * allowed object is {@link CourseUnitLanguagesOfInstructionType } - * - */ - public void setLanguagesOfInstruction(CourseUnitLanguagesOfInstructionType value) { - this.languagesOfInstruction = value; - } - - /** - * Gets the value of the modeOfDelivery property. - * - * @return possible object is {@link CourseUnitType.ModeOfDelivery } - * - */ - public CourseUnitType.ModeOfDelivery getModeOfDelivery() { - return modeOfDelivery; - } - - /** - * Sets the value of the modeOfDelivery property. - * - * @param value - * allowed object is {@link CourseUnitType.ModeOfDelivery } - * - */ - public void setModeOfDelivery(CourseUnitType.ModeOfDelivery value) { - this.modeOfDelivery = value; - } - - /** - * Gets the value of the workPlacements property. - * - * @return possible object is {@link CourseUnitWorkPlacementsType } - * - */ - public CourseUnitWorkPlacementsType getWorkPlacements() { - return workPlacements; - } - - /** - * Sets the value of the workPlacements property. - * - * @param value - * allowed object is {@link CourseUnitWorkPlacementsType } - * - */ - public void setWorkPlacements(CourseUnitWorkPlacementsType value) { - this.workPlacements = value; - } - - /** - * Gets the value of the studentPerformance property. - * - * @return possible object is {@link CourseUnitStudentPerformanceType } - * - */ - public CourseUnitStudentPerformanceType getStudentPerformance() { - return studentPerformance; - } - - /** - * Sets the value of the studentPerformance property. - * - * @param value - * allowed object is {@link CourseUnitStudentPerformanceType } - * - */ - public void setStudentPerformance(CourseUnitStudentPerformanceType value) { - this.studentPerformance = value; - } - - /** - * Gets the value of the nameOfLecturers property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getNameOfLecturers() { - return nameOfLecturers; - } - - /** - * Sets the value of the nameOfLecturers property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setNameOfLecturers(RichTextTagType value) { - this.nameOfLecturers = value; - } - - /** - * Gets the value of the learningOutcomes property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getLearningOutcomes() { - return learningOutcomes; - } - - /** - * Sets the value of the learningOutcomes property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setLearningOutcomes(RichTextTagType value) { - this.learningOutcomes = value; - } - - /** - * Gets the value of the prerequisitesAndCorequisites property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getPrerequisitesAndCorequisites() { - return prerequisitesAndCorequisites; - } - - /** - * Sets the value of the prerequisitesAndCorequisites property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setPrerequisitesAndCorequisites(RichTextTagType value) { - this.prerequisitesAndCorequisites = value; - } - - /** - * Gets the value of the prerequisitesScholarshipLevel property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getPrerequisitesScholarshipLevel() { - return prerequisitesScholarshipLevel; - } - - /** - * Sets the value of the prerequisitesScholarshipLevel property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setPrerequisitesScholarshipLevel(RichTextTagType value) { - this.prerequisitesScholarshipLevel = value; - } - - /** - * Gets the value of the prerequisitesOtherTitles property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getPrerequisitesOtherTitles() { - return prerequisitesOtherTitles; - } - - /** - * Sets the value of the prerequisitesOtherTitles property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setPrerequisitesOtherTitles(RichTextTagType value) { - this.prerequisitesOtherTitles = value; - } - - /** - * Gets the value of the recomendedOptionalProgrammeComponents property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getRecomendedOptionalProgrammeComponents() { - return recomendedOptionalProgrammeComponents; - } - - /** - * Sets the value of the recomendedOptionalProgrammeComponents property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setRecomendedOptionalProgrammeComponents(RichTextTagType value) { - this.recomendedOptionalProgrammeComponents = value; - } - - /** - * Gets the value of the courseContents property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getCourseContents() { - return courseContents; - } - - /** - * Sets the value of the courseContents property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setCourseContents(RichTextTagType value) { - this.courseContents = value; - } - - /** - * Gets the value of the recomendedOrRequiredReading property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getRecomendedOrRequiredReading() { - return recomendedOrRequiredReading; - } - - /** - * Sets the value of the recomendedOrRequiredReading property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setRecomendedOrRequiredReading(RichTextTagType value) { - this.recomendedOrRequiredReading = value; - } - - /** - * Gets the value of the planedLearningActivitiesAndTeachingMethod property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getPlanedLearningActivitiesAndTeachingMethod() { - return planedLearningActivitiesAndTeachingMethod; - } - - /** - * Sets the value of the planedLearningActivitiesAndTeachingMethod property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setPlanedLearningActivitiesAndTeachingMethod(RichTextTagType value) { - this.planedLearningActivitiesAndTeachingMethod = value; - } - - /** - * Gets the value of the assesmentMethodsAndCriteria property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAssesmentMethodsAndCriteria() { - return assesmentMethodsAndCriteria; - } - - /** - * Sets the value of the assesmentMethodsAndCriteria property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAssesmentMethodsAndCriteria(RichTextTagType value) { - this.assesmentMethodsAndCriteria = value; - } - - /** - * Gets the value of the observations property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getObservations() { - return observations; - } - - /** - * Sets the value of the observations property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setObservations(RichTextTagType value) { - this.observations = value; - } - - /** - * Gets the value of the groupID property. - * - * @return possible object is {@link String } - * - */ - public String getGroupID() { - return groupID; - } - - /** - * Sets the value of the groupID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setGroupID(String value) { - this.groupID = value; - } - - /** - * Gets the value of the institutionAdministeringStudiesID property. - * - * @return possible object is {@link String } - * - */ - public String getInstitutionAdministeringStudiesID() { - if (institutionAdministeringStudiesID == null) { - return "DEF-IAS"; - } else { - return institutionAdministeringStudiesID; - } - } - - /** - * Sets the value of the institutionAdministeringStudiesID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setInstitutionAdministeringStudiesID(String value) { - this.institutionAdministeringStudiesID = value; - } - - /** - * Gets the value of the isRequiredByTheProgramme property. - * - * @return possible object is {@link Boolean } - * - */ - public boolean isIsRequiredByTheProgramme() { - if (isRequiredByTheProgramme == null) { - return true; - } else { - return isRequiredByTheProgramme; - } - } - - /** - * Sets the value of the isRequiredByTheProgramme property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setIsRequiredByTheProgramme(Boolean value) { - this.isRequiredByTheProgramme = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="eheaFramework" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}EHEAFrameworkType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Level { - - @XmlValue - protected String value; - @XmlAttribute(name = "eheaFramework") - protected EHEAFrameworkType eheaFramework; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the eheaFramework property. - * - * @return possible object is {@link EHEAFrameworkType } - * - */ - public EHEAFrameworkType getEheaFramework() { - return eheaFramework; - } - - /** - * Sets the value of the eheaFramework property. - * - * @param value - * allowed object is {@link EHEAFrameworkType } - * - */ - public void setEheaFramework(EHEAFrameworkType value) { - this.eheaFramework = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="modeOfDelivery" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ModeOfDeliveryType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class ModeOfDelivery { - - @XmlValue - protected String value; - @XmlAttribute(name = "modeOfDelivery") - protected ModeOfDeliveryType modeOfDelivery; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the modeOfDelivery property. - * - * @return possible object is {@link ModeOfDeliveryType } - * - */ - public ModeOfDeliveryType getModeOfDelivery() { - return modeOfDelivery; - } - - /** - * Sets the value of the modeOfDelivery property. - * - * @param value - * allowed object is {@link ModeOfDeliveryType } - * - */ - public void setModeOfDelivery(ModeOfDeliveryType value) { - this.modeOfDelivery = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="type" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseUnitTypeType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Type { - - @XmlValue - protected String value; - @XmlAttribute(name = "type") - protected CourseUnitTypeType type; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the type property. - * - * @return possible object is {@link CourseUnitTypeType } - * - */ - public CourseUnitTypeType getType() { - return type; - } - - /** - * Sets the value of the type property. - * - * @param value - * allowed object is {@link CourseUnitTypeType } - * - */ - public void setType(CourseUnitTypeType value) { - this.type = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="year" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class YearOfStudy { - - @XmlValue - protected String value; - @XmlAttribute(name = "year") - protected BigDecimal year; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the year property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getYear() { - return year; - } - - /** - * Sets the value of the year property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setYear(BigDecimal value) { - this.year = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitTypeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitTypeType.java deleted file mode 100644 index 33b5563df..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitTypeType.java +++ /dev/null @@ -1,58 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CourseUnitTypeType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="CourseUnitTypeType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="Compulsory"/> - * <enumeration value="Optional"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "CourseUnitTypeType") -@XmlEnum -public enum CourseUnitTypeType { - - @XmlEnumValue("Compulsory") - COMPULSORY("Compulsory"), @XmlEnumValue("Optional") - OPTIONAL("Optional"); - private final String value; - - CourseUnitTypeType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static CourseUnitTypeType fromValue(String v) { - for (CourseUnitTypeType c : CourseUnitTypeType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitWorkPlacementType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitWorkPlacementType.java deleted file mode 100644 index 2694f4582..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitWorkPlacementType.java +++ /dev/null @@ -1,138 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * <p> - * Java class for CourseUnitWorkPlacementType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitWorkPlacementType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CollaboratingInstitution" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="DateFrom" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}DateType" minOccurs="0"/> - * <element name="DateTo" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}DateType" minOccurs="0"/> - * <element name="TrainingHours" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitWorkPlacementType", propOrder = { "collaboratingInstitution", "dateFrom", "dateTo", "trainingHours" }) -public class CourseUnitWorkPlacementType { - - @XmlElement(name = "CollaboratingInstitution", required = true) - protected String collaboratingInstitution; - @XmlElement(name = "DateFrom") - protected XMLGregorianCalendar dateFrom; - @XmlElement(name = "DateTo") - protected XMLGregorianCalendar dateTo; - @XmlElement(name = "TrainingHours") - protected BigDecimal trainingHours; - - /** - * Gets the value of the collaboratingInstitution property. - * - * @return possible object is {@link String } - * - */ - public String getCollaboratingInstitution() { - return collaboratingInstitution; - } - - /** - * Sets the value of the collaboratingInstitution property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCollaboratingInstitution(String value) { - this.collaboratingInstitution = value; - } - - /** - * Gets the value of the dateFrom property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateFrom() { - return dateFrom; - } - - /** - * Sets the value of the dateFrom property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateFrom(XMLGregorianCalendar value) { - this.dateFrom = value; - } - - /** - * Gets the value of the dateTo property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateTo() { - return dateTo; - } - - /** - * Sets the value of the dateTo property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateTo(XMLGregorianCalendar value) { - this.dateTo = value; - } - - /** - * Gets the value of the trainingHours property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getTrainingHours() { - return trainingHours; - } - - /** - * Sets the value of the trainingHours property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setTrainingHours(BigDecimal value) { - this.trainingHours = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitWorkPlacementsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitWorkPlacementsType.java deleted file mode 100644 index 28468d0b9..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CourseUnitWorkPlacementsType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CourseUnitWorkPlacementsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CourseUnitWorkPlacementsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="WorkPlacement" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseUnitWorkPlacementType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CourseUnitWorkPlacementsType", propOrder = { "workPlacement" }) -public class CourseUnitWorkPlacementsType { - - @XmlElement(name = "WorkPlacement", required = true) - protected List<CourseUnitWorkPlacementType> workPlacement; - - /** - * Gets the value of the workPlacement property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the workPlacement property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getWorkPlacement().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CourseUnitWorkPlacementType } - * - * - */ - public List<CourseUnitWorkPlacementType> getWorkPlacement() { - if (workPlacement == null) { - workPlacement = new ArrayList<CourseUnitWorkPlacementType>(); - } - return this.workPlacement; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesAttendedInOtherInstitutionInMobilityProgramsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesAttendedInOtherInstitutionInMobilityProgramsType.java deleted file mode 100644 index 6e588acfd..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesAttendedInOtherInstitutionInMobilityProgramsType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CoursesAttendedInOtherInstitutionInMobilityProgramsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CoursesAttendedInOtherInstitutionInMobilityProgramsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="MobilityProgramme" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}MobilityProgrammeType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CoursesAttendedInOtherInstitutionInMobilityProgramsType", propOrder = { "mobilityProgramme" }) -public class CoursesAttendedInOtherInstitutionInMobilityProgramsType { - - @XmlElement(name = "MobilityProgramme", required = true) - protected List<MobilityProgrammeType> mobilityProgramme; - - /** - * Gets the value of the mobilityProgramme property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the mobilityProgramme property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getMobilityProgramme().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link MobilityProgrammeType } - * - * - */ - public List<MobilityProgrammeType> getMobilityProgramme() { - if (mobilityProgramme == null) { - mobilityProgramme = new ArrayList<MobilityProgrammeType>(); - } - return this.mobilityProgramme; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesGroupType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesGroupType.java deleted file mode 100644 index f754fce18..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesGroupType.java +++ /dev/null @@ -1,169 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CoursesGroupType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CoursesGroupType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="HeaderInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="CoursesGroup" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CoursesGroupType" maxOccurs="unbounded" minOccurs="0"/> - * <element name="FooterInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * <attribute name="groupID" use="required" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CoursesGroupType", propOrder = { "name", "headerInformation", "coursesGroup", "footerInformation" }) -public class CoursesGroupType { - - @XmlElement(name = "Name", required = true) - protected String name; - @XmlElement(name = "HeaderInformation") - protected RichTextTagType headerInformation; - @XmlElement(name = "CoursesGroup") - protected List<CoursesGroupType> coursesGroup; - @XmlElement(name = "FooterInformation") - protected RichTextTagType footerInformation; - @XmlAttribute(name = "groupID", required = true) - protected String groupID; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the headerInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getHeaderInformation() { - return headerInformation; - } - - /** - * Sets the value of the headerInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setHeaderInformation(RichTextTagType value) { - this.headerInformation = value; - } - - /** - * Gets the value of the coursesGroup property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the coursesGroup property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getCoursesGroup().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CoursesGroupType } - * - * - */ - public List<CoursesGroupType> getCoursesGroup() { - if (coursesGroup == null) { - coursesGroup = new ArrayList<CoursesGroupType>(); - } - return this.coursesGroup; - } - - /** - * Gets the value of the footerInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getFooterInformation() { - return footerInformation; - } - - /** - * Sets the value of the footerInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setFooterInformation(RichTextTagType value) { - this.footerInformation = value; - } - - /** - * Gets the value of the groupID property. - * - * @return possible object is {@link String } - * - */ - public String getGroupID() { - return groupID; - } - - /** - * Sets the value of the groupID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setGroupID(String value) { - this.groupID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesGroupsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesGroupsType.java deleted file mode 100644 index 00b5cff1e..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesGroupsType.java +++ /dev/null @@ -1,144 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CoursesGroupsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CoursesGroupsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="HeaderInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="CoursesGroup" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CoursesGroupType" maxOccurs="unbounded" minOccurs="0"/> - * <element name="FooterInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CoursesGroupsType", propOrder = { "name", "headerInformation", "coursesGroup", "footerInformation" }) -public class CoursesGroupsType { - - @XmlElement(name = "Name") - protected String name; - @XmlElement(name = "HeaderInformation") - protected RichTextTagType headerInformation; - @XmlElement(name = "CoursesGroup") - protected List<CoursesGroupType> coursesGroup; - @XmlElement(name = "FooterInformation") - protected RichTextTagType footerInformation; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the headerInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getHeaderInformation() { - return headerInformation; - } - - /** - * Sets the value of the headerInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setHeaderInformation(RichTextTagType value) { - this.headerInformation = value; - } - - /** - * Gets the value of the coursesGroup property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the coursesGroup property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getCoursesGroup().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CoursesGroupType } - * - * - */ - public List<CoursesGroupType> getCoursesGroup() { - if (coursesGroup == null) { - coursesGroup = new ArrayList<CoursesGroupType>(); - } - return this.coursesGroup; - } - - /** - * Gets the value of the footerInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getFooterInformation() { - return footerInformation; - } - - /** - * Sets the value of the footerInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setFooterInformation(RichTextTagType value) { - this.footerInformation = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesUnitsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesUnitsType.java deleted file mode 100644 index 5102810a9..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/CoursesUnitsType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CoursesUnitsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CoursesUnitsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CourseUnit" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseUnitType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CoursesUnitsType", propOrder = { "courseUnit" }) -public class CoursesUnitsType { - - @XmlElement(name = "CourseUnit", required = true) - protected List<CourseUnitType> courseUnit; - - /** - * Gets the value of the courseUnit property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the courseUnit property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getCourseUnit().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link CourseUnitType } - * - * - */ - public List<CourseUnitType> getCourseUnit() { - if (courseUnit == null) { - courseUnit = new ArrayList<CourseUnitType>(); - } - return this.courseUnit; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ECTSGradingScaleType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ECTSGradingScaleType.java deleted file mode 100644 index d126d7294..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ECTSGradingScaleType.java +++ /dev/null @@ -1,50 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ECTSGradingScaleType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="ECTSGradingScaleType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="A"/> - * <enumeration value="B"/> - * <enumeration value="C"/> - * <enumeration value="D"/> - * <enumeration value="E"/> - * <enumeration value="FX"/> - * <enumeration value="F"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "ECTSGradingScaleType") -@XmlEnum -public enum ECTSGradingScaleType { - - A, B, C, D, E, FX, F; - - public String value() { - return name(); - } - - public static ECTSGradingScaleType fromValue(String v) { - return valueOf(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/EHEAFrameworkType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/EHEAFrameworkType.java deleted file mode 100644 index 31b69e907..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/EHEAFrameworkType.java +++ /dev/null @@ -1,60 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for EHEAFrameworkType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="EHEAFrameworkType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="FirstCycle"/> - * <enumeration value="SecondCycle"/> - * <enumeration value="ThirdCycle"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "EHEAFrameworkType") -@XmlEnum -public enum EHEAFrameworkType { - - @XmlEnumValue("FirstCycle") - FIRST_CYCLE("FirstCycle"), @XmlEnumValue("SecondCycle") - SECOND_CYCLE("SecondCycle"), @XmlEnumValue("ThirdCycle") - THIRD_CYCLE("ThirdCycle"); - private final String value; - - EHEAFrameworkType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static EHEAFrameworkType fromValue(String v) { - for (EHEAFrameworkType c : EHEAFrameworkType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ExtensionContentType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ExtensionContentType.java deleted file mode 100644 index de8f10707..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ExtensionContentType.java +++ /dev/null @@ -1,100 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlType; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for ExtensionContentType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ExtensionContentType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence maxOccurs="unbounded" minOccurs="0"> - * <any processContents='lax'/> - * </sequence> - * <attribute name="id" type="{http://www.w3.org/2001/XMLSchema}string" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ExtensionContentType", propOrder = { "content" }) -public class ExtensionContentType { - - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "id") - protected String id; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } {@link Element } {@link String } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/FamilyNameType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/FamilyNameType.java deleted file mode 100644 index 007ea7bfb..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/FamilyNameType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for FamilyNameType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="FamilyNameType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Surname" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "FamilyNameType", propOrder = { "surname" }) -public class FamilyNameType { - - @XmlElement(name = "Surname", required = true) - protected List<String> surname; - - /** - * Gets the value of the surname property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the surname property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getSurname().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getSurname() { - if (surname == null) { - surname = new ArrayList<String>(); - } - return this.surname; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GenderType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GenderType.java deleted file mode 100644 index 159810298..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GenderType.java +++ /dev/null @@ -1,58 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for GenderType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="GenderType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="Female"/> - * <enumeration value="Male"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "GenderType") -@XmlEnum -public enum GenderType { - - @XmlEnumValue("Female") - FEMALE("Female"), @XmlEnumValue("Male") - MALE("Male"); - private final String value; - - GenderType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static GenderType fromValue(String v) { - for (GenderType c : GenderType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GeneralDiplomaType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GeneralDiplomaType.java deleted file mode 100644 index 4dd196d31..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GeneralDiplomaType.java +++ /dev/null @@ -1,365 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig.SignatureType; - -/** - * <p> - * Java class for GeneralDiplomaType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="GeneralDiplomaType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="InformationIdentifyingTheHolderOfTheQualification" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InformationIdentifyingTheHolderOfTheQualificationType"/> - * <element name="InformationIdentifyingTheQualification" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InformationIdentifyingTheQualificationType"/> - * <element name="InformationOnTheLevelOfTheQualification" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InformationOnTheLevelOfTheQualificationType" minOccurs="0"/> - * <element name="InformationOnTheContentsAndResultsGained" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InformationOnTheContentsAndResultsGainedType" minOccurs="0"/> - * <element name="InformationOnTheFunctionOfTheQualification" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InformationOnTheFunctionOfTheQualificationType" minOccurs="0"/> - * <element name="AdditionalInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AdditionalInformationType" minOccurs="0"/> - * <element name="CertificationOfTheSupplement" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CertificationOfTheSupplementType" minOccurs="0"/> - * <element name="InformationOnTheNationalHigherEducationSystem" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="Attachments" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AttachmentsType" minOccurs="0"/> - * <element name="ExtensionContent" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ExtensionContentType" maxOccurs="unbounded" minOccurs="0"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Signature" maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * <attribute name="language" use="required" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}LanguageType" /> - * <attribute name="isTheOriginalLanguage" use="required" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "GeneralDiplomaType", propOrder = { "informationIdentifyingTheHolderOfTheQualification", "informationIdentifyingTheQualification", "informationOnTheLevelOfTheQualification", - "informationOnTheContentsAndResultsGained", "informationOnTheFunctionOfTheQualification", "additionalInformation", "certificationOfTheSupplement", - "informationOnTheNationalHigherEducationSystem", "attachments", "extensionContent", "signature" }) -public class GeneralDiplomaType { - - @XmlElement(name = "InformationIdentifyingTheHolderOfTheQualification", required = true) - protected InformationIdentifyingTheHolderOfTheQualificationType informationIdentifyingTheHolderOfTheQualification; - @XmlElement(name = "InformationIdentifyingTheQualification", required = true) - protected InformationIdentifyingTheQualificationType informationIdentifyingTheQualification; - @XmlElement(name = "InformationOnTheLevelOfTheQualification") - protected InformationOnTheLevelOfTheQualificationType informationOnTheLevelOfTheQualification; - @XmlElement(name = "InformationOnTheContentsAndResultsGained") - protected InformationOnTheContentsAndResultsGainedType informationOnTheContentsAndResultsGained; - @XmlElement(name = "InformationOnTheFunctionOfTheQualification") - protected InformationOnTheFunctionOfTheQualificationType informationOnTheFunctionOfTheQualification; - @XmlElement(name = "AdditionalInformation") - protected AdditionalInformationType additionalInformation; - @XmlElement(name = "CertificationOfTheSupplement") - protected CertificationOfTheSupplementType certificationOfTheSupplement; - @XmlElement(name = "InformationOnTheNationalHigherEducationSystem") - protected RichTextTagType informationOnTheNationalHigherEducationSystem; - @XmlElement(name = "Attachments") - protected AttachmentsType attachments; - @XmlElement(name = "ExtensionContent") - protected List<ExtensionContentType> extensionContent; - @XmlElement(name = "Signature", namespace = "http://www.w3.org/2000/09/xmldsig#") - protected List<SignatureType> signature; - @XmlAttribute(name = "language", required = true) - protected LanguageType language; - @XmlAttribute(name = "isTheOriginalLanguage", required = true) - protected boolean isTheOriginalLanguage; - - /** - * Gets the value of the informationIdentifyingTheHolderOfTheQualification property. - * - * @return possible object is {@link InformationIdentifyingTheHolderOfTheQualificationType } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType getInformationIdentifyingTheHolderOfTheQualification() { - return informationIdentifyingTheHolderOfTheQualification; - } - - /** - * Sets the value of the informationIdentifyingTheHolderOfTheQualification property. - * - * @param value - * allowed object is {@link InformationIdentifyingTheHolderOfTheQualificationType } - * - */ - public void setInformationIdentifyingTheHolderOfTheQualification(InformationIdentifyingTheHolderOfTheQualificationType value) { - this.informationIdentifyingTheHolderOfTheQualification = value; - } - - /** - * Gets the value of the informationIdentifyingTheQualification property. - * - * @return possible object is {@link InformationIdentifyingTheQualificationType } - * - */ - public InformationIdentifyingTheQualificationType getInformationIdentifyingTheQualification() { - return informationIdentifyingTheQualification; - } - - /** - * Sets the value of the informationIdentifyingTheQualification property. - * - * @param value - * allowed object is {@link InformationIdentifyingTheQualificationType } - * - */ - public void setInformationIdentifyingTheQualification(InformationIdentifyingTheQualificationType value) { - this.informationIdentifyingTheQualification = value; - } - - /** - * Gets the value of the informationOnTheLevelOfTheQualification property. - * - * @return possible object is {@link InformationOnTheLevelOfTheQualificationType } - * - */ - public InformationOnTheLevelOfTheQualificationType getInformationOnTheLevelOfTheQualification() { - return informationOnTheLevelOfTheQualification; - } - - /** - * Sets the value of the informationOnTheLevelOfTheQualification property. - * - * @param value - * allowed object is {@link InformationOnTheLevelOfTheQualificationType } - * - */ - public void setInformationOnTheLevelOfTheQualification(InformationOnTheLevelOfTheQualificationType value) { - this.informationOnTheLevelOfTheQualification = value; - } - - /** - * Gets the value of the informationOnTheContentsAndResultsGained property. - * - * @return possible object is {@link InformationOnTheContentsAndResultsGainedType } - * - */ - public InformationOnTheContentsAndResultsGainedType getInformationOnTheContentsAndResultsGained() { - return informationOnTheContentsAndResultsGained; - } - - /** - * Sets the value of the informationOnTheContentsAndResultsGained property. - * - * @param value - * allowed object is {@link InformationOnTheContentsAndResultsGainedType } - * - */ - public void setInformationOnTheContentsAndResultsGained(InformationOnTheContentsAndResultsGainedType value) { - this.informationOnTheContentsAndResultsGained = value; - } - - /** - * Gets the value of the informationOnTheFunctionOfTheQualification property. - * - * @return possible object is {@link InformationOnTheFunctionOfTheQualificationType } - * - */ - public InformationOnTheFunctionOfTheQualificationType getInformationOnTheFunctionOfTheQualification() { - return informationOnTheFunctionOfTheQualification; - } - - /** - * Sets the value of the informationOnTheFunctionOfTheQualification property. - * - * @param value - * allowed object is {@link InformationOnTheFunctionOfTheQualificationType } - * - */ - public void setInformationOnTheFunctionOfTheQualification(InformationOnTheFunctionOfTheQualificationType value) { - this.informationOnTheFunctionOfTheQualification = value; - } - - /** - * Gets the value of the additionalInformation property. - * - * @return possible object is {@link AdditionalInformationType } - * - */ - public AdditionalInformationType getAdditionalInformation() { - return additionalInformation; - } - - /** - * Sets the value of the additionalInformation property. - * - * @param value - * allowed object is {@link AdditionalInformationType } - * - */ - public void setAdditionalInformation(AdditionalInformationType value) { - this.additionalInformation = value; - } - - /** - * Gets the value of the certificationOfTheSupplement property. - * - * @return possible object is {@link CertificationOfTheSupplementType } - * - */ - public CertificationOfTheSupplementType getCertificationOfTheSupplement() { - return certificationOfTheSupplement; - } - - /** - * Sets the value of the certificationOfTheSupplement property. - * - * @param value - * allowed object is {@link CertificationOfTheSupplementType } - * - */ - public void setCertificationOfTheSupplement(CertificationOfTheSupplementType value) { - this.certificationOfTheSupplement = value; - } - - /** - * Gets the value of the informationOnTheNationalHigherEducationSystem property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getInformationOnTheNationalHigherEducationSystem() { - return informationOnTheNationalHigherEducationSystem; - } - - /** - * Sets the value of the informationOnTheNationalHigherEducationSystem property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setInformationOnTheNationalHigherEducationSystem(RichTextTagType value) { - this.informationOnTheNationalHigherEducationSystem = value; - } - - /** - * Gets the value of the attachments property. - * - * @return possible object is {@link AttachmentsType } - * - */ - public AttachmentsType getAttachments() { - return attachments; - } - - /** - * Sets the value of the attachments property. - * - * @param value - * allowed object is {@link AttachmentsType } - * - */ - public void setAttachments(AttachmentsType value) { - this.attachments = value; - } - - /** - * Gets the value of the extensionContent property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the extensionContent property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getExtensionContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link ExtensionContentType } - * - * - */ - public List<ExtensionContentType> getExtensionContent() { - if (extensionContent == null) { - extensionContent = new ArrayList<ExtensionContentType>(); - } - return this.extensionContent; - } - - /** - * Gets the value of the signature property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the signature property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getSignature().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link SignatureType } - * - * - */ - public List<SignatureType> getSignature() { - if (signature == null) { - signature = new ArrayList<SignatureType>(); - } - return this.signature; - } - - /** - * Gets the value of the language property. - * - * @return possible object is {@link LanguageType } - * - */ - public LanguageType getLanguage() { - return language; - } - - /** - * Sets the value of the language property. - * - * @param value - * allowed object is {@link LanguageType } - * - */ - public void setLanguage(LanguageType value) { - this.language = value; - } - - /** - * Gets the value of the isTheOriginalLanguage property. - * - */ - public boolean isIsTheOriginalLanguage() { - return isTheOriginalLanguage; - } - - /** - * Sets the value of the isTheOriginalLanguage property. - * - */ - public void setIsTheOriginalLanguage(boolean value) { - this.isTheOriginalLanguage = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GivenNameType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GivenNameType.java deleted file mode 100644 index 3818b52e1..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GivenNameType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for GivenNameType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="GivenNameType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "GivenNameType", propOrder = { "name" }) -public class GivenNameType { - - @XmlElement(name = "Name", required = true) - protected List<String> name; - - /** - * Gets the value of the name property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the name property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getName().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } - * - * - */ - public List<String> getName() { - if (name == null) { - name = new ArrayList<String>(); - } - return this.name; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GradingSchemeAndGradeDistributionGuidanceType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GradingSchemeAndGradeDistributionGuidanceType.java deleted file mode 100644 index 471ff3a5f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/GradingSchemeAndGradeDistributionGuidanceType.java +++ /dev/null @@ -1,88 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for GradingSchemeAndGradeDistributionGuidanceType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="GradingSchemeAndGradeDistributionGuidanceType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="GradingScheme" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"/> - * <element name="GradeDistributionGuidance" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "GradingSchemeAndGradeDistributionGuidanceType", propOrder = { "gradingScheme", "gradeDistributionGuidance" }) -public class GradingSchemeAndGradeDistributionGuidanceType { - - @XmlElement(name = "GradingScheme", required = true) - protected RichTextTagType gradingScheme; - @XmlElement(name = "GradeDistributionGuidance") - protected RichTextTagType gradeDistributionGuidance; - - /** - * Gets the value of the gradingScheme property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getGradingScheme() { - return gradingScheme; - } - - /** - * Sets the value of the gradingScheme property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setGradingScheme(RichTextTagType value) { - this.gradingScheme = value; - } - - /** - * Gets the value of the gradeDistributionGuidance property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getGradeDistributionGuidance() { - return gradeDistributionGuidance; - } - - /** - * Sets the value of the gradeDistributionGuidance property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setGradeDistributionGuidance(RichTextTagType value) { - this.gradeDistributionGuidance = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ImageMimeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ImageMimeType.java deleted file mode 100644 index 22d889b67..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ImageMimeType.java +++ /dev/null @@ -1,64 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ImageMimeType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="ImageMimeType"> - * <restriction base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}MimeType"> - * <enumeration value="image/gif"/> - * <enumeration value="image/jpeg"/> - * <enumeration value="image/pjpeg"/> - * <enumeration value="image/png"/> - * <enumeration value="image/tiff"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "ImageMimeType") -@XmlEnum(MimeType.class) -public enum ImageMimeType { - - @XmlEnumValue("image/gif") - IMAGE_GIF(MimeType.IMAGE_GIF), @XmlEnumValue("image/jpeg") - IMAGE_JPEG(MimeType.IMAGE_JPEG), @XmlEnumValue("image/pjpeg") - IMAGE_PJPEG(MimeType.IMAGE_PJPEG), @XmlEnumValue("image/png") - IMAGE_PNG(MimeType.IMAGE_PNG), @XmlEnumValue("image/tiff") - IMAGE_TIFF(MimeType.IMAGE_TIFF); - private final MimeType value; - - ImageMimeType(MimeType v) { - value = v; - } - - public MimeType value() { - return value; - } - - public static ImageMimeType fromValue(MimeType v) { - for (ImageMimeType c : ImageMimeType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v.toString()); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationIdentifyingTheHolderOfTheQualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationIdentifyingTheHolderOfTheQualificationType.java deleted file mode 100644 index 3443104e3..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationIdentifyingTheHolderOfTheQualificationType.java +++ /dev/null @@ -1,292 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * <p> - * Java class for InformationIdentifyingTheHolderOfTheQualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationIdentifyingTheHolderOfTheQualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="FamilyName" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}FamilyNameType"/> - * <element name="GivenName" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}GivenNameType"/> - * <element name="DateOfBirth" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}DateType" minOccurs="0"/> - * <element name="StudentIdentificationNumber" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="CountryOfBirth" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CountryTextCodeType" minOccurs="0"/> - * <element name="PlaceOfBirth" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="Gender" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="gender" use="required" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}GenderType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationIdentifyingTheHolderOfTheQualificationType", propOrder = { "familyName", "givenName", "dateOfBirth", "studentIdentificationNumber", "countryOfBirth", "placeOfBirth", - "gender" }) -public class InformationIdentifyingTheHolderOfTheQualificationType { - - @XmlElement(name = "FamilyName", required = true) - protected FamilyNameType familyName; - @XmlElement(name = "GivenName", required = true) - protected GivenNameType givenName; - @XmlElement(name = "DateOfBirth") - protected XMLGregorianCalendar dateOfBirth; - @XmlElement(name = "StudentIdentificationNumber") - protected String studentIdentificationNumber; - @XmlElement(name = "CountryOfBirth") - protected CountryTextCodeType countryOfBirth; - @XmlElement(name = "PlaceOfBirth") - protected String placeOfBirth; - @XmlElement(name = "Gender") - protected InformationIdentifyingTheHolderOfTheQualificationType.Gender gender; - - /** - * Gets the value of the familyName property. - * - * @return possible object is {@link FamilyNameType } - * - */ - public FamilyNameType getFamilyName() { - return familyName; - } - - /** - * Sets the value of the familyName property. - * - * @param value - * allowed object is {@link FamilyNameType } - * - */ - public void setFamilyName(FamilyNameType value) { - this.familyName = value; - } - - /** - * Gets the value of the givenName property. - * - * @return possible object is {@link GivenNameType } - * - */ - public GivenNameType getGivenName() { - return givenName; - } - - /** - * Sets the value of the givenName property. - * - * @param value - * allowed object is {@link GivenNameType } - * - */ - public void setGivenName(GivenNameType value) { - this.givenName = value; - } - - /** - * Gets the value of the dateOfBirth property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateOfBirth() { - return dateOfBirth; - } - - /** - * Sets the value of the dateOfBirth property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateOfBirth(XMLGregorianCalendar value) { - this.dateOfBirth = value; - } - - /** - * Gets the value of the studentIdentificationNumber property. - * - * @return possible object is {@link String } - * - */ - public String getStudentIdentificationNumber() { - return studentIdentificationNumber; - } - - /** - * Sets the value of the studentIdentificationNumber property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStudentIdentificationNumber(String value) { - this.studentIdentificationNumber = value; - } - - /** - * Gets the value of the countryOfBirth property. - * - * @return possible object is {@link CountryTextCodeType } - * - */ - public CountryTextCodeType getCountryOfBirth() { - return countryOfBirth; - } - - /** - * Sets the value of the countryOfBirth property. - * - * @param value - * allowed object is {@link CountryTextCodeType } - * - */ - public void setCountryOfBirth(CountryTextCodeType value) { - this.countryOfBirth = value; - } - - /** - * Gets the value of the placeOfBirth property. - * - * @return possible object is {@link String } - * - */ - public String getPlaceOfBirth() { - return placeOfBirth; - } - - /** - * Sets the value of the placeOfBirth property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setPlaceOfBirth(String value) { - this.placeOfBirth = value; - } - - /** - * Gets the value of the gender property. - * - * @return possible object is {@link InformationIdentifyingTheHolderOfTheQualificationType.Gender } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType.Gender getGender() { - return gender; - } - - /** - * Sets the value of the gender property. - * - * @param value - * allowed object is {@link InformationIdentifyingTheHolderOfTheQualificationType.Gender } - * - */ - public void setGender(InformationIdentifyingTheHolderOfTheQualificationType.Gender value) { - this.gender = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="gender" use="required" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}GenderType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Gender { - - @XmlValue - protected String value; - @XmlAttribute(name = "gender", required = true) - protected GenderType gender; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the gender property. - * - * @return possible object is {@link GenderType } - * - */ - public GenderType getGender() { - return gender; - } - - /** - * Sets the value of the gender property. - * - * @param value - * allowed object is {@link GenderType } - * - */ - public void setGender(GenderType value) { - this.gender = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationIdentifyingTheQualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationIdentifyingTheQualificationType.java deleted file mode 100644 index 6e257e6df..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationIdentifyingTheQualificationType.java +++ /dev/null @@ -1,185 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for InformationIdentifyingTheQualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationIdentifyingTheQualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Qualification" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}QualificationType"/> - * <element name="TitleConferred" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}TitleConferredType" minOccurs="0"/> - * <element name="MainFieldsOfStudy" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="NameAndStatusOfAwardingInstitution" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}NameAndStatusOfAwardingInstitutionType"/> - * <element name="NameAndStatusOfInstitutionAdministeringStudies" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}NameAndStatusOfInstitutionAdministeringStudiesType"/> - * <element name="LanguagesOfInstructionAndExamination" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}LanguagesOfInstructionAndExaminationType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationIdentifyingTheQualificationType", propOrder = { "qualification", "titleConferred", "mainFieldsOfStudy", "nameAndStatusOfAwardingInstitution", - "nameAndStatusOfInstitutionAdministeringStudies", "languagesOfInstructionAndExamination" }) -public class InformationIdentifyingTheQualificationType { - - @XmlElement(name = "Qualification", required = true) - protected QualificationType qualification; - @XmlElement(name = "TitleConferred") - protected TitleConferredType titleConferred; - @XmlElement(name = "MainFieldsOfStudy") - protected RichTextTagType mainFieldsOfStudy; - @XmlElement(name = "NameAndStatusOfAwardingInstitution", required = true) - protected NameAndStatusOfAwardingInstitutionType nameAndStatusOfAwardingInstitution; - @XmlElement(name = "NameAndStatusOfInstitutionAdministeringStudies", required = true) - protected NameAndStatusOfInstitutionAdministeringStudiesType nameAndStatusOfInstitutionAdministeringStudies; - @XmlElement(name = "LanguagesOfInstructionAndExamination") - protected LanguagesOfInstructionAndExaminationType languagesOfInstructionAndExamination; - - /** - * Gets the value of the qualification property. - * - * @return possible object is {@link QualificationType } - * - */ - public QualificationType getQualification() { - return qualification; - } - - /** - * Sets the value of the qualification property. - * - * @param value - * allowed object is {@link QualificationType } - * - */ - public void setQualification(QualificationType value) { - this.qualification = value; - } - - /** - * Gets the value of the titleConferred property. - * - * @return possible object is {@link TitleConferredType } - * - */ - public TitleConferredType getTitleConferred() { - return titleConferred; - } - - /** - * Sets the value of the titleConferred property. - * - * @param value - * allowed object is {@link TitleConferredType } - * - */ - public void setTitleConferred(TitleConferredType value) { - this.titleConferred = value; - } - - /** - * Gets the value of the mainFieldsOfStudy property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getMainFieldsOfStudy() { - return mainFieldsOfStudy; - } - - /** - * Sets the value of the mainFieldsOfStudy property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setMainFieldsOfStudy(RichTextTagType value) { - this.mainFieldsOfStudy = value; - } - - /** - * Gets the value of the nameAndStatusOfAwardingInstitution property. - * - * @return possible object is {@link NameAndStatusOfAwardingInstitutionType } - * - */ - public NameAndStatusOfAwardingInstitutionType getNameAndStatusOfAwardingInstitution() { - return nameAndStatusOfAwardingInstitution; - } - - /** - * Sets the value of the nameAndStatusOfAwardingInstitution property. - * - * @param value - * allowed object is {@link NameAndStatusOfAwardingInstitutionType } - * - */ - public void setNameAndStatusOfAwardingInstitution(NameAndStatusOfAwardingInstitutionType value) { - this.nameAndStatusOfAwardingInstitution = value; - } - - /** - * Gets the value of the nameAndStatusOfInstitutionAdministeringStudies property. - * - * @return possible object is {@link NameAndStatusOfInstitutionAdministeringStudiesType } - * - */ - public NameAndStatusOfInstitutionAdministeringStudiesType getNameAndStatusOfInstitutionAdministeringStudies() { - return nameAndStatusOfInstitutionAdministeringStudies; - } - - /** - * Sets the value of the nameAndStatusOfInstitutionAdministeringStudies property. - * - * @param value - * allowed object is {@link NameAndStatusOfInstitutionAdministeringStudiesType } - * - */ - public void setNameAndStatusOfInstitutionAdministeringStudies(NameAndStatusOfInstitutionAdministeringStudiesType value) { - this.nameAndStatusOfInstitutionAdministeringStudies = value; - } - - /** - * Gets the value of the languagesOfInstructionAndExamination property. - * - * @return possible object is {@link LanguagesOfInstructionAndExaminationType } - * - */ - public LanguagesOfInstructionAndExaminationType getLanguagesOfInstructionAndExamination() { - return languagesOfInstructionAndExamination; - } - - /** - * Sets the value of the languagesOfInstructionAndExamination property. - * - * @param value - * allowed object is {@link LanguagesOfInstructionAndExaminationType } - * - */ - public void setLanguagesOfInstructionAndExamination(LanguagesOfInstructionAndExaminationType value) { - this.languagesOfInstructionAndExamination = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheContentsAndResultsGainedType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheContentsAndResultsGainedType.java deleted file mode 100644 index be1d1c670..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheContentsAndResultsGainedType.java +++ /dev/null @@ -1,219 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for InformationOnTheContentsAndResultsGainedType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationOnTheContentsAndResultsGainedType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="ModeOfStudy" minOccurs="0"> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="modeOfStudy" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ModeOfStudyType" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * <element name="ProgrammeRequirements" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ProgrammeRequirementsType" minOccurs="0"/> - * <element name="ProgrammeDetails" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ProgrammeDetailsType" minOccurs="0"/> - * <element name="GradingSchemeAndGradeDistributionGuidance" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}GradingSchemeAndGradeDistributionGuidanceType" minOccurs="0"/> - * <element name="OverallClassificationOfTheQualification" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationOnTheContentsAndResultsGainedType", propOrder = { "modeOfStudy", "programmeRequirements", "programmeDetails", "gradingSchemeAndGradeDistributionGuidance", - "overallClassificationOfTheQualification" }) -public class InformationOnTheContentsAndResultsGainedType { - - @XmlElement(name = "ModeOfStudy") - protected InformationOnTheContentsAndResultsGainedType.ModeOfStudy modeOfStudy; - @XmlElement(name = "ProgrammeRequirements") - protected ProgrammeRequirementsType programmeRequirements; - @XmlElement(name = "ProgrammeDetails") - protected ProgrammeDetailsType programmeDetails; - @XmlElement(name = "GradingSchemeAndGradeDistributionGuidance") - protected GradingSchemeAndGradeDistributionGuidanceType gradingSchemeAndGradeDistributionGuidance; - @XmlElement(name = "OverallClassificationOfTheQualification") - protected RichTextTagType overallClassificationOfTheQualification; - - /** - * Gets the value of the modeOfStudy property. - * - * @return possible object is {@link InformationOnTheContentsAndResultsGainedType.ModeOfStudy } - * - */ - public InformationOnTheContentsAndResultsGainedType.ModeOfStudy getModeOfStudy() { - return modeOfStudy; - } - - /** - * Sets the value of the modeOfStudy property. - * - * @param value - * allowed object is {@link InformationOnTheContentsAndResultsGainedType.ModeOfStudy } - * - */ - public void setModeOfStudy(InformationOnTheContentsAndResultsGainedType.ModeOfStudy value) { - this.modeOfStudy = value; - } - - /** - * Gets the value of the programmeRequirements property. - * - * @return possible object is {@link ProgrammeRequirementsType } - * - */ - public ProgrammeRequirementsType getProgrammeRequirements() { - return programmeRequirements; - } - - /** - * Sets the value of the programmeRequirements property. - * - * @param value - * allowed object is {@link ProgrammeRequirementsType } - * - */ - public void setProgrammeRequirements(ProgrammeRequirementsType value) { - this.programmeRequirements = value; - } - - /** - * Gets the value of the programmeDetails property. - * - * @return possible object is {@link ProgrammeDetailsType } - * - */ - public ProgrammeDetailsType getProgrammeDetails() { - return programmeDetails; - } - - /** - * Sets the value of the programmeDetails property. - * - * @param value - * allowed object is {@link ProgrammeDetailsType } - * - */ - public void setProgrammeDetails(ProgrammeDetailsType value) { - this.programmeDetails = value; - } - - /** - * Gets the value of the gradingSchemeAndGradeDistributionGuidance property. - * - * @return possible object is {@link GradingSchemeAndGradeDistributionGuidanceType } - * - */ - public GradingSchemeAndGradeDistributionGuidanceType getGradingSchemeAndGradeDistributionGuidance() { - return gradingSchemeAndGradeDistributionGuidance; - } - - /** - * Sets the value of the gradingSchemeAndGradeDistributionGuidance property. - * - * @param value - * allowed object is {@link GradingSchemeAndGradeDistributionGuidanceType } - * - */ - public void setGradingSchemeAndGradeDistributionGuidance(GradingSchemeAndGradeDistributionGuidanceType value) { - this.gradingSchemeAndGradeDistributionGuidance = value; - } - - /** - * Gets the value of the overallClassificationOfTheQualification property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getOverallClassificationOfTheQualification() { - return overallClassificationOfTheQualification; - } - - /** - * Sets the value of the overallClassificationOfTheQualification property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setOverallClassificationOfTheQualification(RichTextTagType value) { - this.overallClassificationOfTheQualification = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="modeOfStudy" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ModeOfStudyType" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class ModeOfStudy extends RichTextTagType { - - @XmlAttribute(name = "modeOfStudy") - protected ModeOfStudyType modeOfStudy; - - /** - * Gets the value of the modeOfStudy property. - * - * @return possible object is {@link ModeOfStudyType } - * - */ - public ModeOfStudyType getModeOfStudy() { - return modeOfStudy; - } - - /** - * Sets the value of the modeOfStudy property. - * - * @param value - * allowed object is {@link ModeOfStudyType } - * - */ - public void setModeOfStudy(ModeOfStudyType value) { - this.modeOfStudy = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheFunctionOfTheQualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheFunctionOfTheQualificationType.java deleted file mode 100644 index 87bb10c71..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheFunctionOfTheQualificationType.java +++ /dev/null @@ -1,146 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for InformationOnTheFunctionOfTheQualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationOnTheFunctionOfTheQualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="AccessToFurtherStudy" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="ProfessionalStatus" minOccurs="0"> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="isRegulatedProfession" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationOnTheFunctionOfTheQualificationType", propOrder = { "accessToFurtherStudy", "professionalStatus" }) -public class InformationOnTheFunctionOfTheQualificationType { - - @XmlElement(name = "AccessToFurtherStudy") - protected RichTextTagType accessToFurtherStudy; - @XmlElement(name = "ProfessionalStatus") - protected InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus professionalStatus; - - /** - * Gets the value of the accessToFurtherStudy property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAccessToFurtherStudy() { - return accessToFurtherStudy; - } - - /** - * Sets the value of the accessToFurtherStudy property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAccessToFurtherStudy(RichTextTagType value) { - this.accessToFurtherStudy = value; - } - - /** - * Gets the value of the professionalStatus property. - * - * @return possible object is {@link InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus } - * - */ - public InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus getProfessionalStatus() { - return professionalStatus; - } - - /** - * Sets the value of the professionalStatus property. - * - * @param value - * allowed object is {@link InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus } - * - */ - public void setProfessionalStatus(InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus value) { - this.professionalStatus = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="isRegulatedProfession" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class ProfessionalStatus extends RichTextTagType { - - @XmlAttribute(name = "isRegulatedProfession") - protected Boolean isRegulatedProfession; - - /** - * Gets the value of the isRegulatedProfession property. - * - * @return possible object is {@link Boolean } - * - */ - public Boolean isIsRegulatedProfession() { - return isRegulatedProfession; - } - - /** - * Sets the value of the isRegulatedProfession property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setIsRegulatedProfession(Boolean value) { - this.isRegulatedProfession = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheLevelOfTheQualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheLevelOfTheQualificationType.java deleted file mode 100644 index c759fdf52..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InformationOnTheLevelOfTheQualificationType.java +++ /dev/null @@ -1,353 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for InformationOnTheLevelOfTheQualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InformationOnTheLevelOfTheQualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Level"> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="isced1997" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ISCED1997Type" /> - * <attribute name="isced2011" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ISCED2011Type" /> - * <attribute name="eheaFramework" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}EHEAFrameworkType" /> - * <attribute name="nfq" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}NFQType" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * <element name="OfficialLengthOfProgramme"> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="ectsCredits" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" /> - * <attribute name="years" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" /> - * <attribute name="semesters" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveIntegerType" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * <element name="AccessRequirements" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InformationOnTheLevelOfTheQualificationType", propOrder = { "level", "officialLengthOfProgramme", "accessRequirements" }) -public class InformationOnTheLevelOfTheQualificationType { - - @XmlElement(name = "Level", required = true) - protected InformationOnTheLevelOfTheQualificationType.Level level; - @XmlElement(name = "OfficialLengthOfProgramme", required = true) - protected InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme officialLengthOfProgramme; - @XmlElement(name = "AccessRequirements") - protected RichTextTagType accessRequirements; - - /** - * Gets the value of the level property. - * - * @return possible object is {@link InformationOnTheLevelOfTheQualificationType.Level } - * - */ - public InformationOnTheLevelOfTheQualificationType.Level getLevel() { - return level; - } - - /** - * Sets the value of the level property. - * - * @param value - * allowed object is {@link InformationOnTheLevelOfTheQualificationType.Level } - * - */ - public void setLevel(InformationOnTheLevelOfTheQualificationType.Level value) { - this.level = value; - } - - /** - * Gets the value of the officialLengthOfProgramme property. - * - * @return possible object is {@link InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme } - * - */ - public InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme getOfficialLengthOfProgramme() { - return officialLengthOfProgramme; - } - - /** - * Sets the value of the officialLengthOfProgramme property. - * - * @param value - * allowed object is {@link InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme } - * - */ - public void setOfficialLengthOfProgramme(InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme value) { - this.officialLengthOfProgramme = value; - } - - /** - * Gets the value of the accessRequirements property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAccessRequirements() { - return accessRequirements; - } - - /** - * Sets the value of the accessRequirements property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAccessRequirements(RichTextTagType value) { - this.accessRequirements = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="isced1997" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ISCED1997Type" /> - * <attribute name="isced2011" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ISCED2011Type" /> - * <attribute name="eheaFramework" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}EHEAFrameworkType" /> - * <attribute name="nfq" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}NFQType" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class Level extends RichTextTagType { - - @XmlAttribute(name = "isced1997") - protected String isced1997; - @XmlAttribute(name = "isced2011") - protected String isced2011; - @XmlAttribute(name = "eheaFramework") - protected EHEAFrameworkType eheaFramework; - @XmlAttribute(name = "nfq") - protected String nfq; - - /** - * Gets the value of the isced1997 property. - * - * @return possible object is {@link String } - * - */ - public String getIsced1997() { - return isced1997; - } - - /** - * Sets the value of the isced1997 property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setIsced1997(String value) { - this.isced1997 = value; - } - - /** - * Gets the value of the isced2011 property. - * - * @return possible object is {@link String } - * - */ - public String getIsced2011() { - return isced2011; - } - - /** - * Sets the value of the isced2011 property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setIsced2011(String value) { - this.isced2011 = value; - } - - /** - * Gets the value of the eheaFramework property. - * - * @return possible object is {@link EHEAFrameworkType } - * - */ - public EHEAFrameworkType getEheaFramework() { - return eheaFramework; - } - - /** - * Sets the value of the eheaFramework property. - * - * @param value - * allowed object is {@link EHEAFrameworkType } - * - */ - public void setEheaFramework(EHEAFrameworkType value) { - this.eheaFramework = value; - } - - /** - * Gets the value of the nfq property. - * - * @return possible object is {@link String } - * - */ - public String getNfq() { - return nfq; - } - - /** - * Sets the value of the nfq property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNfq(String value) { - this.nfq = value; - } - - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="ectsCredits" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" /> - * <attribute name="years" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" /> - * <attribute name="semesters" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveIntegerType" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class OfficialLengthOfProgramme extends RichTextTagType { - - @XmlAttribute(name = "ectsCredits") - protected BigDecimal ectsCredits; - @XmlAttribute(name = "years") - protected BigDecimal years; - @XmlAttribute(name = "semesters") - protected Integer semesters; - - /** - * Gets the value of the ectsCredits property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getEctsCredits() { - return ectsCredits; - } - - /** - * Sets the value of the ectsCredits property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setEctsCredits(BigDecimal value) { - this.ectsCredits = value; - } - - /** - * Gets the value of the years property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getYears() { - return years; - } - - /** - * Sets the value of the years property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setYears(BigDecimal value) { - this.years = value; - } - - /** - * Gets the value of the semesters property. - * - * @return possible object is {@link Integer } - * - */ - public Integer getSemesters() { - return semesters; - } - - /** - * Sets the value of the semesters property. - * - * @param value - * allowed object is {@link Integer } - * - */ - public void setSemesters(Integer value) { - this.semesters = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InstitutionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InstitutionType.java deleted file mode 100644 index c6c27ca5f..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/InstitutionType.java +++ /dev/null @@ -1,321 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlIDREF; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlSeeAlso; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * <p> - * Java class for InstitutionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="InstitutionType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="Status" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="Country" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CountryTextCodeType" minOccurs="0"/> - * <element name="AdditionalInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * <element name="ContactInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}ContactInformationType" minOccurs="0"/> - * <element name="AttachedImageRef" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}IDREF" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </sequence> - * <attribute name="nationalID" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" /> - * <attribute name="erasmusID" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "InstitutionType", propOrder = { "name", "status", "country", "additionalInformation", "contactInformation", "attachedImageRef" }) -@XmlSeeAlso({ eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.NameAndStatusOfAwardingInstitutionType.AwardingInstitution.class, - eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies.class }) -public class InstitutionType { - - @XmlElement(name = "Name", required = true) - protected String name; - @XmlElement(name = "Status") - protected String status; - @XmlElement(name = "Country") - protected CountryTextCodeType country; - @XmlElement(name = "AdditionalInformation") - protected RichTextTagType additionalInformation; - @XmlElement(name = "ContactInformation") - protected ContactInformationType contactInformation; - @XmlElement(name = "AttachedImageRef") - protected InstitutionType.AttachedImageRef attachedImageRef; - @XmlAttribute(name = "nationalID") - protected String nationalID; - @XmlAttribute(name = "erasmusID") - protected String erasmusID; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the status property. - * - * @return possible object is {@link String } - * - */ - public String getStatus() { - return status; - } - - /** - * Sets the value of the status property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setStatus(String value) { - this.status = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link CountryTextCodeType } - * - */ - public CountryTextCodeType getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link CountryTextCodeType } - * - */ - public void setCountry(CountryTextCodeType value) { - this.country = value; - } - - /** - * Gets the value of the additionalInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAdditionalInformation() { - return additionalInformation; - } - - /** - * Sets the value of the additionalInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAdditionalInformation(RichTextTagType value) { - this.additionalInformation = value; - } - - /** - * Gets the value of the contactInformation property. - * - * @return possible object is {@link ContactInformationType } - * - */ - public ContactInformationType getContactInformation() { - return contactInformation; - } - - /** - * Sets the value of the contactInformation property. - * - * @param value - * allowed object is {@link ContactInformationType } - * - */ - public void setContactInformation(ContactInformationType value) { - this.contactInformation = value; - } - - /** - * Gets the value of the attachedImageRef property. - * - * @return possible object is {@link InstitutionType.AttachedImageRef } - * - */ - public InstitutionType.AttachedImageRef getAttachedImageRef() { - return attachedImageRef; - } - - /** - * Sets the value of the attachedImageRef property. - * - * @param value - * allowed object is {@link InstitutionType.AttachedImageRef } - * - */ - public void setAttachedImageRef(InstitutionType.AttachedImageRef value) { - this.attachedImageRef = value; - } - - /** - * Gets the value of the nationalID property. - * - * @return possible object is {@link String } - * - */ - public String getNationalID() { - return nationalID; - } - - /** - * Sets the value of the nationalID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNationalID(String value) { - this.nationalID = value; - } - - /** - * Gets the value of the erasmusID property. - * - * @return possible object is {@link String } - * - */ - public String getErasmusID() { - return erasmusID; - } - - /** - * Sets the value of the erasmusID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setErasmusID(String value) { - this.erasmusID = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}IDREF" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class AttachedImageRef { - - @XmlValue - protected String value; - @XmlAttribute(name = "attachedID", required = true) - @XmlIDREF - @XmlSchemaType(name = "IDREF") - protected Object attachedID; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the attachedID property. - * - * @return possible object is {@link Object } - * - */ - public Object getAttachedID() { - return attachedID; - } - - /** - * Sets the value of the attachedID property. - * - * @param value - * allowed object is {@link Object } - * - */ - public void setAttachedID(Object value) { - this.attachedID = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LanguageType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LanguageType.java deleted file mode 100644 index 8dcc5c546..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LanguageType.java +++ /dev/null @@ -1,250 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for LanguageType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="LanguageType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="ab"/> - * <enumeration value="af"/> - * <enumeration value="an"/> - * <enumeration value="ar"/> - * <enumeration value="as"/> - * <enumeration value="az"/> - * <enumeration value="be"/> - * <enumeration value="bg"/> - * <enumeration value="bn"/> - * <enumeration value="bo"/> - * <enumeration value="br"/> - * <enumeration value="bs"/> - * <enumeration value="ca"/> - * <enumeration value="ce"/> - * <enumeration value="co"/> - * <enumeration value="cs"/> - * <enumeration value="cy"/> - * <enumeration value="da"/> - * <enumeration value="de"/> - * <enumeration value="el"/> - * <enumeration value="en"/> - * <enumeration value="es"/> - * <enumeration value="et"/> - * <enumeration value="eu"/> - * <enumeration value="fa"/> - * <enumeration value="fi"/> - * <enumeration value="fj"/> - * <enumeration value="fo"/> - * <enumeration value="fr"/> - * <enumeration value="fy"/> - * <enumeration value="ga"/> - * <enumeration value="gd"/> - * <enumeration value="gl"/> - * <enumeration value="gv"/> - * <enumeration value="grc"/> - * <enumeration value="gsw"/> - * <enumeration value="he"/> - * <enumeration value="hi"/> - * <enumeration value="hr"/> - * <enumeration value="ht"/> - * <enumeration value="hu"/> - * <enumeration value="hy"/> - * <enumeration value="id"/> - * <enumeration value="is"/> - * <enumeration value="it"/> - * <enumeration value="ja"/> - * <enumeration value="jv"/> - * <enumeration value="ka"/> - * <enumeration value="kg"/> - * <enumeration value="ko"/> - * <enumeration value="ku"/> - * <enumeration value="kw"/> - * <enumeration value="ky"/> - * <enumeration value="lb"/> - * <enumeration value="li"/> - * <enumeration value="ln"/> - * <enumeration value="lt"/> - * <enumeration value="lv"/> - * <enumeration value="mg"/> - * <enumeration value="mk"/> - * <enumeration value="mn"/> - * <enumeration value="mo"/> - * <enumeration value="ms"/> - * <enumeration value="mt"/> - * <enumeration value="my"/> - * <enumeration value="nb"/> - * <enumeration value="ne"/> - * <enumeration value="nl"/> - * <enumeration value="nn"/> - * <enumeration value="no"/> - * <enumeration value="pl"/> - * <enumeration value="pt"/> - * <enumeration value="rm"/> - * <enumeration value="ro"/> - * <enumeration value="ru"/> - * <enumeration value="sc"/> - * <enumeration value="se"/> - * <enumeration value="sk"/> - * <enumeration value="sl"/> - * <enumeration value="so"/> - * <enumeration value="sq"/> - * <enumeration value="sr"/> - * <enumeration value="sv"/> - * <enumeration value="sw"/> - * <enumeration value="tk"/> - * <enumeration value="tr"/> - * <enumeration value="ty"/> - * <enumeration value="uk"/> - * <enumeration value="ur"/> - * <enumeration value="uz"/> - * <enumeration value="vi"/> - * <enumeration value="yi"/> - * <enumeration value="zh"/> - * <enumeration value="cu"/> - * <enumeration value="eo"/> - * <enumeration value="la"/> - * <enumeration value="oc"/> - * <enumeration value="vo"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "LanguageType") -@XmlEnum -public enum LanguageType { - - @XmlEnumValue("ab") - AB("ab"), @XmlEnumValue("af") - AF("af"), @XmlEnumValue("an") - AN("an"), @XmlEnumValue("ar") - AR("ar"), @XmlEnumValue("as") - AS("as"), @XmlEnumValue("az") - AZ("az"), @XmlEnumValue("be") - BE("be"), @XmlEnumValue("bg") - BG("bg"), @XmlEnumValue("bn") - BN("bn"), @XmlEnumValue("bo") - BO("bo"), @XmlEnumValue("br") - BR("br"), @XmlEnumValue("bs") - BS("bs"), @XmlEnumValue("ca") - CA("ca"), @XmlEnumValue("ce") - CE("ce"), @XmlEnumValue("co") - CO("co"), @XmlEnumValue("cs") - CS("cs"), @XmlEnumValue("cy") - CY("cy"), @XmlEnumValue("da") - DA("da"), @XmlEnumValue("de") - DE("de"), @XmlEnumValue("el") - EL("el"), @XmlEnumValue("en") - EN("en"), @XmlEnumValue("es") - ES("es"), @XmlEnumValue("et") - ET("et"), @XmlEnumValue("eu") - EU("eu"), @XmlEnumValue("fa") - FA("fa"), @XmlEnumValue("fi") - FI("fi"), @XmlEnumValue("fj") - FJ("fj"), @XmlEnumValue("fo") - FO("fo"), @XmlEnumValue("fr") - FR("fr"), @XmlEnumValue("fy") - FY("fy"), @XmlEnumValue("ga") - GA("ga"), @XmlEnumValue("gd") - GD("gd"), @XmlEnumValue("gl") - GL("gl"), @XmlEnumValue("gv") - GV("gv"), @XmlEnumValue("grc") - GRC("grc"), @XmlEnumValue("gsw") - GSW("gsw"), @XmlEnumValue("he") - HE("he"), @XmlEnumValue("hi") - HI("hi"), @XmlEnumValue("hr") - HR("hr"), @XmlEnumValue("ht") - HT("ht"), @XmlEnumValue("hu") - HU("hu"), @XmlEnumValue("hy") - HY("hy"), @XmlEnumValue("id") - ID("id"), @XmlEnumValue("is") - IS("is"), @XmlEnumValue("it") - IT("it"), @XmlEnumValue("ja") - JA("ja"), @XmlEnumValue("jv") - JV("jv"), @XmlEnumValue("ka") - KA("ka"), @XmlEnumValue("kg") - KG("kg"), @XmlEnumValue("ko") - KO("ko"), @XmlEnumValue("ku") - KU("ku"), @XmlEnumValue("kw") - KW("kw"), @XmlEnumValue("ky") - KY("ky"), @XmlEnumValue("lb") - LB("lb"), @XmlEnumValue("li") - LI("li"), @XmlEnumValue("ln") - LN("ln"), @XmlEnumValue("lt") - LT("lt"), @XmlEnumValue("lv") - LV("lv"), @XmlEnumValue("mg") - MG("mg"), @XmlEnumValue("mk") - MK("mk"), @XmlEnumValue("mn") - MN("mn"), @XmlEnumValue("mo") - MO("mo"), @XmlEnumValue("ms") - MS("ms"), @XmlEnumValue("mt") - MT("mt"), @XmlEnumValue("my") - MY("my"), @XmlEnumValue("nb") - NB("nb"), @XmlEnumValue("ne") - NE("ne"), @XmlEnumValue("nl") - NL("nl"), @XmlEnumValue("nn") - NN("nn"), @XmlEnumValue("no") - NO("no"), @XmlEnumValue("pl") - PL("pl"), @XmlEnumValue("pt") - PT("pt"), @XmlEnumValue("rm") - RM("rm"), @XmlEnumValue("ro") - RO("ro"), @XmlEnumValue("ru") - RU("ru"), @XmlEnumValue("sc") - SC("sc"), @XmlEnumValue("se") - SE("se"), @XmlEnumValue("sk") - SK("sk"), @XmlEnumValue("sl") - SL("sl"), @XmlEnumValue("so") - SO("so"), @XmlEnumValue("sq") - SQ("sq"), @XmlEnumValue("sr") - SR("sr"), @XmlEnumValue("sv") - SV("sv"), @XmlEnumValue("sw") - SW("sw"), @XmlEnumValue("tk") - TK("tk"), @XmlEnumValue("tr") - TR("tr"), @XmlEnumValue("ty") - TY("ty"), @XmlEnumValue("uk") - UK("uk"), @XmlEnumValue("ur") - UR("ur"), @XmlEnumValue("uz") - UZ("uz"), @XmlEnumValue("vi") - VI("vi"), @XmlEnumValue("yi") - YI("yi"), @XmlEnumValue("zh") - ZH("zh"), @XmlEnumValue("cu") - CU("cu"), @XmlEnumValue("eo") - EO("eo"), @XmlEnumValue("la") - LA("la"), @XmlEnumValue("oc") - OC("oc"), @XmlEnumValue("vo") - VO("vo"); - private final String value; - - LanguageType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static LanguageType fromValue(String v) { - for (LanguageType c : LanguageType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LanguagesOfInstructionAndExaminationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LanguagesOfInstructionAndExaminationType.java deleted file mode 100644 index 1bf2acba6..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LanguagesOfInstructionAndExaminationType.java +++ /dev/null @@ -1,210 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.math.BigDecimal; -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for LanguagesOfInstructionAndExaminationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="LanguagesOfInstructionAndExaminationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Language" maxOccurs="unbounded"> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="language" use="required" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}LanguageType" /> - * <attribute name="percent" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PercentType" /> - * <attribute name="instruction" type="{http://www.w3.org/2001/XMLSchema}boolean" default="true" /> - * <attribute name="examination" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "LanguagesOfInstructionAndExaminationType", propOrder = { "language" }) -public class LanguagesOfInstructionAndExaminationType { - - @XmlElement(name = "Language", required = true) - protected List<LanguagesOfInstructionAndExaminationType.Language> language; - - /** - * Gets the value of the language property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the language property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getLanguage().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link LanguagesOfInstructionAndExaminationType.Language } - * - * - */ - public List<LanguagesOfInstructionAndExaminationType.Language> getLanguage() { - if (language == null) { - language = new ArrayList<LanguagesOfInstructionAndExaminationType.Language>(); - } - return this.language; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"> - * <attribute name="language" use="required" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}LanguageType" /> - * <attribute name="percent" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PercentType" /> - * <attribute name="instruction" type="{http://www.w3.org/2001/XMLSchema}boolean" default="true" /> - * <attribute name="examination" type="{http://www.w3.org/2001/XMLSchema}boolean" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class Language extends RichTextTagType { - - @XmlAttribute(name = "language", required = true) - protected LanguageType language; - @XmlAttribute(name = "percent") - protected BigDecimal percent; - @XmlAttribute(name = "instruction") - protected Boolean instruction; - @XmlAttribute(name = "examination") - protected Boolean examination; - - /** - * Gets the value of the language property. - * - * @return possible object is {@link LanguageType } - * - */ - public LanguageType getLanguage() { - return language; - } - - /** - * Sets the value of the language property. - * - * @param value - * allowed object is {@link LanguageType } - * - */ - public void setLanguage(LanguageType value) { - this.language = value; - } - - /** - * Gets the value of the percent property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getPercent() { - return percent; - } - - /** - * Sets the value of the percent property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setPercent(BigDecimal value) { - this.percent = value; - } - - /** - * Gets the value of the instruction property. - * - * @return possible object is {@link Boolean } - * - */ - public boolean isInstruction() { - if (instruction == null) { - return true; - } else { - return instruction; - } - } - - /** - * Sets the value of the instruction property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setInstruction(Boolean value) { - this.instruction = value; - } - - /** - * Gets the value of the examination property. - * - * @return possible object is {@link Boolean } - * - */ - public Boolean isExamination() { - return examination; - } - - /** - * Sets the value of the examination property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setExamination(Boolean value) { - this.examination = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LocalGradeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LocalGradeType.java deleted file mode 100644 index 24582dc94..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/LocalGradeType.java +++ /dev/null @@ -1,219 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * <p> - * Java class for LocalGradeType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="LocalGradeType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="AcademicYear" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AcademicYearType" minOccurs="0"/> - * <element name="DateIssued" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}DateType" minOccurs="0"/> - * <element name="Grade" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="Source" minOccurs="0"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="source" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}SourceGradeType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "LocalGradeType", propOrder = { "academicYear", "dateIssued", "grade", "source" }) -public class LocalGradeType { - - @XmlElement(name = "AcademicYear") - protected String academicYear; - @XmlElement(name = "DateIssued") - protected XMLGregorianCalendar dateIssued; - @XmlElement(name = "Grade", required = true) - protected String grade; - @XmlElement(name = "Source") - protected LocalGradeType.Source source; - - /** - * Gets the value of the academicYear property. - * - * @return possible object is {@link String } - * - */ - public String getAcademicYear() { - return academicYear; - } - - /** - * Sets the value of the academicYear property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAcademicYear(String value) { - this.academicYear = value; - } - - /** - * Gets the value of the dateIssued property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateIssued() { - return dateIssued; - } - - /** - * Sets the value of the dateIssued property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateIssued(XMLGregorianCalendar value) { - this.dateIssued = value; - } - - /** - * Gets the value of the grade property. - * - * @return possible object is {@link String } - * - */ - public String getGrade() { - return grade; - } - - /** - * Sets the value of the grade property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setGrade(String value) { - this.grade = value; - } - - /** - * Gets the value of the source property. - * - * @return possible object is {@link LocalGradeType.Source } - * - */ - public LocalGradeType.Source getSource() { - return source; - } - - /** - * Sets the value of the source property. - * - * @param value - * allowed object is {@link LocalGradeType.Source } - * - */ - public void setSource(LocalGradeType.Source value) { - this.source = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="source" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}SourceGradeType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Source { - - @XmlValue - protected String value; - @XmlAttribute(name = "source") - protected SourceGradeType source; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the source property. - * - * @return possible object is {@link SourceGradeType } - * - */ - public SourceGradeType getSource() { - return source; - } - - /** - * Sets the value of the source property. - * - * @param value - * allowed object is {@link SourceGradeType } - * - */ - public void setSource(SourceGradeType value) { - this.source = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MimeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MimeType.java deleted file mode 100644 index c051cb2b4..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MimeType.java +++ /dev/null @@ -1,68 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for MimeType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="MimeType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="image/gif"/> - * <enumeration value="image/jpeg"/> - * <enumeration value="image/pjpeg"/> - * <enumeration value="image/png"/> - * <enumeration value="image/tiff"/> - * <enumeration value="text/html"/> - * <enumeration value="application/pdf"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "MimeType") -@XmlEnum -public enum MimeType { - - @XmlEnumValue("image/gif") - IMAGE_GIF("image/gif"), @XmlEnumValue("image/jpeg") - IMAGE_JPEG("image/jpeg"), @XmlEnumValue("image/pjpeg") - IMAGE_PJPEG("image/pjpeg"), @XmlEnumValue("image/png") - IMAGE_PNG("image/png"), @XmlEnumValue("image/tiff") - IMAGE_TIFF("image/tiff"), @XmlEnumValue("text/html") - TEXT_HTML("text/html"), @XmlEnumValue("application/pdf") - APPLICATION_PDF("application/pdf"); - private final String value; - - MimeType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static MimeType fromValue(String v) { - for (MimeType c : MimeType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeCourseUnitType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeCourseUnitType.java deleted file mode 100644 index 557473a0c..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeCourseUnitType.java +++ /dev/null @@ -1,247 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.math.BigDecimal; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * <p> - * Java class for MobilityProgrammeCourseUnitType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="MobilityProgrammeCourseUnitType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Code" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="Title"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="language" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}LanguageType" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * <element name="ECTSCredits" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PositiveDecimalType" minOccurs="0"/> - * <element name="AdditionalInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * <attribute name="isInTheLearningAgreement" type="{http://www.w3.org/2001/XMLSchema}boolean" default="true" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "MobilityProgrammeCourseUnitType", propOrder = { "code", "title", "ectsCredits", "additionalInformation" }) -public class MobilityProgrammeCourseUnitType { - - @XmlElement(name = "Code") - protected String code; - @XmlElement(name = "Title", required = true) - protected MobilityProgrammeCourseUnitType.Title title; - @XmlElement(name = "ECTSCredits") - protected BigDecimal ectsCredits; - @XmlElement(name = "AdditionalInformation") - protected RichTextTagType additionalInformation; - @XmlAttribute(name = "isInTheLearningAgreement") - protected Boolean isInTheLearningAgreement; - - /** - * Gets the value of the code property. - * - * @return possible object is {@link String } - * - */ - public String getCode() { - return code; - } - - /** - * Sets the value of the code property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCode(String value) { - this.code = value; - } - - /** - * Gets the value of the title property. - * - * @return possible object is {@link MobilityProgrammeCourseUnitType.Title } - * - */ - public MobilityProgrammeCourseUnitType.Title getTitle() { - return title; - } - - /** - * Sets the value of the title property. - * - * @param value - * allowed object is {@link MobilityProgrammeCourseUnitType.Title } - * - */ - public void setTitle(MobilityProgrammeCourseUnitType.Title value) { - this.title = value; - } - - /** - * Gets the value of the ectsCredits property. - * - * @return possible object is {@link BigDecimal } - * - */ - public BigDecimal getECTSCredits() { - return ectsCredits; - } - - /** - * Sets the value of the ectsCredits property. - * - * @param value - * allowed object is {@link BigDecimal } - * - */ - public void setECTSCredits(BigDecimal value) { - this.ectsCredits = value; - } - - /** - * Gets the value of the additionalInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAdditionalInformation() { - return additionalInformation; - } - - /** - * Sets the value of the additionalInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAdditionalInformation(RichTextTagType value) { - this.additionalInformation = value; - } - - /** - * Gets the value of the isInTheLearningAgreement property. - * - * @return possible object is {@link Boolean } - * - */ - public boolean isIsInTheLearningAgreement() { - if (isInTheLearningAgreement == null) { - return true; - } else { - return isInTheLearningAgreement; - } - } - - /** - * Sets the value of the isInTheLearningAgreement property. - * - * @param value - * allowed object is {@link Boolean } - * - */ - public void setIsInTheLearningAgreement(Boolean value) { - this.isInTheLearningAgreement = value; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="language" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}LanguageType" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class Title { - - @XmlValue - protected String value; - @XmlAttribute(name = "language") - protected LanguageType language; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the language property. - * - * @return possible object is {@link LanguageType } - * - */ - public LanguageType getLanguage() { - return language; - } - - /** - * Sets the value of the language property. - * - * @param value - * allowed object is {@link LanguageType } - * - */ - public void setLanguage(LanguageType value) { - this.language = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeCoursesUnitsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeCoursesUnitsType.java deleted file mode 100644 index 63a4d0ecf..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeCoursesUnitsType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for MobilityProgrammeCoursesUnitsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="MobilityProgrammeCoursesUnitsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CourseUnit" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}MobilityProgrammeCourseUnitType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "MobilityProgrammeCoursesUnitsType", propOrder = { "courseUnit" }) -public class MobilityProgrammeCoursesUnitsType { - - @XmlElement(name = "CourseUnit", required = true) - protected List<MobilityProgrammeCourseUnitType> courseUnit; - - /** - * Gets the value of the courseUnit property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the courseUnit property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getCourseUnit().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link MobilityProgrammeCourseUnitType } - * - * - */ - public List<MobilityProgrammeCourseUnitType> getCourseUnit() { - if (courseUnit == null) { - courseUnit = new ArrayList<MobilityProgrammeCourseUnitType>(); - } - return this.courseUnit; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeType.java deleted file mode 100644 index dbb8bc284..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MobilityProgrammeType.java +++ /dev/null @@ -1,233 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import javax.xml.datatype.XMLGregorianCalendar; - -/** - * <p> - * Java class for MobilityProgrammeType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="MobilityProgrammeType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Type" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="FieldOfStudy" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * <element name="Country" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CountryTextCodeType"/> - * <element name="ReceivingInstitutionName" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="AcademicYear" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}AcademicYearType" minOccurs="0"/> - * <element name="DateFrom" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}DateType" minOccurs="0"/> - * <element name="DateTo" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}DateType" minOccurs="0"/> - * <element name="CoursesUnits" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}MobilityProgrammeCoursesUnitsType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "MobilityProgrammeType", propOrder = { "type", "fieldOfStudy", "country", "receivingInstitutionName", "academicYear", "dateFrom", "dateTo", "coursesUnits" }) -public class MobilityProgrammeType { - - @XmlElement(name = "Type") - protected String type; - @XmlElement(name = "FieldOfStudy") - protected String fieldOfStudy; - @XmlElement(name = "Country", required = true) - protected CountryTextCodeType country; - @XmlElement(name = "ReceivingInstitutionName", required = true) - protected String receivingInstitutionName; - @XmlElement(name = "AcademicYear") - protected String academicYear; - @XmlElement(name = "DateFrom") - protected XMLGregorianCalendar dateFrom; - @XmlElement(name = "DateTo") - protected XMLGregorianCalendar dateTo; - @XmlElement(name = "CoursesUnits", required = true) - protected MobilityProgrammeCoursesUnitsType coursesUnits; - - /** - * Gets the value of the type property. - * - * @return possible object is {@link String } - * - */ - public String getType() { - return type; - } - - /** - * Sets the value of the type property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setType(String value) { - this.type = value; - } - - /** - * Gets the value of the fieldOfStudy property. - * - * @return possible object is {@link String } - * - */ - public String getFieldOfStudy() { - return fieldOfStudy; - } - - /** - * Sets the value of the fieldOfStudy property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setFieldOfStudy(String value) { - this.fieldOfStudy = value; - } - - /** - * Gets the value of the country property. - * - * @return possible object is {@link CountryTextCodeType } - * - */ - public CountryTextCodeType getCountry() { - return country; - } - - /** - * Sets the value of the country property. - * - * @param value - * allowed object is {@link CountryTextCodeType } - * - */ - public void setCountry(CountryTextCodeType value) { - this.country = value; - } - - /** - * Gets the value of the receivingInstitutionName property. - * - * @return possible object is {@link String } - * - */ - public String getReceivingInstitutionName() { - return receivingInstitutionName; - } - - /** - * Sets the value of the receivingInstitutionName property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setReceivingInstitutionName(String value) { - this.receivingInstitutionName = value; - } - - /** - * Gets the value of the academicYear property. - * - * @return possible object is {@link String } - * - */ - public String getAcademicYear() { - return academicYear; - } - - /** - * Sets the value of the academicYear property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAcademicYear(String value) { - this.academicYear = value; - } - - /** - * Gets the value of the dateFrom property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateFrom() { - return dateFrom; - } - - /** - * Sets the value of the dateFrom property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateFrom(XMLGregorianCalendar value) { - this.dateFrom = value; - } - - /** - * Gets the value of the dateTo property. - * - * @return possible object is {@link XMLGregorianCalendar } - * - */ - public XMLGregorianCalendar getDateTo() { - return dateTo; - } - - /** - * Sets the value of the dateTo property. - * - * @param value - * allowed object is {@link XMLGregorianCalendar } - * - */ - public void setDateTo(XMLGregorianCalendar value) { - this.dateTo = value; - } - - /** - * Gets the value of the coursesUnits property. - * - * @return possible object is {@link MobilityProgrammeCoursesUnitsType } - * - */ - public MobilityProgrammeCoursesUnitsType getCoursesUnits() { - return coursesUnits; - } - - /** - * Sets the value of the coursesUnits property. - * - * @param value - * allowed object is {@link MobilityProgrammeCoursesUnitsType } - * - */ - public void setCoursesUnits(MobilityProgrammeCoursesUnitsType value) { - this.coursesUnits = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ModeOfDeliveryType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ModeOfDeliveryType.java deleted file mode 100644 index 1eca1ed60..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ModeOfDeliveryType.java +++ /dev/null @@ -1,60 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ModeOfDeliveryType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="ModeOfDeliveryType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="FaceToFace"/> - * <enumeration value="DistanceLearning"/> - * <enumeration value="Other"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "ModeOfDeliveryType") -@XmlEnum -public enum ModeOfDeliveryType { - - @XmlEnumValue("FaceToFace") - FACE_TO_FACE("FaceToFace"), @XmlEnumValue("DistanceLearning") - DISTANCE_LEARNING("DistanceLearning"), @XmlEnumValue("Other") - OTHER("Other"); - private final String value; - - ModeOfDeliveryType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static ModeOfDeliveryType fromValue(String v) { - for (ModeOfDeliveryType c : ModeOfDeliveryType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ModeOfStudyType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ModeOfStudyType.java deleted file mode 100644 index 5a3b5a830..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ModeOfStudyType.java +++ /dev/null @@ -1,64 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ModeOfStudyType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="ModeOfStudyType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="FullTime"/> - * <enumeration value="ParTime"/> - * <enumeration value="Distance"/> - * <enumeration value="eLearning"/> - * <enumeration value="Another"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "ModeOfStudyType") -@XmlEnum -public enum ModeOfStudyType { - - @XmlEnumValue("FullTime") - FULL_TIME("FullTime"), @XmlEnumValue("ParTime") - PAR_TIME("ParTime"), @XmlEnumValue("Distance") - DISTANCE("Distance"), @XmlEnumValue("eLearning") - E_LEARNING("eLearning"), @XmlEnumValue("Another") - ANOTHER("Another"); - private final String value; - - ModeOfStudyType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static ModeOfStudyType fromValue(String v) { - for (ModeOfStudyType c : ModeOfStudyType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MultilingualGeneralDiplomaType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MultilingualGeneralDiplomaType.java deleted file mode 100644 index 7ffa2f2ea..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/MultilingualGeneralDiplomaType.java +++ /dev/null @@ -1,103 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; -import eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig.SignatureType; - -/** - * <p> - * Java class for MultilingualGeneralDiplomaType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="MultilingualGeneralDiplomaType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}GeneralDiploma" maxOccurs="unbounded"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Signature" maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "MultilingualGeneralDiplomaType", propOrder = { "generalDiploma", "signature" }) -public class MultilingualGeneralDiplomaType { - - @XmlElement(name = "GeneralDiploma", required = true) - protected List<GeneralDiplomaType> generalDiploma; - @XmlElement(name = "Signature", namespace = "http://www.w3.org/2000/09/xmldsig#") - protected List<SignatureType> signature; - - /** - * Gets the value of the generalDiploma property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the generalDiploma property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getGeneralDiploma().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link GeneralDiplomaType } - * - * - */ - public List<GeneralDiplomaType> getGeneralDiploma() { - if (generalDiploma == null) { - generalDiploma = new ArrayList<GeneralDiplomaType>(); - } - return this.generalDiploma; - } - - /** - * Gets the value of the signature property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the signature property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getSignature().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link SignatureType } - * - * - */ - public List<SignatureType> getSignature() { - if (signature == null) { - signature = new ArrayList<SignatureType>(); - } - return this.signature; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/NameAndStatusOfAwardingInstitutionType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/NameAndStatusOfAwardingInstitutionType.java deleted file mode 100644 index 201efce45..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/NameAndStatusOfAwardingInstitutionType.java +++ /dev/null @@ -1,134 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for NameAndStatusOfAwardingInstitutionType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="NameAndStatusOfAwardingInstitutionType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="AwardingInstitution" maxOccurs="unbounded"> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InstitutionType"> - * <attribute name="awardingInstitutionID" type="{http://www.w3.org/2001/XMLSchema}string" default="DEF-IAW" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "NameAndStatusOfAwardingInstitutionType", propOrder = { "awardingInstitution" }) -public class NameAndStatusOfAwardingInstitutionType { - - @XmlElement(name = "AwardingInstitution", required = true) - protected List<NameAndStatusOfAwardingInstitutionType.AwardingInstitution> awardingInstitution; - - /** - * Gets the value of the awardingInstitution property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the awardingInstitution property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getAwardingInstitution().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link NameAndStatusOfAwardingInstitutionType.AwardingInstitution } - * - * - */ - public List<NameAndStatusOfAwardingInstitutionType.AwardingInstitution> getAwardingInstitution() { - if (awardingInstitution == null) { - awardingInstitution = new ArrayList<NameAndStatusOfAwardingInstitutionType.AwardingInstitution>(); - } - return this.awardingInstitution; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InstitutionType"> - * <attribute name="awardingInstitutionID" type="{http://www.w3.org/2001/XMLSchema}string" default="DEF-IAW" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class AwardingInstitution extends InstitutionType { - - @XmlAttribute(name = "awardingInstitutionID") - protected String awardingInstitutionID; - - /** - * Gets the value of the awardingInstitutionID property. - * - * @return possible object is {@link String } - * - */ - public String getAwardingInstitutionID() { - if (awardingInstitutionID == null) { - return "DEF-IAW"; - } else { - return awardingInstitutionID; - } - } - - /** - * Sets the value of the awardingInstitutionID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAwardingInstitutionID(String value) { - this.awardingInstitutionID = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/NameAndStatusOfInstitutionAdministeringStudiesType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/NameAndStatusOfInstitutionAdministeringStudiesType.java deleted file mode 100644 index c9e07208c..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/NameAndStatusOfInstitutionAdministeringStudiesType.java +++ /dev/null @@ -1,134 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for NameAndStatusOfInstitutionAdministeringStudiesType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="NameAndStatusOfInstitutionAdministeringStudiesType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="InstitutionAdministeringStudies" maxOccurs="unbounded"> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InstitutionType"> - * <attribute name="institutionAdministeringStudiesID" type="{http://www.w3.org/2001/XMLSchema}string" default="DEF-IAS" /> - * </extension> - * </complexContent> - * </complexType> - * </element> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "NameAndStatusOfInstitutionAdministeringStudiesType", propOrder = { "institutionAdministeringStudies" }) -public class NameAndStatusOfInstitutionAdministeringStudiesType { - - @XmlElement(name = "InstitutionAdministeringStudies", required = true) - protected List<NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies> institutionAdministeringStudies; - - /** - * Gets the value of the institutionAdministeringStudies property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the institutionAdministeringStudies property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getInstitutionAdministeringStudies().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies } - * - * - */ - public List<NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies> getInstitutionAdministeringStudies() { - if (institutionAdministeringStudies == null) { - institutionAdministeringStudies = new ArrayList<NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies>(); - } - return this.institutionAdministeringStudies; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <complexContent> - * <extension base="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}InstitutionType"> - * <attribute name="institutionAdministeringStudiesID" type="{http://www.w3.org/2001/XMLSchema}string" default="DEF-IAS" /> - * </extension> - * </complexContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "") - public static class InstitutionAdministeringStudies extends InstitutionType { - - @XmlAttribute(name = "institutionAdministeringStudiesID") - protected String institutionAdministeringStudiesID; - - /** - * Gets the value of the institutionAdministeringStudiesID property. - * - * @return possible object is {@link String } - * - */ - public String getInstitutionAdministeringStudiesID() { - if (institutionAdministeringStudiesID == null) { - return "DEF-IAS"; - } else { - return institutionAdministeringStudiesID; - } - } - - /** - * Sets the value of the institutionAdministeringStudiesID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setInstitutionAdministeringStudiesID(String value) { - this.institutionAdministeringStudiesID = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ObjectFactory.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ObjectFactory.java deleted file mode 100644 index 3e2bbe5c0..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ObjectFactory.java +++ /dev/null @@ -1,623 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlElementDecl; -import javax.xml.bind.annotation.XmlRegistry; -import javax.xml.namespace.QName; - -/** - * This object contains factory methods for each Java content interface and Java element interface generated in the eu.stork.names.tc.stork._2_0.academic.generaldiploma package. - * <p> - * An ObjectFactory allows you to programatically construct new instances of the Java representation for XML content. The Java representation of XML content can consist of schema derived interfaces - * and classes representing the binding of schema type definitions, element declarations and model groups. Factory methods for each of these are provided in this class. - * - */ -@XmlRegistry -public class ObjectFactory { - - private final static QName _MultilingualGeneralDiploma_QNAME = new QName("urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", "MultilingualGeneralDiploma"); - private final static QName _GeneralDiploma_QNAME = new QName("urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", "GeneralDiploma"); - private final static QName _RichTextTagTypeBreakLine_QNAME = new QName("urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", "BreakLine"); - private final static QName _RichTextTagTypeAttachedRef_QNAME = new QName("urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", "AttachedRef"); - private final static QName _RichTextTagTypeItalic_QNAME = new QName("urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", "Italic"); - private final static QName _RichTextTagTypeUnderline_QNAME = new QName("urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", "Underline"); - private final static QName _RichTextTagTypeBold_QNAME = new QName("urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", "Bold"); - - /** - * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: eu.stork.names.tc.stork._2_0.academic.generaldiploma - * - */ - public ObjectFactory() { - } - - /** - * Create an instance of {@link LanguagesOfInstructionAndExaminationType } - * - */ - public LanguagesOfInstructionAndExaminationType createLanguagesOfInstructionAndExaminationType() { - return new LanguagesOfInstructionAndExaminationType(); - } - - /** - * Create an instance of {@link RichTextTagType } - * - */ - public RichTextTagType createRichTextTagType() { - return new RichTextTagType(); - } - - /** - * Create an instance of {@link NameAndStatusOfInstitutionAdministeringStudiesType } - * - */ - public NameAndStatusOfInstitutionAdministeringStudiesType createNameAndStatusOfInstitutionAdministeringStudiesType() { - return new NameAndStatusOfInstitutionAdministeringStudiesType(); - } - - /** - * Create an instance of {@link InstitutionType } - * - */ - public InstitutionType createInstitutionType() { - return new InstitutionType(); - } - - /** - * Create an instance of {@link MobilityProgrammeCourseUnitType } - * - */ - public MobilityProgrammeCourseUnitType createMobilityProgrammeCourseUnitType() { - return new MobilityProgrammeCourseUnitType(); - } - - /** - * Create an instance of {@link InformationIdentifyingTheHolderOfTheQualificationType } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType createInformationIdentifyingTheHolderOfTheQualificationType() { - return new InformationIdentifyingTheHolderOfTheQualificationType(); - } - - /** - * Create an instance of {@link CourseUnitType } - * - */ - public CourseUnitType createCourseUnitType() { - return new CourseUnitType(); - } - - /** - * Create an instance of {@link LocalGradeType } - * - */ - public LocalGradeType createLocalGradeType() { - return new LocalGradeType(); - } - - /** - * Create an instance of {@link InformationOnTheContentsAndResultsGainedType } - * - */ - public InformationOnTheContentsAndResultsGainedType createInformationOnTheContentsAndResultsGainedType() { - return new InformationOnTheContentsAndResultsGainedType(); - } - - /** - * Create an instance of {@link InformationOnTheLevelOfTheQualificationType } - * - */ - public InformationOnTheLevelOfTheQualificationType createInformationOnTheLevelOfTheQualificationType() { - return new InformationOnTheLevelOfTheQualificationType(); - } - - /** - * Create an instance of {@link NameAndStatusOfAwardingInstitutionType } - * - */ - public NameAndStatusOfAwardingInstitutionType createNameAndStatusOfAwardingInstitutionType() { - return new NameAndStatusOfAwardingInstitutionType(); - } - - /** - * Create an instance of {@link InformationOnTheFunctionOfTheQualificationType } - * - */ - public InformationOnTheFunctionOfTheQualificationType createInformationOnTheFunctionOfTheQualificationType() { - return new InformationOnTheFunctionOfTheQualificationType(); - } - - /** - * Create an instance of {@link MultilingualGeneralDiplomaType } - * - */ - public MultilingualGeneralDiplomaType createMultilingualGeneralDiplomaType() { - return new MultilingualGeneralDiplomaType(); - } - - /** - * Create an instance of {@link GeneralDiplomaType } - * - */ - public GeneralDiplomaType createGeneralDiplomaType() { - return new GeneralDiplomaType(); - } - - /** - * Create an instance of {@link ExtensionContentType } - * - */ - public ExtensionContentType createExtensionContentType() { - return new ExtensionContentType(); - } - - /** - * Create an instance of {@link CountryTextCodeType } - * - */ - public CountryTextCodeType createCountryTextCodeType() { - return new CountryTextCodeType(); - } - - /** - * Create an instance of {@link AttachedImageURLType } - * - */ - public AttachedImageURLType createAttachedImageURLType() { - return new AttachedImageURLType(); - } - - /** - * Create an instance of {@link CourseStructureDiagramType } - * - */ - public CourseStructureDiagramType createCourseStructureDiagramType() { - return new CourseStructureDiagramType(); - } - - /** - * Create an instance of {@link CourseUnitWorkPlacementType } - * - */ - public CourseUnitWorkPlacementType createCourseUnitWorkPlacementType() { - return new CourseUnitWorkPlacementType(); - } - - /** - * Create an instance of {@link InformationIdentifyingTheQualificationType } - * - */ - public InformationIdentifyingTheQualificationType createInformationIdentifyingTheQualificationType() { - return new InformationIdentifyingTheQualificationType(); - } - - /** - * Create an instance of {@link MobilityProgrammeCoursesUnitsType } - * - */ - public MobilityProgrammeCoursesUnitsType createMobilityProgrammeCoursesUnitsType() { - return new MobilityProgrammeCoursesUnitsType(); - } - - /** - * Create an instance of {@link QualificationType } - * - */ - public QualificationType createQualificationType() { - return new QualificationType(); - } - - /** - * Create an instance of {@link CertificationOfTheSupplementType } - * - */ - public CertificationOfTheSupplementType createCertificationOfTheSupplementType() { - return new CertificationOfTheSupplementType(); - } - - /** - * Create an instance of {@link AttachedFileURLType } - * - */ - public AttachedFileURLType createAttachedFileURLType() { - return new AttachedFileURLType(); - } - - /** - * Create an instance of {@link ProgrammeRequirementsType } - * - */ - public ProgrammeRequirementsType createProgrammeRequirementsType() { - return new ProgrammeRequirementsType(); - } - - /** - * Create an instance of {@link CourseUnitWorkPlacementsType } - * - */ - public CourseUnitWorkPlacementsType createCourseUnitWorkPlacementsType() { - return new CourseUnitWorkPlacementsType(); - } - - /** - * Create an instance of {@link AdditionalInformationType } - * - */ - public AdditionalInformationType createAdditionalInformationType() { - return new AdditionalInformationType(); - } - - /** - * Create an instance of {@link GradingSchemeAndGradeDistributionGuidanceType } - * - */ - public GradingSchemeAndGradeDistributionGuidanceType createGradingSchemeAndGradeDistributionGuidanceType() { - return new GradingSchemeAndGradeDistributionGuidanceType(); - } - - /** - * Create an instance of {@link AttachmentsType } - * - */ - public AttachmentsType createAttachmentsType() { - return new AttachmentsType(); - } - - /** - * Create an instance of {@link CourseUnitLanguageOfInstructionType } - * - */ - public CourseUnitLanguageOfInstructionType createCourseUnitLanguageOfInstructionType() { - return new CourseUnitLanguageOfInstructionType(); - } - - /** - * Create an instance of {@link CoursesAttendedInOtherInstitutionInMobilityProgramsType } - * - */ - public CoursesAttendedInOtherInstitutionInMobilityProgramsType createCoursesAttendedInOtherInstitutionInMobilityProgramsType() { - return new CoursesAttendedInOtherInstitutionInMobilityProgramsType(); - } - - /** - * Create an instance of {@link FamilyNameType } - * - */ - public FamilyNameType createFamilyNameType() { - return new FamilyNameType(); - } - - /** - * Create an instance of {@link CoursesGroupsType } - * - */ - public CoursesGroupsType createCoursesGroupsType() { - return new CoursesGroupsType(); - } - - /** - * Create an instance of {@link TitleConferredType } - * - */ - public TitleConferredType createTitleConferredType() { - return new TitleConferredType(); - } - - /** - * Create an instance of {@link OfficialStampType } - * - */ - public OfficialStampType createOfficialStampType() { - return new OfficialStampType(); - } - - /** - * Create an instance of {@link CourseUnitStudentPerformanceType } - * - */ - public CourseUnitStudentPerformanceType createCourseUnitStudentPerformanceType() { - return new CourseUnitStudentPerformanceType(); - } - - /** - * Create an instance of {@link GivenNameType } - * - */ - public GivenNameType createGivenNameType() { - return new GivenNameType(); - } - - /** - * Create an instance of {@link CoursesUnitsType } - * - */ - public CoursesUnitsType createCoursesUnitsType() { - return new CoursesUnitsType(); - } - - /** - * Create an instance of {@link MobilityProgrammeType } - * - */ - public MobilityProgrammeType createMobilityProgrammeType() { - return new MobilityProgrammeType(); - } - - /** - * Create an instance of {@link ProgrammeDetailsType } - * - */ - public ProgrammeDetailsType createProgrammeDetailsType() { - return new ProgrammeDetailsType(); - } - - /** - * Create an instance of {@link OfficialCertifyingType } - * - */ - public OfficialCertifyingType createOfficialCertifyingType() { - return new OfficialCertifyingType(); - } - - /** - * Create an instance of {@link CourseUnitLanguagesOfInstructionType } - * - */ - public CourseUnitLanguagesOfInstructionType createCourseUnitLanguagesOfInstructionType() { - return new CourseUnitLanguagesOfInstructionType(); - } - - /** - * Create an instance of {@link AttachedImageDataType } - * - */ - public AttachedImageDataType createAttachedImageDataType() { - return new AttachedImageDataType(); - } - - /** - * Create an instance of {@link AttachedType } - * - */ - public AttachedType createAttachedType() { - return new AttachedType(); - } - - /** - * Create an instance of {@link CoursesGroupType } - * - */ - public CoursesGroupType createCoursesGroupType() { - return new CoursesGroupType(); - } - - /** - * Create an instance of {@link AddressType } - * - */ - public AddressType createAddressType() { - return new AddressType(); - } - - /** - * Create an instance of {@link AttachedFileDataType } - * - */ - public AttachedFileDataType createAttachedFileDataType() { - return new AttachedFileDataType(); - } - - /** - * Create an instance of {@link ContactInformationType } - * - */ - public ContactInformationType createContactInformationType() { - return new ContactInformationType(); - } - - /** - * Create an instance of {@link OfficialsCertifyingType } - * - */ - public OfficialsCertifyingType createOfficialsCertifyingType() { - return new OfficialsCertifyingType(); - } - - /** - * Create an instance of {@link LanguagesOfInstructionAndExaminationType.Language } - * - */ - public LanguagesOfInstructionAndExaminationType.Language createLanguagesOfInstructionAndExaminationTypeLanguage() { - return new LanguagesOfInstructionAndExaminationType.Language(); - } - - /** - * Create an instance of {@link RichTextTagType.AttachedRef } - * - */ - public RichTextTagType.AttachedRef createRichTextTagTypeAttachedRef() { - return new RichTextTagType.AttachedRef(); - } - - /** - * Create an instance of {@link NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies } - * - */ - public NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies createNameAndStatusOfInstitutionAdministeringStudiesTypeInstitutionAdministeringStudies() { - return new NameAndStatusOfInstitutionAdministeringStudiesType.InstitutionAdministeringStudies(); - } - - /** - * Create an instance of {@link InstitutionType.AttachedImageRef } - * - */ - public InstitutionType.AttachedImageRef createInstitutionTypeAttachedImageRef() { - return new InstitutionType.AttachedImageRef(); - } - - /** - * Create an instance of {@link MobilityProgrammeCourseUnitType.Title } - * - */ - public MobilityProgrammeCourseUnitType.Title createMobilityProgrammeCourseUnitTypeTitle() { - return new MobilityProgrammeCourseUnitType.Title(); - } - - /** - * Create an instance of {@link InformationIdentifyingTheHolderOfTheQualificationType.Gender } - * - */ - public InformationIdentifyingTheHolderOfTheQualificationType.Gender createInformationIdentifyingTheHolderOfTheQualificationTypeGender() { - return new InformationIdentifyingTheHolderOfTheQualificationType.Gender(); - } - - /** - * Create an instance of {@link CourseUnitType.Type } - * - */ - public CourseUnitType.Type createCourseUnitTypeType() { - return new CourseUnitType.Type(); - } - - /** - * Create an instance of {@link CourseUnitType.YearOfStudy } - * - */ - public CourseUnitType.YearOfStudy createCourseUnitTypeYearOfStudy() { - return new CourseUnitType.YearOfStudy(); - } - - /** - * Create an instance of {@link CourseUnitType.Level } - * - */ - public CourseUnitType.Level createCourseUnitTypeLevel() { - return new CourseUnitType.Level(); - } - - /** - * Create an instance of {@link CourseUnitType.ModeOfDelivery } - * - */ - public CourseUnitType.ModeOfDelivery createCourseUnitTypeModeOfDelivery() { - return new CourseUnitType.ModeOfDelivery(); - } - - /** - * Create an instance of {@link LocalGradeType.Source } - * - */ - public LocalGradeType.Source createLocalGradeTypeSource() { - return new LocalGradeType.Source(); - } - - /** - * Create an instance of {@link InformationOnTheContentsAndResultsGainedType.ModeOfStudy } - * - */ - public InformationOnTheContentsAndResultsGainedType.ModeOfStudy createInformationOnTheContentsAndResultsGainedTypeModeOfStudy() { - return new InformationOnTheContentsAndResultsGainedType.ModeOfStudy(); - } - - /** - * Create an instance of {@link InformationOnTheLevelOfTheQualificationType.Level } - * - */ - public InformationOnTheLevelOfTheQualificationType.Level createInformationOnTheLevelOfTheQualificationTypeLevel() { - return new InformationOnTheLevelOfTheQualificationType.Level(); - } - - /** - * Create an instance of {@link InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme } - * - */ - public InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme createInformationOnTheLevelOfTheQualificationTypeOfficialLengthOfProgramme() { - return new InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme(); - } - - /** - * Create an instance of {@link NameAndStatusOfAwardingInstitutionType.AwardingInstitution } - * - */ - public NameAndStatusOfAwardingInstitutionType.AwardingInstitution createNameAndStatusOfAwardingInstitutionTypeAwardingInstitution() { - return new NameAndStatusOfAwardingInstitutionType.AwardingInstitution(); - } - - /** - * Create an instance of {@link InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus } - * - */ - public InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus createInformationOnTheFunctionOfTheQualificationTypeProfessionalStatus() { - return new InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus(); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link MultilingualGeneralDiplomaType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", name = "MultilingualGeneralDiploma") - public JAXBElement<MultilingualGeneralDiplomaType> createMultilingualGeneralDiploma(MultilingualGeneralDiplomaType value) { - return new JAXBElement<MultilingualGeneralDiplomaType>(_MultilingualGeneralDiploma_QNAME, MultilingualGeneralDiplomaType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link GeneralDiplomaType }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", name = "GeneralDiploma") - public JAXBElement<GeneralDiplomaType> createGeneralDiploma(GeneralDiplomaType value) { - return new JAXBElement<GeneralDiplomaType>(_GeneralDiploma_QNAME, GeneralDiplomaType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", name = "BreakLine", scope = RichTextTagType.class) - public JAXBElement<String> createRichTextTagTypeBreakLine(String value) { - return new JAXBElement<String>(_RichTextTagTypeBreakLine_QNAME, String.class, RichTextTagType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link RichTextTagType.AttachedRef }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", name = "AttachedRef", scope = RichTextTagType.class) - public JAXBElement<RichTextTagType.AttachedRef> createRichTextTagTypeAttachedRef(RichTextTagType.AttachedRef value) { - return new JAXBElement<RichTextTagType.AttachedRef>(_RichTextTagTypeAttachedRef_QNAME, RichTextTagType.AttachedRef.class, RichTextTagType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", name = "Italic", scope = RichTextTagType.class) - public JAXBElement<String> createRichTextTagTypeItalic(String value) { - return new JAXBElement<String>(_RichTextTagTypeItalic_QNAME, String.class, RichTextTagType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", name = "Underline", scope = RichTextTagType.class) - public JAXBElement<String> createRichTextTagTypeUnderline(String value) { - return new JAXBElement<String>(_RichTextTagTypeUnderline_QNAME, String.class, RichTextTagType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", name = "Bold", scope = RichTextTagType.class) - public JAXBElement<String> createRichTextTagTypeBold(String value) { - return new JAXBElement<String>(_RichTextTagTypeBold_QNAME, String.class, RichTextTagType.class, value); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialCertifyingType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialCertifyingType.java deleted file mode 100644 index a53e855d1..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialCertifyingType.java +++ /dev/null @@ -1,141 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for OfficialCertifyingType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="OfficialCertifyingType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="FamilyName" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}FamilyNameType"/> - * <element name="GivenName" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}GivenNameType"/> - * <element name="Capacity" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" minOccurs="0"/> - * </sequence> - * <attribute name="awardingInstitutionID" type="{http://www.w3.org/2001/XMLSchema}string" default="DEF-IAW" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "OfficialCertifyingType", propOrder = { "familyName", "givenName", "capacity" }) -public class OfficialCertifyingType { - - @XmlElement(name = "FamilyName", required = true) - protected FamilyNameType familyName; - @XmlElement(name = "GivenName", required = true) - protected GivenNameType givenName; - @XmlElement(name = "Capacity") - protected String capacity; - @XmlAttribute(name = "awardingInstitutionID") - protected String awardingInstitutionID; - - /** - * Gets the value of the familyName property. - * - * @return possible object is {@link FamilyNameType } - * - */ - public FamilyNameType getFamilyName() { - return familyName; - } - - /** - * Sets the value of the familyName property. - * - * @param value - * allowed object is {@link FamilyNameType } - * - */ - public void setFamilyName(FamilyNameType value) { - this.familyName = value; - } - - /** - * Gets the value of the givenName property. - * - * @return possible object is {@link GivenNameType } - * - */ - public GivenNameType getGivenName() { - return givenName; - } - - /** - * Sets the value of the givenName property. - * - * @param value - * allowed object is {@link GivenNameType } - * - */ - public void setGivenName(GivenNameType value) { - this.givenName = value; - } - - /** - * Gets the value of the capacity property. - * - * @return possible object is {@link String } - * - */ - public String getCapacity() { - return capacity; - } - - /** - * Sets the value of the capacity property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setCapacity(String value) { - this.capacity = value; - } - - /** - * Gets the value of the awardingInstitutionID property. - * - * @return possible object is {@link String } - * - */ - public String getAwardingInstitutionID() { - if (awardingInstitutionID == null) { - return "DEF-IAW"; - } else { - return awardingInstitutionID; - } - } - - /** - * Sets the value of the awardingInstitutionID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAwardingInstitutionID(String value) { - this.awardingInstitutionID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialStampType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialStampType.java deleted file mode 100644 index df1051a7c..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialStampType.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for OfficialStampType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="OfficialStampType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Description" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * </sequence> - * <attribute name="awardingInstitutionID" type="{http://www.w3.org/2001/XMLSchema}string" default="DEF-IAW" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "OfficialStampType", propOrder = { "description" }) -public class OfficialStampType { - - @XmlElement(name = "Description", required = true) - protected String description; - @XmlAttribute(name = "awardingInstitutionID") - protected String awardingInstitutionID; - - /** - * Gets the value of the description property. - * - * @return possible object is {@link String } - * - */ - public String getDescription() { - return description; - } - - /** - * Sets the value of the description property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setDescription(String value) { - this.description = value; - } - - /** - * Gets the value of the awardingInstitutionID property. - * - * @return possible object is {@link String } - * - */ - public String getAwardingInstitutionID() { - if (awardingInstitutionID == null) { - return "DEF-IAW"; - } else { - return awardingInstitutionID; - } - } - - /** - * Sets the value of the awardingInstitutionID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAwardingInstitutionID(String value) { - this.awardingInstitutionID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialsCertifyingType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialsCertifyingType.java deleted file mode 100644 index 1760eddb3..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/OfficialsCertifyingType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for OfficialsCertifyingType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="OfficialsCertifyingType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="OfficialCertifying" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}OfficialCertifyingType" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "OfficialsCertifyingType", propOrder = { "officialCertifying" }) -public class OfficialsCertifyingType { - - @XmlElement(name = "OfficialCertifying", required = true) - protected List<OfficialCertifyingType> officialCertifying; - - /** - * Gets the value of the officialCertifying property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the officialCertifying property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getOfficialCertifying().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link OfficialCertifyingType } - * - * - */ - public List<OfficialCertifyingType> getOfficialCertifying() { - if (officialCertifying == null) { - officialCertifying = new ArrayList<OfficialCertifyingType>(); - } - return this.officialCertifying; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ProgrammeDetailsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ProgrammeDetailsType.java deleted file mode 100644 index 58d96bfe2..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ProgrammeDetailsType.java +++ /dev/null @@ -1,88 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ProgrammeDetailsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ProgrammeDetailsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="CourseStructureDiagram" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CourseStructureDiagramType"/> - * <element name="CoursesAttendedInOtherInstitutionInMobilityPrograms" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}CoursesAttendedInOtherInstitutionInMobilityProgramsType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ProgrammeDetailsType", propOrder = { "courseStructureDiagram", "coursesAttendedInOtherInstitutionInMobilityPrograms" }) -public class ProgrammeDetailsType { - - @XmlElement(name = "CourseStructureDiagram", required = true) - protected CourseStructureDiagramType courseStructureDiagram; - @XmlElement(name = "CoursesAttendedInOtherInstitutionInMobilityPrograms") - protected CoursesAttendedInOtherInstitutionInMobilityProgramsType coursesAttendedInOtherInstitutionInMobilityPrograms; - - /** - * Gets the value of the courseStructureDiagram property. - * - * @return possible object is {@link CourseStructureDiagramType } - * - */ - public CourseStructureDiagramType getCourseStructureDiagram() { - return courseStructureDiagram; - } - - /** - * Sets the value of the courseStructureDiagram property. - * - * @param value - * allowed object is {@link CourseStructureDiagramType } - * - */ - public void setCourseStructureDiagram(CourseStructureDiagramType value) { - this.courseStructureDiagram = value; - } - - /** - * Gets the value of the coursesAttendedInOtherInstitutionInMobilityPrograms property. - * - * @return possible object is {@link CoursesAttendedInOtherInstitutionInMobilityProgramsType } - * - */ - public CoursesAttendedInOtherInstitutionInMobilityProgramsType getCoursesAttendedInOtherInstitutionInMobilityPrograms() { - return coursesAttendedInOtherInstitutionInMobilityPrograms; - } - - /** - * Sets the value of the coursesAttendedInOtherInstitutionInMobilityPrograms property. - * - * @param value - * allowed object is {@link CoursesAttendedInOtherInstitutionInMobilityProgramsType } - * - */ - public void setCoursesAttendedInOtherInstitutionInMobilityPrograms(CoursesAttendedInOtherInstitutionInMobilityProgramsType value) { - this.coursesAttendedInOtherInstitutionInMobilityPrograms = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ProgrammeRequirementsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ProgrammeRequirementsType.java deleted file mode 100644 index a0481317d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/ProgrammeRequirementsType.java +++ /dev/null @@ -1,88 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for ProgrammeRequirementsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ProgrammeRequirementsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Requirements" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType"/> - * <element name="KeyLearningOutcomes" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ProgrammeRequirementsType", propOrder = { "requirements", "keyLearningOutcomes" }) -public class ProgrammeRequirementsType { - - @XmlElement(name = "Requirements", required = true) - protected RichTextTagType requirements; - @XmlElement(name = "KeyLearningOutcomes") - protected RichTextTagType keyLearningOutcomes; - - /** - * Gets the value of the requirements property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getRequirements() { - return requirements; - } - - /** - * Sets the value of the requirements property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setRequirements(RichTextTagType value) { - this.requirements = value; - } - - /** - * Gets the value of the keyLearningOutcomes property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getKeyLearningOutcomes() { - return keyLearningOutcomes; - } - - /** - * Sets the value of the keyLearningOutcomes property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setKeyLearningOutcomes(RichTextTagType value) { - this.keyLearningOutcomes = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/QualificationType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/QualificationType.java deleted file mode 100644 index 5fc5377d0..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/QualificationType.java +++ /dev/null @@ -1,137 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for QualificationType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="QualificationType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="AdditionalInformation" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}RichTextTagType" minOccurs="0"/> - * </sequence> - * <attribute name="localID" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" /> - * <attribute name="nationalID" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "QualificationType", propOrder = { "name", "additionalInformation" }) -public class QualificationType { - - @XmlElement(name = "Name", required = true) - protected String name; - @XmlElement(name = "AdditionalInformation") - protected RichTextTagType additionalInformation; - @XmlAttribute(name = "localID") - protected String localID; - @XmlAttribute(name = "nationalID") - protected String nationalID; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - - /** - * Gets the value of the additionalInformation property. - * - * @return possible object is {@link RichTextTagType } - * - */ - public RichTextTagType getAdditionalInformation() { - return additionalInformation; - } - - /** - * Sets the value of the additionalInformation property. - * - * @param value - * allowed object is {@link RichTextTagType } - * - */ - public void setAdditionalInformation(RichTextTagType value) { - this.additionalInformation = value; - } - - /** - * Gets the value of the localID property. - * - * @return possible object is {@link String } - * - */ - public String getLocalID() { - return localID; - } - - /** - * Sets the value of the localID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setLocalID(String value) { - this.localID = value; - } - - /** - * Gets the value of the nationalID property. - * - * @return possible object is {@link String } - * - */ - public String getNationalID() { - return nationalID; - } - - /** - * Sets the value of the nationalID property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setNationalID(String value) { - this.nationalID = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/RichTextTagType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/RichTextTagType.java deleted file mode 100644 index 0a79919d7..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/RichTextTagType.java +++ /dev/null @@ -1,178 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlElementRefs; -import javax.xml.bind.annotation.XmlIDREF; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlSeeAlso; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; - -/** - * <p> - * Java class for RichTextTagType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="RichTextTagType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice maxOccurs="unbounded" minOccurs="0"> - * <element name="Bold" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="BreakLine" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}EmptyType"/> - * <element name="Italic" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="Underline" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * <element name="AttachedRef"> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}IDREF" /> - * </extension> - * </simpleContent> - * </complexType> - * </element> - * </choice> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "RichTextTagType", propOrder = { "content" }) -@XmlSeeAlso({ eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.InformationOnTheFunctionOfTheQualificationType.ProfessionalStatus.class, - eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.InformationOnTheLevelOfTheQualificationType.Level.class, - eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.InformationOnTheLevelOfTheQualificationType.OfficialLengthOfProgramme.class, - eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.InformationOnTheContentsAndResultsGainedType.ModeOfStudy.class, - eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma.LanguagesOfInstructionAndExaminationType.Language.class }) -public class RichTextTagType { - - @XmlElementRefs({ @XmlElementRef(name = "Underline", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", type = JAXBElement.class, required = false), - @XmlElementRef(name = "BreakLine", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", type = JAXBElement.class, required = false), - @XmlElementRef(name = "AttachedRef", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", type = JAXBElement.class, required = false), - @XmlElementRef(name = "Italic", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", type = JAXBElement.class, required = false), - @XmlElementRef(name = "Bold", namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", type = JAXBElement.class, required = false) }) - @XmlMixed - protected List<Serializable> content; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link JAXBElement }{@code <}{@link String }{@code >} {@link JAXBElement }{@code <}{@link String }{@code >} {@link JAXBElement }{@code <} - * {@link String }{@code >} {@link String } {@link JAXBElement }{@code <}{@link String }{@code >} {@link JAXBElement }{@code <}{@link RichTextTagType.AttachedRef }{@code >} - * - * - */ - public List<Serializable> getContent() { - if (content == null) { - content = new ArrayList<Serializable>(); - } - return this.content; - } - - /** - * <p> - * Java class for anonymous complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType> - * <simpleContent> - * <extension base="<urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma>PlainTextType"> - * <attribute name="attachedID" use="required" type="{http://www.w3.org/2001/XMLSchema}IDREF" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ - @XmlAccessorType(XmlAccessType.FIELD) - @XmlType(name = "", propOrder = { "value" }) - public static class AttachedRef { - - @XmlValue - protected String value; - @XmlAttribute(name = "attachedID", required = true) - @XmlIDREF - @XmlSchemaType(name = "IDREF") - protected Object attachedID; - - /** - * Gets the value of the value property. - * - * @return possible object is {@link String } - * - */ - public String getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setValue(String value) { - this.value = value; - } - - /** - * Gets the value of the attachedID property. - * - * @return possible object is {@link Object } - * - */ - public Object getAttachedID() { - return attachedID; - } - - /** - * Sets the value of the attachedID property. - * - * @param value - * allowed object is {@link Object } - * - */ - public void setAttachedID(Object value) { - this.attachedID = value; - } - - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/SourceGradeType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/SourceGradeType.java deleted file mode 100644 index 488f87974..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/SourceGradeType.java +++ /dev/null @@ -1,60 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlEnum; -import javax.xml.bind.annotation.XmlEnumValue; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for SourceGradeType. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * <p> - * - * <pre> - * <simpleType name="SourceGradeType"> - * <restriction base="{http://www.w3.org/2001/XMLSchema}string"> - * <enumeration value="Recognized"/> - * <enumeration value="MobilityProgramme"/> - * <enumeration value="Another"/> - * </restriction> - * </simpleType> - * </pre> - * - */ -@XmlType(name = "SourceGradeType") -@XmlEnum -public enum SourceGradeType { - - @XmlEnumValue("Recognized") - RECOGNIZED("Recognized"), @XmlEnumValue("MobilityProgramme") - MOBILITY_PROGRAMME("MobilityProgramme"), @XmlEnumValue("Another") - ANOTHER("Another"); - private final String value; - - SourceGradeType(String v) { - value = v; - } - - public String value() { - return value; - } - - public static SourceGradeType fromValue(String v) { - for (SourceGradeType c : SourceGradeType.values()) { - if (c.value.equals(v)) { - return c; - } - } - throw new IllegalArgumentException(v); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/TitleConferredType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/TitleConferredType.java deleted file mode 100644 index ea1e6e9bb..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/TitleConferredType.java +++ /dev/null @@ -1,64 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for TitleConferredType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="TitleConferredType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Name" type="{urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma}PlainTextType"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "TitleConferredType", propOrder = { "name" }) -public class TitleConferredType { - - @XmlElement(name = "Name", required = true) - protected String name; - - /** - * Gets the value of the name property. - * - * @return possible object is {@link String } - * - */ - public String getName() { - return name; - } - - /** - * Sets the value of the name property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setName(String value) { - this.name = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/package-info.java deleted file mode 100644 index 0a37ab296..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/eu/stork/names/tc/stork/_2_0/academic/generaldiploma/package-info.java +++ /dev/null @@ -1,10 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -@javax.xml.bind.annotation.XmlSchema(namespace = "urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED) -package eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._2_0.academic.generaldiploma; - diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/CanonicalizationMethodType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/CanonicalizationMethodType.java deleted file mode 100644 index 98e01dc8c..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/CanonicalizationMethodType.java +++ /dev/null @@ -1,101 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for CanonicalizationMethodType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="CanonicalizationMethodType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <any maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * <attribute name="Algorithm" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "CanonicalizationMethodType", propOrder = { "content" }) -public class CanonicalizationMethodType { - - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "Algorithm", required = true) - @XmlSchemaType(name = "anyURI") - protected String algorithm; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link String } {@link Object } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the algorithm property. - * - * @return possible object is {@link String } - * - */ - public String getAlgorithm() { - return algorithm; - } - - /** - * Sets the value of the algorithm property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAlgorithm(String value) { - this.algorithm = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/DSAKeyValueType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/DSAKeyValueType.java deleted file mode 100644 index af0978a99..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/DSAKeyValueType.java +++ /dev/null @@ -1,198 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for DSAKeyValueType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="DSAKeyValueType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <sequence minOccurs="0"> - * <element name="P" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary"/> - * <element name="Q" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary"/> - * </sequence> - * <element name="G" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary" minOccurs="0"/> - * <element name="Y" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary"/> - * <element name="J" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary" minOccurs="0"/> - * <sequence minOccurs="0"> - * <element name="Seed" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary"/> - * <element name="PgenCounter" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary"/> - * </sequence> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "DSAKeyValueType", propOrder = { "p", "q", "g", "y", "j", "seed", "pgenCounter" }) -public class DSAKeyValueType { - - @XmlElement(name = "P") - protected byte[] p; - @XmlElement(name = "Q") - protected byte[] q; - @XmlElement(name = "G") - protected byte[] g; - @XmlElement(name = "Y", required = true) - protected byte[] y; - @XmlElement(name = "J") - protected byte[] j; - @XmlElement(name = "Seed") - protected byte[] seed; - @XmlElement(name = "PgenCounter") - protected byte[] pgenCounter; - - /** - * Gets the value of the p property. - * - * @return possible object is byte[] - */ - public byte[] getP() { - return p; - } - - /** - * Sets the value of the p property. - * - * @param value - * allowed object is byte[] - */ - public void setP(byte[] value) { - this.p = value; - } - - /** - * Gets the value of the q property. - * - * @return possible object is byte[] - */ - public byte[] getQ() { - return q; - } - - /** - * Sets the value of the q property. - * - * @param value - * allowed object is byte[] - */ - public void setQ(byte[] value) { - this.q = value; - } - - /** - * Gets the value of the g property. - * - * @return possible object is byte[] - */ - public byte[] getG() { - return g; - } - - /** - * Sets the value of the g property. - * - * @param value - * allowed object is byte[] - */ - public void setG(byte[] value) { - this.g = value; - } - - /** - * Gets the value of the y property. - * - * @return possible object is byte[] - */ - public byte[] getY() { - return y; - } - - /** - * Sets the value of the y property. - * - * @param value - * allowed object is byte[] - */ - public void setY(byte[] value) { - this.y = value; - } - - /** - * Gets the value of the j property. - * - * @return possible object is byte[] - */ - public byte[] getJ() { - return j; - } - - /** - * Sets the value of the j property. - * - * @param value - * allowed object is byte[] - */ - public void setJ(byte[] value) { - this.j = value; - } - - /** - * Gets the value of the seed property. - * - * @return possible object is byte[] - */ - public byte[] getSeed() { - return seed; - } - - /** - * Sets the value of the seed property. - * - * @param value - * allowed object is byte[] - */ - public void setSeed(byte[] value) { - this.seed = value; - } - - /** - * Gets the value of the pgenCounter property. - * - * @return possible object is byte[] - */ - public byte[] getPgenCounter() { - return pgenCounter; - } - - /** - * Sets the value of the pgenCounter property. - * - * @param value - * allowed object is byte[] - */ - public void setPgenCounter(byte[] value) { - this.pgenCounter = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/DigestMethodType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/DigestMethodType.java deleted file mode 100644 index e71a1fdd1..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/DigestMethodType.java +++ /dev/null @@ -1,102 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for DigestMethodType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="DigestMethodType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <any processContents='lax' namespace='##other' maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * <attribute name="Algorithm" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "DigestMethodType", propOrder = { "content" }) -public class DigestMethodType { - - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "Algorithm", required = true) - @XmlSchemaType(name = "anyURI") - protected String algorithm; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } {@link Element } {@link String } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the algorithm property. - * - * @return possible object is {@link String } - * - */ - public String getAlgorithm() { - return algorithm; - } - - /** - * Sets the value of the algorithm property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAlgorithm(String value) { - this.algorithm = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/KeyInfoType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/KeyInfoType.java deleted file mode 100644 index b5fbd20b2..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/KeyInfoType.java +++ /dev/null @@ -1,126 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlElementRefs; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for KeyInfoType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="KeyInfoType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice maxOccurs="unbounded"> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}KeyName"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}KeyValue"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}RetrievalMethod"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}X509Data"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}PGPData"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}SPKIData"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}MgmtData"/> - * <any processContents='lax' namespace='##other'/> - * </choice> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "KeyInfoType", propOrder = { "content" }) -public class KeyInfoType { - - @XmlElementRefs({ @XmlElementRef(name = "PGPData", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "X509Data", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "KeyValue", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "KeyName", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "SPKIData", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "RetrievalMethod", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "MgmtData", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false) }) - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link JAXBElement }{@code <}{@link PGPDataType }{@code >} {@link JAXBElement }{@code <}{@link X509DataType }{@code >} {@link Object } - * {@link JAXBElement }{@code <}{@link KeyValueType }{@code >} {@link JAXBElement }{@code <}{@link String }{@code >} {@link Element } {@link String } {@link JAXBElement }{@code <}{@link SPKIDataType } - * {@code >} {@link JAXBElement }{@code <}{@link RetrievalMethodType }{@code >} {@link JAXBElement }{@code <}{@link String }{@code >} - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/KeyValueType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/KeyValueType.java deleted file mode 100644 index c4d1aea20..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/KeyValueType.java +++ /dev/null @@ -1,83 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlElementRefs; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlType; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for KeyValueType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="KeyValueType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}DSAKeyValue"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}RSAKeyValue"/> - * <any processContents='lax' namespace='##other'/> - * </choice> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "KeyValueType", propOrder = { "content" }) -public class KeyValueType { - - @XmlElementRefs({ @XmlElementRef(name = "RSAKeyValue", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "DSAKeyValue", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false) }) - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } {@link Element } {@link JAXBElement }{@code <}{@link DSAKeyValueType }{@code >} {@link JAXBElement }{@code <} - * {@link RSAKeyValueType }{@code >} {@link String } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ManifestType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ManifestType.java deleted file mode 100644 index cfd4a435d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ManifestType.java +++ /dev/null @@ -1,104 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * <p> - * Java class for ManifestType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ManifestType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Reference" maxOccurs="unbounded"/> - * </sequence> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ManifestType", propOrder = { "reference" }) -public class ManifestType { - - @XmlElement(name = "Reference", required = true) - protected List<ReferenceType> reference; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - - /** - * Gets the value of the reference property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the reference property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getReference().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link ReferenceType } - * - * - */ - public List<ReferenceType> getReference() { - if (reference == null) { - reference = new ArrayList<ReferenceType>(); - } - return this.reference; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ObjectFactory.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ObjectFactory.java deleted file mode 100644 index 64a1fd7e3..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ObjectFactory.java +++ /dev/null @@ -1,550 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.math.BigInteger; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlElementDecl; -import javax.xml.bind.annotation.XmlRegistry; -import javax.xml.namespace.QName; - -/** - * This object contains factory methods for each Java content interface and Java element interface generated in the org.w3._2000._09.xmldsig package. - * <p> - * An ObjectFactory allows you to programatically construct new instances of the Java representation for XML content. The Java representation of XML content can consist of schema derived interfaces - * and classes representing the binding of schema type definitions, element declarations and model groups. Factory methods for each of these are provided in this class. - * - */ -@XmlRegistry -public class ObjectFactory { - - private final static QName _SignatureMethodTypeHMACOutputLength_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "HMACOutputLength"); - private final static QName _PGPData_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "PGPData"); - private final static QName _SPKIData_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "SPKIData"); - private final static QName _RetrievalMethod_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "RetrievalMethod"); - private final static QName _CanonicalizationMethod_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "CanonicalizationMethod"); - private final static QName _SignatureProperty_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "SignatureProperty"); - private final static QName _Manifest_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "Manifest"); - private final static QName _Transforms_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "Transforms"); - private final static QName _SignatureMethod_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "SignatureMethod"); - private final static QName _KeyInfo_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "KeyInfo"); - private final static QName _DigestMethod_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "DigestMethod"); - private final static QName _MgmtData_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "MgmtData"); - private final static QName _Reference_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "Reference"); - private final static QName _RSAKeyValue_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "RSAKeyValue"); - private final static QName _Signature_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "Signature"); - private final static QName _DSAKeyValue_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "DSAKeyValue"); - private final static QName _SignedInfo_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "SignedInfo"); - private final static QName _Object_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "Object"); - private final static QName _SignatureValue_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "SignatureValue"); - private final static QName _Transform_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "Transform"); - private final static QName _X509Data_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "X509Data"); - private final static QName _DigestValue_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "DigestValue"); - private final static QName _SignatureProperties_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "SignatureProperties"); - private final static QName _KeyName_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "KeyName"); - private final static QName _KeyValue_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "KeyValue"); - private final static QName _SPKIDataTypeSPKISexp_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "SPKISexp"); - private final static QName _PGPDataTypePGPKeyID_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "PGPKeyID"); - private final static QName _PGPDataTypePGPKeyPacket_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "PGPKeyPacket"); - private final static QName _X509DataTypeX509IssuerSerial_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "X509IssuerSerial"); - private final static QName _X509DataTypeX509Certificate_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "X509Certificate"); - private final static QName _X509DataTypeX509SKI_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "X509SKI"); - private final static QName _X509DataTypeX509SubjectName_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "X509SubjectName"); - private final static QName _X509DataTypeX509CRL_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "X509CRL"); - private final static QName _TransformTypeXPath_QNAME = new QName("http://www.w3.org/2000/09/xmldsig#", "XPath"); - - /** - * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: org.w3._2000._09.xmldsig - * - */ - public ObjectFactory() { - } - - /** - * Create an instance of {@link KeyInfoType } - * - */ - public KeyInfoType createKeyInfoType() { - return new KeyInfoType(); - } - - /** - * Create an instance of {@link SignedInfoType } - * - */ - public SignedInfoType createSignedInfoType() { - return new SignedInfoType(); - } - - /** - * Create an instance of {@link RetrievalMethodType } - * - */ - public RetrievalMethodType createRetrievalMethodType() { - return new RetrievalMethodType(); - } - - /** - * Create an instance of {@link DigestMethodType } - * - */ - public DigestMethodType createDigestMethodType() { - return new DigestMethodType(); - } - - /** - * Create an instance of {@link SignatureMethodType } - * - */ - public SignatureMethodType createSignatureMethodType() { - return new SignatureMethodType(); - } - - /** - * Create an instance of {@link SPKIDataType } - * - */ - public SPKIDataType createSPKIDataType() { - return new SPKIDataType(); - } - - /** - * Create an instance of {@link X509DataType } - * - */ - public X509DataType createX509DataType() { - return new X509DataType(); - } - - /** - * Create an instance of {@link PGPDataType } - * - */ - public PGPDataType createPGPDataType() { - return new PGPDataType(); - } - - /** - * Create an instance of {@link SignatureType } - * - */ - public SignatureType createSignatureType() { - return new SignatureType(); - } - - /** - * Create an instance of {@link DSAKeyValueType } - * - */ - public DSAKeyValueType createDSAKeyValueType() { - return new DSAKeyValueType(); - } - - /** - * Create an instance of {@link ManifestType } - * - */ - public ManifestType createManifestType() { - return new ManifestType(); - } - - /** - * Create an instance of {@link SignatureValueType } - * - */ - public SignatureValueType createSignatureValueType() { - return new SignatureValueType(); - } - - /** - * Create an instance of {@link TransformsType } - * - */ - public TransformsType createTransformsType() { - return new TransformsType(); - } - - /** - * Create an instance of {@link RSAKeyValueType } - * - */ - public RSAKeyValueType createRSAKeyValueType() { - return new RSAKeyValueType(); - } - - /** - * Create an instance of {@link TransformType } - * - */ - public TransformType createTransformType() { - return new TransformType(); - } - - /** - * Create an instance of {@link SignaturePropertyType } - * - */ - public SignaturePropertyType createSignaturePropertyType() { - return new SignaturePropertyType(); - } - - /** - * Create an instance of {@link KeyValueType } - * - */ - public KeyValueType createKeyValueType() { - return new KeyValueType(); - } - - /** - * Create an instance of {@link ReferenceType } - * - */ - public ReferenceType createReferenceType() { - return new ReferenceType(); - } - - /** - * Create an instance of {@link CanonicalizationMethodType } - * - */ - public CanonicalizationMethodType createCanonicalizationMethodType() { - return new CanonicalizationMethodType(); - } - - /** - * Create an instance of {@link SignaturePropertiesType } - * - */ - public SignaturePropertiesType createSignaturePropertiesType() { - return new SignaturePropertiesType(); - } - - /** - * Create an instance of {@link ObjectType } - * - */ - public ObjectType createObjectType() { - return new ObjectType(); - } - - /** - * Create an instance of {@link X509IssuerSerialType } - * - */ - public X509IssuerSerialType createX509IssuerSerialType() { - return new X509IssuerSerialType(); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link BigInteger }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "HMACOutputLength", scope = SignatureMethodType.class) - public JAXBElement<BigInteger> createSignatureMethodTypeHMACOutputLength(BigInteger value) { - return new JAXBElement<BigInteger>(_SignatureMethodTypeHMACOutputLength_QNAME, BigInteger.class, SignatureMethodType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link PGPDataType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "PGPData") - public JAXBElement<PGPDataType> createPGPData(PGPDataType value) { - return new JAXBElement<PGPDataType>(_PGPData_QNAME, PGPDataType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link SPKIDataType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "SPKIData") - public JAXBElement<SPKIDataType> createSPKIData(SPKIDataType value) { - return new JAXBElement<SPKIDataType>(_SPKIData_QNAME, SPKIDataType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link RetrievalMethodType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "RetrievalMethod") - public JAXBElement<RetrievalMethodType> createRetrievalMethod(RetrievalMethodType value) { - return new JAXBElement<RetrievalMethodType>(_RetrievalMethod_QNAME, RetrievalMethodType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link CanonicalizationMethodType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "CanonicalizationMethod") - public JAXBElement<CanonicalizationMethodType> createCanonicalizationMethod(CanonicalizationMethodType value) { - return new JAXBElement<CanonicalizationMethodType>(_CanonicalizationMethod_QNAME, CanonicalizationMethodType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link SignaturePropertyType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "SignatureProperty") - public JAXBElement<SignaturePropertyType> createSignatureProperty(SignaturePropertyType value) { - return new JAXBElement<SignaturePropertyType>(_SignatureProperty_QNAME, SignaturePropertyType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link ManifestType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "Manifest") - public JAXBElement<ManifestType> createManifest(ManifestType value) { - return new JAXBElement<ManifestType>(_Manifest_QNAME, ManifestType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link TransformsType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "Transforms") - public JAXBElement<TransformsType> createTransforms(TransformsType value) { - return new JAXBElement<TransformsType>(_Transforms_QNAME, TransformsType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link SignatureMethodType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "SignatureMethod") - public JAXBElement<SignatureMethodType> createSignatureMethod(SignatureMethodType value) { - return new JAXBElement<SignatureMethodType>(_SignatureMethod_QNAME, SignatureMethodType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link KeyInfoType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "KeyInfo") - public JAXBElement<KeyInfoType> createKeyInfo(KeyInfoType value) { - return new JAXBElement<KeyInfoType>(_KeyInfo_QNAME, KeyInfoType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link DigestMethodType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "DigestMethod") - public JAXBElement<DigestMethodType> createDigestMethod(DigestMethodType value) { - return new JAXBElement<DigestMethodType>(_DigestMethod_QNAME, DigestMethodType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "MgmtData") - public JAXBElement<String> createMgmtData(String value) { - return new JAXBElement<String>(_MgmtData_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link ReferenceType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "Reference") - public JAXBElement<ReferenceType> createReference(ReferenceType value) { - return new JAXBElement<ReferenceType>(_Reference_QNAME, ReferenceType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link RSAKeyValueType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "RSAKeyValue") - public JAXBElement<RSAKeyValueType> createRSAKeyValue(RSAKeyValueType value) { - return new JAXBElement<RSAKeyValueType>(_RSAKeyValue_QNAME, RSAKeyValueType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link SignatureType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "Signature") - public JAXBElement<SignatureType> createSignature(SignatureType value) { - return new JAXBElement<SignatureType>(_Signature_QNAME, SignatureType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link DSAKeyValueType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "DSAKeyValue") - public JAXBElement<DSAKeyValueType> createDSAKeyValue(DSAKeyValueType value) { - return new JAXBElement<DSAKeyValueType>(_DSAKeyValue_QNAME, DSAKeyValueType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link SignedInfoType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "SignedInfo") - public JAXBElement<SignedInfoType> createSignedInfo(SignedInfoType value) { - return new JAXBElement<SignedInfoType>(_SignedInfo_QNAME, SignedInfoType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link ObjectType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "Object") - public JAXBElement<ObjectType> createObject(ObjectType value) { - return new JAXBElement<ObjectType>(_Object_QNAME, ObjectType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link SignatureValueType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "SignatureValue") - public JAXBElement<SignatureValueType> createSignatureValue(SignatureValueType value) { - return new JAXBElement<SignatureValueType>(_SignatureValue_QNAME, SignatureValueType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link TransformType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "Transform") - public JAXBElement<TransformType> createTransform(TransformType value) { - return new JAXBElement<TransformType>(_Transform_QNAME, TransformType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link X509DataType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "X509Data") - public JAXBElement<X509DataType> createX509Data(X509DataType value) { - return new JAXBElement<X509DataType>(_X509Data_QNAME, X509DataType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "DigestValue") - public JAXBElement<byte[]> createDigestValue(byte[] value) { - return new JAXBElement<byte[]>(_DigestValue_QNAME, byte[].class, null, ((byte[]) value)); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link SignaturePropertiesType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "SignatureProperties") - public JAXBElement<SignaturePropertiesType> createSignatureProperties(SignaturePropertiesType value) { - return new JAXBElement<SignaturePropertiesType>(_SignatureProperties_QNAME, SignaturePropertiesType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "KeyName") - public JAXBElement<String> createKeyName(String value) { - return new JAXBElement<String>(_KeyName_QNAME, String.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link KeyValueType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "KeyValue") - public JAXBElement<KeyValueType> createKeyValue(KeyValueType value) { - return new JAXBElement<KeyValueType>(_KeyValue_QNAME, KeyValueType.class, null, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "SPKISexp", scope = SPKIDataType.class) - public JAXBElement<byte[]> createSPKIDataTypeSPKISexp(byte[] value) { - return new JAXBElement<byte[]>(_SPKIDataTypeSPKISexp_QNAME, byte[].class, SPKIDataType.class, ((byte[]) value)); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "PGPKeyID", scope = PGPDataType.class) - public JAXBElement<byte[]> createPGPDataTypePGPKeyID(byte[] value) { - return new JAXBElement<byte[]>(_PGPDataTypePGPKeyID_QNAME, byte[].class, PGPDataType.class, ((byte[]) value)); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "PGPKeyPacket", scope = PGPDataType.class) - public JAXBElement<byte[]> createPGPDataTypePGPKeyPacket(byte[] value) { - return new JAXBElement<byte[]>(_PGPDataTypePGPKeyPacket_QNAME, byte[].class, PGPDataType.class, ((byte[]) value)); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link X509IssuerSerialType }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "X509IssuerSerial", scope = X509DataType.class) - public JAXBElement<X509IssuerSerialType> createX509DataTypeX509IssuerSerial(X509IssuerSerialType value) { - return new JAXBElement<X509IssuerSerialType>(_X509DataTypeX509IssuerSerial_QNAME, X509IssuerSerialType.class, X509DataType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "X509Certificate", scope = X509DataType.class) - public JAXBElement<byte[]> createX509DataTypeX509Certificate(byte[] value) { - return new JAXBElement<byte[]>(_X509DataTypeX509Certificate_QNAME, byte[].class, X509DataType.class, ((byte[]) value)); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "X509SKI", scope = X509DataType.class) - public JAXBElement<byte[]> createX509DataTypeX509SKI(byte[] value) { - return new JAXBElement<byte[]>(_X509DataTypeX509SKI_QNAME, byte[].class, X509DataType.class, ((byte[]) value)); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "X509SubjectName", scope = X509DataType.class) - public JAXBElement<String> createX509DataTypeX509SubjectName(String value) { - return new JAXBElement<String>(_X509DataTypeX509SubjectName_QNAME, String.class, X509DataType.class, value); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "X509CRL", scope = X509DataType.class) - public JAXBElement<byte[]> createX509DataTypeX509CRL(byte[] value) { - return new JAXBElement<byte[]>(_X509DataTypeX509CRL_QNAME, byte[].class, X509DataType.class, ((byte[]) value)); - } - - /** - * Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >} - * - */ - @XmlElementDecl(namespace = "http://www.w3.org/2000/09/xmldsig#", name = "XPath", scope = TransformType.class) - public JAXBElement<String> createTransformTypeXPath(String value) { - return new JAXBElement<String>(_TransformTypeXPath_QNAME, String.class, TransformType.class, value); - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ObjectType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ObjectType.java deleted file mode 100644 index 8f8573ead..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ObjectType.java +++ /dev/null @@ -1,156 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for ObjectType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ObjectType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence maxOccurs="unbounded" minOccurs="0"> - * <any processContents='lax'/> - * </sequence> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * <attribute name="MimeType" type="{http://www.w3.org/2001/XMLSchema}string" /> - * <attribute name="Encoding" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ObjectType", propOrder = { "content" }) -public class ObjectType { - - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - @XmlAttribute(name = "MimeType") - protected String mimeType; - @XmlAttribute(name = "Encoding") - @XmlSchemaType(name = "anyURI") - protected String encoding; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } {@link Element } {@link String } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - - /** - * Gets the value of the mimeType property. - * - * @return possible object is {@link String } - * - */ - public String getMimeType() { - return mimeType; - } - - /** - * Sets the value of the mimeType property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setMimeType(String value) { - this.mimeType = value; - } - - /** - * Gets the value of the encoding property. - * - * @return possible object is {@link String } - * - */ - public String getEncoding() { - return encoding; - } - - /** - * Sets the value of the encoding property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setEncoding(String value) { - this.encoding = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/PGPDataType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/PGPDataType.java deleted file mode 100644 index a43e2857c..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/PGPDataType.java +++ /dev/null @@ -1,93 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlElementRefs; -import javax.xml.bind.annotation.XmlType; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for PGPDataType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="PGPDataType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice> - * <sequence> - * <element name="PGPKeyID" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * <element name="PGPKeyPacket" type="{http://www.w3.org/2001/XMLSchema}base64Binary" minOccurs="0"/> - * <any processContents='lax' namespace='##other' maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * <sequence> - * <element name="PGPKeyPacket" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * <any processContents='lax' namespace='##other' maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * </choice> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "PGPDataType", propOrder = { "content" }) -public class PGPDataType { - - @XmlElementRefs({ @XmlElementRef(name = "PGPKeyPacket", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "PGPKeyID", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false) }) - @XmlAnyElement(lax = true) - protected List<Object> content; - - /** - * Gets the rest of the content model. - * - * <p> - * You are getting this "catch-all" property because of the following reason: The field name "PGPKeyPacket" is used by two different parts of a schema. See: line 209 of - * file:/C:/Source/LatestSource/webgate.ec.europa.eu/branches/IS_branch/Commons/src/main/resources/schema/xmldsig-core-schema.xsd line 204 of - * file:/C:/Source/LatestSource/webgate.ec.europa.eu/branches/IS_branch/Commons/src/main/resources/schema/xmldsig-core-schema.xsd - * <p> - * To get rid of this property, apply a property customization to one of both of the following declarations to change their names: Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } {@link JAXBElement }{@code <}{@link byte[]}{@code >} {@link Element } {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/RSAKeyValueType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/RSAKeyValueType.java deleted file mode 100644 index eedb02899..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/RSAKeyValueType.java +++ /dev/null @@ -1,84 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for RSAKeyValueType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="RSAKeyValueType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="Modulus" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary"/> - * <element name="Exponent" type="{http://www.w3.org/2000/09/xmldsig#}CryptoBinary"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "RSAKeyValueType", propOrder = { "modulus", "exponent" }) -public class RSAKeyValueType { - - @XmlElement(name = "Modulus", required = true) - protected byte[] modulus; - @XmlElement(name = "Exponent", required = true) - protected byte[] exponent; - - /** - * Gets the value of the modulus property. - * - * @return possible object is byte[] - */ - public byte[] getModulus() { - return modulus; - } - - /** - * Sets the value of the modulus property. - * - * @param value - * allowed object is byte[] - */ - public void setModulus(byte[] value) { - this.modulus = value; - } - - /** - * Gets the value of the exponent property. - * - * @return possible object is byte[] - */ - public byte[] getExponent() { - return exponent; - } - - /** - * Sets the value of the exponent property. - * - * @param value - * allowed object is byte[] - */ - public void setExponent(byte[] value) { - this.exponent = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ReferenceType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ReferenceType.java deleted file mode 100644 index 83f03f3c8..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/ReferenceType.java +++ /dev/null @@ -1,192 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * <p> - * Java class for ReferenceType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="ReferenceType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Transforms" minOccurs="0"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}DigestMethod"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}DigestValue"/> - * </sequence> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * <attribute name="URI" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * <attribute name="Type" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "ReferenceType", propOrder = { "transforms", "digestMethod", "digestValue" }) -public class ReferenceType { - - @XmlElement(name = "Transforms") - protected TransformsType transforms; - @XmlElement(name = "DigestMethod", required = true) - protected DigestMethodType digestMethod; - @XmlElement(name = "DigestValue", required = true) - protected byte[] digestValue; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - @XmlAttribute(name = "URI") - @XmlSchemaType(name = "anyURI") - protected String uri; - @XmlAttribute(name = "Type") - @XmlSchemaType(name = "anyURI") - protected String type; - - /** - * Gets the value of the transforms property. - * - * @return possible object is {@link TransformsType } - * - */ - public TransformsType getTransforms() { - return transforms; - } - - /** - * Sets the value of the transforms property. - * - * @param value - * allowed object is {@link TransformsType } - * - */ - public void setTransforms(TransformsType value) { - this.transforms = value; - } - - /** - * Gets the value of the digestMethod property. - * - * @return possible object is {@link DigestMethodType } - * - */ - public DigestMethodType getDigestMethod() { - return digestMethod; - } - - /** - * Sets the value of the digestMethod property. - * - * @param value - * allowed object is {@link DigestMethodType } - * - */ - public void setDigestMethod(DigestMethodType value) { - this.digestMethod = value; - } - - /** - * Gets the value of the digestValue property. - * - * @return possible object is byte[] - */ - public byte[] getDigestValue() { - return digestValue; - } - - /** - * Sets the value of the digestValue property. - * - * @param value - * allowed object is byte[] - */ - public void setDigestValue(byte[] value) { - this.digestValue = value; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - - /** - * Gets the value of the uri property. - * - * @return possible object is {@link String } - * - */ - public String getURI() { - return uri; - } - - /** - * Sets the value of the uri property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setURI(String value) { - this.uri = value; - } - - /** - * Gets the value of the type property. - * - * @return possible object is {@link String } - * - */ - public String getType() { - return type; - } - - /** - * Sets the value of the type property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setType(String value) { - this.type = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/RetrievalMethodType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/RetrievalMethodType.java deleted file mode 100644 index 6f1a94de5..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/RetrievalMethodType.java +++ /dev/null @@ -1,116 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for RetrievalMethodType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="RetrievalMethodType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Transforms" minOccurs="0"/> - * </sequence> - * <attribute name="URI" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * <attribute name="Type" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "RetrievalMethodType", propOrder = { "transforms" }) -public class RetrievalMethodType { - - @XmlElement(name = "Transforms") - protected TransformsType transforms; - @XmlAttribute(name = "URI") - @XmlSchemaType(name = "anyURI") - protected String uri; - @XmlAttribute(name = "Type") - @XmlSchemaType(name = "anyURI") - protected String type; - - /** - * Gets the value of the transforms property. - * - * @return possible object is {@link TransformsType } - * - */ - public TransformsType getTransforms() { - return transforms; - } - - /** - * Sets the value of the transforms property. - * - * @param value - * allowed object is {@link TransformsType } - * - */ - public void setTransforms(TransformsType value) { - this.transforms = value; - } - - /** - * Gets the value of the uri property. - * - * @return possible object is {@link String } - * - */ - public String getURI() { - return uri; - } - - /** - * Sets the value of the uri property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setURI(String value) { - this.uri = value; - } - - /** - * Gets the value of the type property. - * - * @return possible object is {@link String } - * - */ - public String getType() { - return type; - } - - /** - * Sets the value of the type property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setType(String value) { - this.type = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SPKIDataType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SPKIDataType.java deleted file mode 100644 index 5199fb0e2..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SPKIDataType.java +++ /dev/null @@ -1,77 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlType; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for SPKIDataType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="SPKIDataType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence maxOccurs="unbounded"> - * <element name="SPKISexp" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * <any processContents='lax' namespace='##other' minOccurs="0"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "SPKIDataType", propOrder = { "spkiSexpAndAny" }) -public class SPKIDataType { - - @XmlElementRef(name = "SPKISexp", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class) - @XmlAnyElement(lax = true) - protected List<Object> spkiSexpAndAny; - - /** - * Gets the value of the spkiSexpAndAny property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the spkiSexpAndAny property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getSPKISexpAndAny().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Element } {@link JAXBElement }{@code <}{@link byte[]}{@code >} {@link Object } - * - * - */ - public List<Object> getSPKISexpAndAny() { - if (spkiSexpAndAny == null) { - spkiSexpAndAny = new ArrayList<Object>(); - } - return this.spkiSexpAndAny; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureMethodType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureMethodType.java deleted file mode 100644 index 4f5658011..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureMethodType.java +++ /dev/null @@ -1,106 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.math.BigInteger; -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for SignatureMethodType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="SignatureMethodType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="HMACOutputLength" type="{http://www.w3.org/2000/09/xmldsig#}HMACOutputLengthType" minOccurs="0"/> - * <any namespace='##other' maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * <attribute name="Algorithm" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "SignatureMethodType", propOrder = { "content" }) -public class SignatureMethodType { - - @XmlElementRef(name = "HMACOutputLength", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false) - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "Algorithm", required = true) - @XmlSchemaType(name = "anyURI") - protected String algorithm; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link JAXBElement }{@code <}{@link BigInteger }{@code >} {@link Object } {@link String } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the algorithm property. - * - * @return possible object is {@link String } - * - */ - public String getAlgorithm() { - return algorithm; - } - - /** - * Sets the value of the algorithm property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAlgorithm(String value) { - this.algorithm = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignaturePropertiesType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignaturePropertiesType.java deleted file mode 100644 index 481abd165..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignaturePropertiesType.java +++ /dev/null @@ -1,104 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * <p> - * Java class for SignaturePropertiesType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="SignaturePropertiesType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}SignatureProperty" maxOccurs="unbounded"/> - * </sequence> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "SignaturePropertiesType", propOrder = { "signatureProperty" }) -public class SignaturePropertiesType { - - @XmlElement(name = "SignatureProperty", required = true) - protected List<SignaturePropertyType> signatureProperty; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - - /** - * Gets the value of the signatureProperty property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the signatureProperty property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getSignatureProperty().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link SignaturePropertyType } - * - * - */ - public List<SignaturePropertyType> getSignatureProperty() { - if (signatureProperty == null) { - signatureProperty = new ArrayList<SignaturePropertyType>(); - } - return this.signatureProperty; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignaturePropertyType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignaturePropertyType.java deleted file mode 100644 index 027675315..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignaturePropertyType.java +++ /dev/null @@ -1,132 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for SignaturePropertyType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="SignaturePropertyType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice maxOccurs="unbounded"> - * <any processContents='lax' namespace='##other'/> - * </choice> - * <attribute name="Target" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "SignaturePropertyType", propOrder = { "content" }) -public class SignaturePropertyType { - - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "Target", required = true) - @XmlSchemaType(name = "anyURI") - protected String target; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } {@link Element } {@link String } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the target property. - * - * @return possible object is {@link String } - * - */ - public String getTarget() { - return target; - } - - /** - * Sets the value of the target property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setTarget(String value) { - this.target = value; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureType.java deleted file mode 100644 index 131cee1bc..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureType.java +++ /dev/null @@ -1,176 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * <p> - * Java class for SignatureType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="SignatureType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}SignedInfo"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}SignatureValue"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}KeyInfo" minOccurs="0"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Object" maxOccurs="unbounded" minOccurs="0"/> - * </sequence> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "SignatureType", propOrder = { "signedInfo", "signatureValue", "keyInfo", "object" }) -public class SignatureType { - - @XmlElement(name = "SignedInfo", required = true) - protected SignedInfoType signedInfo; - @XmlElement(name = "SignatureValue", required = true) - protected SignatureValueType signatureValue; - @XmlElement(name = "KeyInfo") - protected KeyInfoType keyInfo; - @XmlElement(name = "Object") - protected List<ObjectType> object; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - - /** - * Gets the value of the signedInfo property. - * - * @return possible object is {@link SignedInfoType } - * - */ - public SignedInfoType getSignedInfo() { - return signedInfo; - } - - /** - * Sets the value of the signedInfo property. - * - * @param value - * allowed object is {@link SignedInfoType } - * - */ - public void setSignedInfo(SignedInfoType value) { - this.signedInfo = value; - } - - /** - * Gets the value of the signatureValue property. - * - * @return possible object is {@link SignatureValueType } - * - */ - public SignatureValueType getSignatureValue() { - return signatureValue; - } - - /** - * Sets the value of the signatureValue property. - * - * @param value - * allowed object is {@link SignatureValueType } - * - */ - public void setSignatureValue(SignatureValueType value) { - this.signatureValue = value; - } - - /** - * Gets the value of the keyInfo property. - * - * @return possible object is {@link KeyInfoType } - * - */ - public KeyInfoType getKeyInfo() { - return keyInfo; - } - - /** - * Sets the value of the keyInfo property. - * - * @param value - * allowed object is {@link KeyInfoType } - * - */ - public void setKeyInfo(KeyInfoType value) { - this.keyInfo = value; - } - - /** - * Gets the value of the object property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the object property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getObject().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link ObjectType } - * - * - */ - public List<ObjectType> getObject() { - if (object == null) { - object = new ArrayList<ObjectType>(); - } - return this.object; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureValueType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureValueType.java deleted file mode 100644 index af43e55cd..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignatureValueType.java +++ /dev/null @@ -1,91 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.XmlValue; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * <p> - * Java class for SignatureValueType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="SignatureValueType"> - * <simpleContent> - * <extension base="<http://www.w3.org/2001/XMLSchema>base64Binary"> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </extension> - * </simpleContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "SignatureValueType", propOrder = { "value" }) -public class SignatureValueType { - - @XmlValue - protected byte[] value; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - - /** - * Gets the value of the value property. - * - * @return possible object is byte[] - */ - public byte[] getValue() { - return value; - } - - /** - * Sets the value of the value property. - * - * @param value - * allowed object is byte[] - */ - public void setValue(byte[] value) { - this.value = value; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignedInfoType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignedInfoType.java deleted file mode 100644 index 2523af53c..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/SignedInfoType.java +++ /dev/null @@ -1,152 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlID; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import javax.xml.bind.annotation.adapters.CollapsedStringAdapter; -import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; - -/** - * <p> - * Java class for SignedInfoType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="SignedInfoType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}CanonicalizationMethod"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}SignatureMethod"/> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Reference" maxOccurs="unbounded"/> - * </sequence> - * <attribute name="Id" type="{http://www.w3.org/2001/XMLSchema}ID" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "SignedInfoType", propOrder = { "canonicalizationMethod", "signatureMethod", "reference" }) -public class SignedInfoType { - - @XmlElement(name = "CanonicalizationMethod", required = true) - protected CanonicalizationMethodType canonicalizationMethod; - @XmlElement(name = "SignatureMethod", required = true) - protected SignatureMethodType signatureMethod; - @XmlElement(name = "Reference", required = true) - protected List<ReferenceType> reference; - @XmlAttribute(name = "Id") - @XmlJavaTypeAdapter(CollapsedStringAdapter.class) - @XmlID - @XmlSchemaType(name = "ID") - protected String id; - - /** - * Gets the value of the canonicalizationMethod property. - * - * @return possible object is {@link CanonicalizationMethodType } - * - */ - public CanonicalizationMethodType getCanonicalizationMethod() { - return canonicalizationMethod; - } - - /** - * Sets the value of the canonicalizationMethod property. - * - * @param value - * allowed object is {@link CanonicalizationMethodType } - * - */ - public void setCanonicalizationMethod(CanonicalizationMethodType value) { - this.canonicalizationMethod = value; - } - - /** - * Gets the value of the signatureMethod property. - * - * @return possible object is {@link SignatureMethodType } - * - */ - public SignatureMethodType getSignatureMethod() { - return signatureMethod; - } - - /** - * Sets the value of the signatureMethod property. - * - * @param value - * allowed object is {@link SignatureMethodType } - * - */ - public void setSignatureMethod(SignatureMethodType value) { - this.signatureMethod = value; - } - - /** - * Gets the value of the reference property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the reference property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getReference().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link ReferenceType } - * - * - */ - public List<ReferenceType> getReference() { - if (reference == null) { - reference = new ArrayList<ReferenceType>(); - } - return this.reference; - } - - /** - * Gets the value of the id property. - * - * @return possible object is {@link String } - * - */ - public String getId() { - return id; - } - - /** - * Sets the value of the id property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setId(String value) { - this.id = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/TransformType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/TransformType.java deleted file mode 100644 index f47dc1251..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/TransformType.java +++ /dev/null @@ -1,106 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlMixed; -import javax.xml.bind.annotation.XmlSchemaType; -import javax.xml.bind.annotation.XmlType; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for TransformType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="TransformType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <choice maxOccurs="unbounded" minOccurs="0"> - * <any processContents='lax' namespace='##other'/> - * <element name="XPath" type="{http://www.w3.org/2001/XMLSchema}string"/> - * </choice> - * <attribute name="Algorithm" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" /> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "TransformType", propOrder = { "content" }) -public class TransformType { - - @XmlElementRef(name = "XPath", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false) - @XmlMixed - @XmlAnyElement(lax = true) - protected List<Object> content; - @XmlAttribute(name = "Algorithm", required = true) - @XmlSchemaType(name = "anyURI") - protected String algorithm; - - /** - * Gets the value of the content property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the content property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getContent().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link Object } {@link JAXBElement }{@code <}{@link String }{@code >} {@link Element } {@link String } - * - * - */ - public List<Object> getContent() { - if (content == null) { - content = new ArrayList<Object>(); - } - return this.content; - } - - /** - * Gets the value of the algorithm property. - * - * @return possible object is {@link String } - * - */ - public String getAlgorithm() { - return algorithm; - } - - /** - * Sets the value of the algorithm property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setAlgorithm(String value) { - this.algorithm = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/TransformsType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/TransformsType.java deleted file mode 100644 index b31f36764..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/TransformsType.java +++ /dev/null @@ -1,72 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for TransformsType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="TransformsType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element ref="{http://www.w3.org/2000/09/xmldsig#}Transform" maxOccurs="unbounded"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "TransformsType", propOrder = { "transform" }) -public class TransformsType { - - @XmlElement(name = "Transform", required = true) - protected List<TransformType> transform; - - /** - * Gets the value of the transform property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the transform property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getTransform().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link TransformType } - * - * - */ - public List<TransformType> getTransform() { - if (transform == null) { - transform = new ArrayList<TransformType>(); - } - return this.transform; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/X509DataType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/X509DataType.java deleted file mode 100644 index b6260d67d..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/X509DataType.java +++ /dev/null @@ -1,89 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.util.ArrayList; -import java.util.List; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAnyElement; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlElementRefs; -import javax.xml.bind.annotation.XmlType; -import org.w3c.dom.Element; - -/** - * <p> - * Java class for X509DataType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="X509DataType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence maxOccurs="unbounded"> - * <choice> - * <element name="X509IssuerSerial" type="{http://www.w3.org/2000/09/xmldsig#}X509IssuerSerialType"/> - * <element name="X509SKI" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * <element name="X509SubjectName" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="X509Certificate" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * <element name="X509CRL" type="{http://www.w3.org/2001/XMLSchema}base64Binary"/> - * <any processContents='lax' namespace='##other'/> - * </choice> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "X509DataType", propOrder = { "x509IssuerSerialOrX509SKIOrX509SubjectName" }) -public class X509DataType { - - @XmlElementRefs({ @XmlElementRef(name = "X509SubjectName", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "X509Certificate", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "X509CRL", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "X509SKI", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false), - @XmlElementRef(name = "X509IssuerSerial", namespace = "http://www.w3.org/2000/09/xmldsig#", type = JAXBElement.class, required = false) }) - @XmlAnyElement(lax = true) - protected List<Object> x509IssuerSerialOrX509SKIOrX509SubjectName; - - /** - * Gets the value of the x509IssuerSerialOrX509SKIOrX509SubjectName property. - * - * <p> - * This accessor method returns a reference to the live list, not a snapshot. Therefore any modification you make to the returned list will be present inside the JAXB object. This is why there is - * not a <CODE>set</CODE> method for the x509IssuerSerialOrX509SKIOrX509SubjectName property. - * - * <p> - * For example, to add a new item, do as follows: - * - * <pre> - * getX509IssuerSerialOrX509SKIOrX509SubjectName().add(newItem); - * </pre> - * - * - * <p> - * Objects of the following type(s) are allowed in the list {@link JAXBElement }{@code <}{@link byte[]}{@code >} {@link JAXBElement }{@code <}{@link byte[]}{@code >} {@link Object } {@link Element } - * {@link JAXBElement }{@code <}{@link String }{@code >} {@link JAXBElement }{@code <}{@link X509IssuerSerialType }{@code >} {@link JAXBElement }{@code <}{@link byte[]}{@code >} - * - * - */ - public List<Object> getX509IssuerSerialOrX509SKIOrX509SubjectName() { - if (x509IssuerSerialOrX509SKIOrX509SubjectName == null) { - x509IssuerSerialOrX509SKIOrX509SubjectName = new ArrayList<Object>(); - } - return this.x509IssuerSerialOrX509SKIOrX509SubjectName; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/X509IssuerSerialType.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/X509IssuerSerialType.java deleted file mode 100644 index 7da3185c8..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/X509IssuerSerialType.java +++ /dev/null @@ -1,89 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - -import java.math.BigInteger; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlType; - -/** - * <p> - * Java class for X509IssuerSerialType complex type. - * - * <p> - * The following schema fragment specifies the expected content contained within this class. - * - * <pre> - * <complexType name="X509IssuerSerialType"> - * <complexContent> - * <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> - * <sequence> - * <element name="X509IssuerName" type="{http://www.w3.org/2001/XMLSchema}string"/> - * <element name="X509SerialNumber" type="{http://www.w3.org/2001/XMLSchema}integer"/> - * </sequence> - * </restriction> - * </complexContent> - * </complexType> - * </pre> - * - * - */ -@XmlAccessorType(XmlAccessType.FIELD) -@XmlType(name = "X509IssuerSerialType", propOrder = { "x509IssuerName", "x509SerialNumber" }) -public class X509IssuerSerialType { - - @XmlElement(name = "X509IssuerName", required = true) - protected String x509IssuerName; - @XmlElement(name = "X509SerialNumber", required = true) - protected BigInteger x509SerialNumber; - - /** - * Gets the value of the x509IssuerName property. - * - * @return possible object is {@link String } - * - */ - public String getX509IssuerName() { - return x509IssuerName; - } - - /** - * Sets the value of the x509IssuerName property. - * - * @param value - * allowed object is {@link String } - * - */ - public void setX509IssuerName(String value) { - this.x509IssuerName = value; - } - - /** - * Gets the value of the x509SerialNumber property. - * - * @return possible object is {@link BigInteger } - * - */ - public BigInteger getX509SerialNumber() { - return x509SerialNumber; - } - - /** - * Sets the value of the x509SerialNumber property. - * - * @param value - * allowed object is {@link BigInteger } - * - */ - public void setX509SerialNumber(BigInteger value) { - this.x509SerialNumber = value; - } - -} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/package-info.java deleted file mode 100644 index 52572b90c..000000000 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/org/w3/_2000/_09/xmldsig/package-info.java +++ /dev/null @@ -1,10 +0,0 @@ -// -// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4-2 -// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> -// Any modifications to this file will be lost upon recompilation of the source schema. -// Generated on: 2014.04.12 at 12:22:50 PM GMT -// - -@javax.xml.bind.annotation.XmlSchema(namespace = "http://www.w3.org/2000/09/xmldsig#", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED) -package eu.stork.peps.complex.attributes.org.w3._2000._09.xmldsig; - diff --git a/id/server/stork2-commons/src/main/resources/log4j.xml b/id/server/stork2-commons/src/main/resources/log4j.xml deleted file mode 100644 index a3055599b..000000000 --- a/id/server/stork2-commons/src/main/resources/log4j.xml +++ /dev/null @@ -1,19 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd"> - -<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"> - <appender name="MainLogger" class="org.apache.log4j.DailyRollingFileAppender"> - <param name="File" value="./target/stork-commons.log" /> - <param name="DatePattern" value="'.'yyyy-MM-dd" /> - <param name="Append" value="true" /> - <layout class="org.apache.log4j.PatternLayout"> - <param name="ConversionPattern" value="%d{HH:mm:ss:SSS} - %p - %C{1} - %m%n" /> - </layout> - </appender> - - <root> - <priority value="info" /> - <appender-ref ref="MainLogger" /> - </root> - -</log4j:configuration> diff --git a/id/server/stork2-commons/src/main/resources/schema/StorkcomplexAttributes.xsd b/id/server/stork2-commons/src/main/resources/schema/StorkcomplexAttributes.xsd deleted file mode 100644 index 6db304388..000000000 --- a/id/server/stork2-commons/src/main/resources/schema/StorkcomplexAttributes.xsd +++ /dev/null @@ -1,385 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:dps="urn:crue:academic:xsd:language:diplomasupplement" xmlns:gdp="urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" elementFormDefault="qualified" targetNamespace="urn:eu:stork:names:tc:STORK:1.0:assertion"> - <xs:import namespace="urn:crue:academic:xsd:language:diplomasupplement" schemaLocation="crue-academic-language-diplomasupplement-schema-1_1.xsd" /> - <xs:import namespace="urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma" schemaLocation="diploma.xsd" /> - <!--QAA --> - <xs:element name="QualityAuthenticationAssuranceLevel" type="stork:QualityAuthenticationAssuranceLevelType" /> - <xs:element name="spSector" type="stork:SPSectorType" /> - <xs:element name="spApplication" type="stork:SPApplicationType" /> - <xs:element name="spCountry" type="stork:CountryCodeType" /> - <xs:element name="CitizenCountryCode" type="stork:CountryCodeType" /> - <xs:element name="RequestedAttribute" type="stork:RequestedAttributeType" /> - <xs:element name="AttributeValue" type="xs:anyType" /> - <xs:element name="canonicalResidenceAddress" type="stork:canonicalAddressType" /> - <xs:element name="countryCodeAddress" type="stork:CountryCodeType" /> - <xs:element name="diplomaSupplement" type="stork:diplomaSupplementType" /> - <xs:element name="currentStudiesSupplement" type="stork:currentStudiesType" /> - <!-- We'll leave these new attributes for release 4 --> - <!-- <xs:element name="languageQualification" type="stork:languageQualificationType" /> --> - <!-- <xs:element name="academicRecommendation" type="stork:academicRecommendationType" /> --> - <xs:element name="hasDegree" type="stork:hasDegreeType" /> - <xs:element name="isStudent" type="stork:isStudentType" /> - <xs:element name="isAcademicStaff" type="stork:isAcademicStaffType" /> - <xs:element name="isTeacherOf" type="stork:isTeacherOfType" /> - <xs:element name="isCourseCoordinator" type="stork:isCourseCoordinatorType" /> - <xs:element name="isAdminStaff" type="stork:isAdminStaffType" /> - <xs:element name="habilitation" type="stork:habilitationType" /> - <xs:element name="acTitle" type="stork:acTitleType" /> - <xs:element name="hasAccountInBank" type="stork:hasAccountInBankType" /> - <xs:element name="isHealthCareProfessional" type="stork:isHealthCareProfessionalType" /> - <xs:element name="canonicalRegisteredAddress" type="stork:canonicalAddressType" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - <xs:element name="mandate" type="stork:mandateType" /> - <xs:element name="representationPerson" type="stork:representationPersonType" /> - <xs:element name="mandateContent" type="stork:mandateContentType" /> - <xs:element name="study" type="stork:studyType" /> - <xs:element name="HCPType" type="stork:HCPType" /> - <xs:attribute name="AttributeStatus" type="stork:AttributeStatusType" /> - <xs:simpleType name="SPSectorType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1" /> - <xs:maxLength value="20" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="SPApplicationType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1" /> - <xs:maxLength value="100" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="AttributeStatusType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="Available" /> - <xs:enumeration value="NotAvailable" /> - <xs:enumeration value="Withheld" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="studyType"> - <xs:restriction base="xs:string" /> - </xs:simpleType> - <xs:simpleType name="LevelType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1" /> - <xs:maxLength value="1" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="currencyType"> - <xs:restriction base="xs:string"> - <xs:minLength value="3" /> - <xs:maxLength value="3" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="occupationType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1" /> - <xs:maxLength value="1" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="teacherRoleType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1" /> - <xs:maxLength value="1" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="titleNormalisedType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1" /> - <xs:maxLength value="1" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="HCPType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1" /> - <xs:maxLength value="1" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="specialisationType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1" /> - <xs:maxLength value="1" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="QualityAuthenticationAssuranceLevelType"> - <xs:restriction base="xs:integer"> - <xs:minInclusive value="1" /> - <xs:maxInclusive value="4" /> - </xs:restriction> - </xs:simpleType> - <xs:complexType name="canonicalAddressType"> - <xs:sequence> - <xs:element name="countryCodeAddress" type="stork:CountryCodeType" /> - <xs:element name="state" type="xs:string" minOccurs="0" /> - <xs:element name="municipalityCode" type="xs:string" minOccurs="0" /> - <xs:element name="town" type="xs:string" /> - <xs:element name="postalCode" type="xs:string" /> - <xs:element name="streetName" type="xs:string" /> - <xs:element name="streetNumber" type="xs:string" minOccurs="0" /> - <xs:element name="apartmentNumber" type="xs:string" minOccurs="0" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="hasDegreeType"> - <xs:sequence> - <xs:element name="study" type="stork:studyType" /> - <xs:element name="level" type="stork:LevelType" /> - <xs:element name="yearObtained" type="xs:integer" /> - <xs:element name="nameOfInstitution" type="xs:string" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="isAcademicStaffType"> - <xs:sequence> - <xs:element name="nameOfInstitution" type="xs:string" /> - <xs:element name="occupation" type="stork:occupationType" /> - <xs:element name="knowledgeArea" type="xs:string" minOccurs="0" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="isTeacherOfType"> - <xs:sequence> - <xs:element name="nameOfInstitution" type="xs:string" /> - <xs:element name="course" type="xs:string" /> - <xs:element name="role" type="stork:teacherRoleType" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="isCourseCoordinatorType"> - <xs:sequence> - <xs:element name="courseCoodinator" type="xs:string" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="isAdminStaffType"> - <xs:sequence> - <xs:element name="adminStaff" type="xs:string" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="habilitation"> - <xs:sequence> - <xs:element name="ability" type="xs:string" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="acTitleType"> - <xs:sequence> - <xs:element name="titleNormalised" type="stork:titleNormalisedType" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="hasAccountInBankType"> - <xs:sequence> - <xs:element name="bankName" type="xs:string" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="isHCPType"> - <xs:sequence> - <xs:element name="nameOfOrganisation" type="xs:string" /> - <xs:element name="HCPType" type="stork:HCPType" /> - <xs:element name="specialisation" type="stork:specialisationType" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="representationPersonType"> - <xs:choice> - <xs:sequence> - <xs:element name="eIdentifier" type="xs:string" /> - <xs:element name="givenName" type="xs:string" /> - <xs:element name="surname" type="xs:string" /> - <xs:element name="dateOfBirth" type="xs:string" /> - </xs:sequence> - <xs:sequence> - <xs:element name="eLPIdentifier" type="xs:string" /> - <xs:element name="legalName" type="xs:string" /> - <xs:element name="textRegisteredAddress" type="xs:string" /> - <xs:element name="canonicalRegisteredAddress" type="stork:canonicalAddressType" /> - <xs:element name="legalForm" type="xs:string" /> - </xs:sequence> - </xs:choice> - </xs:complexType> - <xs:complexType name="TransactionLimitRestrictionType"> - <xs:sequence> - <xs:element name="amount" type="xs:decimal" /> - <xs:element name="currency" type="xs:string" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="TimeRestrictionType"> - <xs:sequence> - <xs:element name="validFrom" type="xs:date" /> - <xs:element name="validTo" type="xs:date" /> - </xs:sequence> - </xs:complexType> - <!-- <xs:complexType name="originalMandateType"> --> - <!-- <xs:simpleContent> --> - <!-- <xs:extension base="xs:base64Binary"> --> - <!-- <xs:attribute --> - <!-- name="type" --> - <!-- type="xs:string"> --> - <!-- </xs:attribute> --> - <!-- </xs:extension> --> - <!-- </xs:simpleContent> --> - <!-- </xs:complexType> --> - <xs:complexType name="mandateContentType"> - <xs:sequence> - <xs:element name="typePower" type="xs:string" /> - <!-- Misspelled attribute typeOfPower--> - <xs:element name="typeOfPower" type="xs:string" /> - <xs:element name="timeRestriction" type="stork:TimeRestrictionType" /> - <xs:element name="isJoined" type="xs:string" /> - <!-- Misspelled attribute isJoint--> - <xs:element name="isJoint" type="xs:string" /> - <xs:element name="isChained" type="xs:boolean" /> - <xs:element name="originalMandate" type="xs:base64Binary" /> - <xs:element name="originalMandateType" type="xs:string" /> - <xs:element name="transactionLimit" type="stork:TransactionLimitRestrictionType" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="mandateType"> - <xs:sequence> - <xs:element name="represented" type="stork:representationPersonType" /> - <xs:element name="representing" type="stork:representationPersonType" /> - <!-- Misspelled attribute representative--> - <xs:element name="representative" type="stork:representationPersonType" /> - <xs:element name="mandateContent" type="stork:mandateContentType" maxOccurs="unbounded" /> - </xs:sequence> - </xs:complexType> - <xs:simpleType name="CountryCodeType"> - <xs:restriction base="xs:token"> - <xs:pattern value="[A-Z]{2}" /> - </xs:restriction> - </xs:simpleType> - <xs:complexType name="RequestedAttributeType"> - <xs:sequence> - <xs:element minOccurs="0" maxOccurs="unbounded" ref="stork:AttributeValue" /> - </xs:sequence> - <xs:attribute name="Name" use="required" type="xs:string" /> - <xs:attribute name="NameFormat" use="required" type="xs:anyURI" /> - <xs:attribute name="FriendlyName" use="optional" type="xs:string" /> - <xs:attribute name="isRequired" use="optional" type="xs:boolean" /> - <xs:anyAttribute namespace="##other" processContents="lax" /> - </xs:complexType> - <xs:complexType name="isStudentType"> - <xs:sequence> - <xs:element ref="stork:study" minOccurs="0" /> - <xs:element name="nameOfInstitution" type="xs:string" /> - <xs:element name="course" type="xs:string" minOccurs="0" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="habilitationType"> - <xs:sequence> - <xs:element name="ability" type="xs:string" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="isHealthCareProfessionalType"> - <xs:sequence> - <xs:element name="typeOfHCP"> - <xs:simpleType> - <xs:restriction base="xs:anyURI"> - <xs:enumeration value="dentist" /> - <xs:enumeration value="nurse" /> - <xs:enumeration value="pharmacist" /> - <xs:enumeration value="physician" /> - <xs:enumeration value="nurse midwife" /> - <xs:enumeration value="admission clerk" /> - <xs:enumeration value="ancillary services" /> - <xs:enumeration value="clinical services" /> - </xs:restriction> - </xs:simpleType> - </xs:element> - <xs:element name="nameOfOrganisation" type="xs:string" /> - <xs:element name="typeOfOrganisation"> - <xs:simpleType> - <xs:restriction base="xs:anyURI"> - <xs:enumeration value="Hospital" /> - <xs:enumeration value="Resident Physician" /> - <xs:enumeration value="Pharmacy" /> - <xs:enumeration value="Other" /> - <xs:enumeration value="Unknown" /> - </xs:restriction> - </xs:simpleType> - </xs:element> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="diplomaSupplementType"> - <xs:sequence> - <xs:choice> - <xs:element ref="dps:MultilingualDiplomaSupplement" /> - <xs:element ref="dps:DiplomaSupplement" /> - <xs:element ref="gdp:MultilingualGeneralDiploma" /> - <xs:element ref="gdp:GeneralDiploma" /> - </xs:choice> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - <xs:any minOccurs="0" /> - </xs:sequence> - </xs:complexType> - <xs:complexType name="currentStudiesType"> - <xs:sequence> - <xs:choice> - <xs:element ref="gdp:MultilingualGeneralDiploma" /> - <xs:element ref="gdp:GeneralDiploma" /> - </xs:choice> - <xs:element name="yearOfStudy" type="xs:integer" /> - <xs:element name="isEligibleForInternship" type="xs:boolean" /> - <xs:element name="AQAA" type="stork:QualityAuthenticationAssuranceLevelType" /> - <xs:any minOccurs="0" /> - </xs:sequence> - </xs:complexType> - <!-- We'll leave these new attributes for release 4 --> - <!-- - <xs:complexType name="languageQualificationType"> - <xs:sequence> - <xs:element name="language" type="stork:languageType" /> - <xs:element name="name" type="xs:string" /> - <xs:element name="acronym" type="xs:string" minOccurs="0"/> - <xs:element name="cefrLevel" type="stork:cefrLevelType" minOccurs="0"/> - <xs:element name="international" type="xs:boolean" minOccurs="0"/> - <xs:element name="AQAA" - type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - - <xs:complexType name="academicRecommendationType"> - <xs:sequence> - <xs:element name="fullNameOfRecommender" type="xs:string" /> - <xs:element name="institution" type="xs:string" /> - <xs:element name="affiliation" type="xs:string" /> - <xs:element name="knowledgeArea" type="xs:string" minOccurs="0" /> - <xs:element name="contactEmail" type="xs:string" /> - <xs:element name="contactPhone" type="xs:string" minOccurs="0" /> - <xs:element name="comment" type="xs:string" minOccurs="0" /> - <xs:element name="AQAA" - type="stork:QualityAuthenticationAssuranceLevelType" /> - </xs:sequence> - </xs:complexType> - - <xs:simpleType name="languageType"> - <xs:restriction base="xs:string"> - <xs:minLength value="2" /> - <xs:maxLength value="3" /> - </xs:restriction> - </xs:simpleType> - - <xs:simpleType name="cefrLevelType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="A1" /> - <xs:enumeration value="A2" /> - <xs:enumeration value="B1" /> - <xs:enumeration value="B2" /> - <xs:enumeration value="C1" /> - <xs:enumeration value="C2" /> - </xs:restriction> - </xs:simpleType> - - --> - <xs:element name="specialisation" type="stork:specialisationType" /> - <xs:simpleType name="medical"> - <xs:restriction base="xs:string"> - <xs:maxLength value="2" /> - <xs:minLength value="2" /> - </xs:restriction> - </xs:simpleType> -</xs:schema>
\ No newline at end of file diff --git a/id/server/stork2-commons/src/main/resources/schema/crue-academic-language-diplomasupplement-schema-1_1.xsd b/id/server/stork2-commons/src/main/resources/schema/crue-academic-language-diplomasupplement-schema-1_1.xsd deleted file mode 100644 index 3728a7904..000000000 --- a/id/server/stork2-commons/src/main/resources/schema/crue-academic-language-diplomasupplement-schema-1_1.xsd +++ /dev/null @@ -1,3778 +0,0 @@ -<?xml version="1.0" encoding="utf-8" ?> -<xs:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" - xmlns:aclan="urn:crue:academic:xsd:language:diplomasupplement" - attributeFormDefault="unqualified" - elementFormDefault="qualified" - targetNamespace="urn:crue:academic:xsd:language:diplomasupplement" - version="1.1" - xmlns:xs="http://www.w3.org/2001/XMLSchema"> - - <xs:import schemaLocation="xmldsig-core-schema.xsd" - namespace="http://www.w3.org/2000/09/xmldsig#" /> - - <xs:simpleType name="AcademicYearType"> - <xs:annotation> - <xs:documentation xml:lang="es">Academic year constraint YYYY-YY. (e.g. 2005-06, 2006-07, ...)</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:pattern value="(19|20)\d\d\-\d\d" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="CountryType"> - <xs:annotation> - <xs:documentation xml:lang="en">ISO 3166-1-alpha-2</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="AD"> - <xs:annotation> - <xs:documentation xml:lang="en">Andorra</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AE"> - <xs:annotation> - <xs:documentation xml:lang="en">United Arab Emirates</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AF"> - <xs:annotation> - <xs:documentation xml:lang="en">Afghanistan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AG"> - <xs:annotation> - <xs:documentation xml:lang="en">Antigua and Barbuda</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AL"> - <xs:annotation> - <xs:documentation xml:lang="en">Albania</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AM"> - <xs:annotation> - <xs:documentation xml:lang="en">Armenia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AO"> - <xs:annotation> - <xs:documentation xml:lang="en">Angola</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AR"> - <xs:annotation> - <xs:documentation xml:lang="en">Argentina</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AT"> - <xs:annotation> - <xs:documentation xml:lang="en">Austria</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AU"> - <xs:annotation> - <xs:documentation xml:lang="en">Australia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="AZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Azerbaijan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BA"> - <xs:annotation> - <xs:documentation xml:lang="en">Bosnia and Herzegovina</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BB"> - <xs:annotation> - <xs:documentation xml:lang="en">Barbados</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BD"> - <xs:annotation> - <xs:documentation xml:lang="en">Bangladesh</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BE"> - <xs:annotation> - <xs:documentation xml:lang="en">Belgium</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BF"> - <xs:annotation> - <xs:documentation xml:lang="en">Burkina Faso</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BG"> - <xs:annotation> - <xs:documentation xml:lang="en">Bulgaria</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BH"> - <xs:annotation> - <xs:documentation xml:lang="en">Bahrain</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BI"> - <xs:annotation> - <xs:documentation xml:lang="en">Burundi</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BJ"> - <xs:annotation> - <xs:documentation xml:lang="en">Benin</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BN"> - <xs:annotation> - <xs:documentation xml:lang="en">Brunei Darussalam</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BO"> - <xs:annotation> - <xs:documentation xml:lang="en">Bolivia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BR"> - <xs:annotation> - <xs:documentation xml:lang="en">Brazil</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BS"> - <xs:annotation> - <xs:documentation xml:lang="en">Bahamas</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BT"> - <xs:annotation> - <xs:documentation xml:lang="en">Bhutan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BW"> - <xs:annotation> - <xs:documentation xml:lang="en">Botswana</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BY"> - <xs:annotation> - <xs:documentation xml:lang="en">Belarus</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="BZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Belize</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CA"> - <xs:annotation> - <xs:documentation xml:lang="en">Canada</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CD"> - <xs:annotation> - <xs:documentation xml:lang="en">Congo, Democratic Republic of the</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CF"> - <xs:annotation> - <xs:documentation xml:lang="en">Central African Republic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CG"> - <xs:annotation> - <xs:documentation xml:lang="en">Congo, Republic of the</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CH"> - <xs:annotation> - <xs:documentation xml:lang="en">Switzerland</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CI"> - <xs:annotation> - <xs:documentation xml:lang="en">Cote d/Ivoire</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CL"> - <xs:annotation> - <xs:documentation xml:lang="en">Chile</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CM"> - <xs:annotation> - <xs:documentation xml:lang="en">Cameroon</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CN"> - <xs:annotation> - <xs:documentation xml:lang="en">China</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CO"> - <xs:annotation> - <xs:documentation xml:lang="en">Colombia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CR"> - <xs:annotation> - <xs:documentation xml:lang="en">Costa Rica</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CU"> - <xs:annotation> - <xs:documentation xml:lang="en">Cuba</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CV"> - <xs:annotation> - <xs:documentation xml:lang="en">Cape Verde</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CY"> - <xs:annotation> - <xs:documentation xml:lang="en">Cyprus</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="CZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Czech Republic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="DE"> - <xs:annotation> - <xs:documentation xml:lang="en">Germany</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="DJ"> - <xs:annotation> - <xs:documentation xml:lang="en">Djibouti</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="DK"> - <xs:annotation> - <xs:documentation xml:lang="en">Denmark</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="DM"> - <xs:annotation> - <xs:documentation xml:lang="en">Dominica</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="DO"> - <xs:annotation> - <xs:documentation xml:lang="en">Dominican Republic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="DZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Algeria</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="EC"> - <xs:annotation> - <xs:documentation xml:lang="en">Ecuador</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="EE"> - <xs:annotation> - <xs:documentation xml:lang="en">Estonia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="EG"> - <xs:annotation> - <xs:documentation xml:lang="en">Egypt</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ER"> - <xs:annotation> - <xs:documentation xml:lang="en">Eritrea</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ES"> - <xs:annotation> - <xs:documentation xml:lang="en">Spain</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ET"> - <xs:annotation> - <xs:documentation xml:lang="en">Ethiopia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="FI"> - <xs:annotation> - <xs:documentation xml:lang="en">Finland</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="FJ"> - <xs:annotation> - <xs:documentation xml:lang="en">Fiji</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="FM"> - <xs:annotation> - <xs:documentation xml:lang="en">Federated States of Micronesia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="FR"> - <xs:annotation> - <xs:documentation xml:lang="en">France</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GA"> - <xs:annotation> - <xs:documentation xml:lang="en">Gabon</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GB"> - <xs:annotation> - <xs:documentation xml:lang="en">United Kingdom</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GD"> - <xs:annotation> - <xs:documentation xml:lang="en">Grenada</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GE"> - <xs:annotation> - <xs:documentation xml:lang="en">Georgia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GH"> - <xs:annotation> - <xs:documentation xml:lang="en">Ghana</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GL"> - <xs:annotation> - <xs:documentation xml:lang="en">Greenland</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GM"> - <xs:annotation> - <xs:documentation xml:lang="en">Gambia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GN"> - <xs:annotation> - <xs:documentation xml:lang="en">Guinea</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GQ"> - <xs:annotation> - <xs:documentation xml:lang="en">Equatorial Guinea</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GR"> - <xs:annotation> - <xs:documentation xml:lang="en">Greece</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GT"> - <xs:annotation> - <xs:documentation xml:lang="en">Guatemala</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GW"> - <xs:annotation> - <xs:documentation xml:lang="en">Guinea-Bissau</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="GY"> - <xs:annotation> - <xs:documentation xml:lang="en">Guyana</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="HN"> - <xs:annotation> - <xs:documentation xml:lang="en">Honduras</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="HR"> - <xs:annotation> - <xs:documentation xml:lang="en">Croatia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="HT"> - <xs:annotation> - <xs:documentation xml:lang="en">Haiti</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="HU"> - <xs:annotation> - <xs:documentation xml:lang="en">Hungary</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ID"> - <xs:annotation> - <xs:documentation xml:lang="en">Indonesia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="IE"> - <xs:annotation> - <xs:documentation xml:lang="en">Ireland</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="IL"> - <xs:annotation> - <xs:documentation xml:lang="en">Israel</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="IN"> - <xs:annotation> - <xs:documentation xml:lang="en">India</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="IQ"> - <xs:annotation> - <xs:documentation xml:lang="en">Iraq</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="IR"> - <xs:annotation> - <xs:documentation xml:lang="en">Iran</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="IS"> - <xs:annotation> - <xs:documentation xml:lang="en">Iceland</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="IT"> - <xs:annotation> - <xs:documentation xml:lang="en">Italy</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="JM"> - <xs:annotation> - <xs:documentation xml:lang="en">Jamaica</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="JO"> - <xs:annotation> - <xs:documentation xml:lang="en">Jordan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="JP"> - <xs:annotation> - <xs:documentation xml:lang="en">Japan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KE"> - <xs:annotation> - <xs:documentation xml:lang="en">Kenya</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KG"> - <xs:annotation> - <xs:documentation xml:lang="en">Kyrgyzstan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KH"> - <xs:annotation> - <xs:documentation xml:lang="en">Cambodia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KI"> - <xs:annotation> - <xs:documentation xml:lang="en">Kiribati</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KM"> - <xs:annotation> - <xs:documentation xml:lang="en">Comoros</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KN"> - <xs:annotation> - <xs:documentation xml:lang="en">Saint Kitts and Nevis</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KP"> - <xs:annotation> - <xs:documentation xml:lang="en">Korea, Democratic People/s Republic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KR"> - <xs:annotation> - <xs:documentation xml:lang="en">Korea, Republic of</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KW"> - <xs:annotation> - <xs:documentation xml:lang="en">Kuwait</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="KZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Kazakstan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LA"> - <xs:annotation> - <xs:documentation xml:lang="en">Lao People/s Democratic Republic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LB"> - <xs:annotation> - <xs:documentation xml:lang="en">Lebanon</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LC"> - <xs:annotation> - <xs:documentation xml:lang="en">Saint Lucia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LI"> - <xs:annotation> - <xs:documentation xml:lang="en">Liechtenstein</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LK"> - <xs:annotation> - <xs:documentation xml:lang="en">Sri Lanka</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LR"> - <xs:annotation> - <xs:documentation xml:lang="en">Liberia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LS"> - <xs:annotation> - <xs:documentation xml:lang="en">Lesotho</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LT"> - <xs:annotation> - <xs:documentation xml:lang="en">Lithuania</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LU"> - <xs:annotation> - <xs:documentation xml:lang="en">Luxembourg</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LV"> - <xs:annotation> - <xs:documentation xml:lang="en">Latvia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="LY"> - <xs:annotation> - <xs:documentation xml:lang="en">Libyan Arab Jamahiriya</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MA"> - <xs:annotation> - <xs:documentation xml:lang="en">Morocco</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MC"> - <xs:annotation> - <xs:documentation xml:lang="en">Monaco</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MD"> - <xs:annotation> - <xs:documentation xml:lang="en">Moldova, Republic of</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ME"> - <xs:annotation> - <xs:documentation xml:lang="en">Montenegro</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MG"> - <xs:annotation> - <xs:documentation xml:lang="en">Madagascar</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MH"> - <xs:annotation> - <xs:documentation xml:lang="en">Marshall Islands</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MK"> - <xs:annotation> - <xs:documentation xml:lang="en">Macedonia, the former Yugoslav Republic of</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ML"> - <xs:annotation> - <xs:documentation xml:lang="en">Mali</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MM"> - <xs:annotation> - <xs:documentation xml:lang="en">Myanmar</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MN"> - <xs:annotation> - <xs:documentation xml:lang="en">Mongolia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MR"> - <xs:annotation> - <xs:documentation xml:lang="en">Mauritania</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MT"> - <xs:annotation> - <xs:documentation xml:lang="en">Malta</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MU"> - <xs:annotation> - <xs:documentation xml:lang="en">Mauritius</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MV"> - <xs:annotation> - <xs:documentation xml:lang="en">Maldives</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MW"> - <xs:annotation> - <xs:documentation xml:lang="en">Malawi</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MX"> - <xs:annotation> - <xs:documentation xml:lang="en">Mexico</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MY"> - <xs:annotation> - <xs:documentation xml:lang="en">Malaysia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Mozambique</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NA"> - <xs:annotation> - <xs:documentation xml:lang="en">Namibia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NE"> - <xs:annotation> - <xs:documentation xml:lang="en">Niger</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NG"> - <xs:annotation> - <xs:documentation xml:lang="en">Nigeria</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NI"> - <xs:annotation> - <xs:documentation xml:lang="en">Nicaragua</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NL"> - <xs:annotation> - <xs:documentation xml:lang="en">Netherlands</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NO"> - <xs:annotation> - <xs:documentation xml:lang="en">Norway</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NP"> - <xs:annotation> - <xs:documentation xml:lang="en">Nepal</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NR"> - <xs:annotation> - <xs:documentation xml:lang="en">Nauru</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NU"> - <xs:annotation> - <xs:documentation xml:lang="en">Niue</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="NZ"> - <xs:annotation> - <xs:documentation xml:lang="en">New Zealand</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="OM"> - <xs:annotation> - <xs:documentation xml:lang="en">Oman</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PA"> - <xs:annotation> - <xs:documentation xml:lang="en">Panama</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PE"> - <xs:annotation> - <xs:documentation xml:lang="en">Peru</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PG"> - <xs:annotation> - <xs:documentation xml:lang="en">Papua New Guinea</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PH"> - <xs:annotation> - <xs:documentation xml:lang="en">Philippines</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PK"> - <xs:annotation> - <xs:documentation xml:lang="en">Pakistan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PL"> - <xs:annotation> - <xs:documentation xml:lang="en">Poland</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PR"> - <xs:annotation> - <xs:documentation xml:lang="en">Puerto Rico</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PS"> - <xs:annotation> - <xs:documentation xml:lang="en">Palestinian Territory, Occupied</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PT"> - <xs:annotation> - <xs:documentation xml:lang="en">Portugal</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PW"> - <xs:annotation> - <xs:documentation xml:lang="en">Palau</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="PY"> - <xs:annotation> - <xs:documentation xml:lang="en">Paraguay</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="QA"> - <xs:annotation> - <xs:documentation xml:lang="en">Qatar</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="RO"> - <xs:annotation> - <xs:documentation xml:lang="en">Romania</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="RS"> - <xs:annotation> - <xs:documentation xml:lang="en">Serbia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="RU"> - <xs:annotation> - <xs:documentation xml:lang="en">Russian Federation</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="RW"> - <xs:annotation> - <xs:documentation xml:lang="en">Rwanda</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SA"> - <xs:annotation> - <xs:documentation xml:lang="en">Saudi Arabia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SB"> - <xs:annotation> - <xs:documentation xml:lang="en">Solomon Islands</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SC"> - <xs:annotation> - <xs:documentation xml:lang="en">Seychelles</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SD"> - <xs:annotation> - <xs:documentation xml:lang="en">Sudan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SE"> - <xs:annotation> - <xs:documentation xml:lang="en">Sweden</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SG"> - <xs:annotation> - <xs:documentation xml:lang="en">Singapore</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SI"> - <xs:annotation> - <xs:documentation xml:lang="en">Slovenia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SK"> - <xs:annotation> - <xs:documentation xml:lang="en">Slovakia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SL"> - <xs:annotation> - <xs:documentation xml:lang="en">Sierra Leone</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SM"> - <xs:annotation> - <xs:documentation xml:lang="en">San Marino</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SN"> - <xs:annotation> - <xs:documentation xml:lang="en">Senegal</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SO"> - <xs:annotation> - <xs:documentation xml:lang="en">Somalia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SR"> - <xs:annotation> - <xs:documentation xml:lang="en">Suriname</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ST"> - <xs:annotation> - <xs:documentation xml:lang="en">Sao Tome and Principe</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SV"> - <xs:annotation> - <xs:documentation xml:lang="en">El Salvador</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SY"> - <xs:annotation> - <xs:documentation xml:lang="en">Syrian Arab Republic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Swaziland</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TD"> - <xs:annotation> - <xs:documentation xml:lang="en">Chad</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TG"> - <xs:annotation> - <xs:documentation xml:lang="en">Togo</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TH"> - <xs:annotation> - <xs:documentation xml:lang="en">Thailand</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TJ"> - <xs:annotation> - <xs:documentation xml:lang="en">Tajikistan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TL"> - <xs:annotation> - <xs:documentation xml:lang="en">Timor-Leste</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TM"> - <xs:annotation> - <xs:documentation xml:lang="en">Turkmenistan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TN"> - <xs:annotation> - <xs:documentation xml:lang="en">Tunisia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TO"> - <xs:annotation> - <xs:documentation xml:lang="en">Tonga</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TR"> - <xs:annotation> - <xs:documentation xml:lang="en">Turkey</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TT"> - <xs:annotation> - <xs:documentation xml:lang="en">Trindidad and Tobago</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TV"> - <xs:annotation> - <xs:documentation xml:lang="en">Tuvalu</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="TZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Tanzania, United republic of</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="UA"> - <xs:annotation> - <xs:documentation xml:lang="en">Ukraina</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="UG"> - <xs:annotation> - <xs:documentation xml:lang="en">Uganda</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="US"> - <xs:annotation> - <xs:documentation xml:lang="en">United States</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="UY"> - <xs:annotation> - <xs:documentation xml:lang="en">Uruguay</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="UZ"> - <xs:annotation> - <xs:documentation xml:lang="en">Uzbekistan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="VA"> - <xs:annotation> - <xs:documentation xml:lang="en">Holy See (Vatican City State)</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="VC"> - <xs:annotation> - <xs:documentation xml:lang="en">Saint Vincent and the Granadines</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="VE"> - <xs:annotation> - <xs:documentation xml:lang="en">Venezuela</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="VN"> - <xs:annotation> - <xs:documentation xml:lang="en">Viet Nam</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="VU"> - <xs:annotation> - <xs:documentation xml:lang="en">Vanuatu</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="WS"> - <xs:annotation> - <xs:documentation xml:lang="en">Samoa</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="YE"> - <xs:annotation> - <xs:documentation xml:lang="en">Yemen</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ZA"> - <xs:annotation> - <xs:documentation xml:lang="en">South Africa</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ZM"> - <xs:annotation> - <xs:documentation xml:lang="en">Zambia</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ZW"> - <xs:annotation> - <xs:documentation xml:lang="en">Zimbabwe</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="CourseUnitTypeType"> - <xs:annotation> - <xs:documentation xml:lang="en">Type of course unit</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="Compulsory"> - <xs:annotation> - <xs:documentation xml:lang="en">Compulsory</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="Optional"> - <xs:annotation> - <xs:documentation xml:lang="en">Optional</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="DateType"> - <xs:annotation> - <xs:documentation xml:lang="en">Date format yyyy-mm-dd. Ex.: 2013-05-04, ...</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:date" /> - </xs:simpleType> - <xs:simpleType name="ECTSGradingScaleType"> - <xs:annotation> - <xs:documentation xml:lang="en">ECTS grading scale</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="A"> - <xs:annotation> - <xs:documentation xml:lang="en">Top 10%</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="B"> - <xs:annotation> - <xs:documentation xml:lang="en">Next 25%</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="C"> - <xs:annotation> - <xs:documentation xml:lang="en">Next 30%</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="D"> - <xs:annotation> - <xs:documentation xml:lang="en">Next 25%</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="E"> - <xs:annotation> - <xs:documentation xml:lang="en">Lowest 10%</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="FX"> - <xs:annotation> - <xs:documentation xml:lang="en">Fail</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="F"> - <xs:annotation> - <xs:documentation xml:lang="en">Fail</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="EmailAddressType"> - <xs:annotation> - <xs:documentation xml:lang="es">E-Mail address constraint</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string" /> - </xs:simpleType> - <xs:simpleType name="EHEAFrameworkType"> - <xs:annotation> - <xs:documentation xml:lang="en">EHEA Framework (Bologna: Framework of Qualifications/European Qualifications Framework)</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="FirstCycle"> - <xs:annotation> - <xs:documentation xml:lang="en">First Cycle</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="SecondCycle"> - <xs:annotation> - <xs:documentation xml:lang="en">Second Cycle</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ThirdCycle"> - <xs:annotation> - <xs:documentation xml:lang="en">Third Cycle</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="EmptyType"> - <xs:annotation> - <xs:documentation xml:lang="en">Empty text constraint</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:annotation> - <xs:documentation xml:lang="en">Empty text constraint</xs:documentation> - </xs:annotation> - <xs:maxLength value="0" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="GenderType"> - <xs:annotation> - <xs:documentation xml:lang="en">Gender</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="Female"> - <xs:annotation> - <xs:documentation xml:lang="en">Female</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="Male"> - <xs:annotation> - <xs:documentation xml:lang="en">Male</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ImageMimeType"> - <xs:annotation> - <xs:documentation xml:lang="en">MIME: Type image</xs:documentation> - </xs:annotation> - <xs:restriction base="aclan:MimeType"> - <xs:enumeration value="image/gif"> - <xs:annotation> - <xs:documentation xml:lang="en">GIF image</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="image/jpeg"> - <xs:annotation> - <xs:documentation xml:lang="en">JPEG JFIF image</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="image/pjpeg"> - <xs:annotation> - <xs:documentation xml:lang="en">JPEG JFIF image</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="image/png"> - <xs:annotation> - <xs:documentation xml:lang="en">Portable Network Graphics</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="image/tiff"> - <xs:annotation> - <xs:documentation xml:lang="en">Tag Image File Format</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ISCED1997Type"> - <xs:annotation> - <xs:documentation xml:lang="en">International Standard Classification of Education (ISCED) 1997</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 0: Pre-primary education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="1"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 1: Primary education or first stage of basic education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="2"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 2: Lower secondary education or second stage of basic education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="3"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 3: Upper secondary education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="4"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 4: Post-secondary non-tertiary education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="5A"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 5A: First stage of tertiary education: largely theoretically based programmes intended to provide qualifications for gaining entry into more advanced research programmes and professions with higher skills requirements</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="5B"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 5B: First stage of tertiary education: shorter, more practical/technical/occupationally specific prgrammes leading to professional qualifications</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="6"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 6: Second stage of tertiary education (leading to an advanced research qualification)</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ISCED2011Type"> - <xs:annotation> - <xs:documentation xml:lang="en">International Standard Classification of Education (ISCED) 2011</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 0: Early childhood Education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="1"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 1: Primary education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="2"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 2: Lower secondary education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="3"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 3: Upper secondary education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="4"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 4: Post-secondary non-tertiary education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="5"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 5: Short-cycle teriary education</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="6"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 6: Bachelor or equivalent</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="7"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 7: Master or equivalent</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="8"> - <xs:annotation> - <xs:documentation xml:lang="en">Level 8: Doctoral or equivalent</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="LanguageType"> - <xs:annotation> - <xs:documentation xml:lang="en">ISO 639-1 languages</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="ab"> - <xs:annotation> - <xs:documentation xml:lang="en">Abkhazian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="af"> - <xs:annotation> - <xs:documentation xml:lang="en">Afrikaans</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="an"> - <xs:annotation> - <xs:documentation xml:lang="en">Aragonese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ar"> - <xs:annotation> - <xs:documentation xml:lang="en">Arabic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="as"> - <xs:annotation> - <xs:documentation xml:lang="en">Assamese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="az"> - <xs:annotation> - <xs:documentation xml:lang="en">Azerbaijani</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="be"> - <xs:annotation> - <xs:documentation xml:lang="en">Belarusian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="bg"> - <xs:annotation> - <xs:documentation xml:lang="en">Bulgarian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="bn"> - <xs:annotation> - <xs:documentation xml:lang="en">Bengali</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="bo"> - <xs:annotation> - <xs:documentation xml:lang="en">Tibetan</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="br"> - <xs:annotation> - <xs:documentation xml:lang="en">Breton</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="bs"> - <xs:annotation> - <xs:documentation xml:lang="en">Bosnian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ca"> - <xs:annotation> - <xs:documentation xml:lang="en">Catalan / Valencian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ce"> - <xs:annotation> - <xs:documentation xml:lang="en">Chechen</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="co"> - <xs:annotation> - <xs:documentation xml:lang="en">Corsican</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="cs"> - <xs:annotation> - <xs:documentation xml:lang="en">Czech</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="cy"> - <xs:annotation> - <xs:documentation xml:lang="en">Welsh</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="da"> - <xs:annotation> - <xs:documentation xml:lang="en">Danish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="de"> - <xs:annotation> - <xs:documentation xml:lang="en">German</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="el"> - <xs:annotation> - <xs:documentation xml:lang="en">Greek</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="en"> - <xs:annotation> - <xs:documentation xml:lang="en">English</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="es"> - <xs:annotation> - <xs:documentation xml:lang="en">Spanish / Castilian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="et"> - <xs:annotation> - <xs:documentation xml:lang="en">Estonian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="eu"> - <xs:annotation> - <xs:documentation xml:lang="en">Basque</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="fa"> - <xs:annotation> - <xs:documentation xml:lang="en">Persian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="fi"> - <xs:annotation> - <xs:documentation xml:lang="en">Finnish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="fj"> - <xs:annotation> - <xs:documentation xml:lang="en">Fijian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="fo"> - <xs:annotation> - <xs:documentation xml:lang="en">Faroese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="fr"> - <xs:annotation> - <xs:documentation xml:lang="en">French</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="fy"> - <xs:annotation> - <xs:documentation xml:lang="en">Western Frisian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ga"> - <xs:annotation> - <xs:documentation xml:lang="en">Irish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="gd"> - <xs:annotation> - <xs:documentation xml:lang="en">Gaelic / Scottish Gaelic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="gl"> - <xs:annotation> - <xs:documentation xml:lang="en">Galician</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="gv"> - <xs:annotation> - <xs:documentation xml:lang="en">Manx</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="grc"> - <xs:annotation> - <xs:documentation xml:lang="en">Ancient Greek</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="gsw"> - <xs:annotation> - <xs:documentation xml:lang="en">Alemanic; Swiss German</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="he"> - <xs:annotation> - <xs:documentation xml:lang="en">Hebrew</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="hi"> - <xs:annotation> - <xs:documentation xml:lang="en">Hindi</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="hr"> - <xs:annotation> - <xs:documentation xml:lang="en">Croatian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ht"> - <xs:annotation> - <xs:documentation xml:lang="en">Haitian; Haitian Creole</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="hu"> - <xs:annotation> - <xs:documentation xml:lang="en">Hungarian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="hy"> - <xs:annotation> - <xs:documentation xml:lang="en">Armenian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="id"> - <xs:annotation> - <xs:documentation xml:lang="en">Indonesian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="is"> - <xs:annotation> - <xs:documentation xml:lang="en">Icelandic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="it"> - <xs:annotation> - <xs:documentation xml:lang="en">Italian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ja"> - <xs:annotation> - <xs:documentation xml:lang="en">Japanese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="jv"> - <xs:annotation> - <xs:documentation xml:lang="en">Javanese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ka"> - <xs:annotation> - <xs:documentation xml:lang="en">Georgian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="kg"> - <xs:annotation> - <xs:documentation xml:lang="en">Kongo</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ko"> - <xs:annotation> - <xs:documentation xml:lang="en">Korean</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ku"> - <xs:annotation> - <xs:documentation xml:lang="en">Kurdish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="kw"> - <xs:annotation> - <xs:documentation xml:lang="en">Cornish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ky"> - <xs:annotation> - <xs:documentation xml:lang="en">Kirghiz</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="lb"> - <xs:annotation> - <xs:documentation xml:lang="en">Luxembourgish; Letzeburgesch</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="li"> - <xs:annotation> - <xs:documentation xml:lang="en">Limburgan; Limburger; Limburgish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ln"> - <xs:annotation> - <xs:documentation xml:lang="en">Lingala</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="lt"> - <xs:annotation> - <xs:documentation xml:lang="en">Lithuanian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="lv"> - <xs:annotation> - <xs:documentation xml:lang="en">Latvian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="mg"> - <xs:annotation> - <xs:documentation xml:lang="en">Malagasy</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="mk"> - <xs:annotation> - <xs:documentation xml:lang="en">Macedonian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="mn"> - <xs:annotation> - <xs:documentation xml:lang="en">Mongolian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="mo"> - <xs:annotation> - <xs:documentation xml:lang="en">Moldavian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ms"> - <xs:annotation> - <xs:documentation xml:lang="en">Malay</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="mt"> - <xs:annotation> - <xs:documentation xml:lang="en">Maltese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="my"> - <xs:annotation> - <xs:documentation xml:lang="en">Burmese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="nb"> - <xs:annotation> - <xs:documentation xml:lang="en">Norwegian (Bokmål)</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ne"> - <xs:annotation> - <xs:documentation xml:lang="en">Nepali</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="nl"> - <xs:annotation> - <xs:documentation xml:lang="en">Dutch</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="nn"> - <xs:annotation> - <xs:documentation xml:lang="en">Norwegian (Nynorsk)</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="no"> - <xs:annotation> - <xs:documentation xml:lang="en">Norwegian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="pl"> - <xs:annotation> - <xs:documentation xml:lang="en">Polish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="pt"> - <xs:annotation> - <xs:documentation xml:lang="en">Portuguese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="rm"> - <xs:annotation> - <xs:documentation xml:lang="en">Raeto-Romance</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ro"> - <xs:annotation> - <xs:documentation xml:lang="en">Romanian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ru"> - <xs:annotation> - <xs:documentation xml:lang="en">Russian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="sc"> - <xs:annotation> - <xs:documentation xml:lang="en">Sardinian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="se"> - <xs:annotation> - <xs:documentation xml:lang="en">Northern Sami</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="sk"> - <xs:annotation> - <xs:documentation xml:lang="en">Slovak</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="sl"> - <xs:annotation> - <xs:documentation xml:lang="en">Slovenian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="so"> - <xs:annotation> - <xs:documentation xml:lang="en">Somali</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="sq"> - <xs:annotation> - <xs:documentation xml:lang="en">Albanian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="sr"> - <xs:annotation> - <xs:documentation xml:lang="en">Serbian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="sv"> - <xs:annotation> - <xs:documentation xml:lang="en">Swedish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="sw"> - <xs:annotation> - <xs:documentation xml:lang="en">Swahili</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="tk"> - <xs:annotation> - <xs:documentation xml:lang="en">Turkmen</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="tr"> - <xs:annotation> - <xs:documentation xml:lang="en">Turkish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ty"> - <xs:annotation> - <xs:documentation xml:lang="en">Tahitian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="uk"> - <xs:annotation> - <xs:documentation xml:lang="en">Ukrainian</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ur"> - <xs:annotation> - <xs:documentation xml:lang="en">Urdu</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="uz"> - <xs:annotation> - <xs:documentation xml:lang="en">Uzbek</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="vi"> - <xs:annotation> - <xs:documentation xml:lang="en">Vietnamese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="yi"> - <xs:annotation> - <xs:documentation xml:lang="en">Yiddish</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="zh"> - <xs:annotation> - <xs:documentation xml:lang="en">Chinese</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="cu"> - <xs:annotation> - <xs:documentation xml:lang="en">Church Slavic</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="eo"> - <xs:annotation> - <xs:documentation xml:lang="en">Esperanto</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="la"> - <xs:annotation> - <xs:documentation xml:lang="en">Latin</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="oc"> - <xs:annotation> - <xs:documentation xml:lang="en">Occitan (post 1500); Provençal</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="vo"> - <xs:annotation> - <xs:documentation xml:lang="en">VVolapük</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="MimeType"> - <xs:annotation> - <xs:documentation xml:lang="en">MIME types</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="image/gif"> - <xs:annotation> - <xs:documentation xml:lang="en">GIF image</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="image/jpeg"> - <xs:annotation> - <xs:documentation xml:lang="en">JPEG JFIF image</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="image/pjpeg"> - <xs:annotation> - <xs:documentation xml:lang="en">JPEG JFIF image</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="image/png"> - <xs:annotation> - <xs:documentation xml:lang="en">Portable Network Graphics</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="image/tiff"> - <xs:annotation> - <xs:documentation xml:lang="en">Tag Image File Format</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="text/html"> - <xs:annotation> - <xs:documentation xml:lang="en">HTML</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="application/pdf"> - <xs:annotation> - <xs:documentation xml:lang="en">Portable Document Format</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ModeOfStudyType"> - <xs:annotation> - <xs:documentation xml:lang="en">Mode of study</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="FullTime"> - <xs:annotation> - <xs:documentation xml:lang="en">Full time</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="ParTime"> - <xs:annotation> - <xs:documentation xml:lang="en">Par time</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="Distance"> - <xs:annotation> - <xs:documentation xml:lang="en">Distance</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="eLearning"> - <xs:annotation> - <xs:documentation xml:lang="en">eLearning</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="Another"> - <xs:annotation> - <xs:documentation xml:lang="en">Another</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ModeOfDeliveryType"> - <xs:annotation> - <xs:documentation xml:lang="en">Model of delivery</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="FaceToFace"> - <xs:annotation> - <xs:documentation xml:lang="en">Face-to-face</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="DistanceLearning"> - <xs:annotation> - <xs:documentation xml:lang="en">Distance learning</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="NFQType"> - <xs:annotation> - <xs:documentation xml:lang="en">National Framework of Qualifications (NFQ) Level </xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string" /> - </xs:simpleType> - <xs:simpleType name="PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Plain text constraint</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:annotation> - <xs:documentation xml:lang="en">Non empty text</xs:documentation> - </xs:annotation> - <xs:minLength value="1" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="PercentType"> - <xs:annotation> - <xs:documentation xml:lang="en">Percent constraint</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:decimal"> - <xs:annotation> - <xs:documentation xml:lang="en">Restriction between 0 and 100</xs:documentation> - </xs:annotation> - <xs:maxInclusive value="100" /> - <xs:minInclusive value="0" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="PositiveDecimalType"> - <xs:annotation> - <xs:documentation xml:lang="en">Positive decimal number</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:decimal"> - <xs:annotation> - <xs:documentation xml:lang="en">Positive decimal numbers restriction</xs:documentation> - </xs:annotation> - <xs:minInclusive value="0" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="PositiveIntegerType"> - <xs:annotation> - <xs:documentation xml:lang="en">Positive integer number</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:int"> - <xs:annotation> - <xs:documentation xml:lang="en">Positive integer numbers restriction</xs:documentation> - </xs:annotation> - <xs:minInclusive value="0" /> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="SourceGradeType"> - <xs:annotation> - <xs:documentation xml:lang="en">Source of the course unit performance</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:string"> - <xs:enumeration value="Recognized"> - <xs:annotation> - <xs:documentation xml:lang="en">Recognized</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="MobilityProgramme"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit attended in mobility programme</xs:documentation> - </xs:annotation> - </xs:enumeration> - <xs:enumeration value="Another"> - <xs:annotation> - <xs:documentation xml:lang="en">Another</xs:documentation> - </xs:annotation> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="URLType"> - <xs:annotation> - <xs:documentation xml:lang="en">Uniform Resource Locator (URL)</xs:documentation> - </xs:annotation> - <xs:restriction base="xs:anyURI"> - <xs:annotation> - <xs:documentation xml:lang="en">http and https restriction</xs:documentation> - </xs:annotation> - <xs:pattern value="http://.*" /> - <xs:pattern value="https://.*" /> - </xs:restriction> - </xs:simpleType> - <xs:complexType name="AdditionalInformationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Additional information</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="SpecificInformation" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Specific information</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="OtherSources" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Other sources</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AddressType"> - <xs:annotation> - <xs:documentation xml:lang="en">Address</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Line" - type="aclan:PlainTextType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Name, street, PO box, ...</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="City" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">City</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="StateOrRegion" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">State or region</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="PostalCode" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Postal code</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Country"> - <xs:annotation> - <xs:documentation xml:lang="en">Country</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="country" - type="aclan:CountryType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Country code ISO 3166-1-alpha-2</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AttachedFileDataType"> - <xs:annotation> - <xs:documentation xml:lang="en">Data file</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Description" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Description</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Mime" - type="aclan:MimeType"> - <xs:annotation> - <xs:documentation xml:lang="en">MIME type code</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Data" - type="xs:base64Binary"> - <xs:annotation> - <xs:documentation xml:lang="en">Base64 binary data</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AttachedFileURLType"> - <xs:annotation> - <xs:documentation xml:lang="en">URL reference to the file</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Description" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Description</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Mime" - type="aclan:MimeType"> - <xs:annotation> - <xs:documentation xml:lang="en">MIME type code</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="URL" - type="aclan:URLType"> - <xs:annotation> - <xs:documentation xml:lang="en">URL</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AttachedImageDataType"> - <xs:annotation> - <xs:documentation xml:lang="en">Image data file</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Description" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Description</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Mime" - type="aclan:ImageMimeType"> - <xs:annotation> - <xs:documentation xml:lang="en">MIME type image code</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Data" - type="xs:base64Binary"> - <xs:annotation> - <xs:documentation xml:lang="en">Base64 binary data</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AttachedImageURLType"> - <xs:annotation> - <xs:documentation xml:lang="en">URL reference to the image file</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Description" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Description</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Mime" - type="aclan:ImageMimeType"> - <xs:annotation> - <xs:documentation xml:lang="en">MIME type image code</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="URL" - type="aclan:URLType"> - <xs:annotation> - <xs:documentation xml:lang="en">URL</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="AttachedType"> - <xs:annotation> - <xs:documentation xml:lang="en">Attachment resource</xs:documentation> - </xs:annotation> - <xs:choice> - <xs:element name="FileData" - type="aclan:AttachedFileDataType"> - <xs:annotation> - <xs:documentation xml:lang="en">Data file</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="FileURI" - type="aclan:AttachedFileURLType"> - <xs:annotation> - <xs:documentation xml:lang="en">URL reference to the file</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="ImageData" - type="aclan:AttachedImageDataType"> - <xs:annotation> - <xs:documentation xml:lang="en">Image data file</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="ImageURI" - type="aclan:AttachedImageURLType"> - <xs:annotation> - <xs:documentation xml:lang="en">URL reference to the image file</xs:documentation> - </xs:annotation> - </xs:element> - </xs:choice> - <xs:attribute name="attachedID" - type="xs:ID" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Attached identifier</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="AttachmentsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Attachments resources</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Attached" - type="aclan:AttachedType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Attachment resource</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CertificationOfTheSupplementType"> - <xs:annotation> - <xs:documentation xml:lang="en">Certification of the Supplement</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="CertificationDate" - type="aclan:DateType"> - <xs:annotation> - <xs:documentation xml:lang="en">Date was issued</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="OfficialsCertifying" - type="aclan:OfficialsCertifyingType"> - <xs:annotation> - <xs:documentation xml:lang="en">Officials certifying</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="OfficialStamp" - type="aclan:OfficialStampType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Official stamp or seal of the institution</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="ContactInformationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Contact information</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Address" - type="aclan:AddressType"> - <xs:annotation> - <xs:documentation xml:lang="en">Address</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="PhoneNumber" - type="aclan:PlainTextType" - minOccurs="0" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Phone number</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Email" - type="aclan:EmailAddressType" - minOccurs="0" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">E-Mail address</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="WebSite" - type="aclan:URLType" - minOccurs="0" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Web site</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CoursesAttendedInOtherInstitutionInMobilityProgramsType"> - <xs:sequence> - <xs:element name="MobilityProgramme" - type="aclan:MobilityProgrammeType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Mobility programme</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CourseStructureDiagramType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course structure diagram</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="CoursesGroups" - type="aclan:CoursesGroupsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Courses groups</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CoursesUnits" - type="aclan:CoursesUnitsType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Course units</xs:documentation> - </xs:annotation> - <xs:key name="CourseUnitCodeUQ"> - <xs:annotation> - <xs:documentation xml:lang="en">Unique: Course unit code</xs:documentation> - </xs:annotation> - <xs:selector xpath="aclan:CourseUnit/aclan:Code" /> - <xs:field xpath="." /> - </xs:key> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CoursesUnitsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course units</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="CourseUnit" - type="aclan:CourseUnitType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CourseUnitLanguagesOfInstructionType"> - <xs:annotation> - <xs:documentation xml:lang="en">Language of instruction</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Language" - type="aclan:CourseUnitLanguageOfInstructionType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Language of instruction</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CourseUnitStudentPerformanceType"> - <xs:annotation> - <xs:documentation xml:lang="en">Student performance</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="LocalGrade" - type="aclan:LocalGradeType"> - <xs:annotation> - <xs:documentation xml:lang="en">Local grade</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="ECTSGrade" - type="aclan:ECTSGradingScaleType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">ECTS grade</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CourseUnitType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Code" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit code</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="ScientificArea" - type="aclan:PlainTextType" - minOccurs="0" /> - <xs:element name="Title" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit title</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Theme" - type="aclan:PlainTextType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Theme (example: Academic project)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Type"> - <xs:annotation> - <xs:documentation xml:lang="en">Type of course unit</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="type" - type="aclan:CourseUnitTypeType"> - <xs:annotation> - <xs:documentation xml:lang="en">Type of course unit code</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="YearOfStudy" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Year of study</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="year" - type="aclan:PositiveDecimalType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Year of study</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="Level" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Level of course unit</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="eheaFramework" - type="aclan:EHEAFrameworkType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">EHEA Framework code</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="ECTSCredits" - type="aclan:PositiveDecimalType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Number of ECTS credits</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="LocalCredits" - type="aclan:PositiveDecimalType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Number of local credits</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Hours" - type="aclan:PositiveDecimalType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Number of hours</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="LanguagesOfInstruction" - type="aclan:CourseUnitLanguagesOfInstructionType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Languages of instruction</xs:documentation> - </xs:annotation> - <xs:unique name="LanguagesOfInstructionUQ"> - <xs:annotation> - <xs:documentation xml:lang="en">Unique: Language</xs:documentation> - </xs:annotation> - <xs:selector xpath="aclan:Language" /> - <xs:field xpath="@language" /> - </xs:unique> - </xs:element> - <xs:element name="ModeOfDelivery" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Mode of delivery</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="modeOfDelivery" - type="aclan:ModeOfDeliveryType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Mode of delivery oode</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="WorkPlacements" - type="aclan:CourseUnitWorkPlacementsType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Work placements</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="StudentPerformance" - type="aclan:CourseUnitStudentPerformanceType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Student performance</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="NameOfLecturers" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Name of lecturer(s)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="LearningOutcomes" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Learning outcomes of the course unit</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="PrerequisitesAndCorequisites" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Prerequisites and co-requisites</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="RecomendedOptionalProgrammeComponents" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Recomended optional programme components</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CourseContents" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Course contents</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="RecomendedOrRequiredReading" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Recomended or required reading</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="PlanedLearningActivitiesAndTeachingMethod" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Planed learning activities and teaching method</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AssesmentMethodsAndCriteria" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Assesment methods and criteria</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Observations" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Observations</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="groupID" - type="xs:string" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Group identifier</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="institutionAdministeringStudiesID" - type="xs:string" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Institution administering studies identifier </xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="isRequiredByTheProgramme" - type="xs:boolean" - default="true"> - <xs:annotation> - <xs:documentation xml:lang="en">Is required by the programme?</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="CourseUnitWorkPlacementsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit work placements</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="WorkPlacement" - type="aclan:CourseUnitWorkPlacementType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Work placement</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CourseUnitWorkPlacementType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit work placement</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="CollaboratingInstitution" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name of collaborating institution</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="DateFrom" - type="aclan:DateType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Date from</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="DateTo" - type="aclan:DateType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Date to</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="TrainingHours" - type="aclan:PositiveDecimalType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Training Hours</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CourseUnitLanguageOfInstructionType"> - <xs:annotation> - <xs:documentation xml:lang="en">Language of instruction</xs:documentation> - </xs:annotation> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="language" - type="aclan:LanguageType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Language code ISO 639-1 of the Supplement</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - <xs:complexType name="DiplomaSupplementType"> - <xs:annotation> - <xs:documentation xml:lang="en">Diploma Supplement</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="InformationIdentifyingTheHolderOfTheQualification" - type="aclan:InformationIdentifyingTheHolderOfTheQualificationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information identifying the holder of the qualification</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="InformationIdentifyingTheQualification" - type="aclan:InformationIdentifyingTheQualificationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information identifying the qualification</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="InformationOnTheLevelOfTheQualification" - type="aclan:InformationOnTheLevelOfTheQualificationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information on the level of the qualification</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="InformationOnTheContentsAndResultsGained" - type="aclan:InformationOnTheContentsAndResultsGainedType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information on the contents and results gained</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="InformationOnTheFunctionOfTheQualification" - type="aclan:InformationOnTheFunctionOfTheQualificationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information on the function of the qualification</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AdditionalInformation" - type="aclan:AdditionalInformationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Additional informationType</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CertificationOfTheSupplement" - type="aclan:CertificationOfTheSupplementType"> - <xs:annotation> - <xs:documentation xml:lang="en">Certification of the Supplement</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="InformationOnTheNationalHigherEducationSystem" - type="aclan:RichTextTagType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information on the national higher education system</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Attachments" - type="aclan:AttachmentsType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Attachments resources</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="ExtensionContent" - type="aclan:ExtensionContentType" - minOccurs="0" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Extension content</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element ref="dsig:Signature" - minOccurs="0" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Digital signature</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="language" - type="aclan:LanguageType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Language code ISO 639-1 of the Supplement</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="isTheOriginalLanguage" - type="xs:boolean" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Indicate if language is the original language</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="ExtensionContentType" - mixed="true"> - <xs:annotation> - <xs:documentation xml:lang="en">Extension content</xs:documentation> - </xs:annotation> - <xs:sequence minOccurs="0" - maxOccurs="unbounded"> - <xs:any namespace="##any" - processContents="lax" /> - </xs:sequence> - <xs:attribute name="id" - type="xs:string" - use="optional" /> - </xs:complexType> - <xs:complexType name="FamilyNameType"> - <xs:annotation> - <xs:documentation xml:lang="en">Family name(s)</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Surname" - type="aclan:PlainTextType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Surname</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GivenNameType"> - <xs:annotation> - <xs:documentation xml:lang="en">Given name(s)</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Name" - type="aclan:PlainTextType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Name</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="GradingSchemeAndGradeDistributionGuidanceType"> - <xs:annotation> - <xs:documentation xml:lang="en">Grading scheme and grade distribution guidance</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="GradingScheme" - type="aclan:RichTextTagType"> - <xs:annotation> - <xs:documentation xml:lang="en">Grading scheme</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="GradeDistributionGuidance" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Grade distribution guidance</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CoursesGroupsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Courses groups</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Name" - type="aclan:PlainTextType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Groups set name</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="HeaderInformation" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Header information</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CoursesGroup" - type="aclan:CoursesGroupType" - minOccurs="0" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Courses group</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="FooterInformation" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Footer information</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="CoursesGroupType"> - <xs:annotation> - <xs:documentation xml:lang="en">Courses group</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Name" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name of the group</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="HeaderInformation" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Header information</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CoursesGroup" - type="aclan:CoursesGroupType" - minOccurs="0" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Courses group</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="FooterInformation" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Footer information</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="groupID" - type="xs:string" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Group identifier</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="InformationIdentifyingTheHolderOfTheQualificationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information identifying the holder of the qualification</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="FamilyName" - type="aclan:FamilyNameType"> - <xs:annotation> - <xs:documentation xml:lang="en">Family name(s)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="GivenName" - type="aclan:GivenNameType"> - <xs:annotation> - <xs:documentation xml:lang="en">Given name(s)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="DateOfBirth" - type="aclan:DateType"> - <xs:annotation> - <xs:documentation xml:lang="en">Date of birth</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="StudentIdentificationNumber" - type="aclan:PlainTextType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Student identification number or code</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CountryOfBirth" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Country of birth</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="country" - type="aclan:CountryType" - use="optional"> - <xs:annotation> - <xs:documentation xml:lang="en">Country code ISO 3166-1-alpha-2</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="PlaceOfBirth" - type="aclan:PlainTextType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Place of birth</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Gender" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Gender</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="gender" - type="aclan:GenderType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Gender code</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="InformationIdentifyingTheQualificationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information identifying the qualification</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Qualification" - type="aclan:QualificationType"> - <xs:annotation> - <xs:documentation xml:lang="es">Qualification</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="TitleConferred" - type="aclan:TitleConferredType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Title conferred</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="MainFieldsOfStudy" - type="aclan:RichTextTagType"> - <xs:annotation> - <xs:documentation xml:lang="en">Main fields of study</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="NameAndStatusOfAwardingInstitution" - type="aclan:NameAndStatusOfAwardingInstitutionType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name and status of awarding institution</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="NameAndStatusOfInstitutionAdministeringStudies" - type="aclan:NameAndStatusOfInstitutionAdministeringStudiesType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name and status of institution administering studies</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="LanguagesOfInstructionAndExamination" - type="aclan:LanguagesOfInstructionAndExaminationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Language of instruction and examination</xs:documentation> - </xs:annotation> - <xs:unique name="LanguageOfInstructionAndExaminationUQ"> - <xs:annotation> - <xs:documentation xml:lang="en">Unique: Language of instruction and examinatio</xs:documentation> - </xs:annotation> - <xs:selector xpath="aclan:Language" /> - <xs:field xpath="@language" /> - </xs:unique> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="InformationOnTheContentsAndResultsGainedType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information on the contents and results gained</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="ModeOfStudy"> - <xs:annotation> - <xs:documentation xml:lang="en">Mode of study</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:complexContent> - <xs:extension base="aclan:RichTextTagType"> - <xs:attribute name="modeOfStudy" - type="aclan:ModeOfStudyType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Mode of study</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="ProgrammeRequirements" - type="aclan:ProgrammeRequirementsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Programme requirements</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="ProgrammeDetails" - type="aclan:ProgrammeDetailsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Programme details</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="GradingSchemeAndGradeDistributionGuidance" - type="aclan:GradingSchemeAndGradeDistributionGuidanceType"> - <xs:annotation> - <xs:documentation xml:lang="en">Grading scheme and grade distribution guidance</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="OverallClassificationOfTheQualification" - type="aclan:RichTextTagType"> - <xs:annotation> - <xs:documentation xml:lang="en">Overall classification of the qualification</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="InformationOnTheFunctionOfTheQualificationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information on the function of the qualification type</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="AccessToFurtherStudy" - type="aclan:RichTextTagType"> - <xs:annotation> - <xs:documentation xml:lang="en">Access to further study</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="ProfessionalStatus" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Professional status</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:complexContent> - <xs:extension base="aclan:RichTextTagType"> - <xs:attribute name="isRegulatedProfession" - type="xs:boolean" - use="optional"> - <xs:annotation> - <xs:documentation xml:lang="en">Is regulated profession</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="InformationOnTheLevelOfTheQualificationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Information on the level of the qualification</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Level"> - <xs:annotation> - <xs:documentation xml:lang="en">Level ff the qualification</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:complexContent> - <xs:extension base="aclan:RichTextTagType"> - <xs:attribute name="isced1997" - type="aclan:ISCED1997Type" - use="optional"> - <xs:annotation> - <xs:documentation xml:lang="en">ISCED 1997 code</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="isced2011" - type="aclan:ISCED2011Type" - use="optional"> - <xs:annotation> - <xs:documentation xml:lang="en">ISCED 2011 code</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="eheaFramework" - type="aclan:EHEAFrameworkType" - use="optional"> - <xs:annotation> - <xs:documentation xml:lang="en">EHEA Framework code</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="nfq" - type="aclan:NFQType" - use="optional"> - <xs:annotation> - <xs:documentation xml:lang="en">NFQ code</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="OfficialLengthOfProgramme"> - <xs:annotation> - <xs:documentation xml:lang="en">Official length of programme</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:complexContent> - <xs:extension base="aclan:RichTextTagType"> - <xs:attribute name="ectsCredits" - type="aclan:PositiveDecimalType" - use="optional"> - <xs:annotation> - <xs:documentation xml:lang="en">Number of ECTS credits</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="years" - type="aclan:PositiveDecimalType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Number of years</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="semesters" - type="aclan:PositiveIntegerType"> - <xs:annotation> - <xs:documentation xml:lang="en">Number of semesters</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="AccessRequirements" - type="aclan:RichTextTagType"> - <xs:annotation> - <xs:documentation xml:lang="en">Access requirements</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="InstitutionType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name and status of the institution</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Name" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name of the institution</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Status" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Status of the institution</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Country"> - <xs:annotation> - <xs:documentation xml:lang="en">Country of the institution</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="country" - type="aclan:CountryType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Country code ISO 3166-1-alpha-2</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="AdditionalInformation" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Additional Information about the institution</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="ContactInformation" - type="aclan:ContactInformationType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Contact information</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AttachedImageRef" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Logo of the institution reference</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="attachedID" - type="xs:IDREF" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Attached identifier reference</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:sequence> - <xs:attribute name="nationalID" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">National identification code or number of the institution</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="erasmusID" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">ERASMUS code of the institution</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="LanguagesOfInstructionAndExaminationType"> - <xs:annotation> - <xs:documentation xml:lang="en">Language of instruction and examination</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Language" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Language of instruction and examination</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:complexContent> - <xs:extension base="aclan:RichTextTagType"> - <xs:attribute name="language" - type="aclan:LanguageType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="es">Language code ISO 639-1</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="percent" - type="aclan:PercentType"> - <xs:annotation> - <xs:documentation xml:lang="es">Percent</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="LocalGradeType"> - <xs:annotation> - <xs:documentation xml:lang="en">Local grade</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="AcademicYear" - type="aclan:AcademicYearType"> - <xs:annotation> - <xs:documentation xml:lang="en">Academic year</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="DateIssued" - type="aclan:DateType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Date issued</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Grade" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Grade</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Source" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Source grade</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="source" - type="aclan:SourceGradeType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Source grade code</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="MobilityProgrammeCoursesUnitsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Mobility programme courses units</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="CourseUnit" - type="aclan:MobilityProgrammeCourseUnitType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="MobilityProgrammeCourseUnitType"> - <xs:annotation> - <xs:documentation xml:lang="en">Mobility programme course unit</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Code" - type="aclan:PlainTextType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit code</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Title"> - <xs:annotation> - <xs:documentation xml:lang="en">Course unit title</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="language" - type="aclan:LanguageType"> - <xs:annotation> - <xs:documentation xml:lang="en">Language code ISO 639-1</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="ECTSCredits" - type="aclan:PositiveDecimalType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Number of ECTS credits</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AdditionalInformation" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Additional information</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="isInTheLearningAgreement" - type="xs:boolean" - default="true"> - <xs:annotation> - <xs:documentation xml:lang="en">Is in the learning agreement?</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="MobilityProgrammeType"> - <xs:annotation> - <xs:documentation xml:lang="en">Mobility programme</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Type" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Mobility programme type (e.g. ERASMUS, ISEP, ...)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="FieldOfStudy" - type="aclan:PlainTextType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Field of study</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Country"> - <xs:annotation> - <xs:documentation xml:lang="en">Country</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="country" - type="aclan:CountryType" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Country code ISO 3166-1-alpha-2</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="ReceivingInstitutionName" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Receiving institution</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AcademicYear" - type="aclan:AcademicYearType"> - <xs:annotation> - <xs:documentation xml:lang="en">Academic year</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="DateFrom" - type="aclan:DateType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Study period (Date from)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="DateTo" - type="aclan:DateType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Study period (Date to)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CoursesUnits" - type="aclan:MobilityProgrammeCoursesUnitsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course units</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="MultilingualDiplomaSupplementType"> - <xs:annotation> - <xs:documentation xml:lang="en">Multilingual Diploma Supplement (DS)</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element ref="aclan:DiplomaSupplement" - minOccurs="2" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Diploma Supplement</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element ref="dsig:Signature" - minOccurs="0" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Digital signature</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="NameAndStatusOfAwardingInstitutionType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name and status of awarding institution</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="AwardingInstitution" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Awarding institution</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:complexContent> - <xs:extension base="aclan:InstitutionType"> - <xs:attribute name="awardingInstitutionID" - type="xs:string" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Awarding institution identifier</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="NameAndStatusOfInstitutionAdministeringStudiesType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name and status of institution administering studies</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="InstitutionAdministeringStudies" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Institution administering studies</xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:complexContent> - <xs:extension base="aclan:InstitutionType"> - <xs:attribute name="institutionAdministeringStudiesID" - type="xs:string" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Institution administering studies identifier</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="OfficialCertifyingType"> - <xs:annotation> - <xs:documentation xml:lang="en">Official certifying the DS</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="FamilyName" - type="aclan:FamilyNameType"> - <xs:annotation> - <xs:documentation xml:lang="en">Family name(s)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="GivenName" - type="aclan:GivenNameType"> - <xs:annotation> - <xs:documentation xml:lang="en">Given name(s)</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Capacity" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Official capacity</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="awardingInstitutionID" - type="xs:string" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Identifier of awarding institution</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="OfficialsCertifyingType"> - <xs:annotation> - <xs:documentation xml:lang="en">Officials certifying</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="OfficialCertifying" - type="aclan:OfficialCertifyingType" - maxOccurs="unbounded"> - <xs:annotation> - <xs:documentation xml:lang="en">Official certifying</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="OfficialStampType"> - <xs:annotation> - <xs:documentation xml:lang="en">Official stamp or seal of the institution</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Description" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Stamp description</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="awardingInstitutionID" - type="xs:string" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Identifier of awarding institution</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="ProgrammeDetailsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Programme details</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="CourseStructureDiagram" - type="aclan:CourseStructureDiagramType"> - <xs:annotation> - <xs:documentation xml:lang="en">Course structure diagram</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="CoursesAttendedInOtherInstitutionInMobilityPrograms" - type="aclan:CoursesAttendedInOtherInstitutionInMobilityProgramsType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Courses attended in other institution in mobility programs</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="ProgrammeRequirementsType"> - <xs:annotation> - <xs:documentation xml:lang="en">Programme requirements</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Requirements" - type="aclan:RichTextTagType"> - <xs:annotation> - <xs:documentation xml:lang="en">Programme requirements</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="KeyLearningOutcomes" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Key learning outcomes of the programme</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:complexType name="QualificationType"> - <xs:annotation> - <xs:documentation xml:lang="es">Qualification</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Name" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name of the qualification</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AdditionalInformation" - type="aclan:RichTextTagType" - minOccurs="0"> - <xs:annotation> - <xs:documentation xml:lang="en">Additional information about the qualification</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - <xs:attribute name="localID" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Local identification code or number of the qualification</xs:documentation> - </xs:annotation> - </xs:attribute> - <xs:attribute name="nationalID" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">National identification code or number of the qualification</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:complexType> - <xs:complexType name="RichTextTagType" - mixed="true"> - <xs:annotation> - <xs:documentation xml:lang="en">Rich text tag</xs:documentation> - </xs:annotation> - <xs:choice minOccurs="0" - maxOccurs="unbounded"> - <xs:element name="Bold" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Specifies bold text</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="BreakLine" - type="aclan:EmptyType"> - <xs:annotation> - <xs:documentation xml:lang="en">Specifies break line</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Italic" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Specifies italic text</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="Underline" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Specifies underline text</xs:documentation> - </xs:annotation> - </xs:element> - <xs:element name="AttachedRef"> - <xs:annotation> - <xs:documentation xml:lang="en">Specifies reference to the attached resource </xs:documentation> - </xs:annotation> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="aclan:PlainTextType"> - <xs:attribute name="attachedID" - type="xs:IDREF" - use="required"> - <xs:annotation> - <xs:documentation xml:lang="en">Attached identifier reference</xs:documentation> - </xs:annotation> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:choice> - </xs:complexType> - <xs:complexType name="TitleConferredType"> - <xs:annotation> - <xs:documentation xml:lang="en">Title conferred</xs:documentation> - </xs:annotation> - <xs:sequence> - <xs:element name="Name" - type="aclan:PlainTextType"> - <xs:annotation> - <xs:documentation xml:lang="en">Name of the title conferred</xs:documentation> - </xs:annotation> - </xs:element> - </xs:sequence> - </xs:complexType> - <xs:element name="DiplomaSupplement" - type="aclan:DiplomaSupplementType"> - <xs:annotation> - <xs:documentation xml:lang="en">Diploma Supplement</xs:documentation> - </xs:annotation> - <!--Primary Keys--> - <xs:key name="GroupIDPK"> - <xs:annotation> - <xs:documentation xml:lang="en">Primary Key: Group identifier</xs:documentation> - </xs:annotation> - <xs:selector xpath=".//aclan:CoursesGroup" /> - <xs:field xpath="@groupID" /> - </xs:key> - <xs:key name="AwardingInstitutionIDPK"> - <xs:annotation> - <xs:documentation xml:lang="en">Primary Key: Awarding institution identifier</xs:documentation> - </xs:annotation> - <xs:selector xpath=".//aclan:AwardingInstitution" /> - <xs:field xpath="@awardingInstitutionID" /> - </xs:key> - <xs:key name="InstitutionAdministeringStudiesIDPK"> - <xs:annotation> - <xs:documentation xml:lang="en">Primary Key: Intitution administering studies identifier</xs:documentation> - </xs:annotation> - <xs:selector xpath=".//aclan:InstitutionAdministeringStudies" /> - <xs:field xpath="@institutionAdministeringStudiesID" /> - </xs:key> - <!--Foreign Keys--> - <xs:keyref name="GroupFK" - refer="aclan:GroupIDPK"> - <xs:annotation> - <xs:documentation xml:lang="en">Foreign Key: Group identifier</xs:documentation> - </xs:annotation> - <xs:selector xpath=".//aclan:CourseStructureDiagram/aclan:CoursesUnits/aclan:CourseUnit" /> - <xs:field xpath="@groupID" /> - </xs:keyref> - <xs:keyref name="AwardingInstitutionOfficialCertifyingFK" - refer="aclan:AwardingInstitutionIDPK"> - <xs:annotation> - <xs:documentation xml:lang="en">Foreign Key: Awarding institution (Official Stamp) identifier</xs:documentation> - </xs:annotation> - <xs:selector xpath=".//aclan:OfficialCertifying" /> - <xs:field xpath="@awardingInstitutionID" /> - </xs:keyref> - <xs:keyref name="AwardingInstitutionOfficialStampFK" - refer="aclan:AwardingInstitutionIDPK"> - <xs:annotation> - <xs:documentation xml:lang="en">Foreign Key: Awarding institution (Official Stamp) identifier</xs:documentation> - </xs:annotation> - <xs:selector xpath=".//aclan:OfficialStamp" /> - <xs:field xpath="@awardingInstitutionID" /> - </xs:keyref> - <xs:keyref name="InstitutionAdministeringStudiesFK" - refer="aclan:InstitutionAdministeringStudiesIDPK"> - <xs:annotation> - <xs:documentation xml:lang="en">Foreign Key: Institution administering studies identifier</xs:documentation> - </xs:annotation> - <xs:selector xpath=".//aclan:ProgrammeDetails/aclan:CourseStructureDiagram/aclan:CoursesUnits/aclan:CourseUnit" /> - <xs:field xpath="@institutionAdministeringStudiesID" /> - </xs:keyref> - </xs:element> - <xs:element name="MultilingualDiplomaSupplement" - type="aclan:MultilingualDiplomaSupplementType"> - <xs:annotation> - <xs:documentation xml:lang="en">Multilingual Diploma Supplement</xs:documentation> - </xs:annotation> - <!--Unique Keys--> - <xs:unique name="DiplomaSupplementLanguageUQ"> - <xs:annotation> - <xs:documentation xml:lang="en">Unique: Diploma Supplement language</xs:documentation> - </xs:annotation> - <xs:selector xpath="aclan:DiplomaSupplement" /> - <xs:field xpath="@language" /> - </xs:unique> - </xs:element> -</xs:schema> diff --git a/id/server/stork2-commons/src/main/resources/schema/diploma.xsd b/id/server/stork2-commons/src/main/resources/schema/diploma.xsd deleted file mode 100644 index b1c0b060f..000000000 --- a/id/server/stork2-commons/src/main/resources/schema/diploma.xsd +++ /dev/null @@ -1,1687 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<xs:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" - xmlns:gd="urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma" - xmlns:xs="http://www.w3.org/2001/XMLSchema" - targetNamespace="urn:eu:stork:names:tc:STORK:2.0:academic:generaldiploma" - elementFormDefault="qualified" - attributeFormDefault="unqualified" version="1.1"> - - <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> - - <xs:simpleType name="AcademicYearType"> - <xs:restriction base="xs:string"/> - </xs:simpleType> - - <xs:simpleType name="CountryType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="AD"> - </xs:enumeration> - <xs:enumeration value="AE"> - </xs:enumeration> - <xs:enumeration value="AF"> - </xs:enumeration> - <xs:enumeration value="AG"> - </xs:enumeration> - <xs:enumeration value="AL"> - </xs:enumeration> - <xs:enumeration value="AM"> - </xs:enumeration> - <xs:enumeration value="AO"> - </xs:enumeration> - <xs:enumeration value="AR"> - </xs:enumeration> - <xs:enumeration value="AT"> - </xs:enumeration> - <xs:enumeration value="AU"> - </xs:enumeration> - <xs:enumeration value="AZ"> - </xs:enumeration> - <xs:enumeration value="BA"> - </xs:enumeration> - <xs:enumeration value="BB"> - </xs:enumeration> - <xs:enumeration value="BD"> - </xs:enumeration> - <xs:enumeration value="BE"> - </xs:enumeration> - <xs:enumeration value="BF"> - </xs:enumeration> - <xs:enumeration value="BG"> - </xs:enumeration> - <xs:enumeration value="BH"> - </xs:enumeration> - <xs:enumeration value="BI"> - </xs:enumeration> - <xs:enumeration value="BJ"> - </xs:enumeration> - <xs:enumeration value="BN"> - </xs:enumeration> - <xs:enumeration value="BO"> - </xs:enumeration> - <xs:enumeration value="BR"> - </xs:enumeration> - <xs:enumeration value="BS"> - </xs:enumeration> - <xs:enumeration value="BT"> - </xs:enumeration> - <xs:enumeration value="BW"> - </xs:enumeration> - <xs:enumeration value="BY"> - </xs:enumeration> - <xs:enumeration value="BZ"> - </xs:enumeration> - <xs:enumeration value="CA"> - </xs:enumeration> - <xs:enumeration value="CD"> - </xs:enumeration> - <xs:enumeration value="CF"> - </xs:enumeration> - <xs:enumeration value="CG"> - </xs:enumeration> - <xs:enumeration value="CH"> - </xs:enumeration> - <xs:enumeration value="CI"> - </xs:enumeration> - <xs:enumeration value="CL"> - </xs:enumeration> - <xs:enumeration value="CM"> - </xs:enumeration> - <xs:enumeration value="CN"> - </xs:enumeration> - <xs:enumeration value="CO"> - </xs:enumeration> - <xs:enumeration value="CR"> - </xs:enumeration> - <xs:enumeration value="CU"> - </xs:enumeration> - <xs:enumeration value="CV"> - </xs:enumeration> - <xs:enumeration value="CY"> - </xs:enumeration> - <xs:enumeration value="CZ"> - </xs:enumeration> - <xs:enumeration value="DE"> - </xs:enumeration> - <xs:enumeration value="DJ"> - </xs:enumeration> - <xs:enumeration value="DK"> - </xs:enumeration> - <xs:enumeration value="DM"> - </xs:enumeration> - <xs:enumeration value="DO"> - </xs:enumeration> - <xs:enumeration value="DZ"> - </xs:enumeration> - <xs:enumeration value="EC"> - </xs:enumeration> - <xs:enumeration value="EE"> - </xs:enumeration> - <xs:enumeration value="EG"> - </xs:enumeration> - <xs:enumeration value="ER"> - </xs:enumeration> - <xs:enumeration value="ES"> - </xs:enumeration> - <xs:enumeration value="ET"> - </xs:enumeration> - <xs:enumeration value="FI"> - </xs:enumeration> - <xs:enumeration value="FJ"> - </xs:enumeration> - <xs:enumeration value="FM"> - </xs:enumeration> - <xs:enumeration value="FR"> - </xs:enumeration> - <xs:enumeration value="GA"> - </xs:enumeration> - <xs:enumeration value="GB"> - </xs:enumeration> - <xs:enumeration value="GD"> - </xs:enumeration> - <xs:enumeration value="GE"> - </xs:enumeration> - <xs:enumeration value="GH"> - </xs:enumeration> - <xs:enumeration value="GL"> - </xs:enumeration> - <xs:enumeration value="GM"> - </xs:enumeration> - <xs:enumeration value="GN"> - </xs:enumeration> - <xs:enumeration value="GQ"> - </xs:enumeration> - <xs:enumeration value="GR"> - </xs:enumeration> - <xs:enumeration value="GT"> - </xs:enumeration> - <xs:enumeration value="GW"> - </xs:enumeration> - <xs:enumeration value="GY"> - </xs:enumeration> - <xs:enumeration value="HN"> - </xs:enumeration> - <xs:enumeration value="HR"> - </xs:enumeration> - <xs:enumeration value="HT"> - </xs:enumeration> - <xs:enumeration value="HU"> - </xs:enumeration> - <xs:enumeration value="ID"> - </xs:enumeration> - <xs:enumeration value="IE"> - </xs:enumeration> - <xs:enumeration value="IL"> - </xs:enumeration> - <xs:enumeration value="IN"> - </xs:enumeration> - <xs:enumeration value="IQ"> - </xs:enumeration> - <xs:enumeration value="IR"> - </xs:enumeration> - <xs:enumeration value="IS"> - </xs:enumeration> - <xs:enumeration value="IT"> - </xs:enumeration> - <xs:enumeration value="JM"> - </xs:enumeration> - <xs:enumeration value="JO"> - </xs:enumeration> - <xs:enumeration value="JP"> - </xs:enumeration> - <xs:enumeration value="KE"> - </xs:enumeration> - <xs:enumeration value="KG"> - </xs:enumeration> - <xs:enumeration value="KH"> - </xs:enumeration> - <xs:enumeration value="KI"> - </xs:enumeration> - <xs:enumeration value="KM"> - </xs:enumeration> - <xs:enumeration value="KN"> - </xs:enumeration> - <xs:enumeration value="KP"> - </xs:enumeration> - <xs:enumeration value="KR"> - </xs:enumeration> - <xs:enumeration value="KW"> - </xs:enumeration> - <xs:enumeration value="KZ"> - </xs:enumeration> - <xs:enumeration value="LA"> - </xs:enumeration> - <xs:enumeration value="LB"> - </xs:enumeration> - <xs:enumeration value="LC"> - </xs:enumeration> - <xs:enumeration value="LI"> - </xs:enumeration> - <xs:enumeration value="LK"> - </xs:enumeration> - <xs:enumeration value="LR"> - </xs:enumeration> - <xs:enumeration value="LS"> - </xs:enumeration> - <xs:enumeration value="LT"> - </xs:enumeration> - <xs:enumeration value="LU"> - </xs:enumeration> - <xs:enumeration value="LV"> - </xs:enumeration> - <xs:enumeration value="LY"> - </xs:enumeration> - <xs:enumeration value="MA"> - </xs:enumeration> - <xs:enumeration value="MC"> - </xs:enumeration> - <xs:enumeration value="MD"> - </xs:enumeration> - <xs:enumeration value="ME"> - </xs:enumeration> - <xs:enumeration value="MG"> - </xs:enumeration> - <xs:enumeration value="MH"> - </xs:enumeration> - <xs:enumeration value="MK"> - </xs:enumeration> - <xs:enumeration value="ML"> - </xs:enumeration> - <xs:enumeration value="MM"> - </xs:enumeration> - <xs:enumeration value="MN"> - </xs:enumeration> - <xs:enumeration value="MR"> - </xs:enumeration> - <xs:enumeration value="MT"> - </xs:enumeration> - <xs:enumeration value="MU"> - </xs:enumeration> - <xs:enumeration value="MV"> - </xs:enumeration> - <xs:enumeration value="MW"> - </xs:enumeration> - <xs:enumeration value="MX"> - </xs:enumeration> - <xs:enumeration value="MY"> - </xs:enumeration> - <xs:enumeration value="MZ"> - </xs:enumeration> - <xs:enumeration value="NA"> - </xs:enumeration> - <xs:enumeration value="NE"> - </xs:enumeration> - <xs:enumeration value="NG"> - </xs:enumeration> - <xs:enumeration value="NI"> - </xs:enumeration> - <xs:enumeration value="NL"> - </xs:enumeration> - <xs:enumeration value="NO"> - </xs:enumeration> - <xs:enumeration value="NP"> - </xs:enumeration> - <xs:enumeration value="NR"> - </xs:enumeration> - <xs:enumeration value="NU"> - </xs:enumeration> - <xs:enumeration value="NZ"> - </xs:enumeration> - <xs:enumeration value="OM"> - </xs:enumeration> - <xs:enumeration value="PA"> - </xs:enumeration> - <xs:enumeration value="PE"> - </xs:enumeration> - <xs:enumeration value="PG"> - </xs:enumeration> - <xs:enumeration value="PH"> - </xs:enumeration> - <xs:enumeration value="PK"> - </xs:enumeration> - <xs:enumeration value="PL"> - </xs:enumeration> - <xs:enumeration value="PR"> - </xs:enumeration> - <xs:enumeration value="PS"> - </xs:enumeration> - <xs:enumeration value="PT"> - </xs:enumeration> - <xs:enumeration value="PW"> - </xs:enumeration> - <xs:enumeration value="PY"> - </xs:enumeration> - <xs:enumeration value="QA"> - </xs:enumeration> - <xs:enumeration value="RO"> - </xs:enumeration> - <xs:enumeration value="RS"> - </xs:enumeration> - <xs:enumeration value="RU"> - </xs:enumeration> - <xs:enumeration value="RW"> - </xs:enumeration> - <xs:enumeration value="SA"> - </xs:enumeration> - <xs:enumeration value="SB"> - </xs:enumeration> - <xs:enumeration value="SC"> - </xs:enumeration> - <xs:enumeration value="SD"> - </xs:enumeration> - <xs:enumeration value="SE"> - </xs:enumeration> - <xs:enumeration value="SG"> - </xs:enumeration> - <xs:enumeration value="SI"> - </xs:enumeration> - <xs:enumeration value="SK"> - </xs:enumeration> - <xs:enumeration value="SL"> - </xs:enumeration> - <xs:enumeration value="SM"> - </xs:enumeration> - <xs:enumeration value="SN"> - </xs:enumeration> - <xs:enumeration value="SO"> - </xs:enumeration> - <xs:enumeration value="SR"> - </xs:enumeration> - <xs:enumeration value="ST"> - </xs:enumeration> - <xs:enumeration value="SV"> - </xs:enumeration> - <xs:enumeration value="SY"> - </xs:enumeration> - <xs:enumeration value="SZ"> - </xs:enumeration> - <xs:enumeration value="TD"> - </xs:enumeration> - <xs:enumeration value="TG"> - </xs:enumeration> - <xs:enumeration value="TH"> - </xs:enumeration> - <xs:enumeration value="TJ"> - </xs:enumeration> - <xs:enumeration value="TL"> - </xs:enumeration> - <xs:enumeration value="TM"> - </xs:enumeration> - <xs:enumeration value="TN"> - </xs:enumeration> - <xs:enumeration value="TO"> - </xs:enumeration> - <xs:enumeration value="TR"> - </xs:enumeration> - <xs:enumeration value="TT"> - </xs:enumeration> - <xs:enumeration value="TV"> - </xs:enumeration> - <xs:enumeration value="TZ"> - </xs:enumeration> - <xs:enumeration value="UA"> - </xs:enumeration> - <xs:enumeration value="UG"> - </xs:enumeration> - <xs:enumeration value="US"> - </xs:enumeration> - <xs:enumeration value="UY"> - </xs:enumeration> - <xs:enumeration value="UZ"> - </xs:enumeration> - <xs:enumeration value="VA"> - </xs:enumeration> - <xs:enumeration value="VC"> - </xs:enumeration> - <xs:enumeration value="VE"> - </xs:enumeration> - <xs:enumeration value="VN"> - </xs:enumeration> - <xs:enumeration value="VU"> - </xs:enumeration> - <xs:enumeration value="WS"> - </xs:enumeration> - <xs:enumeration value="YE"> - </xs:enumeration> - <xs:enumeration value="ZA"> - </xs:enumeration> - <xs:enumeration value="ZM"> - </xs:enumeration> - <xs:enumeration value="ZW"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="CourseUnitTypeType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="Compulsory"> - </xs:enumeration> - <xs:enumeration value="Optional"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="DateType"> - <xs:restriction base="xs:date"/> - </xs:simpleType> - <xs:simpleType name="ECTSGradingScaleType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="A"> - </xs:enumeration> - <xs:enumeration value="B"> - </xs:enumeration> - <xs:enumeration value="C"> - </xs:enumeration> - <xs:enumeration value="D"> - </xs:enumeration> - <xs:enumeration value="E"> - </xs:enumeration> - <xs:enumeration value="FX"> - </xs:enumeration> - <xs:enumeration value="F"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="EmailAddressType"> - <xs:restriction base="xs:string"/> - </xs:simpleType> - <xs:simpleType name="EHEAFrameworkType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="FirstCycle"> - </xs:enumeration> - <xs:enumeration value="SecondCycle"> - </xs:enumeration> - <xs:enumeration value="ThirdCycle"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="EmptyType"> - <xs:restriction base="xs:string"> - <xs:maxLength value="0"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="GenderType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="Female"> - </xs:enumeration> - <xs:enumeration value="Male"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ImageMimeType"> - <xs:restriction base="gd:MimeType"> - <xs:enumeration value="image/gif"> - </xs:enumeration> - <xs:enumeration value="image/jpeg"> - </xs:enumeration> - <xs:enumeration value="image/pjpeg"> - </xs:enumeration> - <xs:enumeration value="image/png"> - </xs:enumeration> - <xs:enumeration value="image/tiff"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ISCED1997Type"> - <xs:restriction base="xs:string"> - <xs:enumeration value="0"> - </xs:enumeration> - <xs:enumeration value="1"> - </xs:enumeration> - <xs:enumeration value="2"> - </xs:enumeration> - <xs:enumeration value="3"> - </xs:enumeration> - <xs:enumeration value="4"> - </xs:enumeration> - <xs:enumeration value="5A"> - </xs:enumeration> - <xs:enumeration value="5B"> - </xs:enumeration> - <xs:enumeration value="6"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ISCED2011Type"> - <xs:restriction base="xs:string"> - <xs:enumeration value="0"> - </xs:enumeration> - <xs:enumeration value="1"> - </xs:enumeration> - <xs:enumeration value="2"> - </xs:enumeration> - <xs:enumeration value="3"> - </xs:enumeration> - <xs:enumeration value="4"> - </xs:enumeration> - <xs:enumeration value="5"> - </xs:enumeration> - <xs:enumeration value="6"> - </xs:enumeration> - <xs:enumeration value="7"> - </xs:enumeration> - <xs:enumeration value="8"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="LanguageType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="ab"> - </xs:enumeration> - <xs:enumeration value="af"> - </xs:enumeration> - <xs:enumeration value="an"> - </xs:enumeration> - <xs:enumeration value="ar"> - </xs:enumeration> - <xs:enumeration value="as"> - </xs:enumeration> - <xs:enumeration value="az"> - </xs:enumeration> - <xs:enumeration value="be"> - </xs:enumeration> - <xs:enumeration value="bg"> - </xs:enumeration> - <xs:enumeration value="bn"> - </xs:enumeration> - <xs:enumeration value="bo"> - </xs:enumeration> - <xs:enumeration value="br"> - </xs:enumeration> - <xs:enumeration value="bs"> - </xs:enumeration> - <xs:enumeration value="ca"> - </xs:enumeration> - <xs:enumeration value="ce"> - </xs:enumeration> - <xs:enumeration value="co"> - </xs:enumeration> - <xs:enumeration value="cs"> - </xs:enumeration> - <xs:enumeration value="cy"> - </xs:enumeration> - <xs:enumeration value="da"> - </xs:enumeration> - <xs:enumeration value="de"> - </xs:enumeration> - <xs:enumeration value="el"> - </xs:enumeration> - <xs:enumeration value="en"> - </xs:enumeration> - <xs:enumeration value="es"> - </xs:enumeration> - <xs:enumeration value="et"> - </xs:enumeration> - <xs:enumeration value="eu"> - </xs:enumeration> - <xs:enumeration value="fa"> - </xs:enumeration> - <xs:enumeration value="fi"> - </xs:enumeration> - <xs:enumeration value="fj"> - </xs:enumeration> - <xs:enumeration value="fo"> - </xs:enumeration> - <xs:enumeration value="fr"> - </xs:enumeration> - <xs:enumeration value="fy"> - </xs:enumeration> - <xs:enumeration value="ga"> - </xs:enumeration> - <xs:enumeration value="gd"> - </xs:enumeration> - <xs:enumeration value="gl"> - </xs:enumeration> - <xs:enumeration value="gv"> - </xs:enumeration> - <xs:enumeration value="grc"> - </xs:enumeration> - <xs:enumeration value="gsw"> - </xs:enumeration> - <xs:enumeration value="he"> - </xs:enumeration> - <xs:enumeration value="hi"> - </xs:enumeration> - <xs:enumeration value="hr"> - </xs:enumeration> - <xs:enumeration value="ht"> - </xs:enumeration> - <xs:enumeration value="hu"> - </xs:enumeration> - <xs:enumeration value="hy"> - </xs:enumeration> - <xs:enumeration value="id"> - </xs:enumeration> - <xs:enumeration value="is"> - </xs:enumeration> - <xs:enumeration value="it"> - </xs:enumeration> - <xs:enumeration value="ja"> - </xs:enumeration> - <xs:enumeration value="jv"> - </xs:enumeration> - <xs:enumeration value="ka"> - </xs:enumeration> - <xs:enumeration value="kg"> - </xs:enumeration> - <xs:enumeration value="ko"> - </xs:enumeration> - <xs:enumeration value="ku"> - </xs:enumeration> - <xs:enumeration value="kw"> - </xs:enumeration> - <xs:enumeration value="ky"> - </xs:enumeration> - <xs:enumeration value="lb"> - </xs:enumeration> - <xs:enumeration value="li"> - </xs:enumeration> - <xs:enumeration value="ln"> - </xs:enumeration> - <xs:enumeration value="lt"> - </xs:enumeration> - <xs:enumeration value="lv"> - </xs:enumeration> - <xs:enumeration value="mg"> - </xs:enumeration> - <xs:enumeration value="mk"> - </xs:enumeration> - <xs:enumeration value="mn"> - </xs:enumeration> - <xs:enumeration value="mo"> - </xs:enumeration> - <xs:enumeration value="ms"> - </xs:enumeration> - <xs:enumeration value="mt"> - </xs:enumeration> - <xs:enumeration value="my"> - </xs:enumeration> - <xs:enumeration value="nb"> - </xs:enumeration> - <xs:enumeration value="ne"> - </xs:enumeration> - <xs:enumeration value="nl"> - </xs:enumeration> - <xs:enumeration value="nn"> - </xs:enumeration> - <xs:enumeration value="no"> - </xs:enumeration> - <xs:enumeration value="pl"> - </xs:enumeration> - <xs:enumeration value="pt"> - </xs:enumeration> - <xs:enumeration value="rm"> - </xs:enumeration> - <xs:enumeration value="ro"> - </xs:enumeration> - <xs:enumeration value="ru"> - </xs:enumeration> - <xs:enumeration value="sc"> - </xs:enumeration> - <xs:enumeration value="se"> - </xs:enumeration> - <xs:enumeration value="sk"> - </xs:enumeration> - <xs:enumeration value="sl"> - </xs:enumeration> - <xs:enumeration value="so"> - </xs:enumeration> - <xs:enumeration value="sq"> - </xs:enumeration> - <xs:enumeration value="sr"> - </xs:enumeration> - <xs:enumeration value="sv"> - </xs:enumeration> - <xs:enumeration value="sw"> - </xs:enumeration> - <xs:enumeration value="tk"> - </xs:enumeration> - <xs:enumeration value="tr"> - </xs:enumeration> - <xs:enumeration value="ty"> - </xs:enumeration> - <xs:enumeration value="uk"> - </xs:enumeration> - <xs:enumeration value="ur"> - </xs:enumeration> - <xs:enumeration value="uz"> - </xs:enumeration> - <xs:enumeration value="vi"> - </xs:enumeration> - <xs:enumeration value="yi"> - </xs:enumeration> - <xs:enumeration value="zh"> - </xs:enumeration> - <xs:enumeration value="cu"> - </xs:enumeration> - <xs:enumeration value="eo"> - </xs:enumeration> - <xs:enumeration value="la"> - </xs:enumeration> - <xs:enumeration value="oc"> - </xs:enumeration> - <xs:enumeration value="vo"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="MimeType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="image/gif"> - </xs:enumeration> - <xs:enumeration value="image/jpeg"> - </xs:enumeration> - <xs:enumeration value="image/pjpeg"> - </xs:enumeration> - <xs:enumeration value="image/png"> - </xs:enumeration> - <xs:enumeration value="image/tiff"> - </xs:enumeration> - <xs:enumeration value="text/html"> - </xs:enumeration> - <xs:enumeration value="application/pdf"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ModeOfStudyType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="FullTime"> - </xs:enumeration> - <xs:enumeration value="ParTime"> - </xs:enumeration> - <xs:enumeration value="Distance"> - </xs:enumeration> - <xs:enumeration value="eLearning"> - </xs:enumeration> - <xs:enumeration value="Another"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="ModeOfDeliveryType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="FaceToFace"> - </xs:enumeration> - <xs:enumeration value="DistanceLearning"> - </xs:enumeration> - <xs:enumeration value="Other"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="NFQType"> - <xs:restriction base="xs:string"/> - </xs:simpleType> - <xs:simpleType name="PlainTextType"> - <xs:restriction base="xs:string"> - <xs:minLength value="1"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="PercentType"> - <xs:restriction base="xs:decimal"> - <xs:maxInclusive value="100"/> - <xs:minInclusive value="0"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="PositiveDecimalType"> - <xs:restriction base="xs:decimal"> - <xs:minInclusive value="0"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="PositiveIntegerType"> - <xs:restriction base="xs:int"> - <xs:minInclusive value="0"/> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="SourceGradeType"> - <xs:restriction base="xs:string"> - <xs:enumeration value="Recognized"> - </xs:enumeration> - <xs:enumeration value="MobilityProgramme"> - </xs:enumeration> - <xs:enumeration value="Another"> - </xs:enumeration> - </xs:restriction> - </xs:simpleType> - <xs:simpleType name="URLType"> - <xs:restriction base="xs:anyURI"/> - </xs:simpleType> - - - - - <!-- Complex types --> - - <xs:complexType name="CountryTextCodeType"> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="country" type="gd:CountryType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - - - <xs:complexType name="AdditionalInformationType"> - <xs:sequence> - <xs:element name="SpecificInformation" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="OtherSources" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="AddressType"> - <xs:sequence> - <xs:element name="Line" type="gd:PlainTextType" maxOccurs="unbounded"> - </xs:element> - <xs:element name="City" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="StateOrRegion" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="PostalCode" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="Country" type="gd:CountryTextCodeType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="AttachedFileDataType"> - <xs:sequence> - <xs:element name="Description" type="gd:PlainTextType"> - </xs:element> - <xs:element name="Mime" type="gd:MimeType"> - </xs:element> - <xs:element name="Data" type="xs:base64Binary"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="AttachedFileURLType"> - <xs:sequence> - <xs:element name="Description" type="gd:PlainTextType"> - </xs:element> - <xs:element name="Mime" type="gd:MimeType"> - </xs:element> - <xs:element name="URL" type="gd:URLType"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="AttachedImageDataType"> - <xs:sequence> - <xs:element name="Description" type="gd:PlainTextType"> - </xs:element> - <xs:element name="Mime" type="gd:ImageMimeType"> - </xs:element> - <xs:element name="Data" type="xs:base64Binary"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="AttachedImageURLType"> - <xs:sequence> - <xs:element name="Description" type="gd:PlainTextType"> - </xs:element> - <xs:element name="Mime" type="gd:ImageMimeType"> - </xs:element> - <xs:element name="URL" type="gd:URLType"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="AttachedType"> - <xs:choice> - <xs:element name="FileData" type="gd:AttachedFileDataType"> - </xs:element> - <xs:element name="FileURI" type="gd:AttachedFileURLType"> - </xs:element> - <xs:element name="ImageData" type="gd:AttachedImageDataType"> - </xs:element> - <xs:element name="ImageURI" type="gd:AttachedImageURLType"> - </xs:element> - </xs:choice> - <xs:attribute name="attachedID" type="xs:ID" use="required"> - </xs:attribute> - </xs:complexType> - - - <xs:complexType name="AttachmentsType"> - <xs:sequence> - <xs:element name="Attached" type="gd:AttachedType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="CertificationOfTheSupplementType"> - <xs:sequence> - <xs:element name="CertificationDate" type="gd:DateType" minOccurs="0"> - </xs:element> - <xs:element name="OfficialsCertifying" type="gd:OfficialsCertifyingType" minOccurs="0"> - </xs:element> - <xs:element name="OfficialStamp" type="gd:OfficialStampType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="ContactInformationType"> - <xs:sequence> - <xs:element name="Address" type="gd:AddressType" minOccurs="0"> - </xs:element> - <xs:element name="PhoneNumber" type="gd:PlainTextType" minOccurs="0" maxOccurs="unbounded"> - </xs:element> - <xs:element name="Email" type="gd:EmailAddressType" minOccurs="0" maxOccurs="unbounded"> - </xs:element> - <xs:element name="WebSite" type="gd:URLType" minOccurs="0" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="CoursesAttendedInOtherInstitutionInMobilityProgramsType"> - <xs:sequence> - <xs:element name="MobilityProgramme" type="gd:MobilityProgrammeType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="CourseStructureDiagramType"> - <xs:sequence> - <xs:element name="CoursesGroups" type="gd:CoursesGroupsType" minOccurs="0"> - </xs:element> - <xs:element name="CoursesUnits" type="gd:CoursesUnitsType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="CoursesUnitsType"> - <xs:sequence> - <xs:element name="CourseUnit" type="gd:CourseUnitType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="CourseUnitLanguagesOfInstructionType"> - <xs:sequence> - <xs:element name="Language" type="gd:CourseUnitLanguageOfInstructionType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="CourseUnitStudentPerformanceType"> - <xs:sequence> - <xs:element name="LocalGrade" type="gd:LocalGradeType"> - </xs:element> - <xs:element name="ECTSGrade" type="gd:ECTSGradingScaleType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - - - <xs:complexType name="CourseUnitType"> - <xs:sequence> - <!--I've marked the course code as optional. Therefore, I had to remove the key that was defined for this field--> - <xs:element name="Code" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="ScientificArea" type="gd:PlainTextType" minOccurs="0"/> - <xs:element name="Title" type="gd:PlainTextType"> - </xs:element> - <xs:element name="Theme" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="Type" minOccurs="0"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="type" type="gd:CourseUnitTypeType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="YearOfStudy" minOccurs="0"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="year" type="gd:PositiveDecimalType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="Level" minOccurs="0"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="eheaFramework" type="gd:EHEAFrameworkType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="ECTSCredits" type="gd:PositiveDecimalType" minOccurs="0"> - </xs:element> - <xs:element name="LocalCredits" type="gd:PositiveDecimalType" minOccurs="0"> - </xs:element> - <xs:element name="Hours" type="gd:PositiveDecimalType" minOccurs="0"> - </xs:element> - <xs:element name="LanguagesOfInstruction" type="gd:CourseUnitLanguagesOfInstructionType" minOccurs="0"> - <xs:unique name="LanguagesOfInstructionUQ"> - <xs:selector xpath="gd:Language"/> - <xs:field xpath="@language"/> - </xs:unique> - </xs:element> - <xs:element name="ModeOfDelivery" minOccurs="0"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="modeOfDelivery" type="gd:ModeOfDeliveryType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="WorkPlacements" type="gd:CourseUnitWorkPlacementsType" minOccurs="0"> - </xs:element> - <xs:element name="StudentPerformance" type="gd:CourseUnitStudentPerformanceType" minOccurs="0"> - </xs:element> - <xs:element name="NameOfLecturers" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="LearningOutcomes" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="PrerequisitesAndCorequisites" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="PrerequisitesScholarshipLevel" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="PrerequisitesOtherTitles" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="RecomendedOptionalProgrammeComponents" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="CourseContents" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="RecomendedOrRequiredReading" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="PlanedLearningActivitiesAndTeachingMethod" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="AssesmentMethodsAndCriteria" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="Observations" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - <xs:attribute name="groupID" type="xs:string" use="optional"> - </xs:attribute> - <xs:attribute name="institutionAdministeringStudiesID" type="xs:string" use="optional" default="DEF-IAS"> - </xs:attribute> - <xs:attribute name="isRequiredByTheProgramme" type="xs:boolean" default="true"> - </xs:attribute> - </xs:complexType> - - - - - - <xs:complexType name="CourseUnitWorkPlacementsType"> - <xs:sequence> - <xs:element name="WorkPlacement" type="gd:CourseUnitWorkPlacementType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - <xs:complexType name="CourseUnitWorkPlacementType"> - <xs:sequence> - <xs:element name="CollaboratingInstitution" type="gd:PlainTextType"> - </xs:element> - <xs:element name="DateFrom" type="gd:DateType" minOccurs="0"> - </xs:element> - <xs:element name="DateTo" type="gd:DateType" minOccurs="0"> - </xs:element> - <xs:element name="TrainingHours" type="gd:PositiveDecimalType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - <xs:complexType name="CourseUnitLanguageOfInstructionType"> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="language" type="gd:LanguageType" use="required"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - - - <!-- Root element type: GeneralDiploma --> - - <xs:complexType name="GeneralDiplomaType"> - <xs:sequence> - <xs:element name="InformationIdentifyingTheHolderOfTheQualification" type="gd:InformationIdentifyingTheHolderOfTheQualificationType"> - </xs:element> - <xs:element name="InformationIdentifyingTheQualification" type="gd:InformationIdentifyingTheQualificationType"> - </xs:element> - <xs:element name="InformationOnTheLevelOfTheQualification" type="gd:InformationOnTheLevelOfTheQualificationType" minOccurs="0"> - </xs:element> - <!--Course and per-course qualifications information. We set it to optional to allow representing diplomas without course info--> - <xs:element name="InformationOnTheContentsAndResultsGained" type="gd:InformationOnTheContentsAndResultsGainedType" minOccurs="0"> - </xs:element> - <xs:element name="InformationOnTheFunctionOfTheQualification" type="gd:InformationOnTheFunctionOfTheQualificationType" minOccurs="0"> - </xs:element> - <xs:element name="AdditionalInformation" type="gd:AdditionalInformationType" minOccurs="0"> - </xs:element> - <xs:element name="CertificationOfTheSupplement" type="gd:CertificationOfTheSupplementType" minOccurs="0"> - </xs:element> - <xs:element name="InformationOnTheNationalHigherEducationSystem" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="Attachments" type="gd:AttachmentsType" minOccurs="0"> - </xs:element> - <xs:element name="ExtensionContent" type="gd:ExtensionContentType" minOccurs="0" maxOccurs="unbounded"> - </xs:element> - <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - <xs:attribute name="language" type="gd:LanguageType" use="required"> - </xs:attribute> - <xs:attribute name="isTheOriginalLanguage" type="xs:boolean" use="required"> - </xs:attribute> - </xs:complexType> - - - <!-- Can hold anything as extension --> - <xs:complexType name="ExtensionContentType" mixed="true"> - <xs:sequence minOccurs="0" maxOccurs="unbounded"> - <xs:any namespace="##any" processContents="lax"/> - </xs:sequence> - <xs:attribute name="id" type="xs:string" use="optional"/> - </xs:complexType> - - - <xs:complexType name="FamilyNameType"> - <xs:sequence> - <xs:element name="Surname" type="gd:PlainTextType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="GivenNameType"> - <xs:sequence> - <xs:element name="Name" type="gd:PlainTextType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="GradingSchemeAndGradeDistributionGuidanceType"> - <xs:sequence> - <xs:element name="GradingScheme" type="gd:RichTextTagType"> - </xs:element> - <xs:element name="GradeDistributionGuidance" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="CoursesGroupsType"> - <xs:sequence> - <xs:element name="Name" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="HeaderInformation" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="CoursesGroup" type="gd:CoursesGroupType" minOccurs="0" maxOccurs="unbounded"> - </xs:element> - <xs:element name="FooterInformation" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - <!--Allows a hierarchy of course groups, but each ID must be unique regardless the level it is defined--> - <xs:complexType name="CoursesGroupType"> - <xs:sequence> - <xs:element name="Name" type="gd:PlainTextType"> - </xs:element> - <xs:element name="HeaderInformation" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="CoursesGroup" type="gd:CoursesGroupType" minOccurs="0" maxOccurs="unbounded"> - </xs:element> - <xs:element name="FooterInformation" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - <xs:attribute name="groupID" type="xs:string" use="required"> - </xs:attribute> - </xs:complexType> - - - - <xs:complexType name="InformationIdentifyingTheHolderOfTheQualificationType"> - <xs:sequence> - <xs:element name="FamilyName" type="gd:FamilyNameType"> - </xs:element> - <xs:element name="GivenName" type="gd:GivenNameType"> - </xs:element> - <xs:element name="DateOfBirth" type="gd:DateType" minOccurs="0"> - </xs:element> - <xs:element name="StudentIdentificationNumber" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="CountryOfBirth" type="gd:CountryTextCodeType" minOccurs="0"> - </xs:element> - <xs:element name="PlaceOfBirth" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="Gender" minOccurs="0"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="gender" type="gd:GenderType" use="required"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <!--Required at least the name of the awarding institution, institution administering studies and the name of the qualification--> - <xs:complexType name="InformationIdentifyingTheQualificationType"> - <xs:sequence> - <xs:element name="Qualification" type="gd:QualificationType"> - </xs:element> - <xs:element name="TitleConferred" type="gd:TitleConferredType" minOccurs="0"> - </xs:element> - <xs:element name="MainFieldsOfStudy" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="NameAndStatusOfAwardingInstitution" type="gd:NameAndStatusOfAwardingInstitutionType"> - </xs:element> - <xs:element name="NameAndStatusOfInstitutionAdministeringStudies" type="gd:NameAndStatusOfInstitutionAdministeringStudiesType"> - </xs:element> - <xs:element name="LanguagesOfInstructionAndExamination" type="gd:LanguagesOfInstructionAndExaminationType" minOccurs="0"> - <xs:unique name="LanguageOfInstructionAndExaminationUQ"> - <xs:selector xpath="gd:Language"/> - <xs:field xpath="@language"/> - </xs:unique> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - <xs:complexType name="InformationOnTheContentsAndResultsGainedType"> - <xs:sequence> - <xs:element name="ModeOfStudy" minOccurs="0"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="gd:RichTextTagType"> - <xs:attribute name="modeOfStudy" type="gd:ModeOfStudyType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="ProgrammeRequirements" type="gd:ProgrammeRequirementsType" minOccurs="0"> - </xs:element> - <xs:element name="ProgrammeDetails" type="gd:ProgrammeDetailsType" minOccurs="0"> - </xs:element> - <xs:element name="GradingSchemeAndGradeDistributionGuidance" type="gd:GradingSchemeAndGradeDistributionGuidanceType" minOccurs="0"> - </xs:element> - <xs:element name="OverallClassificationOfTheQualification" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - <xs:complexType name="InformationOnTheFunctionOfTheQualificationType"> - <xs:sequence> - <xs:element name="AccessToFurtherStudy" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="ProfessionalStatus" minOccurs="0"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="gd:RichTextTagType"> - <xs:attribute name="isRegulatedProfession" type="xs:boolean" use="optional"> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - <xs:complexType name="InformationOnTheLevelOfTheQualificationType"> - <xs:sequence> - <xs:element name="Level"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="gd:RichTextTagType"> - <xs:attribute name="isced1997" type="gd:ISCED1997Type" use="optional"> - </xs:attribute> - <xs:attribute name="isced2011" type="gd:ISCED2011Type" use="optional"> - </xs:attribute> - <xs:attribute name="eheaFramework" type="gd:EHEAFrameworkType" use="optional"> - </xs:attribute> - <xs:attribute name="nfq" type="gd:NFQType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="OfficialLengthOfProgramme"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="gd:RichTextTagType"> - <xs:attribute name="ectsCredits" type="gd:PositiveDecimalType" use="optional"> - </xs:attribute> - <xs:attribute name="years" type="gd:PositiveDecimalType" use="optional"> - </xs:attribute> - <xs:attribute name="semesters" type="gd:PositiveIntegerType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - <xs:element name="AccessRequirements" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - <xs:complexType name="InstitutionType"> - <xs:sequence> - <xs:element name="Name" type="gd:PlainTextType"> - </xs:element> - <xs:element name="Status" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="Country" type="gd:CountryTextCodeType" minOccurs="0"> - </xs:element> - <xs:element name="AdditionalInformation" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - <xs:element name="ContactInformation" type="gd:ContactInformationType" minOccurs="0"> - </xs:element> - <xs:element name="AttachedImageRef" minOccurs="0"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="attachedID" type="xs:IDREF" use="required"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:sequence> - <xs:attribute name="nationalID" type="gd:PlainTextType" use="optional"> - </xs:attribute> - <xs:attribute name="erasmusID" type="gd:PlainTextType" use="optional"> - </xs:attribute> - </xs:complexType> - - - <!-- Added optional boolean values to differentiate languages used for instruction and evaluation--> - <xs:complexType name="LanguagesOfInstructionAndExaminationType"> - <xs:sequence> - <xs:element name="Language" maxOccurs="unbounded"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="gd:RichTextTagType"> - <xs:attribute name="language" type="gd:LanguageType" use="required"> - </xs:attribute> - <xs:attribute name="percent" type="gd:PercentType" use="optional"> - </xs:attribute> - <xs:attribute name="instruction" type="xs:boolean" default="true"> - </xs:attribute> - <xs:attribute name="examination" type="xs:boolean" use="optional"> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - <xs:complexType name="LocalGradeType"> - <xs:sequence> - <xs:element name="AcademicYear" type="gd:AcademicYearType" minOccurs="0"> - </xs:element> - <xs:element name="DateIssued" type="gd:DateType" minOccurs="0"> - </xs:element> - <xs:element name="Grade" type="gd:PlainTextType"> - </xs:element> - <xs:element name="Source" minOccurs="0"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="source" type="gd:SourceGradeType" use="optional"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - <xs:complexType name="MobilityProgrammeCoursesUnitsType"> - <xs:sequence> - <xs:element name="CourseUnit" type="gd:MobilityProgrammeCourseUnitType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="MobilityProgrammeCourseUnitType"> - <xs:sequence> - <xs:element name="Code" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="Title"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="language" type="gd:LanguageType"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - <xs:element name="ECTSCredits" type="gd:PositiveDecimalType" minOccurs="0"> - </xs:element> - <xs:element name="AdditionalInformation" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - <xs:attribute name="isInTheLearningAgreement" type="xs:boolean" default="true"> - </xs:attribute> - </xs:complexType> - - - - <xs:complexType name="MobilityProgrammeType"> - <xs:sequence> - <xs:element name="Type" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="FieldOfStudy" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - <xs:element name="Country" type="gd:CountryTextCodeType"> - </xs:element> - <xs:element name="ReceivingInstitutionName" type="gd:PlainTextType"> - </xs:element> - <xs:element name="AcademicYear" type="gd:AcademicYearType" minOccurs="0"> - </xs:element> - <xs:element name="DateFrom" type="gd:DateType" minOccurs="0"> - </xs:element> - <xs:element name="DateTo" type="gd:DateType" minOccurs="0"> - </xs:element> - <xs:element name="CoursesUnits" type="gd:MobilityProgrammeCoursesUnitsType"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - <!-- Root element type: MultilingualGeneralDiploma --> - - <xs:complexType name="MultilingualGeneralDiplomaType"> - <xs:sequence> - <xs:element ref="gd:GeneralDiploma" minOccurs="1" maxOccurs="unbounded"> - </xs:element> - <xs:element ref="dsig:Signature" minOccurs="0" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - <!-- awardingInstitutionID has a default value if only one is added. - Schema won't validate if two are added without this attr being set--> - <xs:complexType name="NameAndStatusOfAwardingInstitutionType"> - <xs:sequence> - <xs:element name="AwardingInstitution" maxOccurs="unbounded"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="gd:InstitutionType"> - <xs:attribute name="awardingInstitutionID" type="xs:string" use="optional" default="DEF-IAW"> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - - <!-- institutionAdministeringStudiesID has a default value if only one is added. - Schema won't validate if two are added without this attr being set--> - <xs:complexType name="NameAndStatusOfInstitutionAdministeringStudiesType"> - <xs:sequence> - <xs:element name="InstitutionAdministeringStudies" maxOccurs="unbounded"> - <xs:complexType> - <xs:complexContent> - <xs:extension base="gd:InstitutionType"> - <xs:attribute name="institutionAdministeringStudiesID" type="xs:string" use="optional" default="DEF-IAS"> - </xs:attribute> - </xs:extension> - </xs:complexContent> - </xs:complexType> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="OfficialCertifyingType"> - <xs:sequence> - <xs:element name="FamilyName" type="gd:FamilyNameType"> - </xs:element> - <xs:element name="GivenName" type="gd:GivenNameType"> - </xs:element> - <xs:element name="Capacity" type="gd:PlainTextType" minOccurs="0"> - </xs:element> - </xs:sequence> - <xs:attribute name="awardingInstitutionID" type="xs:string" use="optional" default="DEF-IAW"> - </xs:attribute> - </xs:complexType> - - - <xs:complexType name="OfficialsCertifyingType"> - <xs:sequence> - <xs:element name="OfficialCertifying" type="gd:OfficialCertifyingType" maxOccurs="unbounded"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <!--This is intended for printed out diplomas, to set up an area where the document can be physically stamped--> - <xs:complexType name="OfficialStampType"> - <xs:sequence> - <xs:element name="Description" type="gd:PlainTextType"> - </xs:element> - </xs:sequence> - <xs:attribute name="awardingInstitutionID" type="xs:string" use="optional" default="DEF-IAW"> - </xs:attribute> - </xs:complexType> - - - <xs:complexType name="ProgrammeDetailsType"> - <xs:sequence> - <xs:element name="CourseStructureDiagram" type="gd:CourseStructureDiagramType"> - </xs:element> - <xs:element name="CoursesAttendedInOtherInstitutionInMobilityPrograms" type="gd:CoursesAttendedInOtherInstitutionInMobilityProgramsType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="ProgrammeRequirementsType"> - <xs:sequence> - <xs:element name="Requirements" type="gd:RichTextTagType"> - </xs:element> - <xs:element name="KeyLearningOutcomes" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - <xs:complexType name="QualificationType"> - <xs:sequence> - <xs:element name="Name" type="gd:PlainTextType"> - </xs:element> - <xs:element name="AdditionalInformation" type="gd:RichTextTagType" minOccurs="0"> - </xs:element> - </xs:sequence> - <xs:attribute name="localID" type="gd:PlainTextType" use="optional"> - </xs:attribute> - <xs:attribute name="nationalID" type="gd:PlainTextType" use="optional"> - </xs:attribute> - </xs:complexType> - - - <xs:complexType name="RichTextTagType" mixed="true"> - <xs:choice minOccurs="0" maxOccurs="unbounded"> - <xs:element name="Bold" type="gd:PlainTextType"> - </xs:element> - <xs:element name="BreakLine" type="gd:EmptyType"> - </xs:element> - <xs:element name="Italic" type="gd:PlainTextType"> - </xs:element> - <xs:element name="Underline" type="gd:PlainTextType"> - </xs:element> - <xs:element name="AttachedRef"> - <xs:complexType> - <xs:simpleContent> - <xs:extension base="gd:PlainTextType"> - <xs:attribute name="attachedID" type="xs:IDREF" use="required"> - </xs:attribute> - </xs:extension> - </xs:simpleContent> - </xs:complexType> - </xs:element> - </xs:choice> - </xs:complexType> - - - <xs:complexType name="TitleConferredType"> - <xs:sequence> - <xs:element name="Name" type="gd:PlainTextType"> - </xs:element> - </xs:sequence> - </xs:complexType> - - - - - <!-- Root element: GeneralDiploma --> - - <xs:element name="GeneralDiploma" type="gd:GeneralDiplomaType"> - <!--Primary Keys--> <!-- TODO: revisar estas restricciones que tengan sentido y deban seguir existiendo --> - <xs:key name="GroupIDPK"> - <xs:selector xpath=".//gd:CoursesGroup"/> - <xs:field xpath="@groupID"/> - </xs:key> - <xs:key name="AwardingInstitutionIDPK"> - <xs:selector xpath=".//gd:AwardingInstitution"/> - <xs:field xpath="@awardingInstitutionID"/> - </xs:key> - <xs:key name="InstitutionAdministeringStudiesIDPK"> - <xs:selector xpath=".//gd:InstitutionAdministeringStudies"/> - <xs:field xpath="@institutionAdministeringStudiesID"/> - </xs:key> - <!--Foreign Keys--> - <xs:keyref name="GroupFK" refer="gd:GroupIDPK"> - <xs:selector xpath=".//gd:CourseStructureDiagram/gd:CoursesUnits/gd:CourseUnit"/> - <xs:field xpath="@groupID"/> - </xs:keyref> - <xs:keyref name="AwardingInstitutionOfficialCertifyingFK" refer="gd:AwardingInstitutionIDPK"> - <xs:selector xpath=".//gd:OfficialCertifying"/> - <xs:field xpath="@awardingInstitutionID"/> - </xs:keyref> - <xs:keyref name="AwardingInstitutionOfficialStampFK" refer="gd:AwardingInstitutionIDPK"> - <xs:selector xpath=".//gd:OfficialStamp"/> - <xs:field xpath="@awardingInstitutionID"/> - </xs:keyref> - <xs:keyref name="InstitutionAdministeringStudiesFK" refer="gd:InstitutionAdministeringStudiesIDPK"> - <xs:selector xpath=".//gd:ProgrammeDetails/gd:CourseStructureDiagram/gd:CoursesUnits/gd:CourseUnit"/> - <xs:field xpath="@institutionAdministeringStudiesID"/> - </xs:keyref> - </xs:element> - - - <!-- Root element: MultilingualGeneralDiploma --> - - <xs:element name="MultilingualGeneralDiploma" type="gd:MultilingualGeneralDiplomaType"> - <!--Unique Keys--> <!-- Language codes of each Diploma must be unique --> - <xs:unique name="GeneralDiplomaLanguageUQ"> - <xs:selector xpath="gd:GeneralDiploma"/> - <xs:field xpath="@language"/> - </xs:unique> - </xs:element> -</xs:schema> - - -<!-- TODO: añadir cambios CSI, IS-SKRA -->
\ No newline at end of file diff --git a/id/server/stork2-commons/src/main/resources/schema/xmldsig-core-schema.xsd b/id/server/stork2-commons/src/main/resources/schema/xmldsig-core-schema.xsd deleted file mode 100644 index 54527e0bc..000000000 --- a/id/server/stork2-commons/src/main/resources/schema/xmldsig-core-schema.xsd +++ /dev/null @@ -1,309 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> - -<!-- Schema for XML Signatures - http://www.w3.org/2000/09/xmldsig# - $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $ - - Copyright 2001 The Internet Society and W3C (Massachusetts Institute - of Technology, Institut National de Recherche en Informatique et en - Automatique, Keio University). All Rights Reserved. - http://www.w3.org/Consortium/Legal/ - - This document is governed by the W3C Software License [1] as described - in the FAQ [2]. - - [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720 - [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD ---> - - -<schema xmlns="http://www.w3.org/2001/XMLSchema" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" - targetNamespace="http://www.w3.org/2000/09/xmldsig#" - version="0.1" elementFormDefault="qualified"> - - <!-- Basic Types Defined for Signatures --> - - <simpleType name="CryptoBinary"> - <restriction base="base64Binary"> - </restriction> - </simpleType> - - <!-- Start Signature --> - - <element name="Signature" type="ds:SignatureType"/> - <complexType name="SignatureType"> - <sequence> - <element ref="ds:SignedInfo"/> - <element ref="ds:SignatureValue"/> - <element ref="ds:KeyInfo" minOccurs="0"/> - <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - <attribute name="Id" type="ID" use="optional"/> - </complexType> - - <element name="SignatureValue" type="ds:SignatureValueType"/> - <complexType name="SignatureValueType"> - <simpleContent> - <extension base="base64Binary"> - <attribute name="Id" type="ID" use="optional"/> - </extension> - </simpleContent> - </complexType> - - <!-- Start SignedInfo --> - - <element name="SignedInfo" type="ds:SignedInfoType"/> - <complexType name="SignedInfoType"> - <sequence> - <element ref="ds:CanonicalizationMethod"/> - <element ref="ds:SignatureMethod"/> - <element ref="ds:Reference" maxOccurs="unbounded"/> - </sequence> - <attribute name="Id" type="ID" use="optional"/> - </complexType> - - <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/> - <complexType name="CanonicalizationMethodType" mixed="true"> - <sequence> - <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/> - <!-- (0,unbounded) elements from (1,1) namespace --> - </sequence> - <attribute name="Algorithm" type="anyURI" use="required"/> - </complexType> - - <element name="SignatureMethod" type="ds:SignatureMethodType"/> - <complexType name="SignatureMethodType" mixed="true"> - <sequence> - <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/> - <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> - <!-- (0,unbounded) elements from (1,1) external namespace --> - </sequence> - <attribute name="Algorithm" type="anyURI" use="required"/> - </complexType> - - <!-- Start Reference --> - - <element name="Reference" type="ds:ReferenceType"/> - <complexType name="ReferenceType"> - <sequence> - <element ref="ds:Transforms" minOccurs="0"/> - <element ref="ds:DigestMethod"/> - <element ref="ds:DigestValue"/> - </sequence> - <attribute name="Id" type="ID" use="optional"/> - <attribute name="URI" type="anyURI" use="optional"/> - <attribute name="Type" type="anyURI" use="optional"/> - </complexType> - - <element name="Transforms" type="ds:TransformsType"/> - <complexType name="TransformsType"> - <sequence> - <element ref="ds:Transform" maxOccurs="unbounded"/> - </sequence> - </complexType> - - <element name="Transform" type="ds:TransformType"/> - <complexType name="TransformType" mixed="true"> - <choice minOccurs="0" maxOccurs="unbounded"> - <any namespace="##other" processContents="lax"/> - <!-- (1,1) elements from (0,unbounded) namespaces --> - <element name="XPath" type="string"/> - </choice> - <attribute name="Algorithm" type="anyURI" use="required"/> - </complexType> - - <!-- End Reference --> - - <element name="DigestMethod" type="ds:DigestMethodType"/> - <complexType name="DigestMethodType" mixed="true"> - <sequence> - <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> - </sequence> - <attribute name="Algorithm" type="anyURI" use="required"/> - </complexType> - - <element name="DigestValue" type="ds:DigestValueType"/> - <simpleType name="DigestValueType"> - <restriction base="base64Binary"/> - </simpleType> - - <!-- End SignedInfo --> - - <!-- Start KeyInfo --> - - <element name="KeyInfo" type="ds:KeyInfoType"/> - <complexType name="KeyInfoType" mixed="true"> - <choice maxOccurs="unbounded"> - <element ref="ds:KeyName"/> - <element ref="ds:KeyValue"/> - <element ref="ds:RetrievalMethod"/> - <element ref="ds:X509Data"/> - <element ref="ds:PGPData"/> - <element ref="ds:SPKIData"/> - <element ref="ds:MgmtData"/> - <any processContents="lax" namespace="##other"/> - <!-- (1,1) elements from (0,unbounded) namespaces --> - </choice> - <attribute name="Id" type="ID" use="optional"/> - </complexType> - - <element name="KeyName" type="string"/> - <element name="MgmtData" type="string"/> - - <element name="KeyValue" type="ds:KeyValueType"/> - <complexType name="KeyValueType" mixed="true"> - <choice> - <element ref="ds:DSAKeyValue"/> - <element ref="ds:RSAKeyValue"/> - <any namespace="##other" processContents="lax"/> - </choice> - </complexType> - - <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> - <complexType name="RetrievalMethodType"> - <sequence> - <element ref="ds:Transforms" minOccurs="0"/> - </sequence> - <attribute name="URI" type="anyURI"/> - <attribute name="Type" type="anyURI" use="optional"/> - </complexType> - - <!-- Start X509Data --> - - <element name="X509Data" type="ds:X509DataType"/> - <complexType name="X509DataType"> - <sequence maxOccurs="unbounded"> - <choice> - <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/> - <element name="X509SKI" type="base64Binary"/> - <element name="X509SubjectName" type="string"/> - <element name="X509Certificate" type="base64Binary"/> - <element name="X509CRL" type="base64Binary"/> - <any namespace="##other" processContents="lax"/> - </choice> - </sequence> - </complexType> - - <complexType name="X509IssuerSerialType"> - <sequence> - <element name="X509IssuerName" type="string"/> - <element name="X509SerialNumber" type="integer"/> - </sequence> - </complexType> - - <!-- End X509Data --> - - <!-- Begin PGPData --> - - <element name="PGPData" type="ds:PGPDataType"/> - <complexType name="PGPDataType"> - <choice> - <sequence> - <element name="PGPKeyID" type="base64Binary"/> - <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/> - <any namespace="##other" processContents="lax" minOccurs="0" - maxOccurs="unbounded"/> - </sequence> - <sequence> - <element name="PGPKeyPacket" type="base64Binary"/> - <any namespace="##other" processContents="lax" minOccurs="0" - maxOccurs="unbounded"/> - </sequence> - </choice> - </complexType> - - <!-- End PGPData --> - - <!-- Begin SPKIData --> - - <element name="SPKIData" type="ds:SPKIDataType"/> - <complexType name="SPKIDataType"> - <sequence maxOccurs="unbounded"> - <element name="SPKISexp" type="base64Binary"/> - <any namespace="##other" processContents="lax" minOccurs="0"/> - </sequence> - </complexType> - - <!-- End SPKIData --> - - <!-- End KeyInfo --> - - <!-- Start Object (Manifest, SignatureProperty) --> - - <element name="Object" type="ds:ObjectType"/> - <complexType name="ObjectType" mixed="true"> - <sequence minOccurs="0" maxOccurs="unbounded"> - <any namespace="##any" processContents="lax"/> - </sequence> - <attribute name="Id" type="ID" use="optional"/> - <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet --> - <attribute name="Encoding" type="anyURI" use="optional"/> - </complexType> - - <element name="Manifest" type="ds:ManifestType"/> - <complexType name="ManifestType"> - <sequence> - <element ref="ds:Reference" maxOccurs="unbounded"/> - </sequence> - <attribute name="Id" type="ID" use="optional"/> - </complexType> - - <element name="SignatureProperties" type="ds:SignaturePropertiesType"/> - <complexType name="SignaturePropertiesType"> - <sequence> - <element ref="ds:SignatureProperty" maxOccurs="unbounded"/> - </sequence> - <attribute name="Id" type="ID" use="optional"/> - </complexType> - - <element name="SignatureProperty" type="ds:SignaturePropertyType"/> - <complexType name="SignaturePropertyType" mixed="true"> - <choice maxOccurs="unbounded"> - <any namespace="##other" processContents="lax"/> - <!-- (1,1) elements from (1,unbounded) namespaces --> - </choice> - <attribute name="Target" type="anyURI" use="required"/> - <attribute name="Id" type="ID" use="optional"/> - </complexType> - - <!-- End Object (Manifest, SignatureProperty) --> - - <!-- Start Algorithm Parameters --> - - <simpleType name="HMACOutputLengthType"> - <restriction base="integer"/> - </simpleType> - - <!-- Start KeyValue Element-types --> - - <element name="DSAKeyValue" type="ds:DSAKeyValueType"/> - <complexType name="DSAKeyValueType"> - <sequence> - <sequence minOccurs="0"> - <element name="P" type="ds:CryptoBinary"/> - <element name="Q" type="ds:CryptoBinary"/> - </sequence> - <element name="G" type="ds:CryptoBinary" minOccurs="0"/> - <element name="Y" type="ds:CryptoBinary"/> - <element name="J" type="ds:CryptoBinary" minOccurs="0"/> - <sequence minOccurs="0"> - <element name="Seed" type="ds:CryptoBinary"/> - <element name="PgenCounter" type="ds:CryptoBinary"/> - </sequence> - </sequence> - </complexType> - - <element name="RSAKeyValue" type="ds:RSAKeyValueType"/> - <complexType name="RSAKeyValueType"> - <sequence> - <element name="Modulus" type="ds:CryptoBinary"/> - <element name="Exponent" type="ds:CryptoBinary"/> - </sequence> - </complexType> - - <!-- End KeyValue Element-types --> - - <!-- End Signature --> - -</schema> diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java deleted file mode 100644 index 3d0aa4d45..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java +++ /dev/null @@ -1,135 +0,0 @@ -package eu.stork.peps.tests;
-
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import org.junit.Test;
-
-import eu.stork.peps.auth.commons.AttributeProvider;
-import eu.stork.peps.auth.commons.AttributeProvidersMap;
-import eu.stork.peps.auth.commons.AttributeSource;
-import eu.stork.peps.auth.commons.Country;
-import eu.stork.peps.auth.commons.IAttributeProvidersMap;
-import eu.stork.peps.auth.commons.IPersonalAttributeList;
-import eu.stork.peps.auth.commons.PersonalAttributeList;
-
-/**
- * The AttributeSource's Test Case.
- *
- * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos
- * (ilias@aegean.gr)
- *
- * @version $Revision: $, $Date: $
- */
-public class AttributeProvidersMapTestCase {
-
- @Test
- public void testObjectOK1() {
- final IAttributeProvidersMap map = new AttributeProvidersMap();
- final AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL");
- final IPersonalAttributeList pal = new PersonalAttributeList();
- boolean outcome = false;
-
- //Add a single item
- map.put(source, pal);
-
- if (map.containsKey(source)) {
- outcome = true;
- }
-
- assertTrue(outcome);
- }
-
- @Test
- public void testObjectOK2() {
- final IAttributeProvidersMap map = new AttributeProvidersMap();
- final AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL");
- final IPersonalAttributeList pal = new PersonalAttributeList();
- boolean outcome = false;
-
- //Add a single item
- map.put(source, pal);
-
- if (map.containsKey(source)) {
- if (map.get(source) != null) {
- outcome = true;
- }
- }
-
- assertTrue(outcome);
- }
-
- @Test
- public void testObjectOK3() {
- final IAttributeProvidersMap map = new AttributeProvidersMap();
- final AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL");
- final AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL");
- final IPersonalAttributeList pal = new PersonalAttributeList();
- boolean outcome = false;
-
- //Add a single item
- map.put(source, pal);
-
- if (map.containsKey(target)) {
- outcome = true;
- }
-
- assertTrue(outcome);
- }
-
- @Test
- public void testObjectOK4() {
- final IAttributeProvidersMap map = new AttributeProvidersMap();
- final AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL");
- final AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL");
- final IPersonalAttributeList pal = new PersonalAttributeList();
- boolean outcome = false;
-
- //Add a single item
- map.put(source, pal);
-
- if (map.containsKey(target)) {
- if (map.get(target) != null) {
- outcome = true;
- }
- }
-
- assertTrue(outcome);
- }
-
- @Test
- public void testObjectNOK1() {
- final IAttributeProvidersMap map = new AttributeProvidersMap();
- final AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL");
- final AttributeSource target = new AttributeSource(new Country("ID1", "Name 1"), "URL");
- final IPersonalAttributeList pal = new PersonalAttributeList();
- boolean outcome = false;
-
- //Add a single item
- map.put(source, pal);
-
- if (map.containsKey(target)) {
- outcome = true;
- }
-
- assertFalse(outcome);
- }
-
- @Test
- public void testObjectNOK2() {
- final IAttributeProvidersMap map = new AttributeProvidersMap();
- final AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL");
- final AttributeSource target = new AttributeSource(new AttributeProvider("ID2", "Name 1", null), "URL");
- final IPersonalAttributeList pal = new PersonalAttributeList();
- boolean outcome = false;
-
- //Add a single item
- map.put(source, pal);
-
- if (map.containsKey(target)) {
- outcome = true;
- }
-
- assertFalse(outcome);
- }
-}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java deleted file mode 100644 index a3fb6468f..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java +++ /dev/null @@ -1,90 +0,0 @@ -package eu.stork.peps.tests;
-
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import org.junit.Test;
-
-import eu.stork.peps.auth.commons.AttributeProvider;
-import eu.stork.peps.auth.commons.AttributeSource;
-import eu.stork.peps.auth.commons.Country;
-
-/**
- * The AttributeSource's Test Case.
- *
- * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos
- * (ilias@aegean.gr)
- *
- * @version $Revision: $, $Date: $
- */
-public final class AttributeSourceTestCase {
-
- private final AttributeSource ap1 = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL1");
- private final AttributeSource ap2 = new AttributeSource(new AttributeProvider("ID2", "Name 2", null), "URL2");
- private final AttributeSource ap3 = new AttributeSource(new AttributeProvider("ID1", "Name 2", null), "URL2");
- private final AttributeSource ap4 = new AttributeSource(new AttributeProvider("ID1", "Name 2", null), "URL1");
- private final AttributeSource ap5 = new AttributeSource(new AttributeProvider("ID1", "Name 1", null), "URL1");
-
- private final AttributeSource c1 = new AttributeSource(new Country("ID1", "Name 1"), "URL1");
- private final AttributeSource c2 = new AttributeSource(new Country("ID2", "Name 2"), "URL2");
- private final AttributeSource c3 = new AttributeSource(new Country("ID1", "Name 2"), "URL2");
- private final AttributeSource c4 = new AttributeSource(new Country("ID1", "Name 2"), "URL1");
- private final AttributeSource c5 = new AttributeSource(new Country("ID1", "Name 1"), "URL1");
-
- @Test
- public void testNotEquals1() {
- assertFalse(ap1.innerEquals(ap2));
- }
-
- @Test
- public void testNotEquals2() {
- assertFalse(ap1.innerEquals(c1));
- }
-
- @Test
- public void testNotEquals3() {
- assertFalse(c1.innerEquals(c2));
- }
-
- @Test
- public void testEquals1() {
- assertTrue(ap1.innerEquals(ap3));
- }
-
- @Test
- public void testEquals2() {
- assertTrue(ap1.innerEquals(ap4));
- }
-
- @Test
- public void testEquals3() {
- assertTrue(ap1.innerEquals(ap5));
- }
-
- @Test
- public void testEquals4() {
- assertTrue(c1.innerEquals(c3));
- }
-
- @Test
- public void testEquals5() {
- assertTrue(c1.innerEquals(c4));
- }
-
- @Test
- public void testEquals6() {
- assertTrue(c1.innerEquals(c5));
- }
-
- @Test
- public void testEquals7() {
- final Object obj = ap5;
- assertTrue(ap1.equals(obj));
- }
-
- @Test
- public void testEquals8() {
- final Object obj = c5;
- assertTrue(c1.equals(obj));
- }
-}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java deleted file mode 100644 index 524a7446c..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java +++ /dev/null @@ -1,537 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.assertEquals; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.junit.Test; - -import eu.stork.peps.auth.commons.AttributeUtil; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSValues; -import eu.stork.peps.auth.commons.PersonalAttributeList; - -/** - * The AttributeUtil's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com - * - * @version $Revision: $, $Date: $ - */ -public final class AttributeUtilTestCase { - - /** - * Empty String to be used on the tests. - */ - private static final String EMPTY_STRING = ""; - - /** - * Tuple value sample to be used on the tests. - */ - private static final String[] TUPLE_STRING = new String[]{"age", "true", - "[18]", "Available"}; - - /** - * Complex value to be used on escape/unescape tests. - */ - private static final String COMPLEX_VAL = "postalCode=4100," - + "apartmentNumber=A,state=Porto,countryCodeAddress=PT,streetNumber=379," - + "streetName=Avenida Sidonio Pais,town=Porto,"; - - /** - * Escaped Complex value to be used on escape/unescape tests. - */ - private static final String ESC_COMPLEX_VAL = "postalCode=4100%44" - + "apartmentNumber=A%44state=Porto%44countryCodeAddress=PT%44" - + "streetNumber=379%44streetName=Avenida Sidonio Pais%44town=Porto%44"; - - /** - * Simple value to be used on escape/unescape tests. - */ - private static final String SIMPLE_VAL = "Avenida da Boavista, Porto"; - - /** - * Escaped simple value to be used on escape/unescape tests. - */ - private static final String ESC_SIMPLE_VAL = "Avenida da Boavista%44 Porto"; - - /** - * Simple text to be used on escape/unescape tests. Must match the escaped - * text. - */ - private static final String SIMPLE_TEXT = "John Doe"; - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given - * complex attribute value (canonical address' example attribute value). - */ - @Test - public void testEscapeSpecialCharsComplexVal() { - assertEquals(AttributeUtil.escape(COMPLEX_VAL), ESC_COMPLEX_VAL); - } - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given - * attribute value. - */ - @Test - public void testEscapeSpecialCharsVal() { - assertEquals(AttributeUtil.escape(SIMPLE_VAL), ESC_SIMPLE_VAL); - } - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given - * simple text: no special characters to escape. - */ - @Test - public void testEscapeNormalChars() { - assertEquals(AttributeUtil.escape(SIMPLE_TEXT), SIMPLE_TEXT); - } - - /** - * Tests the {@link AttributeUtil#unescape(String)} method for the given - * escape complex attribute value (canonical address' example attribute - * value). - */ - @Test - public void testUnescapeSpecialCharsComplexVal() { - assertEquals(AttributeUtil.unescape(ESC_COMPLEX_VAL), COMPLEX_VAL); - } - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given - * escape attribute value. - */ - @Test - public void testUnescapeSpecialCharsVal() { - assertEquals(AttributeUtil.unescape(ESC_SIMPLE_VAL), SIMPLE_VAL); - } - - /** - * Tests the {@link AttributeUtil#escape(String)} method for the given - * simple text: no special characters to unescape. - */ - @Test - public void testUnescapeNormalChars() { - assertEquals(AttributeUtil.unescape(SIMPLE_TEXT), SIMPLE_TEXT); - } - - /** - * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} - * method for the given empty string. - */ - @Test - public void testAppendIfNotNullEmptyStr() { - final StringBuilder strBuilder = new StringBuilder(SIMPLE_TEXT); - AttributeUtil.appendIfNotNull(strBuilder, EMPTY_STRING); - assertEquals(strBuilder.toString(), SIMPLE_TEXT); - } - - /** - * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} - * method for the given string. - */ - @Test - public void testAppendIfNotNullStr() { - final StringBuilder strBuilder = new StringBuilder(); - AttributeUtil.appendIfNotNull(strBuilder, SIMPLE_TEXT); - assertEquals(strBuilder.toString(), SIMPLE_TEXT); - } - - /** - * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} - * method for the given null value. - */ - @Test - public void testAppendIfNotNull() { - final StringBuilder strBuilder = new StringBuilder(); - AttributeUtil.appendIfNotNull(strBuilder, null); - assertEquals(strBuilder.toString(), EMPTY_STRING); - } - - /** - * Tests the {@link AttributeUtil#listToString(List, String)} method for the - * given List with two values. - */ - @Test - public void testListToStringTwoVals() { - final List<String> vals = new ArrayList<String>(); - vals.add(SIMPLE_VAL); - vals.add(SIMPLE_TEXT); - - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append(SIMPLE_TEXT); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - assertEquals( - AttributeUtil.listToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#listToString(List, String)} method for the - * given List with one values. - */ - @Test - public void testListToStringOneVal() { - final List<String> vals = new ArrayList<String>(); - vals.add(SIMPLE_VAL); - - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - assertEquals( - AttributeUtil.listToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#listToString(List, String)} method for the - * given List with one value. - */ - @Test - public void testListToStringEmptyVal() { - final List<String> vals = new ArrayList<String>(); - - final StringBuilder strBuilder = new StringBuilder(); - - assertEquals( - AttributeUtil.listToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method - * for the given Map with one value. - */ - @Test - public void testMapToStringOneVal() { - final Map<String, String> vals = new HashMap<String, String>(); - vals.put("CanonicalAddress", COMPLEX_VAL); - - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("CanonicalAddress="); - strBuilder.append(ESC_COMPLEX_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - - assertEquals(AttributeUtil.mapToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method - * for the given empty Map. - */ - @Test - public void testMapToStringEmptyVal() { - final Map<String, String> vals = new HashMap<String, String>(); - - final StringBuilder strBuilder = new StringBuilder(); - - assertEquals(AttributeUtil.mapToString(vals, - PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * invalid List. - */ - @Test - public void testIsValidValueInvalidList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append("]"); - assertFalse(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * null value. - */ - @Test - public void testIsValidValueNullList() { - assertFalse(AttributeUtil.isValidValue(null)); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * empty List. - */ - @Test - public void testIsValidValueEmptyList() { - assertTrue(AttributeUtil.isValidValue("[]")); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * empty List. - */ - @Test - public void testIsValidValueEmptyCommaList() { - assertTrue(AttributeUtil.isValidValue("[,]")); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * one simple value List. - */ - @Test - public void testIsValidValueOneValueList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * one simple value List. - */ - @Test - public void testIsValidValueOneValueCommaList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * one complex value List. - */ - @Test - public void testIsValidValueOneComplexValueList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_COMPLEX_VAL); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * one complex value List. - */ - @Test - public void testIsValidValueOneComplexValueCommaList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_COMPLEX_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * multi value List. - */ - @Test - public void testIsValidValueMultiValueList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append("["); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append(SIMPLE_TEXT); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append("]"); - assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidValue(String)} method for the given - * invalid multi value List. - */ - @Test - public void testIsValidValueInvalidMultiValueList() { - final StringBuilder strBuilder = new StringBuilder(); - strBuilder.append(ESC_SIMPLE_VAL); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append(SIMPLE_TEXT); - strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); - strBuilder.append("]"); - assertFalse(AttributeUtil.isValidValue(strBuilder.toString())); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * true type. - */ - @Test - public void testIsValidTypetrue() { - assertTrue(AttributeUtil.isValidType("true")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * True type. - */ - @Test - public void testIsValidTypeTrue() { - assertTrue(AttributeUtil.isValidType("True")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * TRUE type. - */ - @Test - public void testIsValidTypeTRUE() { - assertTrue(AttributeUtil.isValidType("TRUE")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * invalid type. - */ - @Test - public void testIsValidTypeInvalidType() { - assertFalse(AttributeUtil.isValidType("str")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * false type. - */ - @Test - public void testIsValidTypefalse() { - assertTrue(AttributeUtil.isValidType("false")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * False type. - */ - @Test - public void testIsValidTypeFalse() { - assertTrue(AttributeUtil.isValidType("False")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * FALSE type. - */ - @Test - public void testIsValidTypeFALSEVal() { - assertTrue(AttributeUtil.isValidType("False")); - } - - /** - * Tests the {@link AttributeUtil#isValidType(String)} method for the given - * null. - */ - @Test - public void testIsValidTypeNullVal() { - assertFalse(AttributeUtil.isValidType(null)); - } - - /** - * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the - * given valid tuple. - */ - @Test - public void testHasValidTuples() { - assertTrue(AttributeUtil.hasValidTuples(TUPLE_STRING)); - } - - /** - * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the - * given invalid tuple. - */ - @Test - public void testHasValidTuplesInvalid() { - final String[] tuple = new String[]{"name", "type"}; - assertFalse(AttributeUtil.hasValidTuples(tuple)); - } - - /** - * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the - * given invalid tuple with valid size. - */ - @Test - public void testHasValidTuplesSameSizeInvalidValues() { - final String[] tuple = new String[]{"age", "type", "[18]", "Available"}; - assertFalse(AttributeUtil.hasValidTuples(tuple)); - } - - /** - * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the - * given null value. - */ - @Test - public void testHasValidTuplesNull() { - assertFalse(AttributeUtil.hasValidTuples(null)); - } - - /** - * Tests the - * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} - * method for the given attribute list.. - */ - @Test - public void testCheckMandatoryAttributes() { - final IPersonalAttributeList attrList = new PersonalAttributeList(); - attrList.populate("isAgeOver:true:[18,]:Available;"); - assertTrue(AttributeUtil.checkMandatoryAttributes(attrList)); - - } - - /** - * Tests the - * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} - * method for the given null value. - */ - @Test(expected = NullPointerException.class) - public void testCheckMandatoryAttributesNullAttrList() { - assertTrue(AttributeUtil.checkMandatoryAttributes(null)); - } - - /** - * Tests the - * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} - * method for the given empty attribute list. - */ - @Test - public void testCheckMandatoryAttributesEmptyAttrList() { - final IPersonalAttributeList attrList = new PersonalAttributeList(); - assertTrue(AttributeUtil.checkMandatoryAttributes(attrList)); - } - - /** - * Tests the - * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} - * method for the given attribute list (missing mandatory attribute). - */ - @Test - public void testCheckMandatoryAttributesMissingAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(); - attrList.populate("isAgeOver:true:[]:NotAvailable;"); - assertFalse(AttributeUtil.checkMandatoryAttributes(attrList)); - } - -} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/ComplexAttributesMarshalling.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/ComplexAttributesMarshalling.java deleted file mode 100644 index f2383c07a..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/ComplexAttributesMarshalling.java +++ /dev/null @@ -1,246 +0,0 @@ -/*
- * This work is Open Source and licensed by the European Commission under the conditions of the European Public License
- * v1.1 (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); any use of this file implies acceptance of
- * the conditions of this license. Unless required by applicable law or agreed to in writing, software distributed under
- * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied. See the License for the specific language governing permissions and limitations under the License. --- Test
- * cases for marshalling complex attributes. Implemented are two testcases for marshalling and unmarshalling. These
- * testcases are for canonical residenc address and has bank account.
- */
-
-package eu.stork.peps.tests;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.StringWriter;
-
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.stream.StreamSource;
-
-import org.joda.time.DateTime;
-import org.junit.Test;
-
-import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.CanonicalAddressType;
-import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.HasAccountInBankType;
-import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.MandateContentType;
-import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.MandateType;
-import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.ObjectFactory;
-import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.RepresentationPersonType;
-
-/**
- * @author Advania Examples on how to use the jaxb marshaller. The classes are created from the
- * StorkcomplexAttributes.xsd schema located in resources.
- * @version $Revision: 1.00 $, $Date: 2014-17-02 11:15:00 $
- */
-
-public class ComplexAttributesMarshalling {
-
- MandateContentType mtObject = new MandateContentType();
- RepresentationPersonType rpObject = new RepresentationPersonType();
- RepresentationPersonType rptObject = new RepresentationPersonType();
-
- void initMandateValues() {
- // Fill in the information ...
- mtObject.setIsChained(false);
- // mtObject.setIsJoined("IsJoined");
- mtObject.setTypeOfPower("The Force");
- mtObject.setIsChained(false);
- // ... fill in info for the representative
- rpObject.setTextRegisteredAddress("Address at some street");
- rpObject.setDateOfBirth(DateTime.now().toString());
- rpObject.setEIdentifier("123456");
- rpObject.setGivenName("Name of some person");
- rpObject.setLegalForm("Type of person");
- // .... fill in the info for the represented
- rptObject.setTextRegisteredAddress("Another Address at some street");
- rptObject.setDateOfBirth(DateTime.now().toString());
- rptObject.setEIdentifier("654321");
- rptObject.setGivenName("Another Name of some person");
- rptObject.setLegalForm("Yet another type of person");
- }
-
- /**
- * Test marshalling canonical address <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
- * <canonicalResidenceAddress xmlns="urn:eu:stork:names:tc:STORK:1.0:assertion">
- * <countryCodeAddress>IS</countryCodeAddress> <state>Reykjavik</state> <municipalityCode>RVK</municipalityCode>
- * <town>Reykjavik</town> <postalCode>101</postalCode> <streetName>Laugavegur</streetName>
- * <streetNumber>1</streetNumber> <apartmentNumber>10</apartmentNumber> </canonicalResidenceAddress>
- */
- @Test
- public void testMarshallCanonicalResidencAddress() {
- try {
- final CanonicalAddressType object = new CanonicalAddressType();
- object.setApartmentNumber("10");
- object.setCountryCodeAddress("IS");
- object.setMunicipalityCode("RVK");
- object.setPostalCode("101");
- object.setState("Reykjavik");
- object.setStreetName("Laugavegur");
- object.setStreetNumber("1");
- object.setTown("Reykjavik");
-
- final JAXBContext context = JAXBContext.newInstance(CanonicalAddressType.class);
- final Marshaller m = context.createMarshaller();
- m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
- final ObjectFactory objf = new ObjectFactory();
-
- m.marshal(objf.createCanonicalResidenceAddress(object), new FileOutputStream("CanonicalAddressType.xml"));
- m.marshal(objf.createCanonicalResidenceAddress(object), System.out);
- }
- catch ( Exception e ) {
- e.printStackTrace();
- }
- }
-
- @Test
- public void testForDiana() {
- initMandateValues();
-
- try {
- // Create the marshallers'
-
- final JAXBContext mandateTypeContext = JAXBContext.newInstance(MandateType.class);
- final Marshaller mandateMarshaller = mandateTypeContext.createMarshaller();
-
- final ObjectFactory objf = new ObjectFactory();
- MandateType mandate = new MandateType();
- RepresentationPersonType representative = new RepresentationPersonType();
- representative.setDateOfBirth("1990-01-01");
- representative.setGivenName("Bilbo");
- representative.setSurname("Baggins");
- representative.setEIdentifier("IT/IT/12345678990");
- mandate.setRepresentative(representative);
-
- RepresentationPersonType represented = new RepresentationPersonType();
- represented.setTextRegisteredAddress("Via....");
- represented.setELPIdentifier("IT/1111111");
- represented.setLegalName("Shire Corp.");
- mandate.setRepresented(represented);
-
- MandateContentType mandateContent1 = new MandateContentType();
- mandateContent1.setOriginalMandate("Chief executive officer".getBytes());
- mandateContent1.setOriginalMandateType("text/plain");
- MandateContentType mandateContent2 = new MandateContentType();
- mandateContent2.setOriginalMandate("Chief executive officer2".getBytes());
- mandateContent2.setOriginalMandateType("text/plain");
- mandate.getMandateContent().add(mandateContent1);
- mandate.getMandateContent().add(mandateContent2);
-
- // marshall the mandatecontent
- StringWriter sw = new StringWriter();
- mandateMarshaller.marshal(objf.createMandate(mandate), sw);
-
- System.out.print(sw.toString());
-
- }
- catch ( JAXBException e ) {
- e.printStackTrace();
- }
- }
-
- @Test
- public void testMandateContent() {
- initMandateValues();
- try {
- final MandateType object = new MandateType();
- // Make the object ....
- object.getMandateContent().add(mtObject);
- object.setRepresented(rpObject);
- object.setRepresentative(rptObject);
-
- final JAXBContext context = JAXBContext.newInstance(MandateType.class);
- // Create the marshaller
- final Marshaller m = context.createMarshaller();
- m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
- final ObjectFactory objf = new ObjectFactory();
- // Various types of output
- m.marshal(objf.createMandate(object), new FileOutputStream("MandateContentType.xml"));
- m.marshal(objf.createMandate(object), System.out);
-
- StringWriter sw = new StringWriter();
- m.marshal(objf.createMandate(object), sw);
-
- }
- catch ( Exception e ) {
- e.printStackTrace();
- }
- }
-
- /**
- * Test unmarshalling canonical address <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
- * <canonicalResidenceAddress xmlns="urn:eu:stork:names:tc:STORK:1.0:assertion">
- * <countryCodeAddress>IS</countryCodeAddress> <state>Reykjavik</state> <municipalityCode>RVK</municipalityCode>
- * <town>Reykjavik</town> <postalCode>101</postalCode> <streetName>Laugavegur</streetName>
- * <streetNumber>1</streetNumber> <apartmentNumber>10</apartmentNumber> </canonicalResidenceAddress>
- */
- @Test
- public void testUnmarshallCanonicalAddress() {
- JAXBContext uContext;
- try {
- uContext = JAXBContext.newInstance(CanonicalAddressType.class);
- final Unmarshaller u = uContext.createUnmarshaller();
- final File file = new File("CanonicalAddressType.xml");
-
- final JAXBElement<CanonicalAddressType> root = u.unmarshal(new StreamSource(file),
- CanonicalAddressType.class);
- final CanonicalAddressType foo = root.getValue();
-
- final String A = foo.getStreetName();
- final String B = foo.getStreetNumber();
-
- System.out.println("Streetname: " + A);
- System.out.println("Streetnumber: " + B);
-
- }
- catch ( final JAXBException e ) {
- e.printStackTrace();
- }
- }
-
- /**
- * Test marshalling has bank account <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <hasAccountInBank
- * xmlns="urn:eu:stork:names:tc:STORK:1.0:assertion"> <bankName>Arion</bankName> <AQAA>3</AQAA> </hasAccountInBank>
- */
- @Test
- public void testMarshallHasBankAccount() {
- try {
- final HasAccountInBankType object = new HasAccountInBankType();
- object.setAQAA(3);
- object.setBankName("Arion Bank");
- final JAXBContext context = JAXBContext.newInstance(HasAccountInBankType.class);
- final Marshaller m = context.createMarshaller();
- final ObjectFactory o = new ObjectFactory();
- m.marshal(o.createHasAccountInBank(object), new FileOutputStream("hasbankaccount.xml"));
- m.marshal(o.createHasAccountInBank(object), System.out);
-
- }
- catch ( Exception e ) {
- e.printStackTrace();
- }
- }
-
- /**
- * Test unmarshalling has bank account <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <hasAccountInBank
- * xmlns="urn:eu:stork:names:tc:STORK:1.0:assertion"> <bankName>Arion</bankName> <AQAA>3</AQAA> </hasAccountInBank>
- */
- @Test
- public void testUnmarshallHasBankAccount() {
- try {
- final JAXBContext context = JAXBContext.newInstance(HasAccountInBankType.class);
- final Unmarshaller um = context.createUnmarshaller();
- final File file = new File("hasbankaccount.xml");
- final JAXBElement<HasAccountInBankType> root = um.unmarshal(new StreamSource(file),
- HasAccountInBankType.class);
- final HasAccountInBankType foo = root.getValue();
- System.out.println(foo.getBankName());
- }
- catch ( final JAXBException e ) {
- e.printStackTrace();
- }
- }
-
-}
diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java deleted file mode 100644 index 6c9a17ddc..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java +++ /dev/null @@ -1,294 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import java.sql.Timestamp; -import java.util.Properties; - -import org.joda.time.DateTime; -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; - -import eu.stork.peps.auth.commons.DateUtil; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException; - -/** - * The PersonalAttribute's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.2 $, $Date: 2010-11-17 05:17:03 $ - */ -public final class DateUtilTestCase { - - /** - * Stork Format date. - */ - private static final String FORMAT = "yyyyMMdd"; - - /** - * Expected 10 value. - */ - private static final int TEN = 10; - - /** - * Expected 11 value. - */ - private static final int ELEVEN = 11; - - /** - * The testing Date ("current" date). - */ - private static final DateTime TESTDATE = new DateTime(2011, 10, 10, 15, 20, - 0, 0); - - /** - * Init DateUtilTestCase class. - */ - @BeforeClass - public static void runsBeforeTheTestSuite() { - final Properties configs = new Properties(); - configs.setProperty("invalidAgeDateValue.code", "35"); - configs.setProperty("invalidAttributeValue.code", "34"); - configs - .setProperty( - "invalidAttributeValue.message", - "Unexpected or invalid content was encountered within a " - + "<saml:Attribute> or <saml:AttributeValue> element."); - PEPSUtil.createInstance(configs); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given year against - * the testDate: 2011-10-10 15:20:00.0. Must return 10. - */ - @Test - public void calculateAgeFromYear() { - Assert.assertTrue(TEN == DateUtil.calculateAge("2000", TESTDATE, FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given year and - * month against the testDate: 2011-10-10 15:20:00.0. Must return 11. - */ - @Test - public void calculateAgeFromEarlyMonth() { - Assert.assertTrue(ELEVEN == DateUtil.calculateAge("200001", TESTDATE, - FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given year and - * month against the testDate: 2011-10-10 15:20:00.0. Must return 10. - */ - @Test - public void calculateAgeFromSameMonth() { - Assert.assertTrue(TEN == DateUtil.calculateAge("200010", TESTDATE, FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given year and - * month against the testDate: 2011-10-10 15:20:00.0. Must return 10. - */ - @Test - public void calculateAgeFromLaterMonth() { - Assert.assertTrue(TEN == DateUtil.calculateAge("200011", TESTDATE, FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return 11. - */ - @Test - public void calculateAgeFromEarlyFullDate() { - Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20000101", TESTDATE, - FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return 11. - */ - @Test - public void calculateAgeFromSameDay() { - Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20001010", TESTDATE, - FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return 10. - */ - @Test - public void calculateAgeFromLaterFullDate() { - Assert.assertTrue(TEN == DateUtil - .calculateAge("20001011", TESTDATE, FORMAT)); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromInvalidDate() { - DateUtil.calculateAge("200", TESTDATE, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromInvalidMonth() { - DateUtil.calculateAge("200013", TESTDATE, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromInvalidDay() { - DateUtil.calculateAge("20000230", TESTDATE, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromNullDate() { - DateUtil.calculateAge(null, TESTDATE, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromNullCurDate() { - DateUtil.calculateAge("2000", null, FORMAT); - } - - /** - * Tests the {@link DateUtil#calculateAge} method for the given full date - * against the testDate: 2011-10-10 15:20:00.0. Must return a - * SecurityPEPSException exception. - */ - @Test(expected = SecurityPEPSException.class) - public void calculateAgeFromNullFormat() { - DateUtil.calculateAge("2000", TESTDATE, null); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return true - */ - @Test - public void isValidFormatDateFromYear() { - Assert.assertTrue(DateUtil.isValidFormatDate("2000", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year - * and month. Must return true. - */ - @Test - public void isValidFormatDateFromMonth() { - Assert.assertTrue(DateUtil.isValidFormatDate("200001", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDate() { - Assert.assertTrue(DateUtil.isValidFormatDate("20000101", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateInvalidYear() { - Assert.assertFalse(DateUtil.isValidFormatDate("200", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateInvalidMonth() { - Assert.assertFalse(DateUtil.isValidFormatDate("200013", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateInvalidDate() { - Assert.assertFalse(DateUtil.isValidFormatDate("20010229", FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateNullDate() { - Assert.assertFalse(DateUtil.isValidFormatDate(null, FORMAT)); - } - - /** - * Tests the {@link DateUtil#isValidFormatDate} method for the given year. - * Must return false. - */ - @Test - public void isValidFormatDateNullFormat() { - Assert.assertFalse(DateUtil.isValidFormatDate("2000", null)); - } - - /** - * Tests the {@link DateUtil#currentTimeStamp()} method for the current - * TimeStamp (TS). Must return true. - */ - @Test - public void testCurrentTimeStampBefore() { - Timestamp ts = DateUtil.currentTimeStamp(); - Assert.assertNotSame(ts, DateUtil.currentTimeStamp()); - } - - /** - * Tests the {@link DateUtil#currentTimeStamp()} method for the current - * TimeStamp (TS). Must return true. - */ - @Test - public void testCurrentTimeStampAfter() { - Timestamp ts = DateUtil.currentTimeStamp(); - Assert.assertEquals(DateUtil.currentTimeStamp(), ts); - } - -} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java deleted file mode 100644 index 95c1f4594..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java +++ /dev/null @@ -1,553 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import static org.junit.Assert.assertArrayEquals; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotSame; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.assertFalse; - -import java.util.Properties; - -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSErrors; -import eu.stork.peps.auth.commons.PEPSParameters; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; -import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException; - -/** - * The PEPSUtil's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com - * - * @version $Revision: $, $Date: $ - */ -public final class PEPSUtilTestCase { - - /** - * Message example. - */ - private static final String MESSAGE_SAMPLE = "003002 - Authentication Failed"; - - /** - * Error message example. - */ - private static final String ERROR_MESSAGE_SAMPLE = "Authentication Failed"; - - /** - * Error code example. - */ - private static final String ERROR_CODE_SAMPLE = "003002"; - - /** - * Properties values for testing proposes. - */ - private static final Properties CONFIGS1 = new Properties(); - - /** - * Properties values for testing proposes. - */ - private static final Properties CONFIGS2 = new Properties(); - - /** - * The empty string value: "". - */ - private static final String EMPTY_STRING = ""; - - /** - * The empty byte value: []. - */ - private static final byte[] EMPTY_BYTE = new byte[]{}; - - /** - * The empty byte hash value. - */ - private static final byte[] EMPTY_HASH_BYTE = new byte[]{-49, -125, -31, - 53, 126, -17, -72, -67, -15, 84, 40, 80, -42, 109, -128, 7, -42, 32, -28, - 5, 11, 87, 21, -36, -125, -12, -87, 33, -45, 108, -23, -50, 71, -48, -47, - 60, 93, -123, -14, -80, -1, -125, 24, -46, -121, 126, -20, 47, 99, -71, 49, - -67, 71, 65, 122, -127, -91, 56, 50, 122, -7, 39, -38, 62}; - - /** - * The SAML example byte[] value. - */ - private static final byte[] SAML_BYTE_SAMPLE = new byte[]{60, 115, 97, 109, - 108, 62, 46, 46, 46, 60, 47, 115, 97, 109, 108}; - - /** - * The SAML's Base64 example value. - */ - private static final String SAML_BASE64_SAMPLE = "PHNhbWw+Li4uPC9zYW1s"; - - /** - * The SAML's Base64 byte[] example value. - */ - private static byte[] SAML_BASE64_BYTE_SAMPLE = new byte[]{80, 72, 78, 104, - 98, 87, 119, 43, 76, 105, 52, 117, 80, 67, 57, 122, 89, 87, 49, 115}; - - /** - * The SAML's Base64 Hash byte[] example value. - */ - private static byte[] HASH_BYTE_SAMPLE = new byte[]{67, 38, 11, 115, 49, - -5, 54, -85, 38, 43, -99, 96, 71, -41, 50, -96, 71, -86, 90, -97, 66, -67, - 90, 101, 30, 82, -13, 60, -106, -72, -103, -75, 19, 2, -107, 107, -6, -56, - 34, -111, -44, -57, -26, -5, 33, 78, -1, 30, 21, 74, -26, 118, -46, -12, - -102, 12, -56, 30, -59, -104, -21, -42, -103, 82}; - - /** - * Init PEPSUtilTestCase class. - */ - @BeforeClass - public static void runsBeforeTheTestSuite() { - - CONFIGS1.setProperty("max.attrList.size", "20000"); - CONFIGS1.setProperty("attrList.code", "202005"); - CONFIGS1.setProperty("attrList.message", "invalid.attrList.parameter"); - - CONFIGS1.setProperty("max.qaaLevel.size", "1"); - CONFIGS1.setProperty("max.spUrl.size", "inv"); - CONFIGS1.setProperty("validation.active", "true"); - CONFIGS1.setProperty("hashDigest.className", - "org.bouncycastle.crypto.digests.SHA512Digest"); - CONFIGS1.setProperty("invalidAgeDateValue.code", "35"); - CONFIGS1.setProperty("invalidAttributeValue.code", "34"); - CONFIGS1.setProperty("invalidAttributeValue.message", - "Unexpected or invalid content was encountered within a " - + "<saml:Attribute> or <saml:AttributeValue> element."); - } - - /** - * Tests the {@link PEPSUtil#createInstance(Properties)} method for the - * given properties object. - */ - @Test - public void testCreateInstance() { - Assert.assertNotNull(PEPSUtil.createInstance(CONFIGS2)); - } - - /** - * Tests the {@link PEPSUtil#getConfigs()}. - */ - @Test - public void testGetConfigs() { - final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1); - assertEquals(pepsUtils.getConfigs(), CONFIGS1); - } - - /** - * Tests the {@link PEPSUtil#getConfigs()}. - */ - @Test - public void testGetConfigsDifferent() { - final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1); - assertNotSame(pepsUtils.getConfigs(), CONFIGS2); - } - - /** - * Tests the {@link PEPSUtil#getConfig(String)} method for the given - * existing config. - */ - @Test - public void testGetConfigExists() { - assertEquals(PEPSUtil.getConfig("hashDigest.className"), - "org.bouncycastle.crypto.digests.SHA512Digest"); - } - - /** - * Tests the {@link PEPSUtil#getConfig(String)} method for the given not - * existing config. - */ - @Test - public void testGetConfigNoExists() { - assertNull(PEPSUtil.getConfig("doesnt.exists")); - } - - /** - * Tests the {@link PEPSUtil#getConfig(String)} method for the given null - * value. - */ - @Test(expected = NullPointerException.class) - public void testGetConfigNull() { - assertNull(PEPSUtil.getConfig(null)); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for - * the given param values. - */ - @Test - public void testIsValidParameterExists() { - assertTrue(PEPSUtil.isValidParameter("qaaLevel", "1")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for - * the given param values. - */ - @Test - public void testIsValidParameterExistsGreat() { - assertFalse(PEPSUtil.isValidParameter("qaaLevel", "12")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for - * the given param values. - */ - @Test - public void testIsValidParameterExistsIvalidConf() { - assertFalse(PEPSUtil - .isValidParameter("spUrl", "http://localhost:8080/SP/")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for - * the given param values. - */ - @Test - public void testIsValidParameterNotExists() { - assertFalse(PEPSUtil.isValidParameter("doesntexists", - "http://localhost:8080/SP/")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for - * the given param values. - */ - @Test - public void testIsValidParameterNullParamName() { - assertFalse(PEPSUtil.isValidParameter(null, "http://localhost:8080/SP/")); - } - - /** - * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for - * the given param values. - */ - @Test - public void testIsValidParameterNullParamValue() { - assertFalse(PEPSUtil.isValidParameter("spUrl", null)); - } - - /** - * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} - * method for the given object values. - */ - @Test - public void testValidateParameterValid() { - final IPersonalAttributeList persAttrList = new PersonalAttributeList(); - persAttrList.populate("isAgeOver:true:[15,]:Available;"); - PEPSUtil.validateParameter("ServiceProviderAction", - PEPSParameters.ATTRIBUTE_LIST.toString(), persAttrList); - } - - /** - * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterNull() { - PEPSUtil.validateParameter("ServiceProviderAction", - PEPSParameters.ATTRIBUTE_LIST.toString(), null); - } - - /** - * Tests the {@link PEPSUtil#validateParameter(String, String, String)} - * method for the given string values. - * - * The tested class just invokes - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * so further tests will be later. - */ - @Test - public void testValidateParameter() { - PEPSUtil.validateParameter("ServiceProviderAction", - PEPSParameters.ATTRIBUTE_LIST.toString(), - "isAgeOver:true:[15,]:Available;"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, PEPSErrors)} - * method for the given string value and {@link PEPSErrors} enum. - * - * The tested class just invokes - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * so further tests will be later. - */ - @Test - public void testValidateParameterPEPSErrors() { - PEPSUtil.validateParameter("CountrySelectorAction", - PEPSParameters.ATTRIBUTE_LIST.toString(), - "isAgeOver:true:[15,]:Available;", - PEPSErrors.SP_COUNTRY_SELECTOR_INVALID_ATTR); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test - public void testValidateParameterValidParams() { - PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "1", - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterInvalidParamValue() { - PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "10", - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterInvalidParamName() { - PEPSUtil.validateParameter("ServiceProviderAction", "doesnt.exists", "1", - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterNullParamName() { - PEPSUtil.validateParameter("ServiceProviderAction", null, "1", - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the - * {@link PEPSUtil#validateParameter(String, String, String, String, String)} - * method for the given string values. - */ - @Test(expected = InvalidParameterPEPSException.class) - public void testValidateParameterNullParamValue() { - PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", null, - "qaaLevel.code", "qaaLevel.message"); - } - - /** - * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given - * string value. - */ - @Test - public void testEncodeSAMLToken() { - assertEquals(PEPSUtil.encodeSAMLToken(SAML_BYTE_SAMPLE), SAML_BASE64_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given - * null. - */ - @Test(expected = NullPointerException.class) - public void testEncodeSAMLTokenNull() { - assertNotSame(PEPSUtil.encodeSAMLToken(null), SAML_BASE64_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given - * empty byte[] value. - */ - @Test - public void testEncodeSAMLTokenEmpty() { - assertEquals(PEPSUtil.encodeSAMLToken(EMPTY_BYTE), EMPTY_STRING); - } - - /** - * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given - * byte[] value. - */ - @Test - public void testDecodeSAMLToken() { - assertArrayEquals(PEPSUtil.decodeSAMLToken(SAML_BASE64_SAMPLE), - SAML_BYTE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given - * null value. - */ - @Test(expected = NullPointerException.class) - public void testDecodeSAMLTokenNull() { - assertNotSame(PEPSUtil.decodeSAMLToken(null), SAML_BYTE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given - * empty string value. - */ - @Test(expected = StringIndexOutOfBoundsException.class) - public void testDecodeSAMLTokenEmpty() { - assertTrue(PEPSUtil.decodeSAMLToken(EMPTY_STRING) == EMPTY_BYTE); - } - - /** - * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given - * byte[] value. - */ - @Test - public void testHashPersonalToken() { - assertArrayEquals(PEPSUtil.hashPersonalToken(SAML_BASE64_BYTE_SAMPLE), - HASH_BYTE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given - * null value. - */ - @Test(expected = InternalErrorPEPSException.class) - public void testHashPersonalTokenNull() { - assertNull(PEPSUtil.hashPersonalToken(null)); - } - - /** - * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given - * empty value. - */ - @Test - public void testHashPersonalTokenEmpty() { - assertArrayEquals(PEPSUtil.hashPersonalToken(EMPTY_BYTE), EMPTY_HASH_BYTE); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * correct message. - */ - @Test - public void testGetStorkErrorCodeExists() { - assertEquals(PEPSUtil.getStorkErrorCode(MESSAGE_SAMPLE), ERROR_CODE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * invalid message. - */ - @Test - public void testGetStorkErrorCodeNoExists() { - assertNull(PEPSUtil.getStorkErrorCode(ERROR_MESSAGE_SAMPLE)); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * empty message. - */ - @Test - public void testGetStorkErrorCodeEmpty() { - assertNull(PEPSUtil.getStorkErrorCode(EMPTY_STRING)); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * null message. - */ - @Test - public void testGetStorkErrorCodeNull() { - assertNull(PEPSUtil.getStorkErrorCode(null)); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * invalid message. - */ - @Test - public void testGetStorkErrorCodeWithSepFake() { - assertNull(PEPSUtil.getStorkErrorCode("-")); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given - * invalid message. - */ - @Test - public void testGetStorkErrorCodeWithSepAndCodeFake() { - assertNull(PEPSUtil.getStorkErrorCode("000001 -")); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given correct message. - */ - @Test - public void testGetStorkErrorMessageExists() { - assertEquals(PEPSUtil.getStorkErrorMessage(MESSAGE_SAMPLE), - ERROR_MESSAGE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given invalid message. - */ - @Test - public void testGetStorkErrorMessageNoExists() { - assertEquals(PEPSUtil.getStorkErrorMessage(ERROR_MESSAGE_SAMPLE), - ERROR_MESSAGE_SAMPLE); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given empty message. - */ - @Test - public void testGetStorkErrorMessageEmpty() { - assertEquals(PEPSUtil.getStorkErrorMessage(EMPTY_STRING), - EMPTY_STRING); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given null message. - */ - @Test - public void testGetStorkErrorMessageNull() { - assertNull(PEPSUtil.getStorkErrorMessage(null)); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given invalid message. - */ - @Test - public void testGetStorkErrorMessageWithSepFake() { - assertEquals(PEPSUtil.getStorkErrorMessage("-"), "-"); - } - - /** - * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the - * given invalid message. - */ - @Test - public void testGetStorkErrorMessageWithSepAndCodeFake() { - assertEquals(PEPSUtil.getStorkErrorMessage("000001 -"), "000001 -"); - } - -} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java deleted file mode 100644 index 7800e78b5..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java +++ /dev/null @@ -1,777 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map; - -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKStatusCode; - -/** - * The PersonalAttributeList's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.5 $, $Date: 2010-11-17 05:17:02 $ - */ -public final class PersonalAttributeListTestCase { - - /** - * isAgeOver constant value. - */ - private static final String ISAGEOVER_CONS = "isAgeOver"; - - /** - * 1 constant value. - */ - private static final int ONE_CONS = 1; - - /** - * 2 constant value. - */ - private static final int TWO_CONS = 2; - - /** - * An empty attribute. - */ - @SuppressWarnings("unused") - private static final IPersonalAttributeList EMPTY_ATTR_LIST - = new PersonalAttributeList(0); - - /** - * An attribute with a complex value (canonicalResidenceAddress). - */ - private static PersonalAttribute complexAttrValue = null; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST - = "isAgeOver:true:[15]:Available;"; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST2 - = "isAgeOver:true:[18]:Available;"; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST3 - = "isAgeOver:true:[15]:Available;isAgeOver:true:[18]:Available;"; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST4 - = "isAgeOver:true:[15,18]:Available;"; - - /** - * Simple attribute value list string. - */ - private static final String SIMPLE_ATTRLIST3_REVERSE - = "isAgeOver:true:[18]:Available;isAgeOver:true:[15]:Available;"; - /** - * Simple attribute value list string. - */ - private static final String COMPLEX_ATTRLIST - = "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=Ed. B," - + "state=Porto,countryCodeAddress=PT,streetNumber=379," - + "streetName=Avenida Sidonio Pais,town=Porto]:Available;"; - /** - * Mix attribute list string. - */ - private static final String STR_MIX_ATTR_LIST - = "isAgeOver:true:[15]:Available;canonicalResidenceAddress:true:[" - + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT," - + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto]:" - + "Available;"; - - /** - * Mix attribute list 2 string. - */ - private static final String STR_MIX_ATTR_LIST2 - = "isAgeOver:true:[15]:Available;canonicalResidenceAddress:true:[" - + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT," - + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto]:Available;" - + "mandateContent:true:[" - + "isJoint=\"isjoint\",typeOfPower=\"power\",ValidTo=\"validto\",validfrom=\"validfrom\",AQAA=\"3\",isChained=\"ischained\",]:" - + "Available;"; - - /** - * Attribute List example. - */ - @SuppressWarnings({"serial"}) - private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute( - "age", true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - /** - * Init PersonalAttributeListTestCase class. - */ - @SuppressWarnings("serial") - @BeforeClass - public static void runsBeforeTheTestSuite() { - final Map<String, String> values = new HashMap<String, String>() { - { - put("countryCodeAddress", "PT"); - put("state", "Porto"); - put("town", "Porto"); - put("postalCode", "4100"); - put("streetName", "Avenida Sidonio Pais"); - put("streetNumber", "379"); - put("apartmentNumber", "Ed. B"); - } - }; - - complexAttrValue - = new PersonalAttribute("canonicalResidenceAddress", true, values, - STORKStatusCode.STATUS_AVAILABLE.toString()); - - } - - /** - * Testing Personal Attribute List add method. Personal Attribute list must - * be size 1 - Simple attribute. - */ - @Test - public void testAddSimpleAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(ATTR_VALUE); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List add method. Personal Attribute list must - * be size 1 - Complex attribute. - */ - @Test - public void testAddCompleAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(complexAttrValue); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List add method. Personal Attribute list must - * be size 0 - no attribute. - */ - @Test - public void testAddNull() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(null); - Assert.assertTrue(attrList.size() == 0); - } - - /** - * Testing Personal Attribute List add method. Same attribute name added - * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added - * twice. - */ - @SuppressWarnings("serial") - @Test - public void testAddSameAttrName() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - System.out.println(); - Assert.assertTrue(attrList.get(attrValueOver.getName()).getValue().size() == 2); - } - - /** - * Testing Personal Attribute List add method. Same attribute name added - * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added - * twice. - */ - @SuppressWarnings("serial") - @Test - public void testAddSameAttrNameEmpty() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add(""); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertTrue(attrList.size() == 1); - Assert.assertTrue(attrList.get(attrValueOver.getName()).getValue().size() == 2); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must - * be size 1 - Simple Value. - */ - @Test - public void testPutSimpleAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(ATTR_VALUE.getName(), ATTR_VALUE); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must - * be size 1 - Complex Value. - */ - @Test - public void testPutComplexAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(ATTR_VALUE.getName(), complexAttrValue); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must - * be size 0 - no attribute. - */ - @Test(expected = NullPointerException.class) - public void testPutNull() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put("", null); - Assert.assertTrue(attrList.size() == 0); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must - * be size 2 - IsAgeOver attribute added twice. - */ - @SuppressWarnings("serial") - @Test - public void testPutSameAttrName() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(attrValueUnder.getName(), attrValueUnder); - attrList.put(attrValueOver.getName(), attrValueOver); - Assert.assertTrue(attrList.size() == 1); - Assert.assertTrue(attrList.get(attrValueOver.getName()).getValue().size() == 2); - } - - /** - * Testing Personal Attribute List put method. Personal Attribute list must - * be size 2 - IsAgeOver attribute added twice. - */ - @SuppressWarnings("serial") - @Test - public void testPutSameAttrNameEmpty() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add(""); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(attrValueUnder.getName(), attrValueUnder); - attrList.put(attrValueOver.getName(), attrValueOver); - Assert.assertTrue(attrList.size() == 1); - Assert.assertTrue(attrList.get(attrValueOver.getName()).getValue().size() == 2); - } - - /** - * Testing Personal Attribute List get method. Personal Attribute list must - * be size 1 - Simple attribute. - */ - @Test - public void testGetSimpleAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(ATTR_VALUE); - Assert.assertEquals(ATTR_VALUE, attrList.get(ATTR_VALUE.getName())); - } - - /** - * Testing Personal Attribute List add method. Personal Attribute list must - * be size 1 - Complex attribute. - */ - @Test - public void testGetCompleAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(complexAttrValue); - Assert.assertEquals(complexAttrValue.toString(), - attrList.get(complexAttrValue.getName()).toString()); - } - - /** - * Testing Personal Attribute List get method. Personal Attribute list must - * be size 2 - IsAgeOver attribute. - */ - @SuppressWarnings("serial") - @Test - public void testGetIsAgeOverAttr() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertNotEquals(SIMPLE_ATTRLIST, - attrList.get(attrValueUnder.getName()).toString()); - Assert.assertNotEquals(SIMPLE_ATTRLIST2, - attrList.get(attrValueOver.getName()).toString()); - Assert.assertEquals(SIMPLE_ATTRLIST4, - attrList.get(attrValueOver.getName()).toString()); - } - - /** - * Testing Personal Attribute List populate method. Personal Attribute list - * must be size 1 - Simple attribute. - */ - @Test - public void testPopulateSimpleAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(SIMPLE_ATTRLIST); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List populate method. Personal Attribute list - * must be size 1 - Complex attribute. - */ - @Test - public void testPopulateComplexAttr() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(COMPLEX_ATTRLIST); - Assert.assertTrue(attrList.size() == 1); - } - - /** - * Testing Personal Attribute List populate method. Personal Attribute list - * must be size 1 - Simple and Complex attribute. - */ - @Test - public void testPopulateMixAttrs() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(STR_MIX_ATTR_LIST); - Assert.assertTrue(attrList.size() == 2); - //Assert.assertTrue(attrList.get(attrValueOver.getName()).getValue().size() == 2); - } - - /** - * Testing Personal Attribute List toString method using add. - */ - @SuppressWarnings("serial") - @Test - public void testToStringFromAdd() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertEquals(SIMPLE_ATTRLIST4, attrList.toString()); - } - - /** - * Testing Personal Attribute List toString method using put. - * - */ - @SuppressWarnings("serial") - @Test - public void testToStringFromPut() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(attrValueUnder.getName(), attrValueUnder); - attrList.put(attrValueOver.getName(), attrValueOver); - Assert.assertEquals(SIMPLE_ATTRLIST4, attrList.toString()); - } - - /** - * Testing Personal Attribute List toString method using populate. - */ - @Test - public void testToStringFromSimplePopulate() { - final String strAttrList = "isAgeOver:true"; - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(strAttrList); - Assert.assertEquals("isAgeOver:true:[]:;", attrList.toString()); - } - - /** - * Testing Personal Attribute List toString method using populate. - */ - @Test - public void testToStringFromPopulate() { - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.populate(SIMPLE_ATTRLIST3); - Assert.assertEquals(SIMPLE_ATTRLIST4, attrList.toString()); - } - - /** - * Testing Personal Attribute List populate method, with invalid values. - */ - @Test - public void testPopulateWithInvalidValuesFormat() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate("name:type:values:status;"); - Assert.assertEquals(pal, new PersonalAttributeList()); - } - - /** - * Testing Personal Attribute List populate method, with invalid format. - */ - @Test - public void testPopulateWithInvalidFormat() { - - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate("name:type::status;"); - Assert.assertEquals(pal, new PersonalAttributeList()); - } - - /** - * Testing Personal Attribute List clone method using add. - */ - @SuppressWarnings("serial") - @Test - public void testCloneFromAdd() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.add(attrValueUnder); - attrList.add(attrValueOver); - Assert.assertNotSame(attrList, attrList.clone()); - } - - /** - * Testing Personal Attribute List clone method using put. - */ - @SuppressWarnings("serial") - @Test - public void testCloneFromPut() { - final PersonalAttribute attrValueUnder - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - final PersonalAttribute attrValueOver - = new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList<String>() { - { - add("18"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - final IPersonalAttributeList attrList = new PersonalAttributeList(1); - attrList.put(attrValueUnder.getName(), attrValueUnder); - attrList.put(attrValueOver.getName(), attrValueOver); - Assert.assertNotSame(attrList, attrList.clone()); - } - - /** - * Testing Personal Attribute List clone method using populate. - */ - @Test - public void testCloneFromPopulate() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(SIMPLE_ATTRLIST3); - Assert.assertNotSame(pal, pal.clone()); - } - - /** - * Testing Personal Attribute List iterator. - */ - @Test - public void testIterator() { - final String strAttrList - = "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - final Iterator<PersonalAttribute> itAttr = pal.iterator(); - while (itAttr.hasNext()) { - final PersonalAttribute attr = itAttr.next(); - Assert.assertEquals(ISAGEOVER_CONS, attr.getName()); - } - } - - /** - * Testing Personal Attribute List's GetOptionalAttributes method with empty - * attribute list. - */ - @Test - public void testGetOptionalAttributesWithEmptyList() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - Assert.assertTrue(pal.getOptionalAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's GetOptionalAttributes method without - * optional attributes. - */ - @Test - public void testGetOptionalAttributesWithoutOptional() { - final String strAttrList - = "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getOptionalAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's GetOptionalAttributes method with one - * optional attribute. - */ - @Test - public void testGetOptionalAttributesWithOneOptional() { - final String strAttrList - = "age:false:[]:;isAgeOver:true:[15,]:;isAgeOver:true:[18,]:;"; - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getOptionalAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's GetOptionalAttributes method with two - * optional attribute. - */ - @Test - public void testGetOptionalAttributesWithOnlyOptional() { - final String strAttrList - = "age:false:[]:;isAgeOver:false:[18,]:;"; - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getOptionalAttributes().size() == TWO_CONS); - } - - /** - * Testing Personal Attribute List's getMandatoryAttributes method with - * empty attribute list. - */ - @Test - public void testGetMandatoryAttributesWithEmptyList() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - Assert.assertTrue(pal.getMandatoryAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getMandatoryAttributes method without - * mandatory attributes. - */ - @Test - public void testGetMandatoryAttributesWithoutMandatory() { - final String strAttrList - = "isAgeOver:false:[15,]:Available;isAgeOver:false:[18,]:Available;"; - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getMandatoryAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's GetMandatoryAttributes method with one - * mandatory attribute. - */ - @Test - public void testGetMandatoryAttributesWithOneMandatory() { - final String strAttrList - = "age:true:[]:;isAgeOver:false:[15,]:;isAgeOver:false:[18,]:;"; - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getMandatoryAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's GetMandatoryAttributes method with two - * mandatory attribute. - */ - @Test - public void testGetMandatoryAttributesWithOnlyMandatory() { - final String strAttrList - = "age:true:[]:;isAgeOver:true:[18,]:;"; - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(strAttrList); - Assert.assertTrue(pal.getMandatoryAttributes().size() == TWO_CONS); - } - - /** - * Testing Personal Attribute List's getSimpleValueAttributes method with - * empty attribute list. - */ - @Test - public void testGetSimpleValueAttributesWithEmptyList() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getSimpleValueAttributes() method - * without simple attributes. - */ - @Test - public void testGetSimpleValueAttributesWithoutSimple() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(COMPLEX_ATTRLIST); - Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getSimpleValueAttributes() method with - * one simple attribute. - */ - @Test - public void testGetSimpleValueAttributesWithOneSimple() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(STR_MIX_ATTR_LIST); - Assert.assertTrue(pal.getSimpleValueAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's GetMandatoryAttributes method with two - * simple attribute. - */ - @Test - public void testGetSimpleValueAttributesWithOnlySimple() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(SIMPLE_ATTRLIST3); - Assert.assertTrue(pal.getSimpleValueAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's getComplexValueAttributes method with - * empty attribute list. - */ - @Test - public void testGetComplexAttributesWithEmptyList() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - Assert.assertTrue(pal.getComplexAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getComplexAttributes() method without - * complex attributes. - */ - @Test - public void testGetComplexAttributesWithoutSimple() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(SIMPLE_ATTRLIST2); - Assert.assertTrue(pal.getComplexAttributes().isEmpty()); - } - - /** - * Testing Personal Attribute List's getComplexAttributes() method with one - * complex attribute. - */ - @Test - public void testGetComplexAttributesWithOneComplex() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(STR_MIX_ATTR_LIST); - Assert.assertTrue(pal.getComplexAttributes().size() == ONE_CONS); - } - - /** - * Testing Personal Attribute List's GetMandatoryAttributes method with only - * two Complex attribute. - */ - @Test - public void testGetComplexAttributesWithOnlyComplex() { - final IPersonalAttributeList pal = new PersonalAttributeList(); - pal.populate(STR_MIX_ATTR_LIST2); - Assert.assertTrue(pal.getComplexAttributes().size() == TWO_CONS); - } - -} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java deleted file mode 100644 index 82676ccf0..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java +++ /dev/null @@ -1,191 +0,0 @@ -/* - * This work is Open Source and licensed by the European Commission under the - * conditions of the European Public License v1.1 - * - * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); - * - * any use of this file implies acceptance of the conditions of this license. - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -package eu.stork.peps.tests; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Map; - -import org.junit.BeforeClass; -import org.junit.Test; - -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.STORKStatusCode; - -/** - * The PersonalAttribute's Test Case. - * - * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, - * luis.felix@multicert.com, hugo.magalhaes@multicert.com, - * paulo.ribeiro@multicert.com - * @version $Revision: 1.4 $, $Date: 2010-11-17 05:17:03 $ - */ -public final class PersonalAttributeTestCase { - - /** - * An empty attribute. - */ - private static final PersonalAttribute EMPTYATTR = new PersonalAttribute(); - - /** - * An attribute with a complex value (canonicalResidenceAddress). - */ - private static PersonalAttribute complexAttrValue = null; - - /** - * An attribute with a simple value (age). - */ - @SuppressWarnings("serial") - private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute( - "age", true, new ArrayList<String>() { - { - add("15"); - } - }, STORKStatusCode.STATUS_AVAILABLE.toString()); - - /** - * Init PersonalAttributeTestCase class. - */ - @SuppressWarnings("serial") - @BeforeClass - public static void runsBeforeTheTestSuite() { - final Map<String, String> values = new HashMap<String, String>() { - { - put("countryCodeAddress", "PT"); - put("state", "Porto"); - put("town", "Porto"); - put("postalCode", "4100"); - put("streetName", "Avenida Sidonio Pais"); - put("streetNumber", "379"); - put("apartmentNumber", "B"); - } - }; - - complexAttrValue - = new PersonalAttribute("canonicalResidenceAddress", true, values, - STORKStatusCode.STATUS_AVAILABLE.toString()); - - } - - /** - * Tests the {@link PersonalAttribute#toString()} method for the given - * simple attribute value. Values must match. - */ - @Test - public void testToStringValues() { - final String attrVal = ATTR_VALUE.toString(); - assert "age:true:[15]:Available;".equals(attrVal); - } - - /** - * Tests the {@link PersonalAttribute#toString()} method for the given - * complex attribute value. Values must match. - */ - @Test - public void testToStringComplexValues() { - //We are testing normal attribute Canonical address, only one value! - final Map<String,String> complexAttrVal = complexAttrValue.getComplexValue(); - final boolean testResult = containsKeyAndValue(complexAttrVal, "postalCode", "4100") && - containsKeyAndValue(complexAttrVal, "apartmentNumber", "B") && - containsKeyAndValue(complexAttrVal, "state", "Porto") && - containsKeyAndValue(complexAttrVal, "countryCodeAddress", "PT") && - containsKeyAndValue(complexAttrVal, "streetNumber", "379") && - containsKeyAndValue(complexAttrVal, "streetName", "Avenida Sidonio Pais") && - containsKeyAndValue(complexAttrVal, "town", "Porto"); - assert testResult; - } - - private boolean containsKeyAndValue(final Map<String,String> complexAttrVal, final String key, final String expectedValue) { - final boolean res = complexAttrVal.containsKey(key) && complexAttrVal.get(key).equals(expectedValue); - return res; - } - - /** - * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given - * empty attribute. Must return true. - */ - @Test - public void testToIsEmptyStatusWithNull() { - assert EMPTYATTR.isEmptyStatus(); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given - * new attribute. Must return true. - */ - @Test - public void testToIsEmptyStatusWithEmptyString() { - final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); - attr.setStatus(""); - assert attr.isEmptyStatus(); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given - * empty attribute. Must return true. - */ - @Test - public void testToIsEmptyValueWithNull() { - final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); - attr.setValue(null); - assert attr.isEmptyValue(); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given - * empty attribute. Must return true. - */ - @Test - public void testToIsEmptyValue() { - assert EMPTYATTR.isEmptyValue(); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the - * given empty attribute. Must return true. - */ - @Test - public void testToIsEmptyComplexValueWithNull() { - final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); - attr.setComplexValue(null); - assert attr.isEmptyComplexValue(); - } - - /** - * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the - * given empty attribute. Must return true. - */ - @Test - public void testToIsEmptyComplexValueWithEmptyComplexValue() { - assert EMPTYATTR.isEmptyComplexValue(); - } - - /** - * Tests the {@link PersonalAttribute#clone()} method for the given - * attribute. Must return true. - */ - @Test - public void testCloneToComplexValue() { - assert (complexAttrValue.getComplexValue().toString().equals(complexAttrValue.getComplexValue().toString()) && !complexAttrValue.equals(complexAttrValue.clone())); - } - - /** - * Tests the {@link PersonalAttribute#clone()} method for the given - * attribute. Must return true. - */ - @Test - public void testCloneToValue() { - assert !ATTR_VALUE.equals(ATTR_VALUE.clone()); - } -} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java deleted file mode 100644 index 37841dd03..000000000 --- a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java +++ /dev/null @@ -1,4 +0,0 @@ -/**
- * This package provides all JUnit test classes.
- */
-package eu.stork.peps.tests;
diff --git a/id/server/stork2-commons/src/test/resources/log4j.xml b/id/server/stork2-commons/src/test/resources/log4j.xml deleted file mode 100644 index 2bba8b69f..000000000 --- a/id/server/stork2-commons/src/test/resources/log4j.xml +++ /dev/null @@ -1,19 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd"> - -<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"> - <appender name="MainLogger" class="org.apache.log4j.DailyRollingFileAppender"> - <param name="File" value="stork-commons.log" /> - <param name="DatePattern" value="'.'yyyy-MM-dd" /> - <param name="Append" value="true" /> - <layout class="org.apache.log4j.PatternLayout"> - <param name="ConversionPattern" value="%d{HH:mm:ss:SSS} - %p - %C{1} - %m%n" /> - </layout> - </appender> - - <root> - <priority value="info" /> - <appender-ref ref="MainLogger" /> - </root> - -</log4j:configuration> diff --git a/id/server/stork2-saml-engine/.gitignore b/id/server/stork2-saml-engine/.gitignore deleted file mode 100644 index ea8c4bf7f..000000000 --- a/id/server/stork2-saml-engine/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/target diff --git a/id/server/stork2-saml-engine/pom.xml b/id/server/stork2-saml-engine/pom.xml deleted file mode 100644 index 6e013370a..000000000 --- a/id/server/stork2-saml-engine/pom.xml +++ /dev/null @@ -1,204 +0,0 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>MOA.id</groupId>
- <artifactId>moa-id</artifactId>
- <version>3.x</version>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
- <groupId>eu.stork</groupId>
- <artifactId>SamlEngine</artifactId>
- <packaging>jar</packaging>
- <name>STORKSAMLEngine</name>
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <saml.version>1.5.1</saml.version>
- <samlspec.version>0.5.2</samlspec.version>
- <samlspecacept.version>0.5.1</samlspecacept.version>
- <commons.version>1.5.1</commons.version>
- <timestamp>${maven.build.timestamp}</timestamp>
- <repositoryPath>${basedir}/../../../repository</repositoryPath>
- </properties>
- <version>${saml.version}</version>
- <description>
- The STORKSAMLEngine library provides tools to support developers working with the Security Assertion Markup Language (SAML).
- </description>
-
- <repositories>
- <repository>
- <id>org.opensaml</id>
- <url>https://build.shibboleth.net/nexus/content/repositories/releases</url>
- </repository>
- <!-- repository OpenSaml -->
- <repository>
- <id>shibboleth-release</id>
- <name>Internet2 Releases</name>
- <layout>default</layout>
- <url>https://build.shibboleth.net/nexus/content/repositories/releases</url>
- <snapshots>
- <enabled>false</enabled>
- </snapshots>
- </repository>
- </repositories>
-
- <dependencies>
- <!-- Compile dependencies -->
- <dependency>
- <groupId>eu.stork</groupId>
- <artifactId>Commons</artifactId>
- <version>1.5.1</version>
- </dependency>
-
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>xmltooling</artifactId>
- </dependency>
-
-
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>opensaml</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-simple</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl-over-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jul-to-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <artifactId>bcprov-jdk15on</artifactId>
- <groupId>org.bouncycastle</groupId>
- </exclusion>
- </exclusions>
- </dependency>
-
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </dependency>
-<!-- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-simple</artifactId>
- <version>1.7.6</version>
- </dependency> -->
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl-over-slf4j</artifactId>
- </dependency>
-<!-- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>log4j-over-slf4j</artifactId>
- </dependency> -->
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>jul-to-slf4j</artifactId>
- </dependency>
-
- <dependency>
- <groupId>commons-io</groupId>
- <artifactId>commons-io</artifactId>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>xerces</groupId>
- <artifactId>xercesImpl</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
- <build>
- <pluginManagement>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <version>2.3.2</version>
- <configuration>
- <source>1.7</source>
- <target>1.7</target>
- </configuration>
- </plugin>
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <skip>true</skip>
- </configuration>
- </plugin>
- </plugins>
- </pluginManagement>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-source-plugin</artifactId>
- <executions>
- <execution>
- <id>attach-sources</id>
- <phase>verify</phase>
- <goals>
- <goal>jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jar-plugin</artifactId>
- <configuration>
- <archive>
- <manifestEntries>
- <SAMLEngineVersion>${saml.version}</SAMLEngineVersion>
- <SAMLSpecVersion-accept>${samlspecacept.version}</SAMLSpecVersion-accept>
- <SAMLSpecVersion-send>${samlspec.version}</SAMLSpecVersion-send>
- <SAMLSpecKnownIssues>None</SAMLSpecKnownIssues>
- <timestamp>${timestamp}</timestamp>
- </manifestEntries>
- </archive>
- </configuration>
- </plugin>
- </plugins>
- </build>
- <profiles>
- <profile>
- <id>metrics</id>
- <build>
- <plugins>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>cobertura-maven-plugin</artifactId>
- <version>2.5.1</version>
- <configuration>
- <formats>
- <format>html</format>
- <format>xml</format>
- </formats>
- </configuration>
- </plugin>
- </plugins>
- </build>
- </profile>
- </profiles>
- <reporting>
- </reporting>
-</project>
diff --git a/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF b/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF deleted file mode 100644 index 254272e1c..000000000 --- a/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF +++ /dev/null @@ -1,3 +0,0 @@ -Manifest-Version: 1.0 -Class-Path: - diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java deleted file mode 100644 index 1dcaf4c95..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java +++ /dev/null @@ -1,407 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine; - -import java.io.ByteArrayInputStream; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; -import java.util.HashMap; -import java.util.Map; -import java.util.Properties; - -import javax.xml.XMLConstants; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.opensaml.Configuration; -import org.opensaml.DefaultBootstrap; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.xml.ConfigurationException; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.Marshaller; -import org.opensaml.xml.io.MarshallerFactory; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.io.Unmarshaller; -import org.opensaml.xml.io.UnmarshallerFactory; -import org.opensaml.xml.io.UnmarshallingException; -import org.opensaml.xml.parse.BasicParserPool; -import org.opensaml.xml.parse.XMLParserException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.auth.engine.core.STORKSAMLCore; -import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryMarshaller; -import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SignModuleFactory; -import eu.stork.peps.configuration.ConfigurationCreator; -import eu.stork.peps.configuration.ConfigurationReader; -import eu.stork.peps.configuration.InstanceEngine; -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * Class that wraps the operations over SAML tokens, both generation and validation of SAML requests and SAML responses. Compliant with "OASIS Secure Assertion Markup Language (SAML) 2.0, May 2005", - * but taking into account STORK specific requirements. - * - * @author fjquevedo - * @author iinigo - */ - -public class SAMLEngine { - - /** The Document Builder Factory. */ - private static javax.xml.parsers.DocumentBuilderFactory dbf = null; - - /** The instance of every engine SAML. */ - private static Map<String, InstanceEngine> instanceConfigs; - - /** The instances of SAML engine. */ - private static Map<String, Map<String, Object>> instances; - - /** The logger. */ - private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class.getName()); - - /** The Constant MODULE_SIGN_CONF. */ - private static final String MODULE_SIGN_CONF = "SignatureConf"; - - /** The Constant SAML_ENGINE_SIGN_CLASS. */ - private static final String SAML_ENGINE_SIGN_CLASS = "class"; - - /** The Constant SAML_ENGINE_CONF. */ - private static final String SAML_ENGINE_CONF = "SamlEngineConf"; - - /** The Constant SAML_ENGINE_FILE_CONF. */ - private static final String SAML_ENGINE_FILE_CONF = "fileConfiguration"; - - /** - * Additional trust store for HW signing - */ - private static final String HW_TRUST_STORE_CONF = "softTrustStoreConfig"; - - /** - * The codification of characters. - */ - private static final String CHARACTER_ENCODING = "UTF-8"; - - /** The SAML core. */ - private STORKSAMLCore samlCore; - - /** The Module of Signature. */ - private SAMLEngineSignI signer; - - /** Initializes the SAML engine. */ - /** Configure Document Builder Factory. */ - - static { - startUp(); - loadDocumentFactory(); - } - - /** - * Load document factory. - */ - private static void loadDocumentFactory() { - try { - dbf = javax.xml.parsers.DocumentBuilderFactory.newInstance(); - dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); - dbf.setNamespaceAware(true); - dbf.setIgnoringComments(true); - } catch (ParserConfigurationException e) { - LOG.error("Error parser configuration."); - throw new STORKSAMLEngineRuntimeException(e); - } - } - - /** - * Method that initializes the basic services for the SAML Engine, like the OpenSAML library and the BouncyCastle provider. - */ - private static void startUp() { - - LOG.info("SAMLEngine: Initialize OpenSAML"); - - /* - * Commented because it makes a problems with PVP2 MOA-ID try { DefaultBootstrap.bootstrap(); } catch (ConfigurationException e) { LOG.error("Problem initializing the OpenSAML library."); - * throw new STORKSAMLEngineRuntimeException(e); } - */ - - LOG.debug("Read all file configurations. (instances of SAMLEngine)"); - try { - instanceConfigs = ConfigurationReader.readConfiguration(); - } catch (SAMLEngineException e) { - LOG.error("Error read configuration file."); - throw new STORKSAMLEngineRuntimeException(e); - } - - LOG.debug("Create all instances of saml engine. (instances of SAMLEngine)"); - try { - instances = ConfigurationCreator.createConfiguration(instanceConfigs); - } catch (STORKSAMLEngineException e) { - LOG.error("Error initializing instances from Stork SAML engine."); - throw new STORKSAMLEngineRuntimeException(e); - } - } - - /** - * Instantiates a new SAML engine. - * - * @param nameInstance - * the name instance - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - protected SAMLEngine(final String nameInstance) throws STORKSAMLEngineException { - LOG.info("Loading Specific Configuration."); - - LOG.debug("Create intance of saml messages."); - - Map<String, Object> instance = instances.get(nameInstance); - - if (instance == null || instance.isEmpty()) { - LOG.error("Instance: " + nameInstance + " not exist."); - throw new STORKSAMLEngineException("Instance: " + nameInstance + " not exist."); - } - - Properties properties = (Properties) instance.get(SAML_ENGINE_CONF); - - if (properties == null) { - LOG.error("SamlEngine.xml: not exist."); - throw new STORKSAMLEngineException("SamlEngine.xml: not exist."); - } - - samlCore = new STORKSAMLCore(properties); - - final HashMap<String, String> propertiesSign = (HashMap<String, String>) instance.get(MODULE_SIGN_CONF); - - LOG.debug("Loading Module of sign."); - signer = SignModuleFactory.getInstance(propertiesSign.get(SAML_ENGINE_SIGN_CLASS)); - - try { - LOG.info("Initialize module of sign."); - signer.init(propertiesSign.get(SAML_ENGINE_FILE_CONF)); - LOG.info("Load cryptographic service provider of module of sign."); - signer.loadCryptServiceProvider(); - } catch (SAMLEngineException e) { - LOG.error("Error create signature module: " + propertiesSign.get(SAML_ENGINE_FILE_CONF)); - LOG.info("Exception" + e); - throw new STORKSAMLEngineException(e); - } - } - - /** - * Gets the Signer properties. - * - * @return the SAML Sign properties - */ - protected SAMLEngineSignI getSigner() { - return signer; - } - - /** - * Gets the SAML core properties. - * - * @return the SAML core properties - */ - protected final STORKSAMLCore getSamlCoreProperties() { - return samlCore; - } - - /** - * Method that transform the received SAML object into a byte array representation. - * - * @param samlToken - * the SAML token. - * - * @return the byte[] of the SAML token. - * - * @throws SAMLEngineException - * the SAML engine exception - */ - private byte[] marshall(final XMLObject samlToken) throws SAMLEngineException { - - try { - javax.xml.parsers.DocumentBuilder docBuilder = null; - - final MarshallerFactory marshallerFactory = Configuration.getMarshallerFactory(); - - final Marshaller marshaller; - if (samlToken.getElementQName().toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - marshaller = new CustomAttributeQueryMarshaller(); - else - marshaller = marshallerFactory.getMarshaller(samlToken); - - docBuilder = dbf.newDocumentBuilder(); - - final Document doc = docBuilder.newDocument(); - - marshaller.marshall(samlToken, doc); - - // Obtain a byte array representation of the marshalled SAML object - final DOMSource domSource = new DOMSource(doc); - final StringWriter writer = new StringWriter(); - final StreamResult result = new StreamResult(writer); - final TransformerFactory transFactory = TransformerFactory.newInstance(); - Transformer transformer; - - transformer = transFactory.newTransformer(); - transformer.transform(domSource, result); - LOG.debug("SAML request \n" + writer.toString()); - return writer.toString().getBytes(CHARACTER_ENCODING); - - } catch (ParserConfigurationException e) { - LOG.error("ParserConfigurationException."); - throw new SAMLEngineException(e); - } catch (MarshallingException e) { - LOG.error("MarshallingException."); - throw new SAMLEngineException(e); - } catch (TransformerConfigurationException e) { - LOG.error("TransformerConfigurationException."); - throw new SAMLEngineException(e); - } catch (TransformerException e) { - LOG.error("TransformerException."); - throw new SAMLEngineException(e); - } catch (UnsupportedEncodingException e) { - LOG.error("UnsupportedEncodingException: " + CHARACTER_ENCODING); - throw new SAMLEngineException(e); - } - } - - /** - * Method that signs a SAML Token. - * - * @param tokenSaml - * the token SAML - * - * @return the SAML object sign - * - * @throws SAMLEngineException - * the SAML engine exception - */ - private SignableSAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException { - LOG.debug("Sign SamlToken."); - signer.sign(tokenSaml); - return tokenSaml; - } - - /** - * Sign and transform to byte array. - * - * @param samlToken - * the SAML token - * - * @return the byte[] of the SAML token - * - * @throws SAMLEngineException - * the SAML engine exception - */ - protected final byte[] signAndMarshall(final SignableSAMLObject samlToken) throws SAMLEngineException { - LOG.debug("Marshall Saml Token."); - SignableSAMLObject signElement = sign(samlToken); - return marshall(signElement); - } - - /** - * Method that unmarshalls a SAML Object from a byte array representation to an XML Object. - * - * @param samlToken - * Byte array representation of a SAML Object - * - * @return XML Object (superclass of SAMLObject) - * - * @throws SAMLEngineException - * the SAML engine exception - */ - protected final XMLObject unmarshall(final byte[] samlToken) throws SAMLEngineException { - try { - // Get parser pool manager - final BasicParserPool ppMgr = new BasicParserPool(); - // Note: this is necessary due to an unresolved Xerces deferred DOM - // issue/bug - final HashMap<String, Boolean> features = new HashMap<String, Boolean>(); - features.put(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); - ppMgr.setBuilderFeatures(features); - - ppMgr.setNamespaceAware(true); - - // Parse SAMLToken - Document document = ppMgr.parse(new ByteArrayInputStream(samlToken)); - if (document != null) { - final Element root = document.getDocumentElement(); - // Get appropriate unmarshaller - final UnmarshallerFactory unmarshallerFact = Configuration.getUnmarshallerFactory(); - // Unmarshall using the SAML Token root element - if (unmarshallerFact != null && root != null) { - final Unmarshaller unmarshaller; - if (root.getLocalName().equals(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) - unmarshaller = new CustomAttributeQueryUnmarshaller(); - else - unmarshaller = unmarshallerFact.getUnmarshaller(root); - try { - return unmarshaller.unmarshall(root); - } catch (NullPointerException e) { - LOG.error("Error element tag incomplet or null."); - throw new SAMLEngineException("NullPointerException", e); - } - } else { - LOG.error("Error element tag incomplet or null."); - throw new SAMLEngineException("NullPointerException : unmarshallerFact or root is null"); - } - } else { - LOG.error("Error element tag incomplet or null."); - throw new SAMLEngineException("NullPointerException : document is null"); - } - } catch (XMLParserException e) { - LOG.error("XML Parsing Error.", e); - throw new SAMLEngineException(e); - } catch (UnmarshallingException e) { - LOG.error("TransformerException.", e); - throw new SAMLEngineException(e); - } catch (NullPointerException e) { - LOG.error("Error element tag incomplet or null.", e); - throw new SAMLEngineException(e); - } - } - - /** - * Method that validates an XML Signature contained in a SAML Token. - * - * @param samlToken - * the SAML token - * - * @return the SAML object - * - * @throws SAMLEngineException - * the SAML engine exception - */ - protected final SAMLObject validateSignature(final SignableSAMLObject samlToken) throws SAMLEngineException { - - LOG.info("Validate Signature"); - signer.validateSignature(samlToken); - - return samlToken; - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java deleted file mode 100644 index 3cc323c96..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java +++ /dev/null @@ -1,768 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.UnsupportedEncodingException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -import javax.xml.namespace.QName; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang.StringUtils; -import org.joda.time.DateTime; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLVersion; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; -import org.opensaml.saml2.common.Extensions; -import org.opensaml.saml2.common.impl.ExtensionsBuilder; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.AttributeValue; -import org.opensaml.saml2.core.AuthnContext; -import org.opensaml.saml2.core.AuthnRequest; -import org.opensaml.saml2.core.AuthnStatement; -import org.opensaml.saml2.core.Issuer; -import org.opensaml.saml2.core.LogoutRequest; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.NameID; -import org.opensaml.saml2.core.Response; -import org.opensaml.saml2.core.Status; -import org.opensaml.saml2.core.StatusCode; -import org.opensaml.saml2.core.StatusMessage; -import org.opensaml.saml2.core.Subject; -import org.opensaml.saml2.core.SubjectConfirmation; -import org.opensaml.saml2.core.SubjectConfirmationData; -import org.opensaml.saml2.core.SubjectLocality; -import org.opensaml.saml2.core.impl.AssertionBuilder; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.schema.XSAny; -import org.opensaml.xml.signature.KeyInfo; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Document; -import org.xml.sax.SAXException; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.QAAAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.SAMLCore; -import eu.stork.peps.auth.engine.core.SPApplication; -import eu.stork.peps.auth.engine.core.SPCountry; -import eu.stork.peps.auth.engine.core.SPInstitution; -import eu.stork.peps.auth.engine.core.SPSector; -import eu.stork.peps.auth.engine.core.impl.CustomAttributeQueryBuilder; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * The Class SAMLEngineUtils. - * - * @author fjquevedo - * @author iinigo - * - */ -public final class SAMLEngineUtils { - - /** The Constant UTF_8. */ - public static final String UTF_8 = "UTF-8"; - - /** The Constant SHA_512. */ - public static final String SHA_512 = "SHA-512"; - - /** The generator. */ - private static SecureRandomIdentifierGenerator generator; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(SAMLEngineUtils.class.getName()); - - /** - * Method that generates a random value according to NCName grammar. - * - * NCName ::= NCNameStartChar NCNameChar* NCNameChar ::= NameChar - ':' NCNameStartChar ::= Letter | '_' NameStartChar ::= ":" | [A-Z] | "_" | [a-z] | [#xC0-#xD6] | [#xD8-#xF6] | [#xF8-#x2FF] | - * [#x370-#x37D] | [#x37F-#x1FFF] | [#x200C-#x200D] | [#x2070-#x218F] | [#x2C00-#x2FEF] | [#x3001-#xD7FF] | [#xF900-#xFDCF] | [#xFDF0-#xFFFD] | [#x10000-#xEFFFF] NameChar ::= NameStartChar | "-" | - * "." | [0-9] | #xB7 | [#x0300-#x036F] | [#x203F-#x2040] Name ::= NameStartChar (NameChar)* Letter ::= BaseChar | Ideographic BaseChar ::= [#x0041-#x005A] | [#x0061-#x007A] | [#x00C0-#x00D6] | - * [#x00D8-#x00F6] | [#x00F8-#x00FF] | [#x0100-#x0131] | [#x0134-#x013E] | [#x0141-#x0148] | [#x014A-#x017E] | [#x0180-#x01C3] | [#x01CD-#x01F0] | [#x01F4-#x01F5] | [#x01FA-#x0217] | - * [#x0250-#x02A8] | [#x02BB-#x02C1] | #x0386 | [#x0388-#x038A] | #x038C | [#x038E-#x03A1] | [#x03A3-#x03CE] | [#x03D0-#x03D6] | #x03DA | #x03DC | #x03DE | #x03E0 | [#x03E2-#x03F3] | - * [#x0401-#x040C] | [#x040E-#x044F] | [#x0451-#x045C] | [#x045E-#x0481] | [#x0490-#x04C4] | [#x04C7-#x04C8] | [#x04CB-#x04CC] | [#x04D0-#x04EB] | [#x04EE-#x04F5] | [#x04F8-#x04F9] | - * [#x0531-#x0556] | #x0559 | [#x0561-#x0586] | [#x05D0-#x05EA] | [#x05F0-#x05F2] | [#x0621-#x063A] | [#x0641-#x064A] | [#x0671-#x06B7] | [#x06BA-#x06BE] | [#x06C0-#x06CE] | [#x06D0-#x06D3] | - * #x06D5 | [#x06E5-#x06E6] | [#x0905-#x0939] | #x093D | [#x0958-#x0961] | [#x0985-#x098C] | [#x098F-#x0990] | [#x0993-#x09A8] | [#x09AA-#x09B0] | #x09B2 | [#x09B6-#x09B9] | [#x09DC-#x09DD] | - * [#x09DF-#x09E1] | [#x09F0-#x09F1] | [#x0A05-#x0A0A] | [#x0A0F-#x0A10] | [#x0A13-#x0A28] | [#x0A2A-#x0A30] | [#x0A32-#x0A33] | [#x0A35-#x0A36] | [#x0A38-#x0A39] | [#x0A59-#x0A5C] | #x0A5E | - * [#x0A72-#x0A74] | [#x0A85-#x0A8B] | #x0A8D | [#x0A8F-#x0A91] | [#x0A93-#x0AA8] | [#x0AAA-#x0AB0] | [#x0AB2-#x0AB3] | [#x0AB5-#x0AB9] | #x0ABD | #x0AE0 | [#x0B05-#x0B0C] | [#x0B0F-#x0B10] | - * [#x0B13-#x0B28] | [#x0B2A-#x0B30] | [#x0B32-#x0B33] | [#x0B36-#x0B39] | #x0B3D | [#x0B5C-#x0B5D] | [#x0B5F-#x0B61] | [#x0B85-#x0B8A] | [#x0B8E-#x0B90] | [#x0B92-#x0B95] | [#x0B99-#x0B9A] | - * #x0B9C | [#x0B9E-#x0B9F] | [#x0BA3-#x0BA4] | [#x0BA8-#x0BAA] | [#x0BAE-#x0BB5] | [#x0BB7-#x0BB9] | [#x0C05-#x0C0C] | [#x0C0E-#x0C10] | [#x0C12-#x0C28] | [#x0C2A-#x0C33] | [#x0C35-#x0C39] | - * [#x0C60-#x0C61] | [#x0C85-#x0C8C] | [#x0C8E-#x0C90] | [#x0C92-#x0CA8] | [#x0CAA-#x0CB3] | [#x0CB5-#x0CB9] | #x0CDE | [#x0CE0-#x0CE1] | [#x0D05-#x0D0C] | [#x0D0E-#x0D10] | [#x0D12-#x0D28] | - * [#x0D2A-#x0D39] | [#x0D60-#x0D61] | [#x0E01-#x0E2E] | #x0E30 | [#x0E32-#x0E33] | [#x0E40-#x0E45] | [#x0E81-#x0E82] | #x0E84 | [#x0E87-#x0E88] | #x0E8A | #x0E8D | [#x0E94-#x0E97] | - * [#x0E99-#x0E9F] | [#x0EA1-#x0EA3] | #x0EA5 | #x0EA7 | [#x0EAA-#x0EAB] | [#x0EAD-#x0EAE] | #x0EB0 | [#x0EB2-#x0EB3] | #x0EBD | [#x0EC0-#x0EC4] | [#x0F40-#x0F47] | [#x0F49-#x0F69] | - * [#x10A0-#x10C5] | [#x10D0-#x10F6] | #x1100 | [#x1102-#x1103] | [#x1105-#x1107] | #x1109 | [#x110B-#x110C] | [#x110E-#x1112] | #x113C | #x113E | #x1140 | #x114C | #x114E | #x1150 | - * [#x1154-#x1155] | #x1159 | [#x115F-#x1161] | #x1163 | #x1165 | #x1167 | #x1169 | [#x116D-#x116E] | [#x1172-#x1173] | #x1175 | #x119E | #x11A8 | #x11AB | [#x11AE-#x11AF] | [#x11B7-#x11B8] | - * #x11BA | [#x11BC-#x11C2] | #x11EB | #x11F0 | #x11F9 | [#x1E00-#x1E9B] | [#x1EA0-#x1EF9] | [#x1F00-#x1F15] | [#x1F18-#x1F1D] | [#x1F20-#x1F45] | [#x1F48-#x1F4D] | [#x1F50-#x1F57] | #x1F59 | - * #x1F5B | #x1F5D | [#x1F5F-#x1F7D] | [#x1F80-#x1FB4] | [#x1FB6-#x1FBC] | #x1FBE | [#x1FC2-#x1FC4] | [#x1FC6-#x1FCC] | [#x1FD0-#x1FD3] | [#x1FD6-#x1FDB] | [#x1FE0-#x1FEC] | [#x1FF2-#x1FF4] | - * [#x1FF6-#x1FFC] | #x2126 | [#x212A-#x212B] | #x212E | [#x2180-#x2182] | [#x3041-#x3094] | [#x30A1-#x30FA] | [#x3105-#x312C] | [#xAC00-#xD7A3] Ideographic ::= [#x4E00-#x9FA5] | #x3007 | - * [#x3021-#x3029] - * - * @return Random ID value - */ - - // Initialization of a generator of identifiers for all token SAML. - static { - loadRandomIdentifierGenerator(); - } - - /** - * Load random identifier generator. - * - * @throws STORKSAMLEngineRuntimeException - * the STORKSAML engine runtime exception - */ - private static void loadRandomIdentifierGenerator() { - try { - generator = new SecureRandomIdentifierGenerator(); - } catch (NoSuchAlgorithmException ex) { - LOG.error("Error init SecureRandomIdentifierGenerator", ex); - throw new STORKSAMLEngineRuntimeException(ex); - } - - } - - /** - * Creates the SAML object. - * - * @param qname - * the QName - * - * @return the XML object - */ - public static XMLObject createSamlObject(final QName qname) { - if (qname.toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) { - CustomAttributeQueryBuilder builder = new CustomAttributeQueryBuilder(); - return builder.buildObject(qname); - } else { - return Configuration.getBuilderFactory().getBuilder(qname).buildObject(qname); - } - } - - /** - * Creates the SAML object. - * - * @param qname - * the quality name - * @param qname1 - * the qname1 - * - * @return the xML object - */ - public static XMLObject createSamlObject(final QName qname, final QName qname1) { - return Configuration.getBuilderFactory().getBuilder(qname1).buildObject(qname, qname1); - } - - /** - * Encode value with an specific algorithm. - * - * @param value - * the value - * @param alg - * the algorithm - * - * @return the string - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static String encode(final String value, final String alg) throws STORKSAMLEngineException { - LOG.debug("Encode value with " + alg + " algorithm."); - byte[] buffer; - final StringBuffer hash = new StringBuffer(""); - try { - buffer = value.getBytes(UTF_8); - MessageDigest msgDig; - msgDig = MessageDigest.getInstance(alg); - msgDig.update(buffer); - final byte[] digest = msgDig.digest(); - final int signedByte = 0xff; - for (byte aux : digest) { - final int byt = aux & signedByte; - if (Integer.toHexString(byt).length() == 1) { - hash.append('0'); - } - hash.append(Integer.toHexString(byt)); - } - } catch (UnsupportedEncodingException e1) { - LOG.error("UnsupportedEncodingException: " + UTF_8); - throw new STORKSAMLEngineException(e1); - } catch (NoSuchAlgorithmException e) { - LOG.error("NoSuchAlgorithmException: " + alg); - throw new STORKSAMLEngineException(e); - } - return hash.toString(); - } - - /** - * Generate assertion. - * - * @param version - * the version - * @param identifier - * the identifier - * @param issueInstant - * the issue instant - * @param issuer - * the issuer - * - * @return the assertion - */ - public static Assertion generateAssertion(final SAMLVersion version, final String identifier, final DateTime issueInstant, final Issuer issuer) { - final AssertionBuilder assertionBuilder = new AssertionBuilder(); - final Assertion assertion = assertionBuilder.buildObject(); - assertion.setVersion(version); - assertion.setID(identifier); - assertion.setIssueInstant(issueInstant); - // <saml:Issuer> - assertion.setIssuer(issuer); - return assertion; - } - - /** - * Generate authentication statement. - * - * @param authnInstant - * the authentication instant - * @param authnContext - * the authentication context - * - * @return the authentication statement - */ - public static AuthnStatement generateAthnStatement(final DateTime authnInstant, final AuthnContext authnContext) { - // <saml:AuthnStatement> - final AuthnStatement authnStatement = (AuthnStatement) SAMLEngineUtils.createSamlObject(AuthnStatement.DEFAULT_ELEMENT_NAME); - authnStatement.setAuthnInstant(authnInstant); - authnStatement.setAuthnContext(authnContext); - return authnStatement; - } - - /** - * Generate attribute from a list of values. - * - * @param name - * the name of the attribute. - * @param status - * the status of the parameter: "Available", "NotAvailable" or "Withheld". - * @param values - * the value of the attribute. - * @param isHashing - * the is hashing with "SHA-512" algorithm. - * @return the attribute - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static Attribute generateAttrComplex(final String name, final String status, final Map<String, String> values, final boolean isHashing) throws STORKSAMLEngineException { - LOG.debug("Generate attribute complex: " + name); - final Attribute attribute = (Attribute) SAMLEngineUtils.createSamlObject(Attribute.DEFAULT_ELEMENT_NAME); - - attribute.setName(name); - attribute.setNameFormat(Attribute.URI_REFERENCE); - attribute.getUnknownAttributes().put(new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", SAMLCore.STORK10_PREFIX.getValue()), status); - - if (!values.isEmpty()) { - LOG.debug("Add attribute values."); - // Create an attribute that contains all XSAny elements. - final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME); - final Iterator<Entry<String, String>> iterator = values.entrySet().iterator(); - while (iterator.hasNext()) { - final Map.Entry<String, String> pairs = iterator.next(); - final String value = pairs.getValue(); - - if (StringUtils.isNotBlank(value)) { - // Create the attribute statement - final XSAny attrValueSimple = (XSAny) SAMLEngineUtils.createSamlObject(new QName(SAMLCore.STORK10_NS.getValue(), pairs.getKey().toString(), SAMLCore.STORK10_PREFIX.getValue()), - XSAny.TYPE_NAME); - // if it's necessary encode the information. - if (isHashing) { - attrValueSimple.setTextContent(encode(value, SHA_512)); - } else { - attrValueSimple.setTextContent(value); - } - attrValue.getUnknownXMLObjects().add(attrValueSimple); - attribute.getAttributeValues().add(attrValue); - } - } - - } - return attribute; - } - - /** - * Generate extension. - * - * @return the extensions - */ - public static Extensions generateExtension() { - final ExtensionsBuilder extensionsBuilder = new ExtensionsBuilder(); - return extensionsBuilder.buildObject("urn:oasis:names:tc:SAML:2.0:protocol", "Extensions", "saml2p"); - } - - /** - * Generate issuer. - * - * @return the issuer - */ - public static Issuer generateIssuer() { - return (Issuer) SAMLEngineUtils.createSamlObject(Issuer.DEFAULT_ELEMENT_NAME); - } - - /** - * Generate key info. - * - * @return the key info - */ - public static KeyInfo generateKeyInfo() { - return (KeyInfo) SAMLEngineUtils.createSamlObject(KeyInfo.DEFAULT_ELEMENT_NAME); - } - - /** - * Generate name id. - * - * @return the name id - */ - public static NameID generateNameID() { - return (NameID) SAMLEngineUtils.createSamlObject(NameID.DEFAULT_ELEMENT_NAME); - } - - /** - * Generate name id. - * - * @param nameQualifier - * the name qualifier - * @param format - * the format - * @param spNameQualifier - * the sP name qualifier - * - * @return the name id - */ - public static NameID generateNameID(final String nameQualifier, final String format, final String spNameQualifier) { - // <saml:NameID> - final NameID nameId = (NameID) Configuration.getBuilderFactory().getBuilder(NameID.DEFAULT_ELEMENT_NAME).buildObject(NameID.DEFAULT_ELEMENT_NAME); - // optional - nameId.setNameQualifier(nameQualifier); - // optional - nameId.setFormat(format); - // optional - nameId.setSPNameQualifier(spNameQualifier); - return nameId; - } - - /** - * Generate NCName. - * - * @return the string - */ - public static String generateNCName() { - return generator.generateIdentifier(); - } - - /** - * Generate the quality authentication assurance level. - * - * @param qaal - * the level of quality authentication assurance. - * - * @return the quality authentication assurance attribute - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static QAAAttribute generateQAAAttribute(final int qaal) throws STORKSAMLEngineException { - LOG.debug("Generate QAAAttribute."); - - final QAAAttribute qaaAttribute = (QAAAttribute) SAMLEngineUtils.createSamlObject(QAAAttribute.DEF_ELEMENT_NAME); - qaaAttribute.setQaaLevel(String.valueOf(qaal)); - return qaaAttribute; - } - - /** - * Generate requested attribute. - * - * @param name - * the name - * @param friendlyName - * the friendly name - * @param isRequired - * the is required - * @param value - * the value - * - * @return the requested attribute - */ - public static RequestedAttribute generateReqAuthnAttributeSimple(final String name, final String friendlyName, final String isRequired, final List<String> value) { - LOG.debug("Generate the requested attribute."); - - final RequestedAttribute requested = (RequestedAttribute) SAMLEngineUtils.createSamlObject(RequestedAttribute.DEF_ELEMENT_NAME); - requested.setName(name); - requested.setNameFormat(RequestedAttribute.URI_REFERENCE); - - requested.setFriendlyName(friendlyName); - - requested.setIsRequired(isRequired); - - // The value is optional in an authentication request. - if (!value.isEmpty()) { - for (int nextValue = 0; nextValue < value.size(); nextValue++) { - final String valor = value.get(nextValue); - if (StringUtils.isNotBlank(valor)) { - - if (!name.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - - // Create the attribute statement - final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject(new QName(SAMLCore.STORK10_NS.getValue(), "AttributeValue", SAMLCore.STORK10_PREFIX.getValue()), - XSAny.TYPE_NAME); - - attrValue.setTextContent(valor.trim()); - requested.getAttributeValues().add(attrValue); - - } else { - - DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); - domFactory.setNamespaceAware(true); - Document document = null; - DocumentBuilder builder; - - // Parse the signedDoc value into an XML DOM Document - try { - builder = domFactory.newDocumentBuilder(); - InputStream is; - is = new ByteArrayInputStream(valor.trim().getBytes(UTF_8)); - document = builder.parse(is); - is.close(); - } catch (SAXException e1) { - LOG.error("SAX Error while parsing signModule attribute", e1); - throw new STORKSAMLEngineRuntimeException(e1); - } catch (ParserConfigurationException e2) { - LOG.error("Parser Configuration Error while parsing signModule attribute", e2); - throw new STORKSAMLEngineRuntimeException(e2); - } catch (UnsupportedEncodingException e3) { - LOG.error("Unsupported encoding Error while parsing signModule attribute", e3); - throw new STORKSAMLEngineRuntimeException(e3); - } catch (IOException e4) { - LOG.error("IO Error while parsing signModule attribute", e4); - throw new STORKSAMLEngineRuntimeException(e4); - } - - // Create the XML statement(this will be overwritten with the previous DOM structure) - final XSAny xmlValue = (XSAny) SAMLEngineUtils.createSamlObject(new QName(SAMLCore.STORK10_NS.getValue(), "XMLValue", SAMLCore.STORK10_PREFIX.getValue()), XSAny.TYPE_NAME); - - // Set the signedDoc XML content to this element - xmlValue.setDOM(document.getDocumentElement()); - - // Create the attribute statement - final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject(new QName(SAMLCore.STORK10_NS.getValue(), "AttributeValue", SAMLCore.STORK10_PREFIX.getValue()), - XSAny.TYPE_NAME); - - // Add previous signedDocXML to the AttributeValue Element - attrValue.getUnknownXMLObjects().add(xmlValue); - - requested.getAttributeValues().add(attrValue); - } - - } - } - } - - return requested; - } - - /** - * Generate response. - * - * @param version - * the version - * @param identifier - * the identifier - * @param issueInstant - * the issue instant - * @param status - * the status - * - * @return the response - */ - public static Response generateResponse(final SAMLVersion version, final String identifier, final DateTime issueInstant, final Status status) { - final Response response = (Response) SAMLEngineUtils.createSamlObject(Response.DEFAULT_ELEMENT_NAME); - response.setID(identifier); - response.setIssueInstant(issueInstant); - response.setStatus(status); - return response; - } - - /** - * Method that generates a SAML Authentication Request basing on the provided information. - * - * @param identifier - * the identifier - * @param version - * the version - * @param issueInstant - * the issue instant - * - * @return the authentication request - */ - public static AuthnRequest generateSAMLAuthnRequest(final String identifier, final SAMLVersion version, final DateTime issueInstant) { - LOG.debug("Generate basic authentication request."); - final AuthnRequest authnRequest = (AuthnRequest) SAMLEngineUtils.createSamlObject(AuthnRequest.DEFAULT_ELEMENT_NAME); - - authnRequest.setID(identifier); - authnRequest.setVersion(version); - authnRequest.setIssueInstant(issueInstant); - return authnRequest; - } - - public static CustomAttributeQuery generateSAMLAttrQueryRequest(final String identifier, final SAMLVersion version, final DateTime issueInstant) { - LOG.debug("Generate attribute query request."); - final CustomAttributeQuery attrQueryRequest = (CustomAttributeQuery) SAMLEngineUtils.createSamlObject(CustomAttributeQuery.DEFAULT_ELEMENT_NAME); - - attrQueryRequest.setID(identifier); - attrQueryRequest.setVersion(version); - attrQueryRequest.setIssueInstant(issueInstant); - return attrQueryRequest; - } - - public static LogoutRequest generateSAMLLogoutRequest(final String identifier, final SAMLVersion version, final DateTime issueInstant) { - LOG.debug("Generate logout request."); - final LogoutRequest logoutRequest = (LogoutRequest) SAMLEngineUtils.createSamlObject(LogoutRequest.DEFAULT_ELEMENT_NAME); - - logoutRequest.setID(identifier); - logoutRequest.setVersion(version); - logoutRequest.setIssueInstant(issueInstant); - return logoutRequest; - } - - public static LogoutResponse generateSAMLLogoutResponse(final String identifier, final SAMLVersion version, final DateTime issueInstant, final Status status, final String inResponseTo) { - LOG.debug("Generate logout response."); - final LogoutResponse logoutResponse = (LogoutResponse) SAMLEngineUtils.createSamlObject(LogoutResponse.DEFAULT_ELEMENT_NAME); - - logoutResponse.setInResponseTo(inResponseTo); - logoutResponse.setStatus(status); - logoutResponse.setID(identifier); - logoutResponse.setVersion(version); - logoutResponse.setIssueInstant(issueInstant); - return logoutResponse; - } - - /** - * Generate service provider application. - * - * @param spApplication - * the service provider application - * - * @return the sP application - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static SPApplication generateSPApplication(final String spApplication) throws STORKSAMLEngineException { - LOG.debug("Generate SPApplication."); - - final SPApplication applicationAttr = (SPApplication) SAMLEngineUtils.createSamlObject(SPApplication.DEF_ELEMENT_NAME); - applicationAttr.setSPApplication(spApplication); - return applicationAttr; - } - - /** - * Generate service provider country. - * - * @param spCountry - * the service provider country - * - * @return the service provider country - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static SPCountry generateSPCountry(final String spCountry) throws STORKSAMLEngineException { - LOG.debug("Generate SPApplication."); - - final SPCountry countryAttribute = (SPCountry) SAMLEngineUtils.createSamlObject(SPCountry.DEF_ELEMENT_NAME); - countryAttribute.setSPCountry(spCountry); - return countryAttribute; - } - - /** - * Generate service provider institution. - * - * @param spInstitution - * the service provider institution - * - * @return the service provider institution - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static SPInstitution generateSPInstitution(final String spInstitution) throws STORKSAMLEngineException { - LOG.debug("Generate SPInstitution."); - - final SPInstitution institutionAttr = (SPInstitution) SAMLEngineUtils.createSamlObject(SPInstitution.DEF_ELEMENT_NAME); - institutionAttr.setSPInstitution(spInstitution); - return institutionAttr; - } - - /** - * Generate service provider sector. - * - * @param spSector - * the service provider sector - * - * @return the service provider sector - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static SPSector generateSPSector(final String spSector) throws STORKSAMLEngineException { - LOG.debug("Generate SPSector."); - - final SPSector sectorAttribute = (SPSector) SAMLEngineUtils.createSamlObject(SPSector.DEF_ELEMENT_NAME); - sectorAttribute.setSPSector(spSector); - return sectorAttribute; - } - - /** - * Generate status. - * - * @param statusCode - * the status code - * - * @return the status - */ - public static Status generateStatus(final StatusCode statusCode) { - final Status status = (Status) SAMLEngineUtils.createSamlObject(Status.DEFAULT_ELEMENT_NAME); - status.setStatusCode(statusCode); - return status; - } - - /** - * Generate status code. - * - * @param value - * the value - * - * @return the status code - */ - public static StatusCode generateStatusCode(final String value) { - final StatusCode statusCode = (StatusCode) SAMLEngineUtils.createSamlObject(StatusCode.DEFAULT_ELEMENT_NAME); - statusCode.setValue(value); - return statusCode; - } - - /** - * Generate status message. - * - * @param message - * the message - * - * @return the status message - */ - public static StatusMessage generateStatusMessage(final String message) { - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.createSamlObject(StatusMessage.DEFAULT_ELEMENT_NAME); - statusMessage.setMessage(message); - return statusMessage; - } - - /** - * Generate subject. - * - * @return the subject - */ - public static Subject generateSubject() { - return (Subject) SAMLEngineUtils.createSamlObject(Subject.DEFAULT_ELEMENT_NAME); - } - - /** - * Generate subject confirmation. - * - * @param method - * the method - * @param data - * the data - * - * @return the subject confirmation - */ - public static SubjectConfirmation generateSubjectConfirmation(final String method, final SubjectConfirmationData data) { - final SubjectConfirmation subjectConf = (SubjectConfirmation) Configuration.getBuilderFactory().getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME) - .buildObject(SubjectConfirmation.DEFAULT_ELEMENT_NAME); - - subjectConf.setMethod(method); - - subjectConf.setSubjectConfirmationData(data); - - return subjectConf; - } - - /** - * Generate subject confirmation data. - * - * @param notOnOrAfter - * the not on or after - * @param recipient - * the recipient - * @param inResponseTo - * the in response to - * - * @return the subject confirmation data - */ - public static SubjectConfirmationData generateSubjectConfirmationData(final DateTime notOnOrAfter, final String recipient, final String inResponseTo) { - final SubjectConfirmationData subjectConfData = (SubjectConfirmationData) SAMLEngineUtils.createSamlObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME); - subjectConfData.setNotOnOrAfter(notOnOrAfter); - subjectConfData.setRecipient(recipient); - subjectConfData.setInResponseTo(inResponseTo); - return subjectConfData; - } - - /** - * Generate subject locality. - * - * @param address - * the address - * - * @return the subject locality - */ - public static SubjectLocality generateSubjectLocality(final String address) { - final SubjectLocality subjectLocality = (SubjectLocality) SAMLEngineUtils.createSamlObject(SubjectLocality.DEFAULT_ELEMENT_NAME); - subjectLocality.setAddress(address); - return subjectLocality; - } - - /** - * Method that returns the current time. - * - * @return the current time - */ - public static DateTime getCurrentTime() { - return new DateTime(); - } - - /** - * Instantiates a new SAML engine utilities. - */ - private SAMLEngineUtils() { - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java deleted file mode 100644 index 7bf5d5ca8..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java +++ /dev/null @@ -1,3339 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; - -import javax.xml.namespace.QName; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.OutputKeys; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.apache.commons.lang.StringUtils; -import org.bouncycastle.jce.X509Principal; -import org.joda.time.DateTime; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLVersion; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.common.Extensions; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.AttributeStatement; -import org.opensaml.saml2.core.AttributeValue; -import org.opensaml.saml2.core.Audience; -import org.opensaml.saml2.core.AudienceRestriction; -import org.opensaml.saml2.core.AuthnContext; -import org.opensaml.saml2.core.AuthnContextDecl; -import org.opensaml.saml2.core.AuthnRequest; -import org.opensaml.saml2.core.AuthnStatement; -import org.opensaml.saml2.core.Conditions; -import org.opensaml.saml2.core.Issuer; -import org.opensaml.saml2.core.LogoutRequest; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.NameID; -import org.opensaml.saml2.core.OneTimeUse; -import org.opensaml.saml2.core.Response; -import org.opensaml.saml2.core.Status; -import org.opensaml.saml2.core.StatusCode; -import org.opensaml.saml2.core.StatusMessage; -import org.opensaml.saml2.core.Subject; -import org.opensaml.saml2.core.SubjectConfirmation; -import org.opensaml.saml2.core.SubjectConfirmationData; -import org.opensaml.saml2.core.SubjectLocality; -import org.opensaml.saml2.core.impl.SubjectConfirmationBuilder; -import org.opensaml.xml.Namespace; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.schema.XSAny; -import org.opensaml.xml.schema.impl.XSAnyBuilder; -import org.opensaml.xml.schema.impl.XSAnyImpl; -import org.opensaml.xml.schema.impl.XSAnyMarshaller; -import org.opensaml.xml.schema.impl.XSAnyUnmarshaller; -import org.opensaml.xml.schema.impl.XSStringImpl; -import org.opensaml.xml.signature.KeyInfo; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; -import org.opensaml.xml.validation.ValidatorSuite; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Document; -import org.xml.sax.SAXException; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.commons.STORKLogoutRequest; -import eu.stork.peps.auth.commons.STORKLogoutResponse; -import eu.stork.peps.auth.engine.core.AuthenticationAttributes; -import eu.stork.peps.auth.engine.core.CitizenCountryCode; -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.CustomRequestAbstractType; -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; -import eu.stork.peps.auth.engine.core.EIDSectorShare; -import eu.stork.peps.auth.engine.core.QAAAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttributes; -import eu.stork.peps.auth.engine.core.SAMLCore; -import eu.stork.peps.auth.engine.core.SPApplication; -import eu.stork.peps.auth.engine.core.SPCountry; -import eu.stork.peps.auth.engine.core.SPID; -import eu.stork.peps.auth.engine.core.SPInformation; -import eu.stork.peps.auth.engine.core.SPInstitution; -import eu.stork.peps.auth.engine.core.SPSector; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; -import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesBuilder; -import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesMarshaller; -import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeBuilder; -import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeMarshaller; -import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareBuilder; -import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareMarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareBuilder; -import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareMarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDSectorShareBuilder; -import eu.stork.peps.auth.engine.core.impl.EIDSectorShareMarshaller; -import eu.stork.peps.auth.engine.core.impl.EIDSectorShareUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.QAAAttributeBuilder; -import eu.stork.peps.auth.engine.core.impl.QAAAttributeMarshaller; -import eu.stork.peps.auth.engine.core.impl.QAAAttributeUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributeBuilder; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributeMarshaller; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributeUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributesBuilder; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributesMarshaller; -import eu.stork.peps.auth.engine.core.impl.RequestedAttributesUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPApplicationBuilder; -import eu.stork.peps.auth.engine.core.impl.SPApplicationMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPApplicationUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPCountryBuilder; -import eu.stork.peps.auth.engine.core.impl.SPCountryMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPCountryUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPIDBuilder; -import eu.stork.peps.auth.engine.core.impl.SPIDMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPIDUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPInformationBuilder; -import eu.stork.peps.auth.engine.core.impl.SPInformationMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPInformationUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPInstitutionBuilder; -import eu.stork.peps.auth.engine.core.impl.SPInstitutionMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPInstitutionUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.SPSectorBuilder; -import eu.stork.peps.auth.engine.core.impl.SPSectorMarshaller; -import eu.stork.peps.auth.engine.core.impl.SPSectorUnmarshaller; -import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesBuilder; -import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesMarshaller; -import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesUnmarshaller; -import eu.stork.peps.auth.engine.core.validator.CustomAttributeQueryValidator; -import eu.stork.peps.auth.engine.core.validator.ExtensionsSchemaValidator; -import eu.stork.peps.auth.engine.core.validator.MultipleAssertionResponseValidator; -import eu.stork.peps.auth.engine.core.validator.QAAAttributeSchemaValidator; -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * Class that wraps the operations over SAML tokens, both generation and validation of SAML STORK requests and SAML STORK responses. Complaint with - * "OASIS Secure Assertion Markup Language (SAML) 2.0, May 2005", but taking into account STORK specific requirements. - * - * @author fjquevedo - * @author iinigo - */ -public final class STORKSAMLEngine extends SAMLEngine { - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(STORKSAMLEngine.class.getName()); - - private static final String ATTRIBUTE_EMPTY_LITERAL = "Attribute name is null or empty."; - - /** - * Gets the single instance of STORKSAMLEngine. - * - * @param nameInstance - * the name instance - * - * @return single instance of STORKSAMLEngine - */ - public static synchronized STORKSAMLEngine getInstance(final String nameInstance) { - STORKSAMLEngine engine = null; - LOG.info("Get instance: " + nameInstance); - try { - engine = new STORKSAMLEngine(nameInstance.trim()); - } catch (Exception e) { - LOG.error("Error get instance: " + nameInstance); - } - return engine; - } - - /** - * Instantiate a new STORKSAML engine. - * - * @param nameInstance - * the name instance - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private STORKSAMLEngine(final String nameInstance) throws STORKSAMLEngineException { - // Initialization OpenSAML. - super(nameInstance); - LOG.info("Register STORK objects provider."); - Configuration.registerObjectProvider(QAAAttribute.DEF_ELEMENT_NAME, new QAAAttributeBuilder(), new QAAAttributeMarshaller(), new QAAAttributeUnmarshaller()); - - Configuration.registerObjectProvider(EIDSectorShare.DEF_ELEMENT_NAME, new EIDSectorShareBuilder(), new EIDSectorShareMarshaller(), new EIDSectorShareUnmarshaller()); - - Configuration.registerObjectProvider(EIDCrossSectorShare.DEF_ELEMENT_NAME, new EIDCrossSectorShareBuilder(), new EIDCrossSectorShareMarshaller(), new EIDCrossSectorShareUnmarshaller()); - - Configuration.registerObjectProvider(EIDCrossBorderShare.DEF_ELEMENT_NAME, new EIDCrossBorderShareBuilder(), new EIDCrossBorderShareMarshaller(), new EIDCrossBorderShareUnmarshaller()); - - Configuration.registerObjectProvider(SPSector.DEF_ELEMENT_NAME, new SPSectorBuilder(), new SPSectorMarshaller(), new SPSectorUnmarshaller()); - - Configuration.registerObjectProvider(SPInstitution.DEF_ELEMENT_NAME, new SPInstitutionBuilder(), new SPInstitutionMarshaller(), new SPInstitutionUnmarshaller()); - - Configuration.registerObjectProvider(SPApplication.DEF_ELEMENT_NAME, new SPApplicationBuilder(), new SPApplicationMarshaller(), new SPApplicationUnmarshaller()); - - Configuration.registerObjectProvider(SPCountry.DEF_ELEMENT_NAME, new SPCountryBuilder(), new SPCountryMarshaller(), new SPCountryUnmarshaller()); - - Configuration.registerObjectProvider(XSAny.TYPE_NAME, new XSAnyBuilder(), new XSAnyMarshaller(), new XSAnyUnmarshaller()); - - Configuration.registerObjectProvider(RequestedAttribute.DEF_ELEMENT_NAME, new RequestedAttributeBuilder(), new RequestedAttributeMarshaller(), new RequestedAttributeUnmarshaller()); - - Configuration.registerObjectProvider(RequestedAttributes.DEF_ELEMENT_NAME, new RequestedAttributesBuilder(), new RequestedAttributesMarshaller(), new RequestedAttributesUnmarshaller()); - - Configuration.registerObjectProvider(AuthenticationAttributes.DEF_ELEMENT_NAME, new AuthenticationAttributesBuilder(), new AuthenticationAttributesMarshaller(), - new AuthenticationAttributesUnmarshaller()); - - Configuration.registerObjectProvider(VIDPAuthenticationAttributes.DEF_ELEMENT_NAME, new VIDPAuthenticationAttributesBuilder(), new VIDPAuthenticationAttributesMarshaller(), - new VIDPAuthenticationAttributesUnmarshaller()); - - Configuration.registerObjectProvider(CitizenCountryCode.DEF_ELEMENT_NAME, new CitizenCountryCodeBuilder(), new CitizenCountryCodeMarshaller(), new CitizenCountryCodeUnmarshaller()); - - Configuration.registerObjectProvider(SPID.DEF_ELEMENT_NAME, new SPIDBuilder(), new SPIDMarshaller(), new SPIDUnmarshaller()); - - Configuration.registerObjectProvider(SPInformation.DEF_ELEMENT_NAME, new SPInformationBuilder(), new SPInformationMarshaller(), new SPInformationUnmarshaller()); - - LOG.info("Register STORK object validators."); - final ValidatorSuite validatorSuite = new ValidatorSuite(QAAAttribute.DEF_LOCAL_NAME); - - validatorSuite.registerValidator(QAAAttribute.DEF_ELEMENT_NAME, new QAAAttributeSchemaValidator()); - final Extensions extensions = SAMLEngineUtils.generateExtension(); - validatorSuite.registerValidator(extensions.getElementQName(), new ExtensionsSchemaValidator()); - - Configuration.registerValidatorSuite("stork:QualityAuthenticationAssuranceLevel", validatorSuite); - - } - - /** - * Generate authentication response base. - * - * @param status - * the status - * @param assertConsumerURL - * the assert consumer URL. - * @param inResponseTo - * the in response to - * - * @return the response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private Response genAuthnRespBase(final Status status, final String assertConsumerURL, final String inResponseTo) throws STORKSAMLEngineException { - LOG.debug("Generate Authentication Response base."); - final Response response = SAMLEngineUtils.generateResponse(SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), SAMLEngineUtils.getCurrentTime(), status); - - // Set name Spaces - this.setNameSpaces(response); - - // Mandatory STORK - LOG.debug("Generate Issuer"); - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - issuer.setValue(super.getSamlCoreProperties().getResponder()); - - // Format Entity Optional STORK - issuer.setFormat(super.getSamlCoreProperties().getFormatEntity()); - - response.setIssuer(issuer); - - // destination Mandatory Stork - response.setDestination(assertConsumerURL.trim()); - - // inResponseTo Mandatory Stork - response.setInResponseTo(inResponseTo.trim()); - - // Optional STORK - response.setConsent(super.getSamlCoreProperties().getConsentAuthnResponse()); - - return response; - } - - /** - * Generate attribute query response base. - * - * @param status - * the status - * @param destinationURL - * the assert consumer URL. - * @param inResponseTo - * the in response to - * - * @return the response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private Response genAttrQueryRespBase(final Status status, final String destinationURL, final String inResponseTo) throws STORKSAMLEngineException { - LOG.debug("Generate Attribute query Response base."); - final Response response = SAMLEngineUtils.generateResponse(SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), SAMLEngineUtils.getCurrentTime(), status); - - // Set name Spaces - this.setNameSpaces(response); - - // Mandatory STORK - LOG.debug("Generate Issuer"); - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - issuer.setValue(super.getSamlCoreProperties().getResponder()); - - // Format Entity Optional STORK - issuer.setFormat(super.getSamlCoreProperties().getFormatEntity()); - - response.setIssuer(issuer); - - // destination Mandatory Stork - response.setDestination(destinationURL.trim()); - - // inResponseTo Mandatory Stork - response.setInResponseTo(inResponseTo.trim()); - - // Optional STORK - response.setConsent(super.getSamlCoreProperties().getConsentAuthnResponse()); - - return response; - } - - /** - * Generate assertion. - * - * @param ipAddress - * the IP address. - * @param assertConsumerURL - * the assert consumer URL. - * @param inResponseTo - * the in response to - * @param issuer - * the issuer - * @param notOnOrAfter - * the not on or after - * - * @return the assertion - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private Assertion generateAssertion(final String ipAddress, final String assertConsumerURL, final String inResponseTo, final String issuer, final DateTime notOnOrAfter) - throws STORKSAMLEngineException { - LOG.info("Generate Assertion."); - - // Mandatory STORK - LOG.debug("Generate Issuer to Assertion"); - final Issuer issuerAssertion = SAMLEngineUtils.generateIssuer(); - issuerAssertion.setValue(super.getSamlCoreProperties().getResponder()); - - // Format Entity Optional STORK - issuerAssertion.setFormat(super.getSamlCoreProperties().getFormatEntity()); - - final Assertion assertion = SAMLEngineUtils.generateAssertion(SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), SAMLEngineUtils.getCurrentTime(), issuerAssertion); - - final Subject subject = SAMLEngineUtils.generateSubject(); - - final String format = super.getSamlCoreProperties().getFormat(); - - final String nameQualifier = ""; - LOG.debug("Generate NameID"); - final NameID nameId = SAMLEngineUtils.generateNameID(super.getSamlCoreProperties().getResponder(), format, nameQualifier); - nameId.setValue(format); - subject.setNameID(nameId); - - // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer. - // Optional in other case. - LOG.debug("Generate SubjectConfirmationData."); - final SubjectConfirmationData dataBearer = SAMLEngineUtils.generateSubjectConfirmationData(SAMLEngineUtils.getCurrentTime(), assertConsumerURL, inResponseTo); - - // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer. - // Optional in other case. - LOG.debug("Generate SubjectConfirmation"); - final SubjectConfirmation subjectConf = SAMLEngineUtils.generateSubjectConfirmation(SubjectConfirmation.METHOD_BEARER, dataBearer); - - final ArrayList<SubjectConfirmation> listSubjectConf = new ArrayList<SubjectConfirmation>(); - listSubjectConf.add(subjectConf); - - for (final Iterator<SubjectConfirmation> iter = listSubjectConf.iterator(); iter.hasNext();) { - final SubjectConfirmation element = iter.next(); - - if (SubjectConfirmation.METHOD_BEARER.equals(element.getMethod())) { - // ipAddress Mandatory if method is Bearer. - - if (StringUtils.isBlank(ipAddress)) { - throw new STORKSAMLEngineException("ipAddress is null or empty"); - } - element.getSubjectConfirmationData().setAddress(ipAddress.trim()); - } - - element.getSubjectConfirmationData().setRecipient(assertConsumerURL); - element.getSubjectConfirmationData().setNotOnOrAfter(notOnOrAfter); - } - - // The SAML 2.0 specification allows multiple SubjectConfirmations - subject.getSubjectConfirmations().addAll(listSubjectConf); - - // Mandatory Stork - assertion.setSubject(subject); - - // Conditions that MUST be evaluated when assessing the validity of - // and/or when using the assertion. - final Conditions conditions = this.generateConditions(SAMLEngineUtils.getCurrentTime(), notOnOrAfter, issuer); - - assertion.setConditions(conditions); - - LOG.debug("Generate stork Authentication Statement."); - final AuthnStatement storkAuthnStat = this.generateStorkAuthStatement(ipAddress); - assertion.getAuthnStatements().add(storkAuthnStat); - - return assertion; - } - - private String getAttributeName(final PersonalAttribute attribute) throws STORKSAMLEngineException { - if (StringUtils.isBlank(attribute.getName())) { - LOG.error(ATTRIBUTE_EMPTY_LITERAL); - throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); - } - - final String attributeName = super.getSamlCoreProperties().getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.error("Attribute name: {} it is not known.", attribute.getName()); - throw new STORKSAMLEngineException("Attribute name: " + attribute.getName() + " it is not known."); - } - return attributeName; - } - - /** - * Generate attribute statement. - * - * @param personalAttrList - * the personal attribute list - * @param isHashing - * the is hashing - * - * @return the attribute statement - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - * @throws IOException - */ - private AttributeStatement generateAttributeStatement(final IPersonalAttributeList personalAttrList, final boolean isHashing) throws STORKSAMLEngineException { - LOG.debug("Generate attribute statement"); - - final AttributeStatement attrStatement = (AttributeStatement) SAMLEngineUtils.createSamlObject(AttributeStatement.DEFAULT_ELEMENT_NAME); - - for (PersonalAttribute attribute : personalAttrList) { - - String attributeName = getAttributeName(attribute); - - // Verification that only one value it's permitted, simple or - // complex, not both. - - final boolean simpleNull = (attribute.getValue() == null); - final boolean simpleEmpty = (simpleNull || (!simpleNull && attribute.getValue().isEmpty())); - - final boolean complexNull = (attribute.getComplexValue() == null); - final boolean complexEmpty = (complexNull || (!complexNull && attribute.getComplexValue().isEmpty())); - - if ((!simpleEmpty && !complexEmpty)) { - throw new STORKSAMLEngineException("Attribute name: " + attribute.getName() + " must be contain one value, simple or complex value."); - } else { - - if (!simpleEmpty) { - attrStatement.getAttributes().add(this.generateAttrSimple(attributeName, attribute.getStatus(), attribute.getValue(), isHashing)); - } else if (!complexEmpty) { - attrStatement.getAttributes().add(SAMLEngineUtils.generateAttrComplex(attributeName, attribute.getStatus(), attribute.getComplexValue(), isHashing)); - } else if (!simpleNull) { - attrStatement.getAttributes().add(this.generateAttrSimple(attributeName, attribute.getStatus(), new ArrayList<String>(), isHashing)); - } else { - // Add attribute complex. - attrStatement.getAttributes().add(SAMLEngineUtils.generateAttrComplex(attributeName, attribute.getStatus(), new HashMap<String, String>(), isHashing)); - } - } - } - return attrStatement; - } - - private XSAny createAttributeValueForSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException { - DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); - domFactory.setNamespaceAware(true); - Document document = null; - DocumentBuilder builder; - - // Parse the signedDoc value into an XML DOM Document - try { - builder = domFactory.newDocumentBuilder(); - InputStream is; - is = new ByteArrayInputStream(value.trim().getBytes("UTF-8")); - document = builder.parse(is); - is.close(); - } catch (SAXException e1) { - LOG.error("SAX Error while parsing signModule attribute", e1); - throw new STORKSAMLEngineRuntimeException(e1); - } catch (ParserConfigurationException e2) { - LOG.error("Parser Configuration Error while parsing signModule attribute", e2); - throw new STORKSAMLEngineRuntimeException(e2); - } catch (UnsupportedEncodingException e3) { - LOG.error("Unsupported encoding Error while parsing signModule attribute", e3); - throw new STORKSAMLEngineRuntimeException(e3); - } catch (IOException e4) { - LOG.error("IO Error while parsing signModule attribute", e4); - throw new STORKSAMLEngineRuntimeException(e4); - } - - // Create the attribute statement - final XSAny xmlValue = (XSAny) SAMLEngineUtils.createSamlObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME); - - // Set the signedDoc XML content to this element - xmlValue.setDOM(document.getDocumentElement()); - - // Create the attribute statement - final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME); - - // Add previous signedDocXML to the AttributeValue Element - - // if it's necessary encode the information. - if (!isHashing) { - attrValue.getUnknownXMLObjects().add(xmlValue); - } - return attrValue; - } - - private XSAny createAttributeValueForNonSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException { - // Create the attribute statement - final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME); - // if it's necessary encode the information. - if (isHashing) { - attrValue.setTextContent(SAMLEngineUtils.encode(value, SAMLEngineUtils.SHA_512)); - } else { - attrValue.setTextContent(value); - } - return attrValue; - } - - /** - * Generate attribute from a list of values. - * - * @param name - * the name of the attribute. - * @param values - * the value of the attribute. - * @param isHashing - * the is hashing with "SHA-512" algorithm. - * @param status - * the status of the parameter: "Available", "NotAvailable" or "Withheld". - * - * @return the attribute - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private Attribute generateAttrSimple(final String name, final String status, final List<String> values, final boolean isHashing) throws STORKSAMLEngineException { - LOG.debug("Generate attribute simple: " + name); - final Attribute attribute = (Attribute) SAMLEngineUtils.createSamlObject(Attribute.DEFAULT_ELEMENT_NAME); - - attribute.setName(name); - attribute.setNameFormat(Attribute.URI_REFERENCE); - - attribute.getUnknownAttributes().put(new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", SAMLCore.STORK10_PREFIX.getValue()), status); - - if (values != null) { - LOG.debug("Add attribute values."); - for (int i = 0; i < values.size(); i++) { - final String value = values.get(i); - if (StringUtils.isNotBlank(value)) { - XSAny attrValue = null; - if (!name.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - // Create the attribute statement - attrValue = createAttributeValueForNonSignedDoc(value, isHashing); - - } else { - attrValue = createAttributeValueForSignedDoc(value, isHashing); - attribute.getAttributeValues().add(attrValue); - } - attribute.getAttributeValues().add(attrValue); - } - } - } - return attribute; - } - - /** - * Generate conditions that MUST be evaluated when assessing the validity of and/or when using the assertion. - * - * @param notBefore - * the not before - * @param notOnOrAfter - * the not on or after - * @param audienceURI - * the audience URI. - * - * @return the conditions - */ - private Conditions generateConditions(final DateTime notBefore, final DateTime notOnOrAfter, final String audienceURI) { - LOG.debug("Generate conditions."); - final Conditions conditions = (Conditions) SAMLEngineUtils.createSamlObject(Conditions.DEFAULT_ELEMENT_NAME); - conditions.setNotBefore(notBefore); - conditions.setNotOnOrAfter(notOnOrAfter); - - final AudienceRestriction restrictions = (AudienceRestriction) SAMLEngineUtils.createSamlObject(AudienceRestriction.DEFAULT_ELEMENT_NAME); - - final Audience audience = (Audience) SAMLEngineUtils.createSamlObject(Audience.DEFAULT_ELEMENT_NAME); - audience.setAudienceURI(audienceURI); - - restrictions.getAudiences().add(audience); - conditions.getAudienceRestrictions().add(restrictions); - - if (super.getSamlCoreProperties().isOneTimeUse()) { - final OneTimeUse oneTimeUse = (OneTimeUse) SAMLEngineUtils.createSamlObject(OneTimeUse.DEFAULT_ELEMENT_NAME); - conditions.getConditions().add(oneTimeUse); - } - return conditions; - } - - /** - * Generate personal attribute list. - * - * @param assertion - * the assertion - * - * @return the personal attribute list - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private IPersonalAttributeList generatePersonalAttributeList(final Assertion assertion) throws STORKSAMLEngineException { - LOG.debug("Generate personal attribute list from XMLObject."); - final List<XMLObject> listExtensions = assertion.getOrderedChildren(); - - boolean find = false; - AttributeStatement requestedAttr = null; - - // Search the attribute statement. - for (int i = 0; i < listExtensions.size() && !find; i++) { - final XMLObject xml = listExtensions.get(i); - if (xml instanceof AttributeStatement) { - requestedAttr = (AttributeStatement) xml; - find = true; - } - } - - if (!find) { - LOG.error("Error: AttributeStatement it's not present."); - throw new STORKSAMLEngineException("AttributeStatement it's not present."); - } - - final List<Attribute> reqAttrs = requestedAttr.getAttributes(); - - final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); - String attributeName; - - // Process the attributes. - for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { - final Attribute attribute = reqAttrs.get(nextAttribute); - - final PersonalAttribute personalAttribute = new PersonalAttribute(); - - attributeName = attribute.getName(); - personalAttribute.setName(attributeName.substring(attributeName.lastIndexOf('/') + 1)); - - personalAttribute.setStatus(attribute.getUnknownAttributes().get(new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", SAMLCore.STORK10_PREFIX.getValue()))); - - final ArrayList<String> simpleValues = new ArrayList<String>(); - final HashMap<String, String> multiValues = new HashMap<String, String>(); - - final List<XMLObject> values = attribute.getOrderedChildren(); - - // Process the values. - for (int nextValue = 0; nextValue < values.size(); nextValue++) { - - final XMLObject xmlObject = values.get(nextValue); - - if (xmlObject instanceof XSStringImpl) { - - simpleValues.add(((XSStringImpl) xmlObject).getValue()); - - } else if (xmlObject instanceof XSAnyImpl) { - - if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - - final XSAnyImpl xmlString = (XSAnyImpl) values.get(nextValue); - - TransformerFactory transFactory = TransformerFactory.newInstance(); - Transformer transformer = null; - try { - transformer = transFactory.newTransformer(); - transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - } catch (TransformerConfigurationException e) { - LOG.error("Error transformer configuration exception", e); - } - StringWriter buffer = new StringWriter(); - try { - if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0) { - transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), new StreamResult(buffer)); - } - } catch (TransformerException e) { - LOG.error("Error transformer exception", e); - } - String str = buffer.toString(); - - simpleValues.add(str); - - } else if (isComplex(xmlObject)) { - LOG.info(attributeName + " found"); - // Process complex value. - final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; - - for (int nextComplexValue = 0; nextComplexValue < complexValue.getUnknownXMLObjects().size(); nextComplexValue++) { - - final XSAnyImpl simple = (XSAnyImpl) complexValue.getUnknownXMLObjects().get(nextComplexValue); - - multiValues.put(simple.getElementQName().getLocalPart(), simple.getTextContent()); - } - - } else { - // Process simple value. - simpleValues.add(((XSAnyImpl) xmlObject).getTextContent()); - } - - } else { - LOG.error("Error: attribute value it's unknown."); - throw new STORKSAMLEngineException("Attribute value it's unknown."); - } - } - - personalAttribute.setValue(simpleValues); - personalAttribute.setComplexValue(multiValues); - personalAttrList.add(personalAttribute); - } - - return personalAttrList; - } - - /** - * Generate stork authentication request. - * - * @param request - * the request that contain all parameters for generate an authentication request. - * - * @return the STORK authentication request that has been processed. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAuthnRequest generateSTORKAuthnRequest(final STORKAuthnRequest request) throws STORKSAMLEngineException { - LOG.info("Generate SAMLAuthnRequest."); - - // Validate Parameters mandatories - validateParamAuthnReq(request); - - final AuthnRequest authnRequestAux = SAMLEngineUtils.generateSAMLAuthnRequest(SAMLEngineUtils.generateNCName(), SAMLVersion.VERSION_20, SAMLEngineUtils.getCurrentTime()); - - // Set name spaces. - setNameSpaces(authnRequestAux); - - // Add parameter Mandatory STORK - authnRequestAux.setForceAuthn(Boolean.TRUE); - - // Add parameter Mandatory STORK - authnRequestAux.setIsPassive(Boolean.FALSE); - - authnRequestAux.setAssertionConsumerServiceURL(request.getAssertionConsumerServiceURL()); - - authnRequestAux.setProviderName(request.getProviderName()); - - // Add protocol binding - authnRequestAux.setProtocolBinding(super.getSamlCoreProperties().getProtocolBinding()); - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(request.getDestination())) { - authnRequestAux.setDestination(request.getDestination()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - authnRequestAux.setConsent(super.getSamlCoreProperties().getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - if (request.getIssuer() != null) { - issuer.setValue(request.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties().getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - authnRequestAux.setIssuer(issuer); - - // Generate stork extensions. - final Extensions storkExtensions = this.generateSTORKExtensions(request); - // add the extensions to the SAMLAuthnRequest - authnRequestAux.setExtensions(storkExtensions); - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKAuthnRequest authRequest = processExtensions(authnRequestAux.getExtensions()); - - try { - authRequest.setTokenSaml(super.signAndMarshall(authnRequestAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - authRequest.setSamlId(authnRequestAux.getID()); - authRequest.setDestination(authnRequestAux.getDestination()); - authRequest.setAssertionConsumerServiceURL(authnRequestAux.getAssertionConsumerServiceURL()); - - authRequest.setProviderName(authnRequestAux.getProviderName()); - authRequest.setIssuer(authnRequestAux.getIssuer().getValue()); - - return authRequest; - } - - /** - * Generate stork authentication response. - * - * @param request - * the request - * @param responseAuthReq - * the response authentication request - * @param ipAddress - * the IP address - * @param isHashing - * the is hashing - * - * @return the sTORK authentication response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAuthnResponse generateSTORKAuthnResponse(final STORKAuthnRequest request, final STORKAuthnResponse responseAuthReq, final String ipAddress, final boolean isHashing) - throws STORKSAMLEngineException { - LOG.info("generateSTORKAuthnResponse"); - - // Validate parameters - validateParamResponse(request, responseAuthReq); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils.generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - LOG.debug("Generate Response"); - - // RESPONSE - final Response response = genAuthnRespBase(status, request.getAssertionConsumerServiceURL(), request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties().getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, request.getAssertionConsumerServiceURL(), request.getSamlId(), request.getIssuer(), notOnOrAfter); - - final AttributeStatement attrStatement = this.generateAttributeStatement(responseAuthReq.getPersonalAttributeList(), isHashing); - - assertion.getAttributeStatements().add(attrStatement); - - // Add assertions - response.getAssertions().add(assertion); - - final STORKAuthnResponse authresponse = new STORKAuthnResponse(); - - try { - authresponse.setTokenSaml(super.signAndMarshall(response)); - authresponse.setSamlId(response.getID()); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - return authresponse; - } - - /** - * Generate stork authentication response. - * - * @param request - * the request - * @param responseAuthReq - * the response authentication request - * @param ipAddress - * the IP address - * @param isHashing - * the is hashing - * - * @return the sTORK authentication response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAuthnResponse generateSTORKAuthnResponseAfterQuery(final STORKAuthnRequest request, final STORKAuthnResponse responseAuthReq, final String ipAddress, final boolean isHashing, - List<STORKAttrQueryResponse> res) throws STORKSAMLEngineException { - LOG.info("generateSTORKAuthnResponse"); - - // Validate parameters - validateParamResponse(request, responseAuthReq); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils.generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - LOG.debug("Generate Response"); - - // RESPONSE - final Response response = genAuthnRespBase(status, request.getAssertionConsumerServiceURL(), request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties().getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, request.getAssertionConsumerServiceURL(), request.getSamlId(), request.getIssuer(), notOnOrAfter); - - final AttributeStatement attrStatement = this.generateAttributeStatement(responseAuthReq.getPersonalAttributeList(), isHashing); - - assertion.getAttributeStatements().add(attrStatement); - - // Add assertions - response.getAssertions().add(assertion); - // Check for response queries - if (res != null && res.size() > 0) { - // Iterate through them - for (int i = 0; i < res.size(); i++) { - // If response contains multiple assertions iterate through them as well - if (res.get(i).getAssertions().size() > 1) { - for (int j = 0; j < res.get(i).getAssertions().size(); j++) { - Assertion tempAssertion = res.get(i).getAssertions().get(j); - tempAssertion.setParent(response); - response.getAssertions().add(tempAssertion); - } - } else { - Assertion tempAssertion = res.get(i).getAssertion(); - tempAssertion.setParent(response); - response.getAssertions().add(tempAssertion); - } - } - } - - final STORKAuthnResponse authresponse = new STORKAuthnResponse(); - - try { - authresponse.setTokenSaml(super.signAndMarshall(response)); - authresponse.setSamlId(response.getID()); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - return authresponse; - } - - /** - * Generate stork authentication response fail. - * - * @param request - * the request - * @param response - * the response - * @param ipAddress - * the IP address - * @param isHashing - * the is hashing - * - * @return the sTORK authentication response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAuthnResponse generateSTORKAuthnResponseFail(final STORKAuthnRequest request, final STORKAuthnResponse response, final String ipAddress, final boolean isHashing) - throws STORKSAMLEngineException { - LOG.info("generateSTORKAuthnResponseFail"); - - validateParamResponseFail(request, response); - - // Mandatory - final StatusCode statusCode = SAMLEngineUtils.generateStatusCode(response.getStatusCode()); - - // Mandatory SAML - LOG.debug("Generate StatusCode."); - // Subordinate code it's optional in case not covered into next codes: - // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed - // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue - // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy - // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied - // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported - - if (StringUtils.isNotBlank(response.getSubStatusCode())) { - final StatusCode newStatusCode = SAMLEngineUtils.generateStatusCode(response.getSubStatusCode()); - statusCode.setStatusCode(newStatusCode); - } - - LOG.debug("Generate Status."); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - if (StringUtils.isNotBlank(response.getMessage())) { - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.generateStatusMessage(response.getMessage()); - - status.setStatusMessage(statusMessage); - } - - LOG.debug("Generate Response."); - // RESPONSE - final Response responseFail = genAuthnRespBase(status, request.getAssertionConsumerServiceURL(), request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties().getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, request.getAssertionConsumerServiceURL(), request.getSamlId(), request.getIssuer(), notOnOrAfter); - - responseFail.getAssertions().add(assertion); - - LOG.debug("Sign and Marshall ResponseFail."); - - final STORKAuthnResponse storkResponse = new STORKAuthnResponse(); - - try { - storkResponse.setTokenSaml(super.signAndMarshall(responseFail)); - storkResponse.setSamlId(responseFail.getID()); - } catch (SAMLEngineException e) { - LOG.error("SAMLEngineException.", e); - throw new STORKSAMLEngineException(e); - } - return storkResponse; - } - - /** - * Generate stork attribute query request. - * - * @param request - * the request that contain all parameters for generate an attribute query request. - * - * @return the STORK attribute query request that has been processed. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAttrQueryRequest generateSTORKAttrQueryRequest(final STORKAttrQueryRequest request) throws STORKSAMLEngineException { - LOG.info("Generate STORKAttrQueryRequest."); - - // Validate Parameters mandatories - validateParamAttrQueryReq(request); - - final CustomAttributeQuery attrQueryRequestAux = SAMLEngineUtils.generateSAMLAttrQueryRequest(SAMLEngineUtils.generateNCName(), SAMLVersion.VERSION_20, SAMLEngineUtils.getCurrentTime()); - - // Set name spaces. - setNameSpaces(attrQueryRequestAux); - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(request.getDestination())) { - attrQueryRequestAux.setDestination(request.getDestination()); - } - - // Add parameter optional STORK - // Consumer URL is needed if using HTTP-Post - if (StringUtils.isNotBlank(request.getAssertionConsumerServiceURL())) { - attrQueryRequestAux.setAssertionConsumerServiceURL(request.getAssertionConsumerServiceURL()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - attrQueryRequestAux.setConsent(super.getSamlCoreProperties().getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - // Set the subject - needed for attribute query validation - Subject subject = SAMLEngineUtils.generateSubject(); - SubjectConfirmationBuilder builder = new SubjectConfirmationBuilder(); - SubjectConfirmation subjectConfirmation = builder.buildObject(); - subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer"); - subject.getSubjectConfirmations().add(subjectConfirmation); - attrQueryRequestAux.setSubject(subject); - - if (request.getIssuer() != null) { - issuer.setValue(request.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties().getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - attrQueryRequestAux.setIssuer(issuer); - - // Generate stork extensions. - final Extensions storkExtensions = this.generateSTORKAttrExtensions(request); - // add the extensions to the SAMLAuthnRequest - attrQueryRequestAux.setExtensions(storkExtensions); - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKAttrQueryRequest attrQueryRequest = processAttrExtensions(attrQueryRequestAux.getExtensions()); - - try { - attrQueryRequest.setTokenSaml(super.signAndMarshall(attrQueryRequestAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - attrQueryRequest.setSamlId(attrQueryRequestAux.getID()); - attrQueryRequest.setDestination(attrQueryRequestAux.getDestination()); - attrQueryRequest.setAssertionConsumerServiceURL(attrQueryRequestAux.getAssertionConsumerServiceURL()); - attrQueryRequest.setIssuer(attrQueryRequestAux.getIssuer().getValue()); - - return attrQueryRequest; - } - - /** - * Generate stork attribute query response. - * - * @param request - * the request - * @param responseAttrQueryRes - * the response authentication request - * @param ipAddress - * the IP address - * @param isHashing - * the hashing of values - * - * @return the sTORK authentication response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAttrQueryResponse generateSTORKAttrQueryResponse(final STORKAttrQueryRequest request, final STORKAttrQueryResponse responseAttrQueryRes, final String ipAddress, - final String destinationUrl, final boolean isHashing) throws STORKSAMLEngineException { - LOG.info("generateSTORKAttrQueryResponse"); - - // Validate parameters - validateParamAttrQueryResponse(request, responseAttrQueryRes); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils.generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - LOG.debug("Generate Response"); - - // RESPONSE - final Response response = genAuthnRespBase(status, destinationUrl, request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties().getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, "", request.getSamlId(), request.getIssuer(), notOnOrAfter); - - final AttributeStatement attrStatement = this.generateAttributeStatement(responseAttrQueryRes.getPersonalAttributeList(), isHashing); - - assertion.getAttributeStatements().add(attrStatement); - - // Add assertions - response.getAssertions().add(assertion); - - final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); - - try { - attrQueryResponse.setTokenSaml(super.signAndMarshall(response)); - attrQueryResponse.setSamlId(response.getID()); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - return attrQueryResponse; - } - - /** - * Generate stork attribute query response from multiple assertions - * - * @param request - * the request - * @param responseAttrQueryRes - * the response to the query request - * @param responses - * the responses to include in the response (aggregation) - * @param ipAddress - * the IP address - * @param isHashing - * the hashing of values - * - * @return the sTORK attribute query response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAttrQueryResponse generateSTORKAttrQueryResponseWithAssertions(final STORKAttrQueryRequest request, final STORKAttrQueryResponse responseAttrQueryRes, - final List<STORKAttrQueryResponse> responses, final String ipAddress, final String destinationUrl, final boolean isHashing) throws STORKSAMLEngineException { - LOG.info("generateSTORKAttrQueryResponse"); - - // Validate parameters - validateParamAttrQueryResponseFromAssertions(request, responseAttrQueryRes); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils.generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - LOG.debug("Generate Response"); - - // RESPONSE - final Response response = genAuthnRespBase(status, destinationUrl, request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties().getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, "", request.getSamlId(), request.getIssuer(), notOnOrAfter); - - final AttributeStatement attrStatement = this.generateAttributeStatement(responseAttrQueryRes.getPersonalAttributeList(), isHashing); - - assertion.getAttributeStatements().add(attrStatement); - - // Add the assertions from the former Query responses - response.getAssertions().add(assertion); - if (responses != null && responses.size() > 0) { - for (int i = 0; i < responses.size(); i++) { - Assertion tempAssertion = responses.get(i).getAssertion(); - tempAssertion.setParent(response); - response.getAssertions().add(tempAssertion); - } - } - - final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); - - try { - attrQueryResponse.setTokenSaml(super.signAndMarshall(response)); - attrQueryResponse.setSamlId(response.getID()); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - return attrQueryResponse; - } - - /** - * Generate stork attribute query response fail. - * - * @param request - * the request - * @param response - * the response - * @param ipAddress - * the IP address - * @param isHashing - * the is hashing - * - * @return the STORK attribute query response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAttrQueryResponse generateSTORKAttrQueryResponseFail(final STORKAttrQueryRequest request, final STORKAttrQueryResponse response, final String ipAddress, final String destinationUrl, - final boolean isHashing) throws STORKSAMLEngineException { - LOG.info("generateSTORKAttrQueryResponseFail"); - - validateParamAttrQueryResponseFail(request, response); - - // Mandatory - final StatusCode statusCode = SAMLEngineUtils.generateStatusCode(response.getStatusCode()); - - // Mandatory SAML - LOG.debug("Generate StatusCode."); - // Subordinate code it's optional in case not covered into next codes: - // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed - // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue - // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy - // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied - // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported - - if (StringUtils.isNotBlank(response.getSubStatusCode())) { - final StatusCode newStatusCode = SAMLEngineUtils.generateStatusCode(response.getSubStatusCode()); - statusCode.setStatusCode(newStatusCode); - } - - LOG.debug("Generate Status."); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - if (StringUtils.isNotBlank(response.getMessage())) { - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.generateStatusMessage(response.getMessage()); - - status.setStatusMessage(statusMessage); - } - - LOG.debug("Generate Response."); - // RESPONSE - final Response responseFail = genAuthnRespBase(status, destinationUrl, request.getSamlId()); - - DateTime notOnOrAfter = new DateTime(); - - notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties().getTimeNotOnOrAfter()); - - final Assertion assertion = this.generateAssertion(ipAddress, "", request.getSamlId(), request.getIssuer(), notOnOrAfter); - - responseFail.getAssertions().add(assertion); - - LOG.debug("Sign and Marshall ResponseFail."); - - final STORKAttrQueryResponse storkResponse = new STORKAttrQueryResponse(); - - try { - storkResponse.setTokenSaml(super.signAndMarshall(responseFail)); - storkResponse.setSamlId(responseFail.getID()); - } catch (SAMLEngineException e) { - LOG.error("SAMLEngineException.", e); - throw new STORKSAMLEngineException(e); - } - return storkResponse; - } - - /** - * Generate stork logout request. - * - * @param request - * the request that contain all parameters for generate an logout request. - * - * @return the STORK logout request that has been processed. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKLogoutRequest generateSTORKLogoutRequest(final STORKLogoutRequest request) throws STORKSAMLEngineException { - LOG.info("Generate STORKLogoutRequest."); - - // Validate Parameters mandatories - validateParamLogoutReq(request); - - final LogoutRequest logoutRequestAux = SAMLEngineUtils.generateSAMLLogoutRequest(SAMLEngineUtils.generateNCName(), SAMLVersion.VERSION_20, SAMLEngineUtils.getCurrentTime()); - - // Set name spaces. - setNameSpaces(logoutRequestAux); - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(request.getDestination())) { - logoutRequestAux.setDestination(request.getDestination()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - logoutRequestAux.setConsent(super.getSamlCoreProperties().getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - if (request.getIssuer() != null) { - issuer.setValue(request.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties().getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - logoutRequestAux.setIssuer(issuer); - - // Set the name ID - final NameID newNameID = SAMLEngineUtils.generateNameID(); - newNameID.setValue(request.getSpProvidedId()); - logoutRequestAux.setNameID(newNameID); - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKLogoutRequest logoutRequest = new STORKLogoutRequest(); - - try { - logoutRequest.setTokenSaml(super.signAndMarshall(logoutRequestAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - logoutRequest.setSamlId(logoutRequestAux.getID()); - logoutRequest.setDestination(logoutRequestAux.getDestination()); - logoutRequest.setIssuer(logoutRequestAux.getIssuer().getValue()); - logoutRequest.setSpProvidedId(logoutRequestAux.getNameID().getValue()); - - return logoutRequest; - } - - /** - * Generate stork logout response. - * - * @param request - * the request thats being responded to - * @param response - * the tesponse that contain all parameters for generate an logout request. - * - * @return the STORK logout response that has been processed. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKLogoutResponse generateSTORKLogoutResponse(final STORKLogoutRequest request, final STORKLogoutResponse response) throws STORKSAMLEngineException { - LOG.info("Generate STORKLogoutResponse."); - - // Validate Parameters mandatories - validateParamLogoutRes(request, response); - - // Mandatory SAML - LOG.debug("Generate StatusCode"); - final StatusCode statusCode = SAMLEngineUtils.generateStatusCode(StatusCode.SUCCESS_URI); - - LOG.debug("Generate Status"); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - LOG.debug("Generate StatusMessage"); - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.generateStatusMessage(StatusCode.SUCCESS_URI); - - status.setStatusMessage(statusMessage); - - final LogoutResponse logoutResponseAux = SAMLEngineUtils.generateSAMLLogoutResponse(SAMLEngineUtils.generateNCName(), SAMLVersion.VERSION_20, SAMLEngineUtils.getCurrentTime(), status, - request.getSamlId()); - - // Set name spaces. - setNameSpaces(logoutResponseAux); - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(response.getDestination())) { - logoutResponseAux.setDestination(response.getDestination()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - logoutResponseAux.setConsent(super.getSamlCoreProperties().getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - if (response.getIssuer() != null) { - issuer.setValue(response.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties().getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - logoutResponseAux.setIssuer(issuer); - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKLogoutResponse logoutResponse = new STORKLogoutResponse(); - - try { - logoutResponse.setTokenSaml(super.signAndMarshall(logoutResponseAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - logoutResponse.setSamlId(logoutResponseAux.getID()); - logoutResponse.setDestination(logoutResponseAux.getDestination()); - logoutResponse.setIssuer(logoutResponseAux.getIssuer().getValue()); - logoutResponse.setStatusCode(logoutResponseAux.getStatus().getStatusCode().toString()); - logoutResponse.setStatusMessage(logoutResponseAux.getStatus().getStatusMessage().toString()); - - return logoutResponse; - } - - /** - * Generate failed stork logout response. - * - * @param response - * the response that contain all parameters for generate an logout request. - * - * @return the STORK logout response that has been processed. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKLogoutResponse generateSTORKLogoutResponseFail(final STORKLogoutRequest request, final STORKLogoutResponse response) throws STORKSAMLEngineException { - LOG.info("Generate STORKLogoutResponse."); - - // Validate Parameters mandatories - validateParamLogoutResFail(request, response); - - // Mandatory - final StatusCode statusCode = SAMLEngineUtils.generateStatusCode(response.getStatusCode()); - - // Mandatory SAML - LOG.debug("Generate StatusCode."); - // Subordinate code it's optional in case not covered into next codes: - // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed - // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue - // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy - // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied - // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported - - if (StringUtils.isNotBlank(response.getSubStatusCode())) { - final StatusCode newStatusCode = SAMLEngineUtils.generateStatusCode(response.getSubStatusCode()); - statusCode.setStatusCode(newStatusCode); - } - - LOG.debug("Generate Status."); - final Status status = SAMLEngineUtils.generateStatus(statusCode); - - if (StringUtils.isNotBlank(response.getStatusMessage())) { - final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils.generateStatusMessage(response.getStatusMessage()); - - status.setStatusMessage(statusMessage); - } - - final LogoutResponse logoutResponseAux = SAMLEngineUtils.generateSAMLLogoutResponse(SAMLEngineUtils.generateNCName(), SAMLVersion.VERSION_20, SAMLEngineUtils.getCurrentTime(), status, - request.getSamlId()); - - // Set name spaces. - setNameSpaces(logoutResponseAux); - - // Add parameter optional STORK - // Destination is mandatory if the destination is a C-PEPS - // The application must to know if the destination is a C-PEPS. - if (StringUtils.isNotBlank(response.getDestination())) { - logoutResponseAux.setDestination(response.getDestination()); - } - - // Consent is optional. Set from SAMLEngine.xml - consent. - logoutResponseAux.setConsent(super.getSamlCoreProperties().getConsentAuthnRequest()); - - final Issuer issuer = SAMLEngineUtils.generateIssuer(); - - if (response.getIssuer() != null) { - issuer.setValue(response.getIssuer()); - } else { - issuer.setValue(super.getSamlCoreProperties().getRequester()); - } - - // Optional STORK - final String formatEntity = super.getSamlCoreProperties().getFormatEntity(); - if (StringUtils.isNotBlank(formatEntity)) { - issuer.setFormat(formatEntity); - } - - logoutResponseAux.setIssuer(issuer); - - // the result contains an authentication request token (byte[]), - // identifier of the token, and all parameters from the request. - final STORKLogoutResponse logoutResponse = new STORKLogoutResponse(); - - try { - logoutResponse.setTokenSaml(super.signAndMarshall(logoutResponseAux)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - logoutResponse.setSamlId(logoutResponseAux.getID()); - logoutResponse.setDestination(logoutResponseAux.getDestination()); - logoutResponse.setIssuer(logoutResponseAux.getIssuer().getValue()); - logoutResponse.setStatusCode(logoutResponseAux.getStatus().getStatusCode().toString()); - logoutResponse.setStatusMessage(logoutResponseAux.getStatus().getStatusMessage().toString()); - - return logoutResponse; - } - - /** - * Generate stork authentication statement for the authentication statement. - * - * @param ipAddress - * the IP address - * - * @return the authentication statement - */ - private AuthnStatement generateStorkAuthStatement(final String ipAddress) { - LOG.debug("Generate stork authenticate statement."); - final SubjectLocality subjectLocality = SAMLEngineUtils.generateSubjectLocality(ipAddress); - - final AuthnContext authnContext = (AuthnContext) SAMLEngineUtils.createSamlObject(AuthnContext.DEFAULT_ELEMENT_NAME); - - final AuthnContextDecl authnContextDecl = (AuthnContextDecl) SAMLEngineUtils.createSamlObject(AuthnContextDecl.DEFAULT_ELEMENT_NAME); - - authnContext.setAuthnContextDecl(authnContextDecl); - - final AuthnStatement authnStatement = SAMLEngineUtils.generateAthnStatement(new DateTime(), authnContext); - - // Optional STORK - authnStatement.setSessionIndex(null); - authnStatement.setSubjectLocality(subjectLocality); - - return authnStatement; - } - - /** - * Generate stork extensions. - * - * @param request - * the request - * - * @return the extensions - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private Extensions generateSTORKExtensions(final STORKAuthnRequest request) throws STORKSAMLEngineException { - LOG.debug("Generate STORKExtensions"); - - final Extensions extensions = SAMLEngineUtils.generateExtension(); - - LOG.debug("Generate QAAAttribute"); - final QAAAttribute qaaAttribute = SAMLEngineUtils.generateQAAAttribute(request.getQaa()); - extensions.getUnknownXMLObjects().add(qaaAttribute); - - if (StringUtils.isNotEmpty(request.getSpSector())) { - // Add information about service provider. - LOG.debug("Generate SPSector"); - final SPSector sector = SAMLEngineUtils.generateSPSector(request.getSpSector()); - extensions.getUnknownXMLObjects().add(sector); - } - - // Delete from specification. Kept for compatibility with Provider Name value - LOG.debug("Generate SPInstitution"); - final SPInstitution institution = SAMLEngineUtils.generateSPInstitution(request.getProviderName()); - extensions.getUnknownXMLObjects().add(institution); - - if (StringUtils.isNotEmpty(request.getSpApplication())) { - LOG.debug("Generate SPApplication"); - final SPApplication application = SAMLEngineUtils.generateSPApplication(request.getSpApplication()); - extensions.getUnknownXMLObjects().add(application); - } - - if (StringUtils.isNotEmpty(request.getSpCountry())) { - LOG.debug("Generate SPCountry"); - final SPCountry country = SAMLEngineUtils.generateSPCountry(request.getSpCountry()); - extensions.getUnknownXMLObjects().add(country); - } - - // eIDSectorShare: optional; default value: false. - String valueSectorShare = super.getSamlCoreProperties().iseIDSectorShare(); - - if (StringUtils.isNotEmpty(valueSectorShare)) { - // Add information about the use of the SAML message. - LOG.debug("Generate EIDSectorShare"); - final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils.createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME); - - eIdSectorShare.setEIDSectorShare(String.valueOf(Boolean.valueOf(valueSectorShare))); - - extensions.getUnknownXMLObjects().add(eIdSectorShare); - } - - String valueCrossSectorShare = super.getSamlCoreProperties().iseIDCrossSectorShare(); - - if (StringUtils.isNotEmpty(valueCrossSectorShare)) { - LOG.debug("Generate EIDCrossSectorShare"); - final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils.createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); - eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(Boolean.valueOf(valueCrossSectorShare))); - extensions.getUnknownXMLObjects().add(eIdCrossSecShare); - } - - String valueCrossBorderShare = super.getSamlCoreProperties().iseIDCrossBorderShare(); - - if (StringUtils.isNotEmpty(valueCrossBorderShare)) { - LOG.debug("Generate EIDCrossBorderShare"); - final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils.createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); - eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(Boolean.valueOf(valueCrossBorderShare))); - extensions.getUnknownXMLObjects().add(eIdCrossBordShare); - } - - // Add information about requested attributes. - LOG.debug("Generate RequestedAttributes."); - final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils.createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME); - - LOG.debug("SAML Engine configuration properties load."); - final Iterator<PersonalAttribute> iterator = request.getPersonalAttributeList().iterator(); - - while (iterator.hasNext()) { - - final PersonalAttribute attribute = iterator.next(); - - if (attribute == null || StringUtils.isBlank(attribute.getName())) { - LOG.error(ATTRIBUTE_EMPTY_LITERAL); - throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); - } - - // Verified if exits the attribute name. - final String attributeName = super.getSamlCoreProperties().getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.debug("Attribute name: {} was not found.", attribute.getName()); - throw new STORKSAMLEngineException("Attribute name: " + attribute.getName() + " was not found."); - } - - // Friendly name it's an optional attribute. - String friendlyName = null; - - if (super.getSamlCoreProperties().isFriendlyName()) { - friendlyName = attribute.getName(); - } - - String isRequired = null; - if (super.getSamlCoreProperties().isRequired()) { - isRequired = String.valueOf(attribute.isRequired()); - } - - LOG.debug("Generate requested attribute: " + attributeName); - final RequestedAttribute requestedAttr = SAMLEngineUtils.generateReqAuthnAttributeSimple(attributeName, friendlyName, isRequired, attribute.getValue()); - - // Add requested attribute. - reqAttributes.getAttributes().add(requestedAttr); - } - - // Add requested attributes. - extensions.getUnknownXMLObjects().add(reqAttributes); - - CitizenCountryCode citizenCountryCode = null; - if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())) { - LOG.debug("Generate CitizenCountryCode"); - citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils.createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME); - - citizenCountryCode.setCitizenCountryCode(request.getCitizenCountryCode().toUpperCase()); - } - - SPID spid = null; - if (request.getSPID() != null && StringUtils.isNotBlank(request.getSPID())) { - LOG.debug("Generate SPID"); - spid = (SPID) SAMLEngineUtils.createSamlObject(SPID.DEF_ELEMENT_NAME); - - spid.setSPID(request.getSPID().toUpperCase()); - } - - AuthenticationAttributes authenticationAttr = (AuthenticationAttributes) SAMLEngineUtils.createSamlObject(AuthenticationAttributes.DEF_ELEMENT_NAME); - - final VIDPAuthenticationAttributes vIDPauthenticationAttr = (VIDPAuthenticationAttributes) SAMLEngineUtils.createSamlObject(VIDPAuthenticationAttributes.DEF_ELEMENT_NAME); - - final SPInformation spInformation = (SPInformation) SAMLEngineUtils.createSamlObject(SPInformation.DEF_ELEMENT_NAME); - - if (citizenCountryCode != null) { - vIDPauthenticationAttr.setCitizenCountryCode(citizenCountryCode); - } - - if (spid != null) { - spInformation.setSPID(spid); - } - - vIDPauthenticationAttr.setSPInformation(spInformation); - - authenticationAttr.setVIDPAuthenticationAttributes(vIDPauthenticationAttr); - extensions.getUnknownXMLObjects().add(authenticationAttr); - - return extensions; - - } - - /** - * Generate stork extensions. - * - * @param request - * the attribute query request - * - * @return the extensions - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private Extensions generateSTORKAttrExtensions(final STORKAttrQueryRequest request) throws STORKSAMLEngineException { - LOG.debug("Generate STORKExtensions"); - - final Extensions extensions = SAMLEngineUtils.generateExtension(); - - LOG.debug("Generate QAAAttribute"); - final QAAAttribute qaaAttribute = SAMLEngineUtils.generateQAAAttribute(request.getQaa()); - extensions.getUnknownXMLObjects().add(qaaAttribute); - - if (StringUtils.isNotEmpty(request.getSpSector())) { - // Add information about service provider. - LOG.debug("Generate SPSector"); - final SPSector sector = SAMLEngineUtils.generateSPSector(request.getSpSector()); - extensions.getUnknownXMLObjects().add(sector); - } - - if (StringUtils.isNotEmpty(request.getSpApplication())) { - LOG.debug("Generate SPApplication"); - final SPApplication application = SAMLEngineUtils.generateSPApplication(request.getSpApplication()); - extensions.getUnknownXMLObjects().add(application); - } - - if (StringUtils.isNotEmpty(request.getSpCountry())) { - LOG.debug("Generate SPCountry"); - final SPCountry country = SAMLEngineUtils.generateSPCountry(request.getSpCountry()); - extensions.getUnknownXMLObjects().add(country); - } - - final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils.createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME); - - eIdSectorShare.setEIDSectorShare(String.valueOf(request.isEIDSectorShare())); - - extensions.getUnknownXMLObjects().add(eIdSectorShare); - - final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils.createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); - eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(request.isEIDCrossSectorShare())); - extensions.getUnknownXMLObjects().add(eIdCrossSecShare); - - final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils.createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); - eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(request.isEIDCrossBorderShare())); - extensions.getUnknownXMLObjects().add(eIdCrossBordShare); - - // Add information about requested attributes. - LOG.debug("Generate RequestedAttributes."); - final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils.createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME); - - LOG.debug("SAML Engine configuration properties load."); - final Iterator<PersonalAttribute> iterator = request.getPersonalAttributeList().iterator(); - - while (iterator.hasNext()) { - - final PersonalAttribute attribute = iterator.next(); - - if (attribute == null || StringUtils.isBlank(attribute.getName())) { - LOG.error(ATTRIBUTE_EMPTY_LITERAL); - throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); - } - - // Verified if exits the attribute name. - final String attributeName = super.getSamlCoreProperties().getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.debug("Attribute name: {} was not found.", attribute.getName()); - throw new STORKSAMLEngineException("Attribute name: " + attribute.getName() + " was not found."); - } - - // Friendly name it's an optional attribute. - String friendlyName = null; - - if (super.getSamlCoreProperties().isFriendlyName()) { - friendlyName = attribute.getName(); - } - - String isRequired = null; - if (super.getSamlCoreProperties().isRequired()) { - isRequired = String.valueOf(attribute.isRequired()); - } - - LOG.debug("Generate requested attribute: " + attributeName); - final RequestedAttribute requestedAttr = SAMLEngineUtils.generateReqAuthnAttributeSimple(attributeName, friendlyName, isRequired, attribute.getValue()); - - // Add requested attribute. - reqAttributes.getAttributes().add(requestedAttr); - } - - // Add requested attributes. - extensions.getUnknownXMLObjects().add(reqAttributes); - - CitizenCountryCode citizenCountryCode = null; - if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())) { - LOG.debug("Generate CitizenCountryCode"); - citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils.createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME); - - citizenCountryCode.setCitizenCountryCode(request.getCitizenCountryCode().toUpperCase()); - - extensions.getUnknownXMLObjects().add(citizenCountryCode); - } - - SPID spid = null; - if (request.getSPID() != null && StringUtils.isNotBlank(request.getSPID())) { - LOG.debug("Generate SPID"); - spid = (SPID) SAMLEngineUtils.createSamlObject(SPID.DEF_ELEMENT_NAME); - - spid.setSPID(request.getSPID().toUpperCase()); - - extensions.getUnknownXMLObjects().add(spid); - } - - return extensions; - - } - - /** - * Gets the alias from X.509 Certificate at keystore. - * - * @param keyInfo - * the key info - * @param storkOwnKeyStore - * @param storkOwnKeyStore - * - * @return the alias - */ - private String getAlias(final KeyInfo keyInfo, KeyStore storkOwnKeyStore) { - - LOG.debug("Recover alias information"); - - String alias = null; - try { - final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo.getX509Datas().get(0).getX509Certificates().get(0); - - // Transform the KeyInfo to X509Certificate. - CertificateFactory certFact; - certFact = CertificateFactory.getInstance("X.509"); - - final ByteArrayInputStream bis = new ByteArrayInputStream(Base64.decode(xmlCert.getValue())); - - final X509Certificate cert = (X509Certificate) certFact.generateCertificate(bis); - - final String tokenSerialNumber = cert.getSerialNumber().toString(16); - final X509Principal tokenIssuerDN = new X509Principal(cert.getIssuerDN().getName()); - - String aliasCert; - X509Certificate certificate; - boolean find = false; - - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements() && !find;) { - aliasCert = e.nextElement(); - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(aliasCert); - - final String serialNum = certificate.getSerialNumber().toString(16); - - X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); - - if (serialNum.equalsIgnoreCase(tokenSerialNumber) && X509PrincipalUtil.equals2(issuerDN, tokenIssuerDN)) { - alias = aliasCert; - find = true; - } - - } - - } catch (KeyStoreException e) { - LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); - } catch (CertificateException e) { - LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); - } catch (RuntimeException e) { - LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); - } - return alias; - } - - /** - * Gets the country from X.509 Certificate. - * - * @param keyInfo - * the key info - * - * @return the country - */ - private String getCountry(final KeyInfo keyInfo) { - LOG.debug("Recover country information."); - - String result = ""; - try { - final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo.getX509Datas().get(0).getX509Certificates().get(0); - - // Transform the KeyInfo to X509Certificate. - CertificateFactory certFact; - certFact = CertificateFactory.getInstance("X.509"); - - final ByteArrayInputStream bis = new ByteArrayInputStream(Base64.decode(xmlCert.getValue())); - - final X509Certificate cert = (X509Certificate) certFact.generateCertificate(bis); - - String distName = cert.getSubjectDN().toString(); - - distName = StringUtils.deleteWhitespace(StringUtils.upperCase(distName)); - - final String countryCode = "C="; - final int init = distName.indexOf(countryCode); - - if (init > StringUtils.INDEX_NOT_FOUND) { // Exist country code. - int end = distName.indexOf(',', init); - - if (end <= StringUtils.INDEX_NOT_FOUND) { - end = distName.length(); - } - - if (init < end && end > StringUtils.INDEX_NOT_FOUND) { - result = distName.substring(init + countryCode.length(), end); - // It must be a two characters value - if (result.length() > 2) { - result = result.substring(0, 2); - } - } - } - - } catch (CertificateException e) { - LOG.error("Procces getCountry from certificate."); - } - return result.trim(); - } - - /** - * Process all elements XMLObjects from the extensions. - * - * @param extensions - * the extensions from the authentication request. - * - * @return the STORK authentication request - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private STORKAuthnRequest processExtensions(final Extensions extensions) throws STORKSAMLEngineException { - LOG.debug("Procces the extensions."); - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - final QAAAttribute qaa = (QAAAttribute) extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0); - request.setQaa(Integer.parseInt(qaa.getQaaLevel())); - - List optionalElements = extensions.getUnknownXMLObjects(SPSector.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPSector sector = (SPSector) extensions.getUnknownXMLObjects(SPSector.DEF_ELEMENT_NAME).get(0); - request.setSpSector(sector.getSPSector()); - } - - optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPApplication application = (SPApplication) extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0); - request.setSpApplication(application.getSPApplication()); - } - - optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPCountry application = (SPCountry) extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0); - request.setSpCountry(application.getSPCountry()); - } - - List listCrossBorderShare = extensions.getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME); - - if (!listCrossBorderShare.isEmpty()) { - final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0); - request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare.getEIDCrossBorderShare())); - } - - List listCrosSectorShare = extensions.getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME); - - if (!listCrosSectorShare.isEmpty()) { - final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0); - request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare.getEIDCrossSectorShare())); - } - - List listSectorShareExtension = extensions.getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME); - if (!listSectorShareExtension.isEmpty()) { - final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0); - request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare())); - } - - List<XMLObject> authAttrs = extensions.getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME); - - if (authAttrs != null && !authAttrs.isEmpty()) { - - final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs.get(0); - - VIDPAuthenticationAttributes vidpAuthnAttr = null; - if (authnAttr != null && !authAttrs.isEmpty()) { - vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes(); - } - - CitizenCountryCode citizenCountryCodeElement = null; - SPInformation spInformation = null; - if (vidpAuthnAttr != null) { - citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode(); - spInformation = vidpAuthnAttr.getSPInformation(); - } - - String citizenCountryCode = null; - if (citizenCountryCodeElement != null) { - citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode(); - } - - if (citizenCountryCode != null && StringUtils.isNotBlank(citizenCountryCode)) { - request.setCitizenCountryCode(citizenCountryCode); - } - - SPID spidElement = null; - if (spInformation != null) { - spidElement = spInformation.getSPID(); - } - - String spid = null; - if (spidElement != null) { - spid = spidElement.getSPID(); - } - - if (spid != null && StringUtils.isNotBlank(spid)) { - request.setSPID(spid); - } - } - - if (extensions.getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) { - LOG.error("Extensions not contains any requested attribute."); - throw new STORKSAMLEngineException("Extensions not contains any requested attribute."); - } - - final RequestedAttributes requestedAttr = (RequestedAttributes) extensions.getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME).get(0); - - final List<RequestedAttribute> reqAttrs = requestedAttr.getAttributes(); - - final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); - - String attributeName; - for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { - final RequestedAttribute attribute = reqAttrs.get(nextAttribute); - final PersonalAttribute personalAttribute = new PersonalAttribute(); - personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired())); - personalAttribute.setFriendlyName(attribute.getFriendlyName()); - attributeName = attribute.getName(); - - // recover the last name from the string. - personalAttribute.setName(attributeName.substring(attributeName.lastIndexOf('/') + 1)); - - final ArrayList<String> valores = new ArrayList<String>(); - final List<XMLObject> values = attribute.getOrderedChildren(); - - for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) { - - // Process attributes simples. An AuthenticationRequest only - // must contains simple values. - - final XMLObject xmlObject = values.get(nextSimpleValue); - - if (xmlObject instanceof XSStringImpl) { - - final XSStringImpl xmlString = (XSStringImpl) values.get(nextSimpleValue); - valores.add(xmlString.getValue()); - - } else { - - if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - - final XSAnyImpl xmlString = (XSAnyImpl) values.get(nextSimpleValue); - - TransformerFactory transFactory = TransformerFactory.newInstance(); - Transformer transformer = null; - try { - transformer = transFactory.newTransformer(); - transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - } catch (TransformerConfigurationException e) { - LOG.error("Error transformer configuration exception", e); - } - StringWriter buffer = new StringWriter(); - try { - if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0) { - transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), new StreamResult(buffer)); - } - } catch (TransformerException e) { - LOG.error("Error transformer exception", e); - } - String str = buffer.toString(); - - valores.add(str); - - } else { - - final XSAnyImpl xmlString = (XSAnyImpl) values.get(nextSimpleValue); - valores.add(xmlString.getTextContent()); - } - - } - } - personalAttribute.setValue(valores); - personalAttrList.add(personalAttribute); - } - - request.setPersonalAttributeList(personalAttrList); - - return request; - } - - /** - * Process all elements XMLObjects from the extensions. - * - * @param extensions - * the extensions from the authentication request. - * - * @return the STORK authentication request - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private STORKAttrQueryRequest processAttrExtensions(final Extensions extensions) throws STORKSAMLEngineException { - LOG.debug("Procces the atribute query extensions."); - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - final QAAAttribute qaa = (QAAAttribute) extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0); - request.setQaa(Integer.parseInt(qaa.getQaaLevel())); - - List optionalElements = extensions.getUnknownXMLObjects(SPSector.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPSector sector = (SPSector) extensions.getUnknownXMLObjects(SPSector.DEF_ELEMENT_NAME).get(0); - request.setSpSector(sector.getSPSector()); - } - - optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPApplication application = (SPApplication) extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0); - request.setSpApplication(application.getSPApplication()); - } - - optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME); - - if (!optionalElements.isEmpty()) { - final SPCountry application = (SPCountry) extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0); - request.setSpCountry(application.getSPCountry()); - } - - List listCrossBorderShare = extensions.getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME); - - if (!listCrossBorderShare.isEmpty()) { - final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0); - request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare.getEIDCrossBorderShare())); - } - - List listCrosSectorShare = extensions.getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME); - - if (!listCrosSectorShare.isEmpty()) { - final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0); - request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare.getEIDCrossSectorShare())); - } - - List listSectorShareExtension = extensions.getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME); - if (!listSectorShareExtension.isEmpty()) { - final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0); - request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare())); - } - - List<XMLObject> authAttrs = extensions.getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME); - - if (authAttrs != null && !authAttrs.isEmpty()) { - - final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs.get(0); - - VIDPAuthenticationAttributes vidpAuthnAttr = null; - if (authnAttr != null && !authAttrs.isEmpty()) { - vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes(); - } - - CitizenCountryCode citizenCountryCodeElement = null; - SPInformation spInformation = null; - if (vidpAuthnAttr != null) { - citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode(); - spInformation = vidpAuthnAttr.getSPInformation(); - } - - String citizenCountryCode = null; - if (citizenCountryCodeElement != null) { - citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode(); - } - - if (citizenCountryCode != null && StringUtils.isNotBlank(citizenCountryCode)) { - request.setCitizenCountryCode(citizenCountryCode); - } - - SPID spidElement = null; - if (spInformation != null) { - spidElement = spInformation.getSPID(); - } - - String spid = null; - if (spidElement != null) { - spid = spidElement.getSPID(); - } - - if (spid != null && StringUtils.isNotBlank(spid)) { - request.setSPID(spid); - } - } - - if (extensions.getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) { - LOG.error("Extensions not contains any requested attribute."); - throw new STORKSAMLEngineException("Extensions not contains any requested attribute."); - } - - final RequestedAttributes requestedAttr = (RequestedAttributes) extensions.getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME).get(0); - - final List<RequestedAttribute> reqAttrs = requestedAttr.getAttributes(); - - final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); - - String attributeName; - for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { - final RequestedAttribute attribute = reqAttrs.get(nextAttribute); - final PersonalAttribute personalAttribute = new PersonalAttribute(); - personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired())); - personalAttribute.setFriendlyName(attribute.getFriendlyName()); - attributeName = attribute.getName(); - - // recover the last name from the string. - personalAttribute.setName(attributeName.substring(attributeName.lastIndexOf('/') + 1)); - - final ArrayList<String> valores = new ArrayList<String>(); - final List<XMLObject> values = attribute.getOrderedChildren(); - - for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) { - - // Process attributes simples. An AuthenticationRequest only - // must contains simple values. - - final XMLObject xmlObject = values.get(nextSimpleValue); - - if (xmlObject instanceof XSStringImpl) { - - final XSStringImpl xmlString = (XSStringImpl) values.get(nextSimpleValue); - valores.add(xmlString.getValue()); - - } else { - - if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { - - final XSAnyImpl xmlString = (XSAnyImpl) values.get(nextSimpleValue); - - TransformerFactory transFactory = TransformerFactory.newInstance(); - Transformer transformer = null; - try { - transformer = transFactory.newTransformer(); - transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - } catch (TransformerConfigurationException e) { - LOG.error("Error transformer configuration exception", e); - } - StringWriter buffer = new StringWriter(); - try { - if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0) { - transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), new StreamResult(buffer)); - } - } catch (TransformerException e) { - LOG.error("Error transformer exception", e); - } - String str = buffer.toString(); - - valores.add(str); - - } else { - - final XSAnyImpl xmlString = (XSAnyImpl) values.get(nextSimpleValue); - valores.add(xmlString.getTextContent()); - } - - } - } - personalAttribute.setValue(valores); - personalAttrList.add(personalAttribute); - } - - request.setPersonalAttributeList(personalAttrList); - - return request; - } - - /** - * Sets the name spaces. - * - * @param tokenSaml - * the new name spaces - */ - private void setNameSpaces(final XMLObject tokenSaml) { - LOG.debug("Set namespaces."); - - final Namespace saml2 = new Namespace(SAMLConstants.SAML20_NS, SAMLConstants.SAML20_PREFIX); - tokenSaml.addNamespace(saml2); - - final Namespace digSig = new Namespace("http://www.w3.org/2000/09/xmldsig#", "ds"); - tokenSaml.addNamespace(digSig); - - final Namespace storkp = new Namespace(SAMLCore.STORK10P_NS.getValue(), SAMLCore.STORK10P_PREFIX.getValue()); - tokenSaml.addNamespace(storkp); - - final Namespace stork = new Namespace(SAMLCore.STORK10_NS.getValue(), SAMLCore.STORK10_PREFIX.getValue()); - - tokenSaml.addNamespace(stork); - } - - /** - * Validate parameters from authentication request. - * - * @param request - * the request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamAuthnReq(final STORKAuthnRequest request) throws STORKSAMLEngineException { - LOG.info("Validate parameters from authentication request."); - - // URL to which Authentication Response must be sent. - if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException("StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); - } - - // the name of the original service provider requesting the - // authentication. - if (StringUtils.isBlank(request.getProviderName())) { - throw new STORKSAMLEngineException("StorkSamlEngine: Service Provider it's mandatory."); - } - - // object that contain all attributes requesting. - if (request.getPersonalAttributeList() == null || request.getPersonalAttributeList().isEmpty()) { - throw new STORKSAMLEngineException("attributeQueries is null or empty."); - } - - // Quality authentication assurance level. - if ((request.getQaa() < QAAAttribute.MIN_VALUE) || (request.getQaa() > QAAAttribute.MAX_VALUE)) { - throw new STORKSAMLEngineException("Qaal: " + request.getQaa() + ", is invalid."); - } - - } - - /** - * Validate parameters from attribute query request. - * - * @param request - * the request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamAttrQueryReq(final STORKAttrQueryRequest request) throws STORKSAMLEngineException { - LOG.info("Validate parameters from attribute query request."); - - // URL to which AP Response must be sent. - if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException("StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); - } - - // SP country is empty - if (StringUtils.isBlank(request.getSpCountry())) { - throw new STORKSAMLEngineException("StorkSamlEngine: SP country is mandatory."); - } - - // object that contain all attributes requesting. - if (request.getPersonalAttributeList() == null || request.getPersonalAttributeList().isEmpty()) { - throw new STORKSAMLEngineException("attributeQueries is null or empty."); - } - - // Quality authentication assurance level. - if ((request.getQaa() < QAAAttribute.MIN_VALUE) || (request.getQaa() > QAAAttribute.MAX_VALUE)) { - throw new STORKSAMLEngineException("Qaal: " + request.getQaa() + ", is invalid."); - } - } - - /** - * Validate parameters from logout request. - * - * @param request - * the request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamLogoutReq(final STORKLogoutRequest request) throws STORKSAMLEngineException { - LOG.info("Validate parameters from logout request."); - // URL to which AP Response must be sent. - // Destination of the request - if (StringUtils.isBlank(request.getDestination())) { - throw new STORKSAMLEngineException("StorkSamlEngine: Destination is mandatory."); - } - - // SP Provided Id - if (StringUtils.isBlank(request.getSpProvidedId())) { - throw new STORKSAMLEngineException("StorkSamlEngine: SP provided Id is mandatory."); - } - } - - /** - * Validate parameters from logout response. - * - * @param response - * the response. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamLogoutRes(final STORKLogoutRequest request, final STORKLogoutResponse response) throws STORKSAMLEngineException { - LOG.info("Validate parameters from logout request."); - - // Issuer is mandatory - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException("Issuer must be not empty or null."); - } - - // Destination of the request - if (StringUtils.isBlank(response.getDestination())) { - throw new STORKSAMLEngineException("StorkSamlEngine: Destination is mandatory."); - } - - // SP Provided Id - if (StringUtils.isBlank(request.getSpProvidedId())) { - throw new STORKSAMLEngineException("StorkSamlEngine: SP provided Id is mandatory."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameters from response. - * - * @param request - * the request - * @param responseAuthReq - * the response authentication request - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamResponse(final STORKAuthnRequest request, final STORKAuthnResponse responseAuthReq) throws STORKSAMLEngineException { - LOG.info("Validate parameters response."); - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException("Issuer must be not empty or null."); - } - - if (responseAuthReq.getPersonalAttributeList() == null) { - LOG.error("PersonalAttributeList is null."); - throw new STORKSAMLEngineException("PersonalAttributeList is null."); - } - - if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException("assertionConsumerServiceURL is null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameters from response. - * - * @param request - * the request - * @param responseAttrQueryReq - * the response authentication request - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamAttrQueryResponse(final STORKAttrQueryRequest request, final STORKAttrQueryResponse responseAttrQueryReq) throws STORKSAMLEngineException { - LOG.info("Validate attribute querey parameters response."); - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException("Issuer must be not empty or null."); - } - - if (responseAttrQueryReq.getPersonalAttributeList() == null || responseAttrQueryReq.getPersonalAttributeList().isEmpty()) { - LOG.error("PersonalAttributeList is null or empty."); - throw new STORKSAMLEngineException("PersonalAttributeList is null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameters from response. - * - * @param request - * the request - * @param responseAttrQueryReq - * the response authentication request - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamAttrQueryResponseFromAssertions(final STORKAttrQueryRequest request, final STORKAttrQueryResponse responseAttrQueryReq) throws STORKSAMLEngineException { - LOG.info("Validate attribute querey parameters response."); - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException("Issuer must be not empty or null."); - } - - /* - * if (responseAttrQueryReq.getPersonalAttributeList() == null || responseAttrQueryReq.getPersonalAttributeList().isEmpty()) { LOG.error("PersonalAttributeList is null or empty."); throw new - * STORKSAMLEngineException( "PersonalAttributeList is null or empty."); } - */ - - /* - * if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { throw new STORKSAMLEngineException( "assertionConsumerServiceURL is null or empty."); } - */ - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameter from response fail. - * - * @param request - * the request - * @param response - * the response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamResponseFail(final STORKAuthnRequest request, final STORKAuthnResponse response) throws STORKSAMLEngineException { - LOG.info("Validate parameters response fail."); - if (StringUtils.isBlank(response.getStatusCode())) { - throw new STORKSAMLEngineException("Code error it's null or empty."); - } - - if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { - throw new STORKSAMLEngineException("assertionConsumerServiceURL is null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameter from response fail. - * - * @param request - * the request - * @param response - * the response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamAttrQueryResponseFail(final STORKAttrQueryRequest request, final STORKAttrQueryResponse response) throws STORKSAMLEngineException { - LOG.info("Validate parameters response fail."); - if (StringUtils.isBlank(response.getStatusCode())) { - throw new STORKSAMLEngineException("Code error it's null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate parameter from response fail. - * - * @param request - * the request - * @param response - * the response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private void validateParamLogoutResFail(final STORKLogoutRequest request, final STORKLogoutResponse response) throws STORKSAMLEngineException { - LOG.info("Validate parameters response fail."); - - if (StringUtils.isBlank(request.getIssuer())) { - throw new STORKSAMLEngineException("Issuer must be not empty or null."); - } - - if (StringUtils.isBlank(response.getStatusCode())) { - throw new STORKSAMLEngineException("Code error it's null or empty."); - } - - if (StringUtils.isBlank(request.getSamlId())) { - throw new STORKSAMLEngineException("request ID is null or empty."); - } - } - - /** - * Validate stork authentication request. - * - * @param tokenSaml - * the token SAML - * - * @return the sTORK authentication request - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAuthnRequest validateSTORKAuthnRequest(final byte[] tokenSaml) throws STORKSAMLEngineException { - LOG.info("validateSTORKAuthnRequest"); - - final AuthnRequest samlRequest = (AuthnRequest) validateStorkSaml(tokenSaml); - - LOG.debug("Validate Extensions."); - final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator(); - try { - validatorExt.validate(samlRequest.getExtensions()); - } catch (ValidationException e) { - LOG.error("ValidationException: validate Extensions.", e); - throw new STORKSAMLEngineException(e); - } - - LOG.debug("Generate STORKAuthnRequest."); - final STORKAuthnRequest authnRequest = processExtensions(samlRequest.getExtensions()); - - authnRequest.setCountry(this.getCountry(samlRequest.getSignature().getKeyInfo())); - - authnRequest.setAlias(this.getAlias(samlRequest.getSignature().getKeyInfo(), super.getSigner().getTrustStore())); - - authnRequest.setSamlId(samlRequest.getID()); - authnRequest.setDestination(samlRequest.getDestination()); - authnRequest.setAssertionConsumerServiceURL(samlRequest.getAssertionConsumerServiceURL()); - - authnRequest.setProviderName(samlRequest.getProviderName()); - authnRequest.setIssuer(samlRequest.getIssuer().getValue()); - - // Delete unknown elements from requested ones - final Iterator<PersonalAttribute> iterator = authnRequest.getPersonalAttributeList().iterator(); - IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) authnRequest.getPersonalAttributeList(); - while (iterator.hasNext()) { - - final PersonalAttribute attribute = iterator.next(); - - // Verify if the attribute name exits. - final String attributeName = super.getSamlCoreProperties().getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName()); - cleanPerAttrList.remove(attribute.getName()); - } - - } - authnRequest.setPersonalAttributeList(cleanPerAttrList); - - return authnRequest; - - } - - /** - * Validate stork attribute query request. - * - * @param tokenSaml - * the token SAML - * - * @return the STORK attribute query request - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAttrQueryRequest validateSTORKAttrQueryRequest(final byte[] tokenSaml) throws STORKSAMLEngineException { - LOG.info("validateSTORKAttrQueryRequest"); - - // final AttributeQuery samlRequest = (AttributeQuery) validateStorkSaml(tokenSaml); - final CustomRequestAbstractType samlRequest = (CustomRequestAbstractType) validateStorkSaml(tokenSaml); - - LOG.debug("Validate Extensions."); - final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator(); - try { - validatorExt.validate(samlRequest.getExtensions()); - } catch (ValidationException e) { - LOG.error("ValidationException: validate Extensions.", e); - throw new STORKSAMLEngineException(e); - } - - LOG.debug("Generate STORKAttrQueryRequest."); - final STORKAttrQueryRequest attrRequest = processAttrExtensions(samlRequest.getExtensions()); - - attrRequest.setCountry(this.getCountry(samlRequest.getSignature().getKeyInfo())); - - attrRequest.setAlias(this.getAlias(samlRequest.getSignature().getKeyInfo(), super.getSigner().getTrustStore())); - - attrRequest.setSamlId(samlRequest.getID()); - attrRequest.setDestination(samlRequest.getDestination()); - attrRequest.setAssertionConsumerServiceURL(samlRequest.getAssertionConsumerServiceURL()); - - attrRequest.setIssuer(samlRequest.getIssuer().getValue()); - - // Delete unknown elements from requested ones - final Iterator<PersonalAttribute> iterator = attrRequest.getPersonalAttributeList().iterator(); - IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) attrRequest.getPersonalAttributeList(); - while (iterator.hasNext()) { - - final PersonalAttribute attribute = iterator.next(); - - // Verify if the attribute name exits. - final String attributeName = super.getSamlCoreProperties().getProperty(attribute.getName()); - - if (StringUtils.isBlank(attributeName)) { - LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName()); - cleanPerAttrList.remove(attribute.getName()); - } - - } - attrRequest.setPersonalAttributeList(cleanPerAttrList); - - return attrRequest; - - } - - /** - * Validate stork logout request. - * - * @param tokenSaml - * the token SAML - * - * @return the STORK logout request - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKLogoutRequest validateSTORKLogoutRequest(final byte[] tokenSaml) throws STORKSAMLEngineException { - LOG.info("validateSTORKLogoutRequest"); - - final LogoutRequest samlRequest = (LogoutRequest) validateStorkSaml(tokenSaml); - - if (samlRequest.getExtensions() != null) { - LOG.debug("Validate Extensions."); - final Validator<Extensions> validatorExt = new ExtensionsSchemaValidator(); - try { - validatorExt.validate(samlRequest.getExtensions()); - } catch (ValidationException e) { - LOG.error("ValidationException: validate Extensions.", e); - throw new STORKSAMLEngineException(e); - } - } - - LOG.debug("Generate STORKLogoutRequest."); - final STORKLogoutRequest logoutRequest = new STORKLogoutRequest(); - - logoutRequest.setCountry(this.getCountry(samlRequest.getSignature().getKeyInfo())); - - logoutRequest.setAlias(this.getAlias(samlRequest.getSignature().getKeyInfo(), super.getSigner().getTrustStore())); - - logoutRequest.setSamlId(samlRequest.getID()); - logoutRequest.setDestination(samlRequest.getDestination()); - - logoutRequest.setIssuer(samlRequest.getIssuer().getValue()); - - logoutRequest.setSpProvidedId(samlRequest.getNameID().getValue()); - - return logoutRequest; - - } - - /** - * Validate stork logout response. - * - * @param tokenSaml - * The SAML token - * - * @return the STORK logout response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKLogoutResponse validateSTORKLogoutResponse(final byte[] tokenSaml) throws STORKSAMLEngineException { - - LOG.info("validate STORK Logout Response"); - - final LogoutResponse samlRes = (LogoutResponse) validateStorkSaml(tokenSaml); - - LOG.debug("Generate STORKLogoutResponse."); - final STORKLogoutResponse logoutRes = new STORKLogoutResponse(); - - try { - logoutRes.setTokenSaml(super.signAndMarshall(samlRes)); - } catch (SAMLEngineException e) { - LOG.error("Sign and Marshall.", e); - throw new STORKSAMLEngineException(e); - } - - logoutRes.setAlias(this.getAlias(samlRes.getSignature().getKeyInfo(), super.getSigner().getTrustStore())); - logoutRes.setSamlId(samlRes.getID()); - logoutRes.setDestination(samlRes.getDestination()); - logoutRes.setIssuer(samlRes.getIssuer().getValue()); - logoutRes.setStatusCode(samlRes.getStatus().getStatusCode().getValue().toString()); - logoutRes.setStatusMessage(samlRes.getStatus().getStatusMessage().getMessage().toString()); - logoutRes.setInResponseTo(samlRes.getInResponseTo()); - return logoutRes; - } - - /** - * Validate stork authentication response. - * - * @param tokenSaml - * the token SAML - * @param userIP - * the user IP - * - * @return the Stork authentication response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAuthnResponse validateSTORKAuthnResponse(final byte[] tokenSaml, final String userIP) throws STORKSAMLEngineException { - - LOG.info("validateSTORKAuthnResponse"); - final Response samlResponse = (Response) validateStorkSaml(tokenSaml); - - LOG.debug("Create StorkAuthResponse."); - final STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - - authnResponse.setCountry(this.getCountry(samlResponse.getSignature().getKeyInfo())); - - LOG.debug("Set ID."); - authnResponse.setSamlId(samlResponse.getID()); - LOG.debug("Set InResponseTo."); - authnResponse.setInResponseTo(samlResponse.getInResponseTo()); - LOG.debug("Set statusCode."); - authnResponse.setStatusCode(samlResponse.getStatus().getStatusCode().getValue()); - - // Subordinate code. - if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { - authnResponse.setSubStatusCode(samlResponse.getStatus().getStatusCode().getStatusCode().getValue()); - } - - if (samlResponse.getStatus().getStatusMessage() != null) { - LOG.debug("Set statusMessage."); - authnResponse.setMessage(samlResponse.getStatus().getStatusMessage().getMessage()); - } - - LOG.debug("validateStorkResponse"); - final Assertion assertion = (Assertion) validateStorkResponse(samlResponse, userIP); - - if (assertion != null) { - final DateTime serverDate = new DateTime(); - - if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { - LOG.error("Token date expired (getNotOnOrAfter = " + assertion.getConditions().getNotOnOrAfter() + ", server_date: " + serverDate + ")"); - throw new STORKSAMLEngineException("Token date expired (getNotOnOrAfter = " + assertion.getConditions().getNotOnOrAfter() + " ), server_date: " + serverDate); - } - - LOG.debug("Set notOnOrAfter."); - authnResponse.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter()); - - LOG.debug("Set notBefore."); - authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - authnResponse.setAudienceRestriction(((AudienceRestriction) assertion.getConditions().getAudienceRestrictions().get(0)).getAudiences().get(0).getAudienceURI()); - authnResponse.setAssertions(samlResponse.getAssertions()); - } - - // Case no error. - if (assertion != null && StatusCode.SUCCESS_URI.equalsIgnoreCase(authnResponse.getStatusCode())) { - LOG.debug("Status Success. Set PersonalAttributeList."); - authnResponse.setPersonalAttributeList(generatePersonalAttributeList(assertion)); - authnResponse.setFail(false); - } else { - LOG.debug("Status Fail."); - authnResponse.setFail(true); - } - LOG.debug("Return result."); - return authnResponse; - - } - - /** - * Validate stork authentication response. - * - * @param tokenSaml - * the token SAML - * @param userIP - * the user IP - * - * @return the Stork authentication response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAuthnResponse validateSTORKAuthnResponseWithQuery(final byte[] tokenSaml, final String userIP) throws STORKSAMLEngineException { - - LOG.info("validateSTORKAuthnResponse"); - final Response samlResponse = (Response) validateStorkSaml(tokenSaml); - - LOG.debug("Create StorkAuthResponse."); - final STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - - authnResponse.setCountry(this.getCountry(samlResponse.getSignature().getKeyInfo())); - - LOG.debug("Set ID."); - authnResponse.setSamlId(samlResponse.getID()); - LOG.debug("Set InResponseTo."); - authnResponse.setInResponseTo(samlResponse.getInResponseTo()); - LOG.debug("Set statusCode."); - authnResponse.setStatusCode(samlResponse.getStatus().getStatusCode().getValue()); - - // Subordinate code. - if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { - authnResponse.setSubStatusCode(samlResponse.getStatus().getStatusCode().getStatusCode().getValue()); - } - - if (samlResponse.getStatus().getStatusMessage() != null) { - LOG.debug("Set statusMessage."); - authnResponse.setMessage(samlResponse.getStatus().getStatusMessage().getMessage()); - } - - LOG.debug("validateStorkResponse"); - final Assertion assertion = (Assertion) validateStorkResponse(samlResponse, userIP); - - if (assertion != null) { - final DateTime serverDate = new DateTime(); - - if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { - LOG.error("Token date expired (getNotOnOrAfter = " + assertion.getConditions().getNotOnOrAfter() + ", server_date: " + serverDate + ")"); - throw new STORKSAMLEngineException("Token date expired (getNotOnOrAfter = " + assertion.getConditions().getNotOnOrAfter() + " ), server_date: " + serverDate); - } - - LOG.debug("Set notOnOrAfter."); - authnResponse.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter()); - - LOG.debug("Set notBefore."); - authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - authnResponse.setAudienceRestriction(((AudienceRestriction) assertion.getConditions().getAudienceRestrictions().get(0)).getAudiences().get(0).getAudienceURI()); - } - - // Case no error. - if (assertion != null && StatusCode.SUCCESS_URI.equalsIgnoreCase(authnResponse.getStatusCode())) { - LOG.debug("Status Success. Set PersonalAttributeList."); - authnResponse.setPersonalAttributeList(generatePersonalAttributeList(assertion)); - authnResponse.setFail(false); - } else { - LOG.debug("Status Fail."); - authnResponse.setFail(true); - } - - authnResponse.setAssertions(samlResponse.getAssertions()); - if (samlResponse.getAssertions().size() > 1) { - PersonalAttributeList total = new PersonalAttributeList(); - List<IPersonalAttributeList> attrList = new ArrayList<IPersonalAttributeList>(); - for (int i = 0; i < samlResponse.getAssertions().size(); i++) { - Assertion tempAssertion = (Assertion) samlResponse.getAssertions().get(i); - IPersonalAttributeList temp = generatePersonalAttributeList(tempAssertion); - if (temp != null) { - attrList.add(temp); - for (PersonalAttribute attribute : (IPersonalAttributeList) temp.clone()) { - attribute.setName(attribute.getName() + tempAssertion.getID()); - total.add(attribute); - } - } - } - authnResponse.setPersonalAttributeLists(attrList); - authnResponse.setTotalPersonalAttributeList(total); - } - - LOG.debug("Return result."); - return authnResponse; - - } - - /** - * Validate stork attribute query response. - * - * @param tokenSaml - * the token SAML - * @param userIP - * the user IP - * - * @return the Stork attribute query response - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public STORKAttrQueryResponse validateSTORKAttrQueryResponse(final byte[] tokenSaml, final String userIP) throws STORKSAMLEngineException { - - LOG.info("validateSTORKAttrQueryResponse"); - final Response samlResponse = (Response) validateStorkSaml(tokenSaml); - - LOG.debug("Create StorkAttrQueryResponse."); - final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); - - attrQueryResponse.setCountry(this.getCountry(samlResponse.getSignature().getKeyInfo())); - - LOG.debug("Set ID."); - attrQueryResponse.setSamlId(samlResponse.getID()); - LOG.debug("Set InResponseTo."); - attrQueryResponse.setInResponseTo(samlResponse.getInResponseTo()); - LOG.debug("Set statusCode."); - attrQueryResponse.setStatusCode(samlResponse.getStatus().getStatusCode().getValue()); - - // Subordinate code. - if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { - attrQueryResponse.setSubStatusCode(samlResponse.getStatus().getStatusCode().getStatusCode().getValue()); - } - - if (samlResponse.getStatus().getStatusMessage() != null) { - LOG.debug("Set statusMessage."); - attrQueryResponse.setMessage(samlResponse.getStatus().getStatusMessage().getMessage()); - } - - LOG.debug("validateStorkResponse"); - final Assertion assertion = (Assertion) validateStorkResponse(samlResponse, userIP); - - if (assertion != null) { - final DateTime serverDate = new DateTime(); - - attrQueryResponse.setAssertion(assertion); - - if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { - LOG.error("Token date expired (getNotOnOrAfter = " + assertion.getConditions().getNotOnOrAfter() + ", server_date: " + serverDate + ")"); - throw new STORKSAMLEngineException("Token date expired (getNotOnOrAfter = " + assertion.getConditions().getNotOnOrAfter() + " ), server_date: " + serverDate); - } - - LOG.debug("Set notOnOrAfter."); - attrQueryResponse.setNotOnOrAfter(assertion.getConditions().getNotOnOrAfter()); - - LOG.debug("Set notBefore."); - attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore()); - - attrQueryResponse.setAudienceRestriction(((AudienceRestriction) assertion.getConditions().getAudienceRestrictions().get(0)).getAudiences().get(0).getAudienceURI()); - } - - // Case no error. - if (assertion != null && StatusCode.SUCCESS_URI.equalsIgnoreCase(attrQueryResponse.getStatusCode())) { - LOG.debug("Status Success. Set PersonalAttributeList."); - attrQueryResponse.setPersonalAttributeList(generatePersonalAttributeList(assertion)); - attrQueryResponse.setFail(false); - } else { - LOG.debug("Status Fail."); - attrQueryResponse.setFail(true); - } - - attrQueryResponse.setAssertions(samlResponse.getAssertions()); - if (samlResponse.getAssertions().size() > 1) { - PersonalAttributeList total = new PersonalAttributeList(); - List<IPersonalAttributeList> attrList = new ArrayList(); - for (int i = 0; i < samlResponse.getAssertions().size(); i++) { - Assertion tempAssertion = (Assertion) samlResponse.getAssertions().get(i); - IPersonalAttributeList temp = generatePersonalAttributeList(tempAssertion); - if (temp != null) { - attrList.add(temp); - for (PersonalAttribute attribute : temp) { - PersonalAttribute attr = (PersonalAttribute) attribute.clone(); - attr.setName(attr.getName() + tempAssertion.getID()); - total.add(attr); - } - } - } - attrQueryResponse.setPersonalAttributeLists(attrList); - attrQueryResponse.setTotalPersonalAttributeList(total); - } - - LOG.debug("Return result."); - return attrQueryResponse; - - } - - /** - * Validate stork response. - * - * @param samlResponse - * the SAML response - * @param userIP - * the user IP - * - * @return the assertion - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private Assertion validateStorkResponse(final Response samlResponse, final String userIP) throws STORKSAMLEngineException { - // Exist only one Assertion - - if (samlResponse.getAssertions() == null || samlResponse.getAssertions().isEmpty()) { - LOG.info("Assertion is null or empty."); // in replace of throw new STORKSAMLEngineException("Assertion is null or empty.") - return null; - } - - final Assertion assertion = (Assertion) samlResponse.getAssertions().get(0); - - LOG.debug("Verified method Bearer"); - for (final Iterator<SubjectConfirmation> iter = assertion.getSubject().getSubjectConfirmations().iterator(); iter.hasNext();) { - final SubjectConfirmation element = iter.next(); - final boolean isBearer = SubjectConfirmation.METHOD_BEARER.equals(element.getMethod()); - - final boolean ipValidate = super.getSamlCoreProperties().isIpValidation(); - - if (ipValidate) { - if (isBearer) { - if (StringUtils.isBlank(userIP)) { - LOG.error("browser_ip is null or empty."); - throw new STORKSAMLEngineException("browser_ip is null or empty."); - } else if (StringUtils.isBlank(element.getSubjectConfirmationData().getAddress())) { - LOG.error("token_ip attribute is null or empty."); - throw new STORKSAMLEngineException("token_ip attribute is null or empty."); - } - } - - final boolean ipEqual = element.getSubjectConfirmationData().getAddress().equals(userIP); - - // Validation ipUser - if (!ipEqual && ipValidate) { - LOG.error("SubjectConfirmation BEARER: "); - throw new STORKSAMLEngineException("IPs doesn't match : token_ip (" + element.getSubjectConfirmationData().getAddress() + ") browser_ip (" + userIP + ")"); - } - } - - } - return assertion; - } - - /** - * Validate stork SAML. - * - * @param tokenSaml - * the token SAML - * - * @return the signable SAML object - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - private SignableSAMLObject validateStorkSaml(final byte[] tokenSaml) throws STORKSAMLEngineException { - - LOG.info("Validate StorkSaml message."); - - if (tokenSaml == null) { - LOG.error("Saml authentication request is null."); - throw new STORKSAMLEngineException("Saml authentication request is null."); - } - - LOG.debug("Generate AuthnRequest from request."); - SignableSAMLObject samlObject; - - try { - samlObject = (SignableSAMLObject) super.unmarshall(tokenSaml); - } catch (SAMLEngineException e) { - LOG.error("SAMLEngineException unmarshall.", e); - throw new STORKSAMLEngineException(e); - } - - boolean validateSign = true; - - if (StringUtils.isNotBlank(super.getSamlCoreProperties().getProperty("validateSignature"))) { - validateSign = Boolean.valueOf(super.getSamlCoreProperties().getProperty("validateSignature")); - } - - if (validateSign) { - LOG.debug("Validate Signature."); - try { - super.validateSignature(samlObject); - } catch (SAMLEngineException e) { - LOG.error("SAMLEngineException validateSignature.", e); - throw new STORKSAMLEngineException(e); - } - } - - LOG.debug("Validate Schema."); - final ValidatorSuite validatorSuite = Configuration.getValidatorSuite("saml2-core-schema-validator"); - try { - if (samlObject.getElementQName().toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) { - CustomAttributeQueryValidator val = new CustomAttributeQueryValidator(); - val.validate((CustomAttributeQuery) samlObject); - } else if (samlObject instanceof Response && ((Response) samlObject).getAssertions().size() > 1) { - MultipleAssertionResponseValidator val = new MultipleAssertionResponseValidator(); - val.validate((Response) samlObject); - } else - validatorSuite.validate(samlObject); - } catch (ValidationException e) { - LOG.error("ValidationException.", e); - throw new STORKSAMLEngineException(e); - } - - return samlObject; - } - - private boolean isComplex(XMLObject xmlObject) { - boolean isComplex = false; - - final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; - - for (int nextComplexValue = 0; nextComplexValue < complexValue.getUnknownXMLObjects().size(); nextComplexValue++) { - - final XSAnyImpl simple = (XSAnyImpl) complexValue.getUnknownXMLObjects().get(nextComplexValue); - - if (simple.getElementQName().getLocalPart() != null) { - isComplex = true; - break; - } - } - - return isComplex; - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java deleted file mode 100644 index 73d7e4f62..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java +++ /dev/null @@ -1,63 +0,0 @@ -package eu.stork.peps.auth.engine; - -import org.bouncycastle.asn1.DERObjectIdentifier; -import org.bouncycastle.jce.X509Principal; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Utility class used to decrease complexity of comparison of 2 X509principal - * - * @author vanegdi - * @version $Revision: 1.00 $, $Date: 2013-05-24 20:53:51 $ - */ -public final class X509PrincipalUtil { - - private static final DERObjectIdentifier[] DER_OBJECT_IDENTIFIERS_ARRAY = { X509Principal.CN, X509Principal.OU, X509Principal.O, X509Principal.L, X509Principal.ST, X509Principal.C, - X509Principal.E }; - - private static final Logger LOG = LoggerFactory.getLogger(eu.stork.peps.auth.engine.X509PrincipalUtil.class); - - /** - * Compares 2 X509Principals to detect if they equals - * - * @param principal1 - * @param principal2 - * @return true if arguments are not null and equals - */ - public static boolean X509equals(X509Principal principal1, X509Principal principal2) { - boolean continueProcess = true; - if (principal1 == null || principal2 == null) { - return false; - } - - int cpt = 0; - while (continueProcess && cpt < DER_OBJECT_IDENTIFIERS_ARRAY.length) { - continueProcess = continueProcess && x509ValuesByIdentifierEquals(principal1, principal2, DER_OBJECT_IDENTIFIERS_ARRAY[cpt]); - cpt++; - } - return continueProcess; - } - - public static boolean equals2(X509Principal principal1, X509Principal principal2) { - - if (principal1 == null || principal2 == null) { - return false; - } - - if (principal1.getName().equals(principal2.getName())) - return true; - else - return false; - - } - - private static boolean x509ValuesByIdentifierEquals(X509Principal principal1, X509Principal principal2, DERObjectIdentifier identifier) { - return principal1.getValues(identifier).equals(principal2.getValues(identifier)); - } - - private X509PrincipalUtil() { - // default contructor - LOG.error("Fake X509PrincipalUtil : never be called"); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java deleted file mode 100644 index 3821f3c06..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface AuthenticationAttributes. - * - * @author fjquevedo - */ -public interface AuthenticationAttributes extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "AuthenticationAttributes"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "AuthenticationAttributesType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the citizen country code. - * - * @return the citizen country code - */ - VIDPAuthenticationAttributes getVIDPAuthenticationAttributes(); - - /** - * Sets the vIDP authentication attributes. - * - * @param newVIDPAuthenticationAttr - * the new vIDP authentication attributes - */ - void setVIDPAuthenticationAttributes(VIDPAuthenticationAttributes newVIDPAuthenticationAttr); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java deleted file mode 100644 index 95994695d..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * - * @author fjquevedo - */ -public interface CitizenCountryCode extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "CitizenCountryCode"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "CitizenCountryCodeType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the SP country. - * - * @return the sP country - */ - String getCitizenCountryCode(); - - /** - * Sets the citizen country code. - * - * @param citizenCountryCode - * the new citizen country code - */ - void setCitizenCountryCode(String citizenCountryCode); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java deleted file mode 100644 index d603c2293..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomAttributeQuery.java +++ /dev/null @@ -1,49 +0,0 @@ -package eu.stork.peps.auth.engine.core; - -import java.util.List; -import javax.xml.namespace.QName; - -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.Subject; -import org.opensaml.saml2.core.SubjectQuery; - -public interface CustomAttributeQuery extends CustomRequestAbstractType { - /** Element local name. */ - public static final String DEFAULT_ELEMENT_LOCAL_NAME = "AttributeQuery"; - - /** Default element name. */ - public static final QName DEFAULT_ELEMENT_NAME = new QName(SAMLConstants.SAML20P_NS, DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX); - - /** Local name of the XSI type. */ - public static final String TYPE_LOCAL_NAME = "CustomAttributeQueryType"; - - /** QName of the XSI type. */ - public static final QName TYPE_NAME = new QName(SAMLConstants.SAML20P_NS, TYPE_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX); - - /** AssertionConsumerServiceURL attribute name. */ - public static final String ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME = "AssertionConsumerServiceURL"; - - /** - * Gets the Attributes of this query. - * - * @return the list of Attributes of this query - */ - public List<Attribute> getAttributes(); - - /** - * Gets the Subject of this request. - * - * @return the Subject of this request - */ - public Subject getSubject(); - - /** - * Sets the Subject of this request. - * - * @param newSubject - * the Subject of this request - */ - public void setSubject(Subject newSubject); - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java deleted file mode 100644 index 2dd36a4d9..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CustomRequestAbstractType.java +++ /dev/null @@ -1,181 +0,0 @@ -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.joda.time.DateTime; -import org.opensaml.common.SAMLVersion; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.common.Extensions; -import org.opensaml.saml2.core.Issuer; - -public interface CustomRequestAbstractType extends SignableSAMLObject { - - /** Local name of the XSI type. */ - public static final String TYPE_LOCAL_NAME = "RequestAbstractType"; - - /** QName of the XSI type. */ - public static final QName TYPE_NAME = new QName(SAMLConstants.SAML20P_NS, TYPE_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX); - - /** ID attribute name. */ - public static final String ID_ATTRIB_NAME = "ID"; - - /** Version attribute name. */ - public static final String VERSION_ATTRIB_NAME = "Version"; - - /** IssueInstant attribute name. */ - public static final String ISSUE_INSTANT_ATTRIB_NAME = "IssueInstant"; - - /** Destination attribute name. */ - public static final String DESTINATION_ATTRIB_NAME = "Destination"; - - /** Destination attribute name. */ - public static final String ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME = "AssertionConsumerServiceURL"; - - /** Consent attribute name. */ - public static final String CONSENT_ATTRIB_NAME = "Consent"; - - /** Unspecified consent URI. */ - public static final String UNSPECIFIED_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:unspecified"; - - /** Obtained consent URI. */ - public static final String OBTAINED_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:obtained"; - - /** Prior consent URI. */ - public static final String PRIOR_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:prior"; - - /** Implicit consent URI. */ - public static final String IMPLICIT_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:current-implicit"; - - /** Explicit consent URI. */ - public static final String EXPLICIT_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:current-explicit"; - - /** Unavailable consent URI. */ - public static final String UNAVAILABLE_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:unavailable"; - - /** Inapplicable consent URI. */ - public static final String INAPPLICABLE_CONSENT = "urn:oasis:names:tc:SAML:2.0:consent:inapplicable"; - - /** - * Gets the SAML Version of this request. - * - * @return the SAML Version of this request. - */ - public SAMLVersion getVersion(); - - /** - * Sets the SAML Version of this request. - * - * @param newVersion - * the SAML Version of this request - */ - public void setVersion(SAMLVersion newVersion); - - /** - * Gets the unique identifier of the request. - * - * @return the unique identifier of the request - */ - public String getID(); - - /** - * Sets the unique identifier of the request. - * - * @param newID - * the unique identifier of the request - */ - - public void setID(String newID); - - /** - * Gets the date/time the request was issued. - * - * @return the date/time the request was issued - */ - - public DateTime getIssueInstant(); - - /** - * Sets the date/time the request was issued. - * - * @param newIssueInstant - * the date/time the request was issued - */ - public void setIssueInstant(DateTime newIssueInstant); - - /** - * Gets the URI of the destination of the request. - * - * @return the URI of the destination of the request - */ - public String getDestination(); - - /** - * Sets the URI of the destination of the request. - * - * @param newDestination - * the URI of the destination of the request - */ - public void setDestination(String newDestination); - - /** - * Sets the index of the particular Assertion Consumer Service to which the response to this request should be delivered. - * - * @param newAssertionConsumerServiceIndex - * the new value of the AssertionConsumerServiceIndex attribute - */ - public void setAssertionConsumerServiceURL(String newServiceUrl); - - /** - * Gets the URL of the particular Assertion Consumer Service to which the response to this request should be delivered. - * - * @return the value of the AssertionConsumerServiceURL attribute - */ - public String getAssertionConsumerServiceURL(); - - /** - * Gets the consent obtained from the principal for sending this request. - * - * @return the consent obtained from the principal for sending this request - */ - public String getConsent(); - - /** - * Sets the consent obtained from the principal for sending this request. - * - * @param newConsent - * the new consent obtained from the principal for sending this request - */ - public void setConsent(String newConsent); - - /** - * Gets the issuer of this request. - * - * @return the issuer of this request - */ - public Issuer getIssuer(); - - /** - * Sets the issuer of this request. - * - * @param newIssuer - * the issuer of this request - */ - public void setIssuer(Issuer newIssuer); - - /** - * Gets the Extensions of this request. - * - * @return the Status of this request - */ - public Extensions getExtensions(); - - /** - * Sets the Extensions of this request. - * - * @param newExtensions - * the Extensions of this request - */ - public void setExtensions(Extensions newExtensions); - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java deleted file mode 100644 index 423f0f342..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * - * @author fjquevedo - */ -public interface EIDCrossBorderShare extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "eIDCrossBorderShare"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "eIDCrossBorderShareType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the eID cross border share. - * - * @return the eID cross border share - */ - String getEIDCrossBorderShare(); - - /** - * Sets the eID cross border share. - * - * @param eIDCrossBorderShare - * the new eID cross border share - */ - void setEIDCrossBorderShare(String eIDCrossBorderShare); - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java deleted file mode 100644 index 260f91046..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossSectorShare. - * - * @author fjquevedo - */ -public interface EIDCrossSectorShare extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String ELEM_LOCAL_NAME = "eIDCrossSectorShare"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), ELEM_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "eIDCrossSectorShareType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the eID cross sector share. - * - * @return the eID cross sector share - */ - String getEIDCrossSectorShare(); - - /** - * Sets the eID cross sector share. - * - * @param eIDCrossSectorShare - * the new eID cross sector share - */ - void setEIDCrossSectorShare(String eIDCrossSectorShare); - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java deleted file mode 100644 index a5748d5f1..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDSectorShare. - * - * @author fjquevedo - */ -public interface EIDSectorShare extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "eIDSectorShare"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "eIDSectorShare"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the eID sector share. - * - * @return the eID sector share - */ - String getEIDSectorShare(); - - /** - * Sets the eID sector share. - * - * @param eIDSectorShare - * the new eID sector share - */ - void setEIDSectorShare(String eIDSectorShare); - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java deleted file mode 100644 index 22d472be9..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * STORK Quality Authentication Assurance Level Attribute Interface. - * - * @author fjquevedo - */ -public interface QAAAttribute extends SAMLObject { - - /** Element local name. */ - String DEF_LOCAL_NAME = "QualityAuthenticationAssuranceLevel"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "QualityAuthenticationAssuranceLevelAbstractType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** The minimum value allowed. */ - int MIN_VALUE = 1; - - /** The Max value allowed. */ - int MAX_VALUE = 4; - - /** - * Gets the qAA level. - * - * @return the qAA level - */ - String getQaaLevel(); - - /** - * Sets the qAA level. - * - * @param qaaLevel - * the new qAA level - * - */ - void setQaaLevel(String qaaLevel); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java deleted file mode 100644 index 955f6bef9..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java +++ /dev/null @@ -1,141 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import java.util.List; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; -import org.opensaml.xml.AttributeExtensibleXMLObject; -import org.opensaml.xml.schema.XSBooleanValue; -import org.opensaml.xml.XMLObject; - -/** - * The Interface RequestedAttribute. - * - * @author fjquevedo - */ -public interface RequestedAttribute extends SAMLObject, AttributeExtensibleXMLObject { - - /** Element local name. */ - String DEF_LOCAL_NAME = "RequestedAttribute"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "RequestedAttributeAbstractType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** NAME_ATTRIB_NAME attribute name. */ - String NAME_ATTRIB_NAME = "Name"; - - /** NAME_FORMAT_ATTRIB_NAME attribute name. */ - String NAME_FORMAT_ATTR = "NameFormat"; - - /** IS_REQUIRED_ATTRIB_NAME attribute name. */ - String IS_REQUIRED_ATTR = "isRequired"; - - /** FRIENDLY_NAME_ATTRIB_NAME attribute name. */ - String FRIENDLY_NAME_ATT = "FriendlyName"; - - /** Unspecified attribute format ID. */ - String UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"; - - /** URI reference attribute format ID. */ - String URI_REFERENCE = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"; - - /** Basic attribute format ID. */ - String BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic"; - - /** - * Gets the name. - * - * @return the name - */ - String getName(); - - /** - * Sets the name. - * - * @param name - * the new name - */ - void setName(String name); - - /** - * Gets the name format. - * - * @return the name format - */ - String getNameFormat(); - - /** - * Sets the name format. - * - * @param nameFormat - * the new name format - */ - void setNameFormat(String nameFormat); - - /** - * Gets the friendly name. - * - * @return the friendly name - */ - String getFriendlyName(); - - /** - * Sets the friendly name. - * - * @param friendlyName - * the new friendly name - */ - void setFriendlyName(String friendlyName); - - /** - * Gets the checks if is required. - * - * @return the checks if is required - */ - String isRequired(); - - /** - * Gets the checks if is required xs boolean. - * - * @return the checks if is required xs boolean - */ - String getIsRequiredXSBoolean(); - - /** - * Sets the checks if is required. - * - * @param newIsRequired - * the new checks if is required - */ - void setIsRequired(String newIsRequired); - - /** - * Gets the attribute values. - * - * @return the attribute values - */ - List<XMLObject> getAttributeValues(); - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java deleted file mode 100644 index 4527bfdb6..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import java.util.List; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface RequestedAttributes. - * - * @author fjquevedo - */ -public interface RequestedAttributes extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "RequestedAttributes"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "RequestedAttributesType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the attributes. - * - * @return the attributes - */ - List<RequestedAttribute> getAttributes(); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java deleted file mode 100644 index 16b9afd18..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -/** - * The Enumeration SAMLCore. - * - * @author fjquevedo - */ - -public enum SAMLCore { - - /** The consent authentication request. */ - CONSENT_AUTHN_REQ("consentAuthnRequest"), - - /** The consent authentication response. */ - CONSENT_AUTHN_RES("consentAuthnResponse"), - - /** The FORC e_ auth n_ tag. */ - FORCE_AUTHN_TAG("forceAuthN"), - - /** The I s_ passiv e_ tag. */ - IS_PASSIVE_TAG("isPassive"), - - /** The FORMA t_ entity. */ - FORMAT_ENTITY("formatEntity"), - - /** The FRIENDLY name. */ - FRIENDLY_NAME("friendlyName"), - - /** The IS_REQUIRED AN ATTRIBUTE */ - IS_REQUIRED("isRequired"), - - /** The PRO t_ bindin g_ tag. */ - PROT_BINDING_TAG("protocolBinding"), - - /** The ASSER t_ con s_ tag. */ - ASSERT_CONS_TAG("assertionConsumerServiceURL"), - - /** The REQUESTE r_ tag. */ - REQUESTER_TAG("requester"), - - /** The RESPONDE r_ tag. */ - RESPONDER_TAG("responder"), - - /** The format r_tag. */ - FORMAT_TAG("format"), - - /** The STOR k10_ ns. */ - STORK10_NS("urn:eu:stork:names:tc:STORK:1.0:assertion"), - - /** The STOR k10 p_ ns. */ - STORK10P_NS("urn:eu:stork:names:tc:STORK:1.0:protocol"), - - /** The STOR k10_ prefix. */ - STORK10_PREFIX("stork"), - - /** The STOR k10 p_ prefix. */ - STORK10P_PREFIX("storkp"), - - /** The STOR k10_ bas e_ uri. */ - STORK10_BASE_URI("http://www.stork.gov.eu/1.0/"), - - /** The ON e_ tim e_ use. */ - ONE_TIME_USE("oneTimeUse"); - - /** The value. */ - private String value; - - /** - * Instantiates a new sAML core. - * - * @param fullName - * the full name - */ - private SAMLCore(final String fullName) { - this.value = fullName; - } - - /** - * Gets the value. - * - * @return the value - */ - public String getValue() { - return value; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java deleted file mode 100644 index 8474eeedc..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import java.security.KeyStore; -import java.security.cert.X509Certificate; - -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; - -import eu.stork.peps.exceptions.SAMLEngineException; - -/** - * The Interface SAMLEngineSignI. - * - * @author fjquevedo - */ -public interface SAMLEngineSignI { - - /** - * Sign. - * - * @param tokenSaml - * the token SAML - * - * @return the sAML object - * - * @throws SAMLEngineException - * the SAML engine exception - */ - SAMLObject sign(SignableSAMLObject tokenSaml) throws SAMLEngineException; - - /** - * Gets the certificate. - * - * @return the certificate - */ - X509Certificate getCertificate(); - - /** - * Gets the trustStore used when validating SAMLTokens - * - * @return the trustStore - * - */ - KeyStore getTrustStore(); - - /** - * Validate signature. - * - * @param tokenSaml - * the token SAML - * - * @return the sAML object - * - * @throws SAMLEngineException - * the SAML engine exception - */ - SAMLObject validateSignature(SignableSAMLObject tokenSaml) throws SAMLEngineException; - - /** - * Initialize the signature module. - * - * @param fileConf - * the configuration file. - * - * @throws SAMLEngineException - * the STORKSAML engine runtime exception - */ - void init(String fileConf) throws SAMLEngineException; - - /** - * Load cryptographic service provider. - * - * @throws SAMLEngineException - * the SAML engine exception - */ - void loadCryptServiceProvider() throws SAMLEngineException; - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java deleted file mode 100644 index 82753b61f..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface SPApplication. - * - * @author fjquevedo - */ -public interface SPApplication extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "spApplication"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "spApplicationType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** - * Gets the service provider application. - * - * @return the service provider application - */ - String getSPApplication(); - - /** - * Sets the service provider application. - * - * @param spApplication - * the new service provider application - */ - void setSPApplication(String spApplication); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java deleted file mode 100644 index e04d817ca..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface SPCountry. - * - * @author fjquevedo - */ -public interface SPCountry extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "spCountry"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "spCountryType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** - * Gets the service provider country. - * - * @return the service provider country - */ - String getSPCountry(); - - /** - * Sets the service provider country. - * - * @param spCountry - * the new service provider country - */ - void setSPCountry(String spCountry); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java deleted file mode 100644 index 8dad4d968..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * - * @author iinigo - */ -public interface SPID extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "SPID"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "SPIDType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the SP ID. - * - * @return the SP ID - */ - String getSPID(); - - /** - * Sets the SP ID. - * - * @param SPID - * the new SP ID - */ - void setSPID(String newSPID); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java deleted file mode 100644 index 8ad5b6eef..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * - * @author iinigo - */ -public interface SPInformation extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "SPInformation"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "SPInformationType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the SP Id. - * - * @return the SP Id - */ - SPID getSPID(); - - /** - * Sets the SP Id. - * - * @param newSPId - * the new SP Id - */ - void setSPID(SPID newSPID); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java deleted file mode 100644 index 8a34a94ff..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface EIDCrossBorderShare. - * - * @author fjquevedo - */ -public interface SPInstitution extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "spInstitution"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "spInstitutionType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** - * Gets the service provider institution. - * - * @return the service provider institution - */ - String getSPInstitution(); - - /** - * Sets the service provider institution. - * - * @param spInstitution - * the new service provider institution - */ - void setSPInstitution(String spInstitution); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java deleted file mode 100644 index 4b8af10cf..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface SPSector. - * - * @author fjquevedo - */ -public interface SPSector extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "spSector"; - - /** The Constant DEFAULT_ELEMENT_NAME. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** The Constant TYPE_LOCAL_NAME. */ - String TYPE_LOCAL_NAME = "spSectorType"; - - /** The Constant TYPE_NAME. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10_PREFIX.getValue()); - - /** - * Gets the service provider sector. - * - * @return the service provider sector - */ - String getSPSector(); - - /** - * Sets the service provider sector. - * - * @param spSector - * the new service provider sector - */ - void setSPSector(String spSector); -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java deleted file mode 100644 index 2a548ca6f..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java +++ /dev/null @@ -1,528 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import java.util.Properties; - -import org.apache.commons.lang.StringUtils; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.NameIDType; -import org.opensaml.saml2.core.RequestAbstractType; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * The Class SAMLCore. - * - * @author fjquevedo - */ -public final class STORKSAMLCore { - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory.getLogger(STORKSAMLCore.class.getName()); - - /** The consent authentication request. */ - private String consentAuthnReq = null; - - /** The consent authentication response. */ - private String consentAuthnResp = null; - - /** The id cross border share. */ - private String eIDCrossBordShare = null; - - /** The e id cross sect share. */ - private String eIDCrossSectShare = null; - - /** The e id sector share. */ - private String eIDSectorShare = null; - - /** The format entity. */ - private String formatEntity = null; - - /** The friendly name. */ - private boolean friendlyName = false; - - /** The IP validation. */ - private boolean ipValidation = false; - - /** The one time use. */ - private boolean oneTimeUse = true; - - /** The protocol binding. */ - private String protocolBinding = null; - - /** The requester. */ - private String requester = null; - - /** The responder. */ - private String responder = null; - - private String format = null; - - /** - * The SAML core properties. - */ - private Properties samlCoreProp = null; - - /** The time not on or after. */ - private Integer timeNotOnOrAfter = null; - - /** The is required parameter. */ - private boolean isRequired = true; - - private static final String SAML_ENGINE_LITERAL = "SamlEngine.xml: "; - - /** - * Gets the isRequired. - * - * @return the isRequired - */ - public boolean isRequired() { - return isRequired; - } - - /** - * Sets the isRequired. - * - * @param isRequired - * the required. - */ - public void setRequired(boolean isRequired) { - this.isRequired = isRequired; - } - - /** - * Instantiates a new sAML core. - * - * @param instance - * the instance - */ - public STORKSAMLCore(final Properties instance) { - loadConfiguration(instance); - } - - /** - * Gets the consent. - * - * @return the consent - */ - public String getConsentAuthnRequest() { - return consentAuthnReq; - } - - /** - * Gets the consent authentication response. - * - * @return the consent authentication response. - */ - public String getConsentAuthnResp() { - return consentAuthnResp; - } - - /** - * Gets the consent authentication response. - * - * @return the consent authentication response - */ - public String getConsentAuthnResponse() { - return consentAuthnResp; - } - - /** - * Gets the format entity. - * - * @return the format entity - */ - public String getFormatEntity() { - return formatEntity; - } - - /** - * Gets the property. - * - * @param key - * the key - * - * @return the property - */ - public String getProperty(final String key) { - return samlCoreProp.getProperty(key); - } - - /** - * Gets the protocol binding. - * - * @return the protocol binding - */ - public String getProtocolBinding() { - return protocolBinding; - } - - /** - * Gets the requester. - * - * @return the requester - */ - public String getRequester() { - return requester; - } - - /** - * Gets the responder. - * - * @return the responder - */ - public String getResponder() { - return responder; - } - - /** - * return the format string. - * - * @return - */ - public String getFormat() { - return this.format; - } - - /** - * Gets the time not on or after. - * - * @return the time not on or after - */ - public Integer getTimeNotOnOrAfter() { - return timeNotOnOrAfter; - } - - /** - * Checks if is e id cross border share. - * - * @return true, if is e id cross border share - */ - public String iseIDCrossBorderShare() { - return eIDCrossBordShare; - } - - /** - * Checks if is e id cross border share. - * - * @return true, if is e id cross border share - */ - public String iseIDCrossBordShare() { - return eIDCrossBordShare; - } - - /** - * Checks if is e id cross sector share. - * - * @return true, if is e id cross sector share - */ - public String iseIDCrossSectorShare() { - return eIDCrossSectShare; - } - - /** - * Checks if is e id cross sect share. - * - * @return true, if is e id cross sect share - */ - public String iseIDCrossSectShare() { - return eIDCrossSectShare; - } - - /** - * Checks if is e id sector share. - * - * @return true, if is e id sector share - */ - public String iseIDSectorShare() { - return eIDSectorShare; - } - - /** - * Checks if is friendly name. - * - * @return true, if checks if is friendly name - */ - public boolean isFriendlyName() { - return friendlyName; - } - - /** - * Checks if is IP validation. - * - * @return true, if is IP validation - */ - public boolean isIpValidation() { - return ipValidation; - } - - /** - * Checks if is one time use. - * - * @return true, if is one time use - */ - public boolean isOneTimeUse() { - return oneTimeUse; - } - - /** - * Method that loads the configuration file for the SAML Engine. - * - * @param instance - * the instance of the Engine properties. - */ - private void loadConfiguration(final Properties instance) { - - try { - LOGGER.info("SAMLCore: Loading SAMLEngine properties."); - - samlCoreProp = instance; - - final String parameter = samlCoreProp.getProperty(SAMLCore.FORMAT_ENTITY.getValue()); - - if ("entity".equalsIgnoreCase(parameter)) { - formatEntity = NameIDType.ENTITY; - } - - friendlyName = Boolean.valueOf(samlCoreProp.getProperty(SAMLCore.FRIENDLY_NAME.getValue())); - - String isRequiredValue = samlCoreProp.getProperty(SAMLCore.IS_REQUIRED.getValue()); - if (isRequiredValue != null) { - isRequired = Boolean.valueOf(isRequiredValue); - } - - eIDSectorShare = samlCoreProp.getProperty("eIDSectorShare"); - eIDCrossSectShare = samlCoreProp.getProperty("eIDCrossSectorShare"); - eIDCrossBordShare = samlCoreProp.getProperty("eIDCrossBorderShare"); - - ipValidation = Boolean.valueOf(samlCoreProp.getProperty("ipAddrValidation")); - - final String oneTimeUseProp = samlCoreProp.getProperty(SAMLCore.ONE_TIME_USE.getValue()); - - if (StringUtils.isNotBlank(oneTimeUseProp)) { - oneTimeUse = Boolean.valueOf(oneTimeUseProp); - } - - // Protocol Binding - loadProtocolBiding(); - - // Consent Authentication Request - consentAuthnReq = samlCoreProp.getProperty(SAMLCore.CONSENT_AUTHN_REQ.getValue()); - - if ("unspecified".equalsIgnoreCase(consentAuthnReq)) { - consentAuthnReq = RequestAbstractType.UNSPECIFIED_CONSENT; - } - - loadConsentAuthResp(); - - timeNotOnOrAfter = Integer.valueOf(samlCoreProp.getProperty("timeNotOnOrAfter")); - - if (timeNotOnOrAfter.intValue() < 0) { - LOGGER.error(SAML_ENGINE_LITERAL + "timeNotOnOrAfter" + " is negative number."); - - throw new SAMLEngineException(SAML_ENGINE_LITERAL + "timeNotOnOrAfter" + " is negative number."); - } - - requester = samlCoreProp.getProperty(SAMLCore.REQUESTER_TAG.getValue()); - responder = samlCoreProp.getProperty(SAMLCore.RESPONDER_TAG.getValue()); - - format = samlCoreProp.getProperty(SAMLCore.FORMAT_TAG.getValue(), "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"); - - } catch (SAMLEngineException e) { - LOGGER.error("SAMLCore: error loadConfiguration. ", e); - throw new STORKSAMLEngineRuntimeException(e); - } catch (RuntimeException e) { - LOGGER.error("SAMLCore: error loadConfiguration. ", e); - throw new STORKSAMLEngineRuntimeException(e); - } - } - - /** - * Load consent authentication response. - */ - private void loadConsentAuthResp() { - // Consent Authentication Response - consentAuthnResp = samlCoreProp.getProperty(SAMLCore.CONSENT_AUTHN_RES.getValue()); - - if ("obtained".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = RequestAbstractType.OBTAINED_CONSENT; - } else if ("prior".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = RequestAbstractType.PRIOR_CONSENT; - } else if ("curent-implicit".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = "urn:oasis:names:tc:SAML:2.0:consent:current-implicit"; - } else if ("curent-explicit".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = "urn:oasis:names:tc:SAML:2.0:consent:current-explicit"; - } else if ("unspecified".equalsIgnoreCase(consentAuthnResp)) { - consentAuthnResp = RequestAbstractType.UNSPECIFIED_CONSENT; - } - } - - /** - * Load protocol biding. - * - * @throws SAMLEngineException - * the SAML engine exception - */ - private void loadProtocolBiding() throws SAMLEngineException { - // Protocol Binding - protocolBinding = samlCoreProp.getProperty(SAMLCore.PROT_BINDING_TAG.getValue()); - - if (StringUtils.isBlank(protocolBinding)) { - LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG + " it's mandatory."); - throw new SAMLEngineException(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG + " it's mandatory."); - } else if (protocolBinding.equalsIgnoreCase("HTTP-POST")) { - protocolBinding = SAMLConstants.SAML2_POST_BINDING_URI; - } else { - LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG + " it's not supporting."); - - throw new SAMLEngineException(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG + " it's not supporting."); - } - } - - /** - * Sets the consent authentication response. - * - * @param newConsAuthnResp - * the new consent authentication response - */ - public void setConsentAuthnResp(final String newConsAuthnResp) { - this.consentAuthnResp = newConsAuthnResp; - } - - /** - * Sets an eID that can be shared outside of the Service Provider’s member state. - * - * @param newEIDCrossBord - * the new eid cross border share - */ - public void setEIDCrossBordShare(final String newEIDCrossBord) { - this.eIDCrossBordShare = newEIDCrossBord; - } - - /** - * Sets an eID that can be shared outside of the Service Provider’s sector. - * - * @param newEIDCrossSect - * the new eid cross sect share - */ - public void setEIDCrossSectShare(final String newEIDCrossSect) { - this.eIDCrossSectShare = newEIDCrossSect; - } - - /** - * Sets an eID that can be shared within the Service Provider’s sector. - * - * @param newEIDSectorShare - * the new eid sector share - */ - public void seteIDSectorShare(final String newEIDSectorShare) { - this.eIDSectorShare = newEIDSectorShare; - } - - /** - * Sets the format entity. - * - * @param newFormatEntity - * the new format entity - */ - public void setFormatEntity(final String newFormatEntity) { - this.formatEntity = newFormatEntity; - } - - /** - * Sets the friendly name. - * - * @param newFriendlyName - * the new friendly name - */ - public void setFriendlyName(final boolean newFriendlyName) { - this.friendlyName = newFriendlyName; - } - - /** - * Sets the IP validation. - * - * @param newIpValidation - * the new IP validation - */ - public void setIpValidation(final boolean newIpValidation) { - this.ipValidation = newIpValidation; - } - - /** - * Sets the one time use. - * - * @param newOneTimeUse - * the new one time use - */ - public void setOneTimeUse(final boolean newOneTimeUse) { - this.oneTimeUse = newOneTimeUse; - } - - /** - * Sets the protocol binding. - * - * @param newProtBinding - * the new protocol binding - */ - public void setProtocolBinding(final String newProtBinding) { - this.protocolBinding = newProtBinding; - } - - /** - * Sets the requester. - * - * @param newRequester - * the new requester - */ - public void setRequester(final String newRequester) { - this.requester = newRequester; - } - - /** - * Sets the responder. - * - * @param newResponder - * the new responder - */ - public void setResponder(final String newResponder) { - this.responder = newResponder; - } - - /** - * Sets the format string - * - * @param newFormat - */ - public void setFormat(final String newFormat) { - this.format = newFormat; - } - - /** - * Sets the time not on or after. - * - * @param newTimeNotOnOrAft - * the new time not on or after - */ - public void setTimeNotOnOrAfter(final Integer newTimeNotOnOrAft) { - this.timeNotOnOrAfter = newTimeNotOnOrAft; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java deleted file mode 100644 index c4c1ec845..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core; - -import javax.xml.namespace.QName; - -import org.opensaml.common.SAMLObject; - -/** - * The Interface VIDPAuthenticationAttributes. - * - * @author fjquevedo - */ -public interface VIDPAuthenticationAttributes extends SAMLObject { - - /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ - String DEF_LOCAL_NAME = "VIDPAuthenticationAttributes"; - - /** Default element name. */ - QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** Local name of the XSI type. */ - String TYPE_LOCAL_NAME = "VIDPAuthenticationAttributesType"; - - /** QName of the XSI type. */ - QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - - /** - * Gets the citizen country code. - * - * @return the citizen country code - */ - CitizenCountryCode getCitizenCountryCode(); - - /** - * Sets the citizen country code. - * - * @param newCitizenCountryCode - * the new citizen country code - */ - void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode); - - /** - * Gets the SP information - * - * @return the SP information - */ - SPInformation getSPInformation(); - - /** - * Sets the SP information - * - * @param newSPInformation - * the new SPInformation - */ - void setSPInformation(SPInformation newSPInformation); - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java deleted file mode 100644 index f34adfcb4..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.AuthenticationAttributes; - -/** - * The Class AuthenticationAttributesBuilder. - * - * @author fjquevedo - */ -public class AuthenticationAttributesBuilder extends AbstractSAMLObjectBuilder<AuthenticationAttributes> { - - /** - * Builds the object. - * - * @return the authentication attributes - */ - public final AuthenticationAttributes buildObject() { - return buildObject(AuthenticationAttributes.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace URI - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * - * @return the authentication attributes - */ - public final AuthenticationAttributes buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new AuthenticationAttributesImpl(namespaceURI, localName, namespacePrefix); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java deleted file mode 100644 index 9f602aba1..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSignableSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.AuthenticationAttributes; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class AuthenticationAttributesImpl. - * - * @author fjquevedo - */ -public final class AuthenticationAttributesImpl extends AbstractSignableSAMLObject implements AuthenticationAttributes { - - private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationAttributesImpl.class.getName()); - - /** The indexed children. */ - private VIDPAuthenticationAttributes vIDPAuthenAttr; - - /** - * Instantiates a new authentication attributes implementation. - * - * @param namespaceURI - * the namespace uri - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected AuthenticationAttributesImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - * - */ - public List<XMLObject> getOrderedChildren() { - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - children.add(vIDPAuthenAttr); - - if (getSignature() != null) { - children.add(getSignature()); - } - - return Collections.unmodifiableList(children); - } - - /** - * Gets the signature reference id. - * - * @return the signature reference id - * - */ - public String getSignatureReferenceID() { - return null; - } - - /** - * Gets the vidp authentication attributes. - * - * @return the VIDP authentication attributes - * - */ - public VIDPAuthenticationAttributes getVIDPAuthenticationAttributes() { - return vIDPAuthenAttr; - } - - /** - * Sets the vidp authentication attributes. - * - * @param newVIDPAuthenAttr - * the new vidp authen attr - * - */ - public void setVIDPAuthenticationAttributes(final VIDPAuthenticationAttributes newVIDPAuthenAttr) { - vIDPAuthenAttr = prepareForAssignment(this.vIDPAuthenAttr, newVIDPAuthenAttr); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java deleted file mode 100644 index d31c052fe..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; - -/** - * The Class AuthenticationAttributesMarshaller. - * - * @author fjquevedo - */ -public class AuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller { - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java deleted file mode 100644 index 7e1b6bbe2..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; - -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; - -import eu.stork.peps.auth.engine.core.AuthenticationAttributes; - -/** - * The Class AuthenticationAttributesUnmarshaller. - * - * @author fjquevedo - */ -public class AuthenticationAttributesUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentObject - * the parent object - * @param childObject - * the child object - * - * @throws UnmarshallingException - * the unmarshalling exception - * - */ - protected final void processChildElement(final XMLObject parentObject, final XMLObject childObject) throws UnmarshallingException { - final AuthenticationAttributes attrStatement = (AuthenticationAttributes) parentObject; - - if (childObject instanceof VIDPAuthenticationAttributes) { - attrStatement.setVIDPAuthenticationAttributes((VIDPAuthenticationAttributes) childObject); - } else { - super.processChildElement(parentObject, childObject); - } - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java deleted file mode 100644 index 49ed66d88..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; - -/** - * The Class CitizenCountryCodeBuilder. - * - * @author fjquevedo - */ -public class CitizenCountryCodeBuilder extends AbstractSAMLObjectBuilder<CitizenCountryCode> { - - /** - * Builds the object. - * - * @return the citizen country code - */ - public final CitizenCountryCode buildObject() { - return buildObject(CitizenCountryCode.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the citizen country code - */ - public final CitizenCountryCode buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new CitizenCountryCodeImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java deleted file mode 100644 index aa4c725f1..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class CitizenCountryCodeImpl. - * - * @author fjquevedo - */ -public class CitizenCountryCodeImpl extends AbstractSAMLObject implements CitizenCountryCode { - - private static final Logger LOGGER = LoggerFactory.getLogger(CitizenCountryCodeImpl.class.getName()); - /** The citizen country code. */ - private String citizenCountryCode; - - /** - * Instantiates a new sP country impl. - * - * @param namespaceURI - * the namespace uri - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected CitizenCountryCodeImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the citizen country code. - * - * @return the citizen country code - */ - public final String getCitizenCountryCode() { - return citizenCountryCode; - } - - /** - * Sets the citizen country code. - * - * @param newCitizenCountryCode - * the new citizen country code - */ - public final void setCitizenCountryCode(final String newCitizenCountryCode) { - this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java deleted file mode 100644 index e04323f06..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; - -/** - * The Class SPCountryMarshaller. - * - * @author fjquevedo - */ -public class CitizenCountryCodeMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject; - XMLHelper.appendTextContent(domElement, citizenCountryCode.getCitizenCountryCode()); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java deleted file mode 100644 index eca6d69b9..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; - -/** - * The Class CitizenCountryCodeUnmarshaller. - * - * @author fjquevedo - */ -public class CitizenCountryCodeUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param elementContent - * the element content - */ - protected final void processElementContent(final XMLObject samlObject, final String elementContent) { - final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject; - citizenCountryCode.setCitizenCountryCode(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java deleted file mode 100644 index f2d2fe7fb..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryBuilder.java +++ /dev/null @@ -1,25 +0,0 @@ -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; -import org.opensaml.common.xml.SAMLConstants; -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; - -public class CustomAttributeQueryBuilder extends AbstractSAMLObjectBuilder<CustomAttributeQuery> { - /** - * Constructor. - */ - public CustomAttributeQueryBuilder() { - - } - - /** {@inheritDoc} */ - public CustomAttributeQuery buildObject() { - return buildObject(SAMLConstants.SAML20P_NS, CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX); - } - - /** {@inheritDoc} */ - public CustomAttributeQuery buildObject(String namespaceURI, String localName, String namespacePrefix) { - return new CustomAttributeQueryImpl(namespaceURI, localName, namespacePrefix); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java deleted file mode 100644 index d88ede1a3..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryImpl.java +++ /dev/null @@ -1,67 +0,0 @@ -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.impl.SubjectQueryImpl; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.util.XMLObjectChildrenList; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; - -public class CustomAttributeQueryImpl extends SubjectQueryImpl implements CustomAttributeQuery { - /** Attribute child elements. */ - private final XMLObjectChildrenList<Attribute> attributes; - private String serviceURL; - - /** - * Constructor. - * - * @param namespaceURI - * the namespace the element is in - * @param elementLocalName - * the local name of the XML element this Object represents - * @param namespacePrefix - * the prefix for the given namespace - */ - protected CustomAttributeQueryImpl(String namespaceURI, String elementLocalName, String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - attributes = new XMLObjectChildrenList<Attribute>(this); - } - - /** {@inheritDoc} */ - public List<Attribute> getAttributes() { - return attributes; - } - - /** {@inheritDoc} */ - public List<XMLObject> getOrderedChildren() { - ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - if (super.getOrderedChildren() != null) { - children.addAll(super.getOrderedChildren()); - } - children.addAll(attributes); - - if (children.size() == 0) { - return null; - } - - return Collections.unmodifiableList(children); - } - - @Override - public String getAssertionConsumerServiceURL() { - // TODO Auto-generated method stub - return this.serviceURL; - } - - @Override - public void setAssertionConsumerServiceURL(String newServiceUrl) { - // TODO Auto-generated method stub - this.serviceURL = newServiceUrl; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java deleted file mode 100644 index 5e0cf55b3..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryMarshaller.java +++ /dev/null @@ -1,49 +0,0 @@ -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.Configuration; -import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.impl.SubjectQueryMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.CustomRequestAbstractType; - -public class CustomAttributeQueryMarshaller extends SubjectQueryMarshaller { - - /** {@inheritDoc} */ - protected void marshallAttributes(XMLObject samlObject, Element domElement) throws MarshallingException { - CustomRequestAbstractType req = (CustomRequestAbstractType) samlObject; - - if (req.getVersion() != null) { - domElement.setAttributeNS(null, RequestAbstractType.VERSION_ATTRIB_NAME, req.getVersion().toString()); - } - - if (req.getID() != null) { - domElement.setAttributeNS(null, RequestAbstractType.ID_ATTRIB_NAME, req.getID()); - domElement.setIdAttributeNS(null, RequestAbstractType.ID_ATTRIB_NAME, true); - } - - if (req.getVersion() != null) { - domElement.setAttributeNS(null, RequestAbstractType.VERSION_ATTRIB_NAME, req.getVersion().toString()); - } - - if (req.getIssueInstant() != null) { - String iiStr = Configuration.getSAMLDateFormatter().print(req.getIssueInstant()); - domElement.setAttributeNS(null, RequestAbstractType.ISSUE_INSTANT_ATTRIB_NAME, iiStr); - } - - if (req.getDestination() != null) { - domElement.setAttributeNS(null, RequestAbstractType.DESTINATION_ATTRIB_NAME, req.getDestination()); - } - - if (req.getAssertionConsumerServiceURL() != null) { - domElement.setAttributeNS(null, CustomRequestAbstractType.ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME, req.getAssertionConsumerServiceURL()); - } - - if (req.getConsent() != null) { - domElement.setAttributeNS(null, RequestAbstractType.CONSENT_ATTRIB_NAME, req.getConsent()); - } - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java deleted file mode 100644 index 485d6656b..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CustomAttributeQueryUnmarshaller.java +++ /dev/null @@ -1,111 +0,0 @@ -package eu.stork.peps.auth.engine.core.impl; - -import org.joda.time.DateTime; -import org.joda.time.chrono.ISOChronology; -import org.opensaml.common.SAMLVersion; -import org.opensaml.common.xml.SAMLConstants; -import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.impl.SubjectQueryUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.AbstractXMLObjectUnmarshaller; -import org.opensaml.xml.io.UnmarshallingException; -import org.opensaml.xml.util.DatatypeHelper; -import org.opensaml.xml.util.XMLHelper; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Attr; -import org.w3c.dom.Element; -import org.w3c.dom.NamedNodeMap; -import org.w3c.dom.Node; -import org.w3c.dom.Text; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.CustomRequestAbstractType; - -public class CustomAttributeQueryUnmarshaller extends SubjectQueryUnmarshaller { - - private final Logger log = LoggerFactory.getLogger(AbstractXMLObjectUnmarshaller.class); - - /** {@inheritDoc} */ - protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject) throws UnmarshallingException { - CustomAttributeQuery query = (CustomAttributeQuery) parentSAMLObject; - - if (childSAMLObject instanceof Attribute) { - query.getAttributes().add((Attribute) childSAMLObject); - } else { - super.processChildElement(parentSAMLObject, childSAMLObject); - } - } - - /** {@inheritDoc} */ - public XMLObject unmarshall(Element domElement) throws UnmarshallingException { - if (log.isTraceEnabled()) { - log.trace("Starting to unmarshall DOM element {}", XMLHelper.getNodeQName(domElement)); - } - - checkElementIsTarget(domElement); - - // String namespaceURI, String elementLocalName, String namespacePrefix - XMLObject xmlObject = new CustomAttributeQueryImpl(SAMLConstants.SAML20P_NS, CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20P_PREFIX); - - if (log.isTraceEnabled()) { - log.trace("Unmarshalling attributes of DOM Element {}", XMLHelper.getNodeQName(domElement)); - } - - NamedNodeMap attributes = domElement.getAttributes(); - Node attribute; - for (int i = 0; i < attributes.getLength(); i++) { - attribute = attributes.item(i); - - // These should allows be attribute nodes, but just in case... - if (attribute.getNodeType() == Node.ATTRIBUTE_NODE) { - unmarshallAttribute(xmlObject, (Attr) attribute); - } - } - - if (log.isTraceEnabled()) { - log.trace("Unmarshalling other child nodes of DOM Element {}", XMLHelper.getNodeQName(domElement)); - } - - Node childNode = domElement.getFirstChild(); - while (childNode != null) { - - if (childNode.getNodeType() == Node.ATTRIBUTE_NODE) { - unmarshallAttribute(xmlObject, (Attr) childNode); - } else if (childNode.getNodeType() == Node.ELEMENT_NODE) { - unmarshallChildElement(xmlObject, (Element) childNode); - } else if (childNode.getNodeType() == Node.TEXT_NODE || childNode.getNodeType() == Node.CDATA_SECTION_NODE) { - unmarshallTextContent(xmlObject, (Text) childNode); - } - - childNode = childNode.getNextSibling(); - } - - xmlObject.setDOM(domElement); - return xmlObject; - } - - /** {@inheritDoc} */ - protected void processAttribute(XMLObject samlObject, Attr attribute) throws UnmarshallingException { - CustomRequestAbstractType req = (CustomRequestAbstractType) samlObject; - - if (attribute.getLocalName().equals(RequestAbstractType.VERSION_ATTRIB_NAME)) { - req.setVersion(SAMLVersion.valueOf(attribute.getValue())); - } else if (attribute.getLocalName().equals(RequestAbstractType.ID_ATTRIB_NAME)) { - req.setID(attribute.getValue()); - attribute.getOwnerElement().setIdAttributeNode(attribute, true); - } else if (attribute.getLocalName().equals(RequestAbstractType.ISSUE_INSTANT_ATTRIB_NAME) && !DatatypeHelper.isEmpty(attribute.getValue())) { - req.setIssueInstant(new DateTime(attribute.getValue(), ISOChronology.getInstanceUTC())); - } else if (attribute.getLocalName().equals(RequestAbstractType.DESTINATION_ATTRIB_NAME)) { - req.setDestination(attribute.getValue()); - } else if (attribute.getLocalName().equals(RequestAbstractType.CONSENT_ATTRIB_NAME)) { - req.setConsent(attribute.getValue()); - } else if (attribute.getLocalName().equals(CustomRequestAbstractType.ASSERTION_CONSUMER_SERVICE_URL_ATTRIB_NAME)) { - req.setAssertionConsumerServiceURL(attribute.getValue()); - } else { - super.processAttribute(samlObject, attribute); - } - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java deleted file mode 100644 index 7c7a88b89..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; - -/** - * The Class EIDCrossBorderShareBuilder. - * - * @author fjquevedo - */ -public class EIDCrossBorderShareBuilder extends AbstractSAMLObjectBuilder<EIDCrossBorderShare> { - - /** - * Builds the object. - * - * @return the identifier cross border share - */ - public final EIDCrossBorderShare buildObject() { - return buildObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the eID cross border share - */ - public final EIDCrossBorderShare buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new EIDCrossBorderShareImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java deleted file mode 100644 index 13cc3d287..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class EIDCrossBorderShareImpl. - * - * @author fjquevedo - */ -public class EIDCrossBorderShareImpl extends AbstractSAMLObject implements EIDCrossBorderShare { - - private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossBorderShareImpl.class.getName()); - /** The citizen country code. */ - private String eIDCrossBorderShare; - - /** - * Instantiates a new eID cross border share implementation. - * - * @param namespaceURI - * the namespace URI - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected EIDCrossBorderShareImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the eID cross border share. - * - * @return the eID cross border share - */ - public final String getEIDCrossBorderShare() { - return eIDCrossBorderShare; - } - - /** - * Sets the eID cross border share. - * - * @param newEIDCrossBorderShare - * the new eID cross border share - */ - public final void setEIDCrossBorderShare(String newEIDCrossBorderShare) { - this.eIDCrossBorderShare = prepareForAssignment(this.eIDCrossBorderShare, newEIDCrossBorderShare); - } - - /** - * Gets the ordered children. - * - * @return the ordered children {@inheritDoc} - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java deleted file mode 100644 index 2e8868ac1..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; - -/** - * The Class EIDCrossBorderShareMarshaller. - * - * @author fjquevedo - */ -public class EIDCrossBorderShareMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject; - XMLHelper.appendTextContent(domElement, crossBorderShare.getEIDCrossBorderShare()); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java deleted file mode 100644 index 013b5b78b..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; - -/** - * The Class EIDCrossBorderShareUnmarshaller. - * - * @author fjquevedo - */ -public class EIDCrossBorderShareUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param elementContent - * the element content - */ - protected final void processElementContent(final XMLObject samlObject, final String elementContent) { - final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject; - crossBorderShare.setEIDCrossBorderShare(elementContent); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java deleted file mode 100644 index 398815719..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; - -/** - * The Class EIDCrossSectorShareBuilder. - * - * @author fjquevedo - */ -public class EIDCrossSectorShareBuilder extends AbstractSAMLObjectBuilder<EIDCrossSectorShare> { - - /** - * Builds the object. - * - * @return the eID cross sector share - */ - public final EIDCrossSectorShare buildObject() { - return buildObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the eID cross sector share implementation - */ - public final EIDCrossSectorShareImpl buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new EIDCrossSectorShareImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java deleted file mode 100644 index 2e3f6ab7e..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; - -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class EIDCrossSectorShareImpl. - * - * @author fjquevedo - */ -public class EIDCrossSectorShareImpl extends AbstractSAMLObject implements EIDCrossSectorShare { - - private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossSectorShareImpl.class.getName()); - /** The citizen country code. */ - private String eIDCrossSectorShare; - - /** - * Instantiates a new eID cross sector share implementation. - * - * @param namespaceURI - * the namespace URI - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected EIDCrossSectorShareImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the eID cross sector share. - * - * @return the eID cross sector share - */ - public final String getEIDCrossSectorShare() { - return eIDCrossSectorShare; - } - - /** - * Sets the eID cross sector share. - * - * @param newEIDCrossSectorShare - * the new eID cross sector share - */ - public final void setEIDCrossSectorShare(String newEIDCrossSectorShare) { - this.eIDCrossSectorShare = prepareForAssignment(this.eIDCrossSectorShare, newEIDCrossSectorShare); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java deleted file mode 100644 index caa2df56a..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; - -/** - * The Class EIDCrossSectorShareMarshaller. - * - * @author fjquevedo - */ -public class EIDCrossSectorShareMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject; - XMLHelper.appendTextContent(domElement, crossSectorShare.getEIDCrossSectorShare()); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java deleted file mode 100644 index ebf80e700..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; - -/** - * The Class EIDCrossSectorShareUnmarshaller. - * - * @author fjquevedo - */ -public class EIDCrossSectorShareUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void processElementContent(final XMLObject samlObject, final String domElement) { - - final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject; - crossSectorShare.setEIDCrossSectorShare(domElement); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java deleted file mode 100644 index 670b6f33a..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.EIDSectorShare; - -/** - * The Class EIDSectorShareBuilder. - * - * @author fjquevedo - */ -public class EIDSectorShareBuilder extends AbstractSAMLObjectBuilder<EIDSectorShare> { - - /** - * Builds the object. - * - * @return the eID sector share - */ - public final EIDSectorShare buildObject() { - return buildObject(EIDSectorShare.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the eID sector share - */ - public final EIDSectorShare buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new EIDSectorShareImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java deleted file mode 100644 index f7c514722..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.EIDSectorShare; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -// TODO: Auto-generated Javadoc -/** - * The Class EIDSectorShareImpl. - * - * @author fjquevedo - */ -public class EIDSectorShareImpl extends AbstractSAMLObject implements EIDSectorShare { - - private static final Logger LOGGER = LoggerFactory.getLogger(EIDSectorShareImpl.class.getName()); - - /** The e id sector share. */ - private String eIDSectorShare; - - /** - * Instantiates a new eID sector share implementation. - * - * @param namespaceURI - * the namespace URI - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected EIDSectorShareImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the eID sector share. - * - * @return the eID sector share - */ - public final String getEIDSectorShare() { - return eIDSectorShare; - } - - /** - * Sets the eID sector share. - * - * @param newEIDSectorShare - * the new eID sector share - */ - public final void setEIDSectorShare(String newEIDSectorShare) { - this.eIDSectorShare = prepareForAssignment(this.eIDSectorShare, newEIDSectorShare); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); - return super.hashCode(); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java deleted file mode 100644 index 509503af0..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.saml2.core.impl.AbstractNameIDTypeMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDSectorShare; - -/** - * The Class EIDSectorShareMarshaller. - * - * @author fjquevedo - */ -public class EIDSectorShareMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final EIDSectorShare sectorShare = (EIDSectorShare) samlObject; - XMLHelper.appendTextContent(domElement, sectorShare.getEIDSectorShare()); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java deleted file mode 100644 index 8e2f327c6..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.EIDSectorShare; - -/** - * The Class EIDSectorShareUnmarshaller. - * - * @author fjquevedo - */ -public class EIDSectorShareUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void processElementContent(final XMLObject samlObject, final String domElement) { - final EIDSectorShare sectorShare = (EIDSectorShare) samlObject; - sectorShare.setEIDSectorShare(domElement); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java deleted file mode 100644 index deeb2ae56..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class QAAAttributeBuilder. - * - * @author fjquevedo - */ -public class QAAAttributeBuilder extends AbstractSAMLObjectBuilder<QAAAttribute> { - - /** - * Builds the object. - * - * @return the quality authentication assurance object - */ - public final QAAAttribute buildObject() { - return buildObject(QAAAttribute.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the quality authentication assurance object - */ - public final QAAAttribute buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new QAAAttributeImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java deleted file mode 100644 index e74ce1fec..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.QAAAttribute; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class QAAAttributeImpl. - * - * @author fjquevedo - */ -public class QAAAttributeImpl extends AbstractSAMLObject implements QAAAttribute { - - private static final Logger LOGGER = LoggerFactory.getLogger(QAAAttributeImpl.class.getName()); - /** The quality authentication assurance level. */ - private String qaaLevel; - - /** - * Constructor. - * - * @param namespaceURI - * the namespace the element is in - * @param elementLocalName - * the local name of the XML element this Object represents - * @param namespacePrefix - * the prefix for the given namespace - */ - protected QAAAttributeImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the quality authentication assurance level. - * - * @return the quality authentication assurance level - */ - public final String getQaaLevel() { - return qaaLevel; - } - - /** - * Sets the quality authentication assurance level. - * - * @param newQaaLevel - * the new quality authentication assurance level - */ - public final void setQaaLevel(final String newQaaLevel) { - this.qaaLevel = prepareForAssignment(this.qaaLevel, newQaaLevel); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java deleted file mode 100644 index 03a7a758a..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class QAAAttributeMarshaller. - * - * @author fjquevedo - */ -public class QAAAttributeMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final QAAAttribute qaaAttribute = (QAAAttribute) samlObject; - XMLHelper.appendTextContent(domElement, qaaAttribute.getQaaLevel()); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java deleted file mode 100644 index 1b9e813f0..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class QAAAttributeUnmarshaller. - * - * @author fjquevedo - */ -public class QAAAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param elementContent - * the element content - */ - protected final void processElementContent(final XMLObject samlObject, final String elementContent) { - final QAAAttribute qaaLevel = (QAAAttribute) samlObject; - qaaLevel.setQaaLevel(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java deleted file mode 100644 index 4367c4ecf..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; - -/** - * The Class RequestedAttributeBuilder. - * - * @author fjquevedo - */ -public class RequestedAttributeBuilder extends AbstractSAMLObjectBuilder<RequestedAttribute> { - - /** - * Builds the object. - * - * @return the requested attribute - */ - public final RequestedAttribute buildObject() { - return buildObject(RequestedAttribute.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the requested attribute - */ - public final RequestedAttribute buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new RequestedAttributeImpl(namespaceURI, localName, namespacePrefix); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java deleted file mode 100644 index 2537d3794..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java +++ /dev/null @@ -1,216 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.schema.XSBooleanValue; -import org.opensaml.xml.util.AttributeMap; -import org.opensaml.xml.util.XMLObjectChildrenList; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -// TODO: Auto-generated Javadoc -/** - * The Class RequestedAttributeImpl. - * - * @author fjquevedo - */ -public class RequestedAttributeImpl extends AbstractSAMLObject implements RequestedAttribute { - - private static final Logger LOGGER = LoggerFactory.getLogger(RequestedAttributeImpl.class.getName()); - /** - * The attribute values. - */ - private final XMLObjectChildrenList<XMLObject> attributeValues; - - /** - * The friendly name. - * - */ - private String friendlyName; - - /** - * The is required. - */ - private String isRequired; - - /** - * The name. - * - */ - private String name; - - /** - * The name format. - * - */ - private String nameFormat; - - /** - * The unknown attributes. - * - */ - private AttributeMap unknownAttributes; - - /** - * Instantiates a new requested attribute impl. - * - * @param namespaceURI - * the namespace uri - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected RequestedAttributeImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - unknownAttributes = new AttributeMap(this); - attributeValues = new XMLObjectChildrenList<XMLObject>(this); - } - - /** - * Gets the attribute values. - * - * @return the attribute values - */ - public final List<XMLObject> getAttributeValues() { - return attributeValues; - } - - /** - * Gets the friendly name. - * - * @return the friendly name. - */ - public final String getFriendlyName() { - return friendlyName; - } - - /** - * Gets the checks if is required. - * - * @return the boolean if it's required. - */ - public final String isRequired() { - return isRequired; - } - - /** - * Gets the is required xs boolean. - * - * @return the XSBoolean if it's required. - */ - public final String getIsRequiredXSBoolean() { - return isRequired; - } - - /** - * Gets the name. - * - * @return the name - */ - public final String getName() { - return name; - } - - /** - * Gets the name format. - * - * @return the name format. - */ - public final String getNameFormat() { - return nameFormat; - } - - /** - * Gets the ordered children. - * - * @return the list of XMLObject. - */ - public final List<XMLObject> getOrderedChildren() { - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - children.addAll(attributeValues); - return Collections.unmodifiableList(children); - } - - /** - * Gets the unknown attributes. - * - * @return the attribute map - */ - public final AttributeMap getUnknownAttributes() { - return unknownAttributes; - } - - /** - * Sets the friendly name. - * - * @param newFriendlyName - * the new friendly name format - */ - public final void setFriendlyName(final String newFriendlyName) { - this.friendlyName = prepareForAssignment(this.friendlyName, newFriendlyName); - } - - /** - * Set new boolean value isRequired. - * - * @param newIsRequired - * then new value - */ - public final void setIsRequired(final String newIsRequired) { - isRequired = prepareForAssignment(this.isRequired, newIsRequired); - - } - - /** - * Sets the name. - * - * @param newName - * the new name - */ - public final void setName(final String newName) { - this.name = prepareForAssignment(this.name, newName); - } - - /** - * Sets the name format. - * - * @param newNameFormat - * the new name format - */ - public final void setNameFormat(final String newNameFormat) { - this.nameFormat = prepareForAssignment(this.nameFormat, newNameFormat); - } - - /** - * Sets the unknown attributes. - * - * @param newUnknownAttr - * the new unknown attributes - */ - public final void setUnknownAttributes(final AttributeMap newUnknownAttr) { - this.unknownAttributes = newUnknownAttr; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java deleted file mode 100644 index 4a9ec94b1..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.Map.Entry; - -import javax.xml.namespace.QName; - -import org.opensaml.Configuration; -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Attr; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; - -/** - * The Class RequestedAttributeMarshaller. - * - * @author fjquevedo - */ -public class RequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall attributes. - * - * @param samlElement - * the SAML element - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallAttributes(final XMLObject samlElement, final Element domElement) throws MarshallingException { - final RequestedAttribute requestedAttr = (RequestedAttribute) samlElement; - - if (requestedAttr.getName() != null) { - domElement.setAttributeNS(null, RequestedAttribute.NAME_ATTRIB_NAME, requestedAttr.getName()); - } - - if (requestedAttr.getNameFormat() != null) { - domElement.setAttributeNS(null, RequestedAttribute.NAME_FORMAT_ATTR, requestedAttr.getNameFormat()); - } - - if (requestedAttr.getFriendlyName() != null) { - domElement.setAttributeNS(null, RequestedAttribute.FRIENDLY_NAME_ATT, requestedAttr.getFriendlyName()); - } - - if (requestedAttr.getIsRequiredXSBoolean() != null) { - domElement.setAttributeNS(null, RequestedAttribute.IS_REQUIRED_ATTR, requestedAttr.getIsRequiredXSBoolean().toString()); - } - - Attr attr; - for (Entry<QName, String> entry : requestedAttr.getUnknownAttributes().entrySet()) { - attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(), entry.getKey()); - attr.setValue(entry.getValue()); - domElement.setAttributeNodeNS(attr); - if (Configuration.isIDAttribute(entry.getKey()) || requestedAttr.getUnknownAttributes().isIDAttribute(entry.getKey())) { - attr.getOwnerElement().setIdAttributeNode(attr, true); - } - } - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java deleted file mode 100644 index 098ece427..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import javax.xml.namespace.QName; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; - -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; -import org.opensaml.xml.schema.XSBooleanValue; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Attr; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.SAMLCore; - -/** - * The Class RequestedAttributeUnmarshaller. - * - * @author fjquevedo - */ -public class RequestedAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentSAMLObject - * parent SAMLObject - * @param childSAMLObject - * child SAMLObject - * - * @throws UnmarshallingException - * error at unmarshall XML object - */ - protected final void processChildElement(final XMLObject parentSAMLObject, final XMLObject childSAMLObject) throws UnmarshallingException { - - final RequestedAttribute requestedAttr = (RequestedAttribute) parentSAMLObject; - - final QName childQName = childSAMLObject.getElementQName(); - if (childQName.getLocalPart().equals("AttributeValue") && childQName.getNamespaceURI().equals(SAMLCore.STORK10_NS.getValue())) { - requestedAttr.getAttributeValues().add(childSAMLObject); - } else { - super.processChildElement(parentSAMLObject, childSAMLObject); - } - } - - /** - * Process attribute. - * - * @param samlObject - * the SAML object - * @param attribute - * the attribute - * @throws UnmarshallingException - * the unmarshalling exception - */ - protected final void processAttribute(final XMLObject samlObject, final Attr attribute) throws UnmarshallingException { - - final RequestedAttribute requestedAttr = (RequestedAttribute) samlObject; - - if (attribute.getLocalName().equals(RequestedAttribute.NAME_ATTRIB_NAME)) { - requestedAttr.setName(attribute.getValue()); - } else if (attribute.getLocalName().equals(RequestedAttribute.NAME_FORMAT_ATTR)) { - requestedAttr.setNameFormat(attribute.getValue()); - } else if (attribute.getLocalName().equals(RequestedAttribute.FRIENDLY_NAME_ATT)) { - requestedAttr.setFriendlyName(attribute.getValue()); - } else if (attribute.getLocalName().equals(RequestedAttribute.IS_REQUIRED_ATTR)) { - requestedAttr.setIsRequired(attribute.getValue()); - - } else { - final QName attribQName = XMLHelper.getNodeQName(attribute); - if (attribute.isId()) { - requestedAttr.getUnknownAttributes().registerID(attribQName); - } - requestedAttr.getUnknownAttributes().put(attribQName, attribute.getValue()); - } - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java deleted file mode 100644 index c9643d7ae..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.RequestedAttributes; - -/** - * The Class RequestedAttributesBuilder. - * - * @author fjquevedo - */ -public class RequestedAttributesBuilder extends AbstractSAMLObjectBuilder<RequestedAttributes> { - - /** - * Builds the object. - * - * @return the requested attributes - */ - public final RequestedAttributes buildObject() { - return buildObject(RequestedAttributes.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the requested attributes - */ - public final RequestedAttributes buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new RequestedAttributesImpl(namespaceURI, localName, namespacePrefix); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java deleted file mode 100644 index ad81e4846..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.util.IndexedXMLObjectChildrenList; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttributes; - -/** - * The Class RequestedAttributesImpl. - * - * @author fjquevedo - */ -public class RequestedAttributesImpl extends AbstractSAMLObject implements RequestedAttributes { - - /** - * Instantiates a new requested attributes implement. - * - * @param namespaceURI - * the namespace URI - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected RequestedAttributesImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - indexedChildren = new IndexedXMLObjectChildrenList<XMLObject>(this); - } - - /** The indexed children. */ - private final IndexedXMLObjectChildrenList<XMLObject> indexedChildren; - - /** - * Gets the indexed children. - * - * @return the indexed children - */ - public final IndexedXMLObjectChildrenList<XMLObject> getIndexedChildren() { - return indexedChildren; - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - children.addAll(indexedChildren); - - return Collections.unmodifiableList(children); - - } - - /** - * Gets the attributes. - * - * @return the attributes - * - * @see eu.stork.peps.auth.engine.core.RequestedAttributes#getAttributes() - */ - @SuppressWarnings("unchecked") - public final List<RequestedAttribute> getAttributes() { - return (List<RequestedAttribute>) indexedChildren.subList(RequestedAttribute.DEF_ELEMENT_NAME); - } - - @Override - public int hashCode() { - throw new UnsupportedOperationException("hashCode method not implemented"); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java deleted file mode 100644 index e1b15015e..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; - -/** - * The Class RequestedAttributesMarshaller. - * - * @author fjquevedo - */ -public class RequestedAttributesMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Instantiates a new requested attributes marshaller. - */ - public RequestedAttributesMarshaller() { - super(); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java deleted file mode 100644 index 69990ebe5..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; - -import eu.stork.peps.auth.engine.core.RequestedAttribute; -import eu.stork.peps.auth.engine.core.RequestedAttributes; - -/** - * The Class RequestedAttributesUnmarshaller. - * - * @author fjquevedo - */ -public class RequestedAttributesUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentObject - * the parent object - * @param childObject - * the child object - * - * @throws UnmarshallingException - * error in unmarshall - */ - protected final void processChildElement(final XMLObject parentObject, final XMLObject childObject) throws UnmarshallingException { - final RequestedAttributes attrStatement = (RequestedAttributes) parentObject; - - if (childObject instanceof RequestedAttribute) { - attrStatement.getAttributes().add((RequestedAttribute) childObject); - } else { - super.processChildElement(parentObject, childObject); - } - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java deleted file mode 100644 index 6d9f9bf1e..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPApplication; - -/** - * The Class SPApplicationBuilder. - * - * @author fjquevedo - */ -public class SPApplicationBuilder extends AbstractSAMLObjectBuilder<SPApplication> { - - /** - * Builds the object. - * - * @return the service provider application - */ - public final SPApplication buildObject() { - return buildObject(SPApplication.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the service provider application - */ - public final SPApplication buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new SPApplicationImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java deleted file mode 100644 index 7f09d611f..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPApplication; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPApplicationImpl. - * - * @author fjquevedo - */ -public class SPApplicationImpl extends AbstractSAMLObject implements SPApplication { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPApplicationImpl.class.getName()); - /** The service provider application. */ - private String spApplication; - - /** - * Instantiates a new service provider application. - * - * @param namespaceURI - * the namespace uri - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected SPApplicationImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the service provider application. - * - * @return the service provider application - */ - public final String getSPApplication() { - return spApplication; - } - - /** - * Sets the service provider application. - * - * @param newSpApplication - * the new service provider application - */ - public final void setSPApplication(final String newSpApplication) { - this.spApplication = prepareForAssignment(this.spApplication, newSpApplication); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java deleted file mode 100644 index d9268c550..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPApplication; - -/** - * The Class SPApplicationMarshaller. - * - * @author fjquevedo - */ -public class SPApplicationMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final SPApplication spApplication = (SPApplication) samlObject; - XMLHelper.appendTextContent(domElement, spApplication.getSPApplication()); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java deleted file mode 100644 index 9fb514cf0..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPApplication; - -/** - * The Class SPApplicationUnmarshaller. - * - * @author fjquevedo - */ -public class SPApplicationUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param elementContent - * the element content - */ - protected final void processElementContent(final XMLObject samlObject, final String elementContent) { - final SPApplication spApplication = (SPApplication) samlObject; - spApplication.setSPApplication(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java deleted file mode 100644 index 2c6c124e3..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPCountry; - -/** - * The Class SPCountryBuilder. - * - * @author fjquevedo - */ -public class SPCountryBuilder extends AbstractSAMLObjectBuilder<SPCountry> { - - /** - * Builds the object SPCountry. - * - * @return the service provider country - */ - public final SPCountry buildObject() { - return buildObject(SPCountry.DEF_ELEMENT_NAME); - } - - /** - * Builds the object SPCountry. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the service provider country - */ - public final SPCountry buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new SPCountryImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java deleted file mode 100644 index ea9085867..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPCountry; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPCountryImpl. - * - * @author fjquevedo - */ -public class SPCountryImpl extends AbstractSAMLObject implements SPCountry { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPCountryImpl.class.getName()); - /** The service provider country. */ - private String spCountry; - - /** - * Instantiates a new service provider country. - * - * @param namespaceURI - * the namespace uri - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected SPCountryImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the service provider country. - * - * @return the service provider country - */ - public final String getSPCountry() { - return spCountry; - } - - /** - * Sets the service provider country. - * - * @param newSpCountry - * the new service provider country - */ - public final void setSPCountry(final String newSpCountry) { - this.spCountry = prepareForAssignment(this.spCountry, newSpCountry); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java deleted file mode 100644 index 1bd7121f0..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPCountry; - -/** - * The Class SPCountryMarshaller. - * - * @author fjquevedo - */ -public class SPCountryMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final SPCountry spCountry = (SPCountry) samlObject; - XMLHelper.appendTextContent(domElement, spCountry.getSPCountry()); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java deleted file mode 100644 index c9ac243f1..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPCountry; - -/** - * The Class SPCountryUnmarshaller. - * - * @author fjquevedo - */ -public class SPCountryUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param elementContent - * the element content - */ - protected final void processElementContent(final XMLObject samlObject, final String elementContent) { - final SPCountry spCountry = (SPCountry) samlObject; - spCountry.setSPCountry(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java deleted file mode 100644 index 2cee08268..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPID; - -/** - * The Class SPIDBuilder. - * - * @author iinigo - */ -public class SPIDBuilder extends AbstractSAMLObjectBuilder<SPID> { - - /** - * Builds the object. - * - * @return the SP ID - */ - public final SPID buildObject() { - return buildObject(SPID.DEF_ELEMENT_NAME); - } - - /** - * Builds the object. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the citizen country code - */ - public final SPID buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new SPIDImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java deleted file mode 100644 index 03dea20ed..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPID; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPIDImpl. - * - * @author iinigo - */ -public class SPIDImpl extends AbstractSAMLObject implements SPID { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPIDImpl.class.getName()); - /** The citizen country code. */ - private String spId; - - /** - * Instantiates a new sP country impl. - * - * @param namespaceURI - * the namespace uri - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected SPIDImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the SP ID. - * - * @return the SP ID - */ - public final String getSPID() { - return spId; - } - - /** - * Sets the SP ID. - * - * @param newSPID - * the new SP ID - */ - public final void setSPID(final String newSPID) { - this.spId = prepareForAssignment(this.spId, newSPID); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java deleted file mode 100644 index d8cac34fc..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPID; - -/** - * The Class SPIDMarshaller. - * - * @author iinigo - */ -public class SPIDMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final SPID spid = (SPID) samlObject; - XMLHelper.appendTextContent(domElement, spid.getSPID()); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java deleted file mode 100644 index ab3aef878..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPID; - -/** - * The Class SPIDUnmarshaller. - * - * @author iinigo - */ -public class SPIDUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param elementContent - * the element content - */ - protected final void processElementContent(final XMLObject samlObject, final String elementContent) { - final SPID spid = (SPID) samlObject; - spid.setSPID(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java deleted file mode 100644 index af7c97d19..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SAMLCore; -import eu.stork.peps.auth.engine.core.SPInformation; - -/** - * The Class SPInformation. - * - * @author iinigo - */ -public final class SPInformationBuilder extends AbstractSAMLObjectBuilder<SPInformation> { - - /** {@inheritDoc} */ - public SPInformation buildObject() { - return buildObject(SAMLCore.STORK10P_NS.getValue(), SPInformation.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - } - - /** {@inheritDoc} */ - public SPInformation buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new SPInformationImpl(namespaceURI, localName, namespacePrefix); - } - -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java deleted file mode 100644 index 41b3d8998..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSignableSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPID; -import eu.stork.peps.auth.engine.core.SPInformation; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPInformationImpl. - * - * @author iinigo - */ -public final class SPInformationImpl extends AbstractSignableSAMLObject implements SPInformation { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPInformationImpl.class.getName()); - /** The citizen country code. */ - private SPID spId; - - /** - * Instantiates a new requested attributes implement. - * - * @param namespaceURI - * the namespace URI - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected SPInformationImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * getSPId. - * - * @return the SP ID - */ - public SPID getSPID() { - return spId; - } - - /** - * Gets the ordered children. - * - * @return the ordered children - * - */ - public List<XMLObject> getOrderedChildren() { - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - children.add(spId); - - if (getSignature() != null) { - children.add(getSignature()); - } - - return Collections.unmodifiableList(children); - - } - - /** - * Gets the signature reference id. - * - * @return the signature reference id - * - */ - public String getSignatureReferenceID() { - return null; - } - - /** - * Sets the SP Id. - * - * @param newSPId - * the new SP Id - * - */ - public void setSPID(SPID newSPId) { - this.spId = prepareForAssignment(this.spId, newSPId); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java deleted file mode 100644 index 027e49e9d..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; - -/** - * The Class SPInformationMarshaller. - * - * @author iinigo - */ -public class SPInformationMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Instantiates a new SP Information marshaller. - */ - public SPInformationMarshaller() { - super(); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java deleted file mode 100644 index ecf69e2c7..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; - -import eu.stork.peps.auth.engine.core.SPID; -import eu.stork.peps.auth.engine.core.SPInformation; - -/** - * The Class SPInformationUnmarshaller. - * - * @author iinigo - */ -public class SPInformationUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentObject - * the parent object - * @param childObject - * the child object - * - * @throws UnmarshallingException - * the unmarshalling exception - * - */ - protected final void processChildElement(final XMLObject parentObject, final XMLObject childObject) throws UnmarshallingException { - final SPInformation spInformation = (SPInformation) parentObject; - - if (childObject instanceof SPID) { - spInformation.setSPID((SPID) childObject); - } else { - super.processChildElement(parentObject, childObject); - } - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java deleted file mode 100644 index d26b15a1e..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPInstitution; - -/** - * The Class SPInstitutionBuilder. - * - * @author fjquevedo - */ -public class SPInstitutionBuilder extends AbstractSAMLObjectBuilder<SPInstitution> { - - /** - * Builds the object. - * - * @return the service provider institution - */ - public final SPInstitution buildObject() { - return buildObject(SPInstitution.DEF_ELEMENT_NAME); - } - - /** - * Builds the object SPInstitution. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the service provider institution - */ - public final SPInstitution buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new SPInstitutionImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java deleted file mode 100644 index ed0a75f35..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPInstitution; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class SPInstitutionImpl. - * - * @author fjquevedo - */ -public class SPInstitutionImpl extends AbstractSAMLObject implements SPInstitution { - - private static final Logger LOGGER = LoggerFactory.getLogger(SPInstitutionImpl.class.getName()); - /** The service provider institution. */ - private String spInstitution; - - /** - * Instantiates a new service provider institution. - * - * @param namespaceURI - * the namespace uri - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected SPInstitutionImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the service provider institution. - * - * @return the service provider institution - */ - public final String getSPInstitution() { - return spInstitution; - } - - /** - * Sets the service provider institution. - * - * @param newSpInstitution - * the new service provider institution - */ - public final void setSPInstitution(final String newSpInstitution) { - this.spInstitution = prepareForAssignment(this.spInstitution, newSpInstitution); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java deleted file mode 100644 index 48bb3fec5..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPInstitution; - -/** - * The Class SPInstitutionMarshaller. - * - * @author fjquevedo - */ -public class SPInstitutionMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final SPInstitution spInstitution = (SPInstitution) samlObject; - XMLHelper.appendTextContent(domElement, spInstitution.getSPInstitution()); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java deleted file mode 100644 index f7b1f440e..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPInstitution; - -/** - * The Class SPInstitutionUnmarshaller. - * - * @author fjquevedo - */ -public class SPInstitutionUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param elementContent - * the element content - */ - protected final void processElementContent(final XMLObject samlObject, final String elementContent) { - final SPInstitution spInstitution = (SPInstitution) samlObject; - spInstitution.setSPInstitution(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java deleted file mode 100644 index b97e91b36..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SPSector; - -/** - * The Class SPSectorBuilder. - * - * @author fjquevedo - */ -public class SPSectorBuilder extends AbstractSAMLObjectBuilder<SPSector> { - - /** - * Builds the object SPSector. - * - * @return the service provider sector. - */ - public final SPSector buildObject() { - return buildObject(SPSector.DEF_ELEMENT_NAME); - } - - /** - * Builds the object SPSector. - * - * @param namespaceURI - * the namespace uri - * @param localName - * the local name - * @param namespacePrefix - * the namespace prefix - * @return the service provider sector - */ - public final SPSector buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new SPSectorImpl(namespaceURI, localName, namespacePrefix); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java deleted file mode 100644 index 670198e67..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.List; - -import org.opensaml.common.impl.AbstractSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPSector; - -/** - * The Class SPSectorImpl. - * - * @author fjquevedo - */ -public class SPSectorImpl extends AbstractSAMLObject implements SPSector { - - /** The service provider sector. */ - private String spSector; - - /** - * Instantiates a new Service provider sector implementation. - * - * @param namespaceURI - * the namespace URI - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected SPSectorImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * Gets the service provider sector. - * - * @return the SP sector - * - * @see eu.stork.peps.auth.engine.core.SPSector#getSPSector() - */ - public final String getSPSector() { - return spSector; - } - - /** - * Sets the service provider sector. - * - * @param newSpSector - * the new service provider sector - */ - public final void setSPSector(final String newSpSector) { - this.spSector = prepareForAssignment(this.spSector, newSpSector); - } - - /** - * Gets the ordered children. - * - * @return the ordered children - */ - public final List<XMLObject> getOrderedChildren() { - return null; - } - - @Override - public int hashCode() { - throw new UnsupportedOperationException("hashCode method not implemented"); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java deleted file mode 100644 index 59e349f9f..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.Element; - -import eu.stork.peps.auth.engine.core.SPSector; - -/** - * The Class SPSectorMarshaller. - * - * @author fjquevedo - */ -public class SPSectorMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Marshall element content. - * - * @param samlObject - * the SAML object - * @param domElement - * the DOM element - * @throws MarshallingException - * the marshalling exception - */ - protected final void marshallElementContent(final XMLObject samlObject, final Element domElement) throws MarshallingException { - final SPSector spSector = (SPSector) samlObject; - XMLHelper.appendTextContent(domElement, spSector.getSPSector()); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java deleted file mode 100644 index e671cee03..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.SPSector; - -/** - * The Class SPSectorUnmarshaller. - * - * @author fjquevedo - */ -public class SPSectorUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process element content. - * - * @param samlObject - * the SAML object - * @param elementContent - * the element content - */ - protected final void processElementContent(final XMLObject samlObject, final String elementContent) { - final SPSector spSector = (SPSector) samlObject; - spSector.setSPSector(elementContent); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java deleted file mode 100644 index 1cd5fb761..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java +++ /dev/null @@ -1,395 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.io.IOException; -import java.io.InputStream; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.Provider; -import java.security.Security; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.InvalidPropertiesFormatException; -import java.util.List; -import java.util.Properties; - -import eu.stork.peps.auth.engine.X509PrincipalUtil; -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.NotImplementedException; -import org.bouncycastle.jce.X509Principal; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.Response; -import org.opensaml.security.SAMLSignatureProfileValidator; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.security.SecurityConfiguration; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; -import org.opensaml.xml.security.keyinfo.KeyInfoHelper; -import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; -import org.opensaml.xml.signature.KeyInfo; -import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.SignatureConstants; -import org.opensaml.xml.signature.SignatureException; -import org.opensaml.xml.signature.SignatureValidator; -import org.opensaml.xml.signature.Signer; -import org.opensaml.xml.validation.ValidationException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.exceptions.SAMLEngineException; - -/** - * The Class HWSign. Module of sign. - * - * @author fjquevedo - * @author advania - */ -public final class SignHW implements SAMLEngineSignI { - - /** The Constant CONFIGURATION_FILE. */ - private static final String CONF_FILE = "configurationFile"; - - /** - * The Constant KEYSTORE_TYPE. - */ - private static final String KEYSTORE_TYPE = "keystoreType"; - - /** The logger. */ - private static final Logger LOG = LoggerFactory.getLogger(SignHW.class.getName()); - - /** The stork own key store. */ - private KeyStore storkOwnKeyStore = null; - /** - * The soft trust key store. - */ - private SignSW swTrustStore = null; - - /** - * Gets the stork own key store. - * - * @return the stork own key store - */ - public KeyStore getStorkOwnKeyStore() { - return storkOwnKeyStore; - } - - /** - * Gets the stork trustStore. - * - * @return the stork own key store - */ - public KeyStore getTrustStore() { - return storkOwnKeyStore; - } - - /** - * Sets the stork own key store. - * - * @param newkOwnKeyStore - * the new stork own key store - */ - public void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) { - this.storkOwnKeyStore = newkOwnKeyStore; - } - - /** - * Gets the properties. - * - * @return the properties - */ - public Properties getProperties() { - return properties; - } - - /** - * Sets the properties. - * - * @param newProperties - * the new properties - */ - public void setProperties(final Properties newProperties) { - this.properties = newProperties; - } - - /** The HW sign prop. */ - private Properties properties = null; - - /** - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#init(java.lang.String) - * @param fileConf - * file of configuration - * @throws SAMLEngineException - * error in read file - */ - public void init(final String fileConf) throws SAMLEngineException { - InputStream inputStr = null; - try { - inputStr = SignHW.class.getResourceAsStream("/" + fileConf); - properties = new Properties(); - - properties.loadFromXML(inputStr); - } catch (final InvalidPropertiesFormatException e) { - LOG.info("Exception: invalid properties format."); - throw new SAMLEngineException(e); - } catch (IOException e) { - LOG.info("Exception: invalid file: " + fileConf); - throw new SAMLEngineException(e); - } finally { - IOUtils.closeQuietly(inputStr); - /** - * Init the soft keystore to validate with. trustStoreConfig is read from the SignModule config file and should refer to the keystore containing trusted certificates. - */ - swTrustStore = new SignSW(); - swTrustStore.init(properties.getProperty("trustStoreConfig")); - swTrustStore.loadCryptServiceProvider(); - } - } - - /** - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate() - * @return the X509Certificate. - */ - public X509Certificate getCertificate() { - throw new NotImplementedException(); - } - - /** - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#sign(SignableSAMLObject tokenSaml) - * @param tokenSaml - * signable SAML Object - * @return the SAMLObject signed. - * @throws SAMLEngineException - * error in sign token saml - */ - public SAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException { - - try { - LOG.info("Star procces of sign"); - final char[] pin = properties.getProperty("keyPassword").toCharArray(); - - storkOwnKeyStore.load(null, pin); - - final String serialNumber = properties.getProperty("serialNumber"); - final String issuer = properties.getProperty("issuer"); - - String alias = null; - String aliasCert; - X509Certificate certificate; - - boolean find = false; - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements() && !find;) { - aliasCert = e.nextElement(); - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(aliasCert); - // Verified serial number, issuer - - final String serialNum = certificate.getSerialNumber().toString(16); - X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); - X509Principal issuerDNConf = new X509Principal(issuer); - - if (serialNum.equalsIgnoreCase(serialNumber) && X509PrincipalUtil.X509equals(issuerDN, issuerDNConf)) { - alias = aliasCert; - find = true; - } - - } - - if (!find) { - throw new SAMLEngineException("Certificate cannot be found in keystore "); - } - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias); - final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey(alias, pin); - - LOG.info("Recover BasicX509Credential."); - final BasicX509Credential credential = new BasicX509Credential(); - - LOG.debug("Load certificate"); - credential.setEntityCertificate(certificate); - - LOG.debug("Load privateKey"); - credential.setPrivateKey(privateKey); - - LOG.info("Star procces of sign"); - final Signature signature = (Signature) org.opensaml.xml.Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME); - - LOG.debug("Begin signature with openSaml"); - signature.setSigningCredential(credential); - - /* - * signature.setSignatureAlgorithm( SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); - */ - signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - - final SecurityConfiguration securityConf = org.opensaml.xml.Configuration.getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager = securityConf.getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager.getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager.getFactory(credential); - final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac.newInstance(); - - final KeyInfo keyInfo = keyInfoGenerator.generate(credential); - - signature.setKeyInfo(keyInfo); - - LOG.debug("Set Canonicalization Algorithm"); - signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - // Create a second signature which will be used when signing assertion and response - final Signature signature2 = (Signature) Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME); - final SecurityConfiguration secConfiguration2 = Configuration.getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2.getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2.getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2.getFactory(credential); - final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2.newInstance(); - - KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential); - signature2.setSigningCredential(credential); - signature2.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - signature2.setKeyInfo(keyInfo2); - signature2.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - LOG.info("Marshall samlToken."); - String qn = tokenSaml.getElementQName().toString(); - - if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) { - tokenSaml.setSignature(signature); - CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller(); - mars.marshall(tokenSaml); - Signer.signObject(signature); - } else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME)) { - Response res = (Response) tokenSaml; - List<Assertion> asserts = res.getAssertions(); - // If multiple assertions we just sign the response and not the assertion - if (asserts.size() > 1) { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - // If single assertion we sign the assertion and response - else { - Assertion assertion = (Assertion) asserts.get(0); - assertion.setSignature(signature); - tokenSaml.setSignature(signature2); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - Signer.signObject(signature2); - } - } - // Normally we just sign the total saml response - else { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - - } catch (final MarshallingException e) { - LOG.error("MarshallingException"); - throw new SAMLEngineException(e); - } catch (final NoSuchAlgorithmException e) { - LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); - throw new SAMLEngineException(e); - } catch (final KeyStoreException e) { - LOG.error("Generic KeyStore exception."); - throw new SAMLEngineException(e); - } catch (final SignatureException e) { - LOG.error("Signature exception."); - throw new SAMLEngineException(e); - } catch (final SecurityException e) { - LOG.error("Security exception."); - throw new SAMLEngineException(e); - } catch (final CertificateException e) { - LOG.error("Certificate exception."); - throw new SAMLEngineException(e); - } catch (final IOException e) { - LOG.error("IO exception."); - throw new SAMLEngineException(e); - } catch (final UnrecoverableKeyException e) { - LOG.error("UnrecoverableKeyException exception."); - throw new SAMLEngineException(e); - } - - return tokenSaml; - } - - /** - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(SignableSAMLObject) - * @param tokenSaml - * the token saml - * @return the SAMLObject validated. - * @throws SAMLEngineException - * exception in validate signature - */ - public SAMLObject validateSignature(final SignableSAMLObject tokenSaml) throws SAMLEngineException { - LOG.info("Start signature validation HW."); - /* - * we are using the soft signature class to validate the signatures. This way we use the same key store code and validation that is used there. - */ - try { - swTrustStore.validateSignature(tokenSaml); - } catch (Exception e) { - LOG.error("SW ValidationException.", e); - throw new SAMLEngineException(e); - } - return tokenSaml; - } - - /** - * load cryptographic service provider. - * - * @throws SAMLEngineException - * the SAML engine exception Note this class was using pkcs11Provider final Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(inputStream) if - * (Security.getProperty(pkcs11Provider.getName()) == null) { Security.insertProviderAt(pkcs11Provider, Security .getProviders().length) } storkOwnKeyStore = - * KeyStore.getInstance(properties.getProperty(KEYSTORE_TYPE)) - */ - public void loadCryptServiceProvider() throws SAMLEngineException { - LOG.info("Load Cryptographic Service Provider"); - InputStream inputStream = null; - - try { - inputStream = SignHW.class.getResourceAsStream("/" + properties.getProperty(CONF_FILE)); - final Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(inputStream); - if (Security.getProperty(pkcs11Provider.getName()) == null) { - Security.insertProviderAt(pkcs11Provider, Security.getProviders().length); - } - - storkOwnKeyStore = KeyStore.getInstance(properties.getProperty(KEYSTORE_TYPE), pkcs11Provider); - - } catch (final Exception e) { - throw new SAMLEngineException("Error loading CryptographicServiceProvider", e); - } finally { - IOUtils.closeQuietly(inputStream); - } - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java deleted file mode 100644 index 66d0201d5..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * The Class ModuleSignFactory. - * - * @author fjquevedo - * - */ - -public final class SignModuleFactory { - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(SignModuleFactory.class.getName()); - - /** - * Instantiates a new module sign factory. - */ - private SignModuleFactory() { - - } - - /** - * Gets the single instance of SignModuleFactory. - * - * @param className - * the class name - * - * @return single instance of SignModuleFactory - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static SAMLEngineSignI getInstance(final String className) throws STORKSAMLEngineException { - LOG.info("[START]SignModuleFactory static"); - try { - final Class cls = Class.forName(className); - return (SAMLEngineSignI) cls.newInstance(); - } catch (Exception e) { - throw new STORKSAMLEngineException(e); - } - - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java deleted file mode 100644 index d5f01a4cc..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java +++ /dev/null @@ -1,493 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.io.ByteArrayInputStream; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.Provider; -import java.security.Security; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.InvalidPropertiesFormatException; -import java.util.List; -import java.util.Properties; - -import eu.stork.peps.auth.engine.X509PrincipalUtil; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.NotImplementedException; -import org.bouncycastle.jce.X509Principal; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.Response; -import org.opensaml.security.SAMLSignatureProfileValidator; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.security.SecurityConfiguration; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; -import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; -import org.opensaml.xml.signature.KeyInfo; -import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.SignatureConstants; -import org.opensaml.xml.signature.SignatureException; -import org.opensaml.xml.signature.SignatureValidator; -import org.opensaml.xml.signature.Signer; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.validation.ValidationException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.exceptions.SAMLEngineException; - -/** - * The Class SWSign. Class responsible for signing and validating of messages SAML with a certificate store software. - * - * @author fjquevedo - */ -public final class SignP12 implements SAMLEngineSignI { - - /** The logger. */ - private static final Logger LOG = LoggerFactory.getLogger(SignP12.class.getName()); - - /** The p12 store. */ - private KeyStore p12Store = null; - - /** The trust store. */ - private KeyStore trustStore = null; - - /** - * Gets the trust store. - * - * @return the trust store - */ - @Override - public KeyStore getTrustStore() { - return trustStore; - } - - /** - * Sets the trust store. - * - * @param newTrustStore - * the new trust store - */ - public void setTrustStore(final KeyStore newTrustStore) { - this.trustStore = newTrustStore; - } - - /** - * The instance. - * - * @return the properties - */ - - public Properties getProperties() { - return properties; - } - - /** - * Gets the p12 store. - * - * @return the p12 store - */ - public KeyStore getP12Store() { - return p12Store; - } - - /** - * Sets the p12 store. - * - * @param newP12Store - * the new p12 store - */ - public void setP12Store(final KeyStore newP12Store) { - this.p12Store = newP12Store; - } - - /** - * Sets the properties. - * - * @param newProperties - * the new properties - */ - public void setProperties(final Properties newProperties) { - this.properties = newProperties; - } - - /** The SW sign prop. */ - private Properties properties = null; - - /** - * Initialize the file configuration. - * - * @param fileConf - * name of the file configuration - * - * @throws SAMLEngineException - * error at the load from file configuration - */ - @Override - public void init(final String fileConf) throws SAMLEngineException { - InputStream fileProperties = null; - properties = new Properties(); - try { - try { - LOG.debug("Loading " + fileConf); - fileProperties = new FileInputStream(fileConf); - properties.loadFromXML(fileProperties); - } catch (Exception e) { - LOG.error("Failed to load external resource. Retrieving internal file."); - fileProperties = SignP12.class.getResourceAsStream("/" + fileConf); - if (fileProperties == null) { - fileProperties = Thread.currentThread().getContextClassLoader().getResourceAsStream(fileConf); - if (fileProperties == null) { - Enumeration<URL> files = ClassLoader.getSystemClassLoader().getResources(fileConf); - if (files != null && files.hasMoreElements()) { - LOG.info("Found /s."); - fileProperties = ClassLoader.getSystemClassLoader().getResourceAsStream(files.nextElement().getFile()); - } else { - throw new IOException("Could not load file: " + fileConf, e); - } - } - } - LOG.debug("Recovered " + fileProperties.available() + " bytes"); - properties.loadFromXML(fileProperties); - } - } catch (InvalidPropertiesFormatException e) { - LOG.info("Exception: invalid properties format."); - throw new SAMLEngineException(e); - } catch (IOException e) { - LOG.info("Exception: invalid file: " + fileConf); - throw new SAMLEngineException(e); - } finally { - IOUtils.closeQuietly(fileProperties); - } - } - - /** - * Gets the certificate. - * - * @return the X509Certificate - * - */ - @Override - public X509Certificate getCertificate() { - throw new NotImplementedException(); - } - - /** - * Sign the token SAML. - * - * @param tokenSaml - * token SAML - * - * @return the X509Certificate signed. - * - * @throws SAMLEngineException - * error at sign SAML token - * - */ - @Override - public SAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException { - LOG.info("Start Sign process"); - try { - - final String serialNumber = properties.getProperty("serialNumber"); - final String issuer = properties.getProperty("issuer"); - - String alias = null; - String aliasCert; - X509Certificate certificate; - - boolean find = false; - for (final Enumeration<String> e = p12Store.aliases(); e.hasMoreElements() && !find;) { - aliasCert = e.nextElement(); - certificate = (X509Certificate) p12Store.getCertificate(aliasCert); - - final String serialNum = certificate.getSerialNumber().toString(16); - - X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); - X509Principal issuerDNConf = new X509Principal(issuer); - - if (serialNum.equalsIgnoreCase(serialNumber) && X509PrincipalUtil.X509equals(issuerDN, issuerDNConf)) { - alias = aliasCert; - find = true; - } - - } - - certificate = (X509Certificate) p12Store.getCertificate(alias); - final PrivateKey privateKey = (PrivateKey) p12Store.getKey(alias, properties.getProperty("keyPassword").toCharArray()); - - LOG.info("Recover BasicX509Credential."); - final BasicX509Credential credential = new BasicX509Credential(); - - LOG.debug("Load certificate"); - credential.setEntityCertificate(certificate); - - LOG.debug("Load privateKey"); - credential.setPrivateKey(privateKey); - - LOG.debug("Begin signature with openSaml"); - final Signature signature = (Signature) org.opensaml.xml.Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME); - - signature.setSigningCredential(credential); - - /* - * signature.setSignatureAlgorithm( SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); - */ - signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - - final SecurityConfiguration secConfiguration = org.opensaml.xml.Configuration.getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration.getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager.getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager.getFactory(credential); - final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac.newInstance(); - - final KeyInfo keyInfo = keyInfoGenerator.generate(credential); - - signature.setKeyInfo(keyInfo); - signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - // Create a second signature which will be used when signing assertion and response - final Signature signature2 = (Signature) org.opensaml.xml.Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME); - final SecurityConfiguration secConfiguration2 = org.opensaml.xml.Configuration.getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2.getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2.getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2.getFactory(credential); - final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2.newInstance(); - - KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential); - signature2.setSigningCredential(credential); - signature2.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - signature2.setKeyInfo(keyInfo2); - signature2.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - LOG.info("Marshall samlToken."); - String qn = tokenSaml.getElementQName().toString(); - - if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) { - tokenSaml.setSignature(signature); - CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller(); - mars.marshall(tokenSaml); - Signer.signObject(signature); - } else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME)) { - Response res = (Response) tokenSaml; - List<Assertion> asserts = res.getAssertions(); - // If multiple assertions we just sign the response and not the assertion - if (asserts.size() > 1) { - tokenSaml.setSignature(signature); - org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - // If single assertion we sign the assertion and response - else { - Assertion assertion = asserts.get(0); - assertion.setSignature(signature); - tokenSaml.setSignature(signature2); - org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - Signer.signObject(signature2); - } - } - // Normally we just sign the total saml response - else { - tokenSaml.setSignature(signature); - org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - - } catch (MarshallingException e) { - LOG.error("MarshallingException"); - throw new SAMLEngineException(e); - } catch (NoSuchAlgorithmException e) { - LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); - throw new SAMLEngineException(e); - } catch (KeyStoreException e) { - LOG.error("Generic KeyStore exception."); - throw new SAMLEngineException(e); - } catch (SignatureException e) { - LOG.error("Signature exception."); - throw new SAMLEngineException(e); - } catch (SecurityException e) { - LOG.error("Security exception."); - throw new SAMLEngineException(e); - } catch (UnrecoverableKeyException e) { - LOG.error("UnrecoverableKey exception."); - throw new SAMLEngineException(e); - } - - return tokenSaml; - } - - /** - * Validate signature. - * - * @param tokenSaml - * token SAML - * - * @return the SAMLObject validated. - * - * @throws SAMLEngineException - * error validate signature - * - */ - @Override - public SAMLObject validateSignature(final SignableSAMLObject tokenSaml) throws SAMLEngineException { - LOG.info("Start signature validation."); - try { - - // Validate structure signature - final SAMLSignatureProfileValidator sigProfValidator = new SAMLSignatureProfileValidator(); - try { - // Indicates signature id conform to SAML Signature profile - sigProfValidator.validate(tokenSaml.getSignature()); - } catch (ValidationException e) { - LOG.error("ValidationException: signature isn't conform to SAML Signature profile."); - throw new SAMLEngineException(e); - } - - String aliasCert = null; - X509Certificate certificate; - - final List<Credential> trustCred = new ArrayList<Credential>(); - - for (final Enumeration<String> e = trustStore.aliases(); e.hasMoreElements();) { - aliasCert = e.nextElement(); - final BasicX509Credential credential = new BasicX509Credential(); - certificate = (X509Certificate) trustStore.getCertificate(aliasCert); - credential.setEntityCertificate(certificate); - trustCred.add(credential); - } - - final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); - - final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo.getX509Datas().get(0).getX509Certificates().get(0); - - final CertificateFactory certFact = CertificateFactory.getInstance("X.509"); - final ByteArrayInputStream bis = new ByteArrayInputStream(Base64.decode(xmlCert.getValue())); - final X509Certificate cert = (X509Certificate) certFact.generateCertificate(bis); - - // Exist only one certificate - final BasicX509Credential entityX509Cred = new BasicX509Credential(); - entityX509Cred.setEntityCertificate(cert); - - /* - * A better use of PKI based validation but not wanted for STORK... boolean trusted = false; - * - * for (final Enumeration<String> e = trustStore.aliases(); e.hasMoreElements();) { aliasCert = e.nextElement(); certificate = (X509Certificate) trustStore.getCertificate(aliasCert); try { - * cert.verify(certificate.getPublicKey()); trusted = true; break; } catch (Exception ex) { //Do nothing - cert not trusted yet } } - * - * if (!trusted) throw new SAMLEngineException("Certificate is not trusted."); - */ - - // Validate trust certificates - final ExplicitKeyTrustEvaluator keyTrustEvaluator = new ExplicitKeyTrustEvaluator(); - if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) { - throw new SAMLEngineException("Certificate it is not trusted."); - } - - // Validate signature - final SignatureValidator sigValidator = new SignatureValidator(entityX509Cred); - sigValidator.validate(tokenSaml.getSignature()); - - } catch (ValidationException e) { - LOG.error("ValidationException."); - throw new SAMLEngineException(e); - } catch (KeyStoreException e) { - LOG.error("KeyStoreException.", e); - throw new SAMLEngineException(e); - } catch (GeneralSecurityException e) { - LOG.error("GeneralSecurityException.", e); - throw new SAMLEngineException(e); - } - return tokenSaml; - } - - /** - * Load cryptographic service provider. - * - * @throws SAMLEngineException - * the SAML engine exception - */ - @Override - public void loadCryptServiceProvider() throws SAMLEngineException { - LOG.info("Load Cryptographic Service Provider"); - - FileInputStream fis = null; - FileInputStream fisTrustStore = null; - - try { - // Dynamically register Bouncy Castle provider. - boolean found = false; - // Check if BouncyCastle is already registered as a provider - final Provider[] providers = Security.getProviders(); - for (int i = 0; i < providers.length; i++) { - if (providers[i].getName().equals(BouncyCastleProvider.PROVIDER_NAME)) { - found = true; - } - } - - // Register only if the provider has not been previously registered - if (!found) { - LOG.debug("SAMLCore: Register Bouncy Castle provider."); - Security.insertProviderAt(new BouncyCastleProvider(), Security.getProviders().length); - } - - p12Store = KeyStore.getInstance(properties.getProperty("keystoreType")); - - fis = new FileInputStream(properties.getProperty("keystorePath")); - - p12Store.load(fis, properties.getProperty("keyStorePassword").toCharArray()); - - trustStore = KeyStore.getInstance(properties.getProperty("trustStoreType")); - - fisTrustStore = new FileInputStream(properties.getProperty("trustStorePath")); - trustStore.load(fisTrustStore, properties.getProperty("trustStorePassword").toCharArray()); - - } catch (Exception e) { - throw new SAMLEngineException("Error loading CryptographicServiceProvider", e); - } finally { - IOUtils.closeQuietly(fis); - IOUtils.closeQuietly(fisTrustStore); - } - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java deleted file mode 100644 index 59f665449..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java +++ /dev/null @@ -1,488 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ -package eu.stork.peps.auth.engine.core.impl; - -import java.io.ByteArrayInputStream; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.Provider; -import java.security.Security; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateExpiredException; -import java.security.cert.CertificateFactory; -import java.security.cert.CertificateNotYetValidException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.InvalidPropertiesFormatException; -import java.util.List; -import java.util.Properties; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.NotImplementedException; -import org.bouncycastle.jce.X509Principal; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.opensaml.Configuration; -import org.opensaml.common.SAMLObject; -import org.opensaml.common.SignableSAMLObject; -import org.opensaml.saml2.core.Assertion; -import org.opensaml.saml2.core.LogoutResponse; -import org.opensaml.saml2.core.Response; -import org.opensaml.security.SAMLSignatureProfileValidator; -import org.opensaml.xml.io.MarshallingException; -import org.opensaml.xml.security.SecurityConfiguration; -import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; -import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; -import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; -import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; -import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; -import org.opensaml.xml.security.trust.ExplicitX509CertificateTrustEvaluator; -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.opensaml.xml.signature.KeyInfo; -import org.opensaml.xml.signature.Signature; -import org.opensaml.xml.signature.SignatureConstants; -import org.opensaml.xml.signature.SignatureException; -import org.opensaml.xml.signature.SignatureValidator; -import org.opensaml.xml.signature.Signer; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.validation.ValidationException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.engine.X509PrincipalUtil; -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; -import eu.stork.peps.auth.engine.core.SAMLEngineSignI; -import eu.stork.peps.exceptions.SAMLEngineException; - - -/** - * The Class SWSign. Class responsible for signing and validating of messages SAML with a certificate store software. - * - * @author fjquevedo - */ -public class SignSW implements SAMLEngineSignI { - - /** - * The Constant KEYSTORE_TYPE. - */ - private static final String KEYSTORE_TYPE = "keystoreType"; - - /** - * The Constant KEY_STORE_PASSWORD. - */ - private static final String KEY_STORE_PASS = "keyStorePassword"; - - /** - * The logger. - */ - private static final Logger LOG = LoggerFactory.getLogger(SignSW.class.getName()); - - /** - * The stork own key store. - */ - private KeyStore storkOwnKeyStore = null; - - /** - * The instance. - * - * @return the properties - */ - - public final Properties getProperties() { - return properties; - } - - /** - * Gets the stork own key store. - * - * @return the stork own key store - */ - public final KeyStore getStorkOwnKeyStore() { - return storkOwnKeyStore; - } - - /** - * Gets the stork trustStore. - * - * @return the stork own key store - */ - public KeyStore getTrustStore() { - return storkOwnKeyStore; - } - - /** - * Sets the stork own key store. - * - * @param newkOwnKeyStore - * the new stork own key store - */ - public final void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) { - this.storkOwnKeyStore = newkOwnKeyStore; - } - - /** - * Sets the properties. - * - * @param newProperties - * the new properties - */ - public final void setProperties(final Properties newProperties) { - this.properties = newProperties; - } - - /** - * The SW sign prop. - */ - private Properties properties = null; - - /** - * Inits the file configuration. - * - * @param fileConf - * name of the file configuration - * @throws SAMLEngineException - * error at the load from file configuration - */ - public final void init(final String fileConf) throws SAMLEngineException { - InputStream fileProperties = null; - // fetch base from system properties, give a default if there is nothing configured - String base = System.getProperty("eu.stork.samlengine.config.location"); - if (null != base) { - if (!base.endsWith("/")) { - base += "/"; - } - } else { - base = "/"; - } - - try { - if (null != base) - fileProperties = new FileInputStream(base + fileConf); - else - fileProperties = SignSW.class.getResourceAsStream("/" + fileConf); - properties = new Properties(); - - properties.loadFromXML(fileProperties); - fileProperties.close(); - } catch (InvalidPropertiesFormatException e) { - LOG.info("Exception: invalid properties format."); - throw new SAMLEngineException(e); - } catch (IOException e) { - LOG.info("Exception: invalid file: " + fileConf); - throw new SAMLEngineException(e); - } finally { - IOUtils.closeQuietly(fileProperties); - } - } - - /** - * @return the X509Certificate - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate() - */ - public final X509Certificate getCertificate() { - throw new NotImplementedException(); - } - - /** - * Sign the token SAML. - * - * @param tokenSaml - * the token SAML. - * @return the SAML object - * @throws SAMLEngineException - * the SAML engine exception - */ - public final SAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException { - LOG.info("Start Sign process."); - try { - final String serialNumber = properties.getProperty("serialNumber"); - final String issuer = properties.getProperty("issuer"); - - String alias = null; - String aliasCert; - X509Certificate certificate; - boolean find = false; - - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements() && !find;) { - aliasCert = e.nextElement(); - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(aliasCert); - - final String serialNum = certificate.getSerialNumber().toString(16); - - try { - X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); - X509Principal issuerDNConf = new X509Principal(issuer); - - if (serialNum.equalsIgnoreCase(serialNumber) && X509PrincipalUtil.X509equals(issuerDN, issuerDNConf)) { - alias = aliasCert; - find = true; - } - - } catch (Exception ex) { - LOG.error("Exception during signing: " + ex.getMessage()); // Added as a workaround for Bouncycastle email error - } - } - if (!find) { - throw new SAMLEngineException("Certificate cannot be found in keystore "); - } - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias); - final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey(alias, properties.getProperty("keyPassword").toCharArray()); - - LOG.info("Recover BasicX509Credential."); - final BasicX509Credential credential = new BasicX509Credential(); - - LOG.debug("Load certificate"); - credential.setEntityCertificate(certificate); - - LOG.debug("Load privateKey"); - credential.setPrivateKey(privateKey); - - LOG.debug("Begin signature with openSaml"); - final Signature signature = (Signature) Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME); - - signature.setSigningCredential(credential); - signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - // signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); - - final SecurityConfiguration secConfiguration = Configuration.getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration.getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager.getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager.getFactory(credential); - final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac.newInstance(); - - KeyInfo keyInfo = keyInfoGenerator.generate(credential); - - signature.setKeyInfo(keyInfo); - signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - // Create a second signature which will be used when signing assertion and response - final Signature signature2 = (Signature) Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME); - final SecurityConfiguration secConfiguration2 = Configuration.getGlobalSecurityConfiguration(); - final NamedKeyInfoGeneratorManager keyInfoManager2 = secConfiguration2.getKeyInfoGeneratorManager(); - final KeyInfoGeneratorManager keyInfoGenManager2 = keyInfoManager2.getDefaultManager(); - final KeyInfoGeneratorFactory keyInfoGenFac2 = keyInfoGenManager2.getFactory(credential); - final KeyInfoGenerator keyInfoGenerator2 = keyInfoGenFac2.newInstance(); - - KeyInfo keyInfo2 = keyInfoGenerator2.generate(credential); - signature2.setSigningCredential(credential); - signature2.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); - // signature2.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); - signature2.setKeyInfo(keyInfo2); - signature2.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); - - LOG.info("Marshall samlToken."); - String qn = tokenSaml.getElementQName().toString(); - - if (qn.endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) { - tokenSaml.setSignature(signature); - CustomAttributeQueryMarshaller mars = new CustomAttributeQueryMarshaller(); - mars.marshall(tokenSaml); - Signer.signObject(signature); - } else if (qn.endsWith(Response.DEFAULT_ELEMENT_LOCAL_NAME) && !qn.contains(LogoutResponse.DEFAULT_ELEMENT_LOCAL_NAME)) { - Response res = (Response) tokenSaml; - List<Assertion> asserts = res.getAssertions(); - // If multiple assertions we just sign the response and not the assertion - if (asserts.size() > 1) { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - // If single assertion we sign the assertion and response - else { - Assertion assertion = (Assertion) asserts.get(0); - assertion.setSignature(signature); - tokenSaml.setSignature(signature2); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - Signer.signObject(signature2); - } - } - // Normally we just sign the total saml response - else { - tokenSaml.setSignature(signature); - Configuration.getMarshallerFactory().getMarshaller(tokenSaml).marshall(tokenSaml); - LOG.info("Sign samlToken."); - Signer.signObject(signature); - } - - } catch (MarshallingException e) { - LOG.error("MarshallingException"); - throw new SAMLEngineException(e); - } catch (NoSuchAlgorithmException e) { - LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); - throw new SAMLEngineException(e); - } catch (KeyStoreException e) { - LOG.error("Generic KeyStore exception."); - throw new SAMLEngineException(e); - } catch (SignatureException e) { - LOG.error("Signature exception."); - throw new SAMLEngineException(e); - } catch (SecurityException e) { - LOG.error("Security exception."); - throw new SAMLEngineException(e); - } catch (UnrecoverableKeyException e) { - LOG.error("UnrecoverableKey exception."); - throw new SAMLEngineException(e); - } - - return tokenSaml; - } - - /** - * @param tokenSaml - * token SAML - * @return the SAMLObject validated. - * @throws SAMLEngineException - * error validate signature - * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(org.opensaml.common.SignableSAMLObject) - */ - public final SAMLObject validateSignature(final SignableSAMLObject tokenSaml) throws SAMLEngineException { - LOG.info("Start signature validation SW."); - try { - - // Validate structure signature - final SAMLSignatureProfileValidator sigProfValidator = new SAMLSignatureProfileValidator(); - try { - // Indicates signature id conform to SAML Signature profile - sigProfValidator.validate(tokenSaml.getSignature()); - } catch (ValidationException e) { - LOG.error("ValidationException: signature isn't conform to SAML Signature profile."); - throw new SAMLEngineException(e); - } - - String aliasCert = null; - X509Certificate certificate; - - final List<Credential> trustCred = new ArrayList<Credential>(); - - for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements();) { - aliasCert = e.nextElement(); - final BasicX509Credential credential = new BasicX509Credential(); - certificate = (X509Certificate) storkOwnKeyStore.getCertificate(aliasCert); - credential.setEntityCertificate(certificate); - trustCred.add(credential); - } - - final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); - - final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo.getX509Datas().get(0).getX509Certificates().get(0); - - final CertificateFactory certFact = CertificateFactory.getInstance("X.509"); - final ByteArrayInputStream bis = new ByteArrayInputStream(Base64.decode(xmlCert.getValue())); - final X509Certificate cert = (X509Certificate) certFact.generateCertificate(bis); - - // Exist only one certificate - final BasicX509Credential entityX509Cred = new BasicX509Credential(); - entityX509Cred.setEntityCertificate(cert); - - try { - cert.checkValidity(); - } catch (CertificateExpiredException exp) { - throw new SAMLEngineException("Certificate expired."); - } catch (CertificateNotYetValidException exp) { - throw new SAMLEngineException("Certificate not yet valid."); - } - - /* - * A better use of PKI based validation but not wanted for STORK... boolean trusted = false; - * - * for (final Enumeration<String> e = storkOwnKeyStore.aliases(); e.hasMoreElements();) { aliasCert = e.nextElement(); certificate = (X509Certificate) - * storkOwnKeyStore.getCertificate(aliasCert); try { cert.verify(certificate.getPublicKey()); trusted = true; break; } catch (Exception ex) { //Do nothing - cert not trusted yet } } - * - * if (!trusted) throw new SAMLEngineException("Certificate is not trusted."); - */ - - // Validate trust certificates - final ExplicitX509CertificateTrustEvaluator chainTrustEvaluator = new ExplicitX509CertificateTrustEvaluator(); - - if (!chainTrustEvaluator.validate(entityX509Cred, trustCred)) { - throw new SAMLEngineException("Certificate is not trusted."); - } - final ExplicitKeyTrustEvaluator keyTrustEvaluator = new ExplicitKeyTrustEvaluator(); - - if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) { - throw new SAMLEngineException("Certificate is not trusted."); - } - - // Validate signature - final SignatureValidator sigValidator = new SignatureValidator(entityX509Cred); - sigValidator.validate(tokenSaml.getSignature()); - - } catch (ValidationException e) { - LOG.error("ValidationException."); - throw new SAMLEngineException(e); - } catch (KeyStoreException e) { - LOG.error("KeyStoreException.", e); - throw new SAMLEngineException(e); - } catch (GeneralSecurityException e) { - LOG.error("GeneralSecurityException.", e); - throw new SAMLEngineException(e); - } - LOG.info(tokenSaml.getSignatureReferenceID()); - LOG.info("Start signature validation - END."); - return tokenSaml; - } - - /** - * Load cryptographic service provider. - * - * @throws SAMLEngineException - * the SAML engine exception - */ - public final void loadCryptServiceProvider() throws SAMLEngineException { - LOG.info("Load Cryptographic Service Provider"); - FileInputStream fis = null; - try { - // Dynamically register Bouncy Castle provider. - boolean found = false; - // Check if BouncyCastle is already registered as a provider - final Provider[] providers = Security.getProviders(); - for (int i = 0; i < providers.length; i++) { - if (providers[i].getName().equals(BouncyCastleProvider.PROVIDER_NAME)) { - found = true; - } - } - - // Register only if the provider has not been previously registered - if (!found) { - LOG.info("SAMLCore: Register Bouncy Castle provider."); - Security.insertProviderAt(new BouncyCastleProvider(), Security.getProviders().length); - } - - storkOwnKeyStore = KeyStore.getInstance(properties.getProperty(KEYSTORE_TYPE)); - - LOG.info("Loading KeyInfo from keystore file " + properties.getProperty("keystorePath")); - fis = new FileInputStream(properties.getProperty("keystorePath")); - - storkOwnKeyStore.load(fis, properties.getProperty(KEY_STORE_PASS).toCharArray()); - - } catch (Exception e) { - LOG.error("Error loading CryptographicServiceProvider", e); - throw new SAMLEngineException("Error loading CryptographicServiceProvider", e); - } finally { - IOUtils.closeQuietly(fis); - } - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java deleted file mode 100644 index 332882a03..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectBuilder; - -import eu.stork.peps.auth.engine.core.SAMLCore; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; - -/** - * The Class VIDPAuthenticationAttributesBuilder. - * - * @author fjquevedo - */ -public final class VIDPAuthenticationAttributesBuilder extends AbstractSAMLObjectBuilder<VIDPAuthenticationAttributes> { - - /** {@inheritDoc} */ - public VIDPAuthenticationAttributes buildObject() { - return buildObject(SAMLCore.STORK10P_NS.getValue(), VIDPAuthenticationAttributes.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); - } - - /** {@inheritDoc} */ - public VIDPAuthenticationAttributes buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { - return new VIDPAuthenticationAttributesImpl(namespaceURI, localName, namespacePrefix); - } - -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java deleted file mode 100644 index bfb85e357..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -import org.opensaml.common.impl.AbstractSignableSAMLObject; -import org.opensaml.xml.XMLObject; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; -import eu.stork.peps.auth.engine.core.SPInformation; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The Class VIDPAuthenticationAttributesImpl. - * - * @author fjquevedo - */ -public final class VIDPAuthenticationAttributesImpl extends AbstractSignableSAMLObject implements VIDPAuthenticationAttributes { - - private static final Logger LOGGER = LoggerFactory.getLogger(VIDPAuthenticationAttributesImpl.class.getName()); - /** The citizen country code. */ - private CitizenCountryCode citizenCountryCode; - - /** The SP information. */ - private SPInformation spInformation; - - /** - * Instantiates a new requested attributes implement. - * - * @param namespaceURI - * the namespace URI - * @param elementLocalName - * the element local name - * @param namespacePrefix - * the namespace prefix - */ - protected VIDPAuthenticationAttributesImpl(final String namespaceURI, final String elementLocalName, final String namespacePrefix) { - super(namespaceURI, elementLocalName, namespacePrefix); - } - - /** - * getCitizenCountryCode. - * - * @return the citizen country code - */ - public CitizenCountryCode getCitizenCountryCode() { - return citizenCountryCode; - } - - /** - * getSPInformation - * - * @return the SP information - */ - public SPInformation getSPInformation() { - return spInformation; - } - - /** - * Gets the ordered children. - * - * @return the ordered children - * - */ - public List<XMLObject> getOrderedChildren() { - final ArrayList<XMLObject> children = new ArrayList<XMLObject>(); - - children.add(citizenCountryCode); - children.add(spInformation); - - if (getSignature() != null) { - children.add(getSignature()); - } - - return Collections.unmodifiableList(children); - - } - - /** - * Gets the signature reference id. - * - * @return the signature reference id - * - */ - public String getSignatureReferenceID() { - return null; - } - - /** - * Sets the citizen country code. - * - * @param newCitizenCountryCode - * the new citizen country code - * - */ - public void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode) { - this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode); - } - - /** - * Sets the SP information. - * - * @param newSPInformation - * the new SP information - * - */ - public void setSPInformation(SPInformation newSPInformation) { - this.spInformation = prepareForAssignment(this.spInformation, newSPInformation); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java deleted file mode 100644 index 73e0ca6f5..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; - -/** - * The Class VIDPAuthenticationAttributesMarshaller. - * - * @author fjquevedo - */ -public class VIDPAuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller { - - /** - * Instantiates a new vIDP authentication attributes marshaller. - */ - public VIDPAuthenticationAttributesMarshaller() { - super(); - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java deleted file mode 100644 index dadf86254..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.impl; - -import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.UnmarshallingException; - -import eu.stork.peps.auth.engine.core.CitizenCountryCode; -import eu.stork.peps.auth.engine.core.SPInformation; -import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; - -/** - * The Class VIDPAuthenticationAttributesUnmarshaller. - * - * @author fjquevedo - */ -public class VIDPAuthenticationAttributesUnmarshaller extends AbstractSAMLObjectUnmarshaller { - - /** - * Process child element. - * - * @param parentObject - * the parent object - * @param childObject - * the child object - * - * @throws UnmarshallingException - * the unmarshalling exception - * - */ - protected final void processChildElement(final XMLObject parentObject, final XMLObject childObject) throws UnmarshallingException { - final VIDPAuthenticationAttributes vIDPAuthenticationAttr = (VIDPAuthenticationAttributes) parentObject; - - if (childObject instanceof CitizenCountryCode) { - vIDPAuthenticationAttr.setCitizenCountryCode((CitizenCountryCode) childObject); - } else if (childObject instanceof SPInformation) { - vIDPAuthenticationAttr.setSPInformation((SPInformation) childObject); - } else { - super.processChildElement(parentObject, childObject); - } - } -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java deleted file mode 100644 index 07db9c9db..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Implementations of STORK 1.0 core specification types and elements. - */ -package eu.stork.peps.auth.engine.core.impl;
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java deleted file mode 100644 index 51745d796..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Interfaces for STORK 1.0 core specification types and elements. - */ -package eu.stork.peps.auth.engine.core;
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java deleted file mode 100644 index a4015eed1..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java +++ /dev/null @@ -1,80 +0,0 @@ -package eu.stork.peps.auth.engine.core.validator; - -import org.opensaml.xml.util.DatatypeHelper; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; - -import eu.stork.peps.auth.engine.core.CustomAttributeQuery; - -public class CustomAttributeQueryValidator implements Validator<CustomAttributeQuery> { - - /** - * Validate action. - * - * @param attrQuery - * the attribute query to validate - * - * @throws ValidationException - * the validation exception - */ - public final void validate(final CustomAttributeQuery attrQuery) throws ValidationException { - validateAssertion(attrQuery); - validateSubject(attrQuery); - validateDestination(attrQuery); - } - - /** - * Validate assertion. - * - * @param attrQuery - * the attribute query - * - * @throws ValidationException - * the validation exception - */ - protected final void validateAssertion(final CustomAttributeQuery attrQuery) throws ValidationException { - if (DatatypeHelper.isEmpty(attrQuery.getAssertionConsumerServiceURL())) { - throw new ValidationException("Consumer Service URL must be specified."); - } - } - - /** - * Validate subject - * - * @param query - * the attribute query to validate - * @throws ValidationException - * the validation exception - */ - protected void validateSubject(CustomAttributeQuery query) throws ValidationException { - if (query.getSubject() == null) - throw new ValidationException("Subject is required"); - } - - /** - * Validate the destination - * - * @param query - * the query to validate - * @throws ValidationException - * the validation exception - */ - protected void validateDestination(CustomAttributeQuery query) throws ValidationException { - if (query.getDestination() == null) - throw new ValidationException("Destination is required"); - } - - /** - * Validate the destination - * - * @param query - * the query to validate - * @throws ValidationException - * the validation exception - */ - protected void validateTime(CustomAttributeQuery query) throws ValidationException { - if (query.getIssueInstant().minusMinutes(5).isAfterNow()) - throw new ValidationException("Issue time is in the futue"); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java deleted file mode 100644 index 6a709a7bc..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.validator; - -import java.util.List; - -import org.opensaml.saml2.common.Extensions; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class ExtensionsSchemaValidator. - * - * @author fjquevedo - */ -public class ExtensionsSchemaValidator implements Validator<Extensions> { - - /** - * validate the extensions. - * - * @param extensions - * the extensions - * - * @throws ValidationException - * the validation exception - */ - public final void validate(final Extensions extensions) throws ValidationException { - if (extensions.getUnknownXMLObjects() == null || extensions.getUnknownXMLObjects().size() <= 0) { - throw new ValidationException("Extension element is empty or not exist."); - } - - List<XMLObject> qaa = extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME); - - if (qaa.size() == 1) { - final Validator<QAAAttribute> validatorQaa = new QAAAttributeSchemaValidator(); - validatorQaa.validate((QAAAttribute) qaa.get(0)); - } else { - throw new ValidationException("Extensions must contain only one element QAALevel."); - } - - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java deleted file mode 100644 index 9c8c1e6a1..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java +++ /dev/null @@ -1,93 +0,0 @@ -package eu.stork.peps.auth.engine.core.validator; - -import org.opensaml.saml2.core.Response; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; - -public class MultipleAssertionResponseValidator implements Validator<Response> { - - /** - * Validate action. - * - * @param response - * the response to validate - * - * @throws ValidationException - * the validation exception - */ - public final void validate(final Response response) throws ValidationException { - validateAssertion(response); - validateConsent(response); - validateDestination(response); - validateTime(response); - validateId(response); - } - - /** - * Validate assertion. - * - * @param response - * the attribute query - * - * @throws ValidationException - * the validation exception - */ - protected final void validateAssertion(final Response response) throws ValidationException { - if (response.getAssertions() == null || response.getAssertions().size() < 2) { - throw new ValidationException("Multiple assertions must be specified."); - } - } - - /** - * Validate the Consent - * - * @param response - * the response to validate - * @throws ValidationException - * the validation exception - */ - protected void validateConsent(Response response) throws ValidationException { - if (response.getConsent() == null) - throw new ValidationException("Consent is required"); - } - - /** - * Validate the destination - * - * @param response - * the response to validate - * @throws ValidationException - * the validation exception - */ - protected void validateDestination(Response response) throws ValidationException { - if (response.getDestination() == null) - throw new ValidationException("Destination is required"); - } - - /** - * Validate issue times - * - * @param response - * the response to validate - * @throws ValidationException - * the validation exception - */ - protected void validateTime(Response response) throws ValidationException { - if (response.getIssueInstant().minusMinutes(5).isAfterNow()) - throw new ValidationException("Issue time is in the futue"); - } - - /** - * Validate ids - * - * @param response - * the response to validate - * @throws ValidationException - * the validation exception - */ - protected void validateId(Response response) throws ValidationException { - if (response.getID() == null || response.getInResponseTo() == null) - throw new ValidationException("Id and response id is required"); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java deleted file mode 100644 index 04ff153d3..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.auth.engine.core.validator; - -import org.opensaml.xml.util.DatatypeHelper; -import org.opensaml.xml.validation.ValidationException; -import org.opensaml.xml.validation.Validator; - -import eu.stork.peps.auth.engine.core.QAAAttribute; - -/** - * The Class QAAAttributeSchemaValidator. - * - * @author fjquevedo - */ -public class QAAAttributeSchemaValidator implements Validator<QAAAttribute> { - - /** - * Validate action. - * - * @param qaa - * the quality authentication assurance level attribute - * - * @throws ValidationException - * the validation exception - */ - public final void validate(final QAAAttribute qaa) throws ValidationException { - validateAction(qaa); - } - - /** - * Validate action. - * - * @param qaaAttribute - * the quality authentication assurance level attribute. - * - * @throws ValidationException - * the validation exception - */ - protected final void validateAction(final QAAAttribute qaaAttribute) throws ValidationException { - if (DatatypeHelper.isEmpty(qaaAttribute.getQaaLevel())) { - throw new ValidationException("QAALevel label must be specified."); - } - int qaa = 0; - try { - qaa = Integer.valueOf(qaaAttribute.getQaaLevel()); - } catch (Exception e) { - throw new ValidationException("QAALevel is not a valid number!"); - } - - if (qaa < QAAAttribute.MIN_VALUE || qaa > QAAAttribute.MAX_VALUE) { - throw new ValidationException("QAALevel label must be greater than 0."); - } - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java deleted file mode 100644 index 07b632773..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Validation rules for STORK 1.0 core types and elements. - */ -package eu.stork.peps.auth.engine.core.validator;
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java deleted file mode 100644 index 30130b7f6..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Provides the classes necessary to create a SAML message. - */ -package eu.stork.peps.auth.engine;
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java deleted file mode 100644 index e513c6add..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ -package eu.stork.peps.configuration; - -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.HashMap; -import java.util.InvalidPropertiesFormatException; -import java.util.Map; -import java.util.Properties; - -import org.apache.commons.io.IOUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * The Class InstanceCreator. - * - * @author fjquevedo - */ -public final class ConfigurationCreator { - - /** - * The Constant LOGGER. - */ - private static final Logger LOGGER = LoggerFactory.getLogger(ConfigurationCreator.class.getName()); - - /** - * Creates the configuration. - * - * @param instanceConfs - * the instance configuration - * @return the map< string, map< string, object>> - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public static Map<String, Map<String, Object>> createConfiguration(final Map<String, InstanceEngine> instanceConfs) throws STORKSAMLEngineException { - - final HashMap<String, Map<String, Object>> instances = new HashMap<String, Map<String, Object>>(); - - LOGGER.info("Create configuration."); - try { - // Only create instances for SAMLEngine configuration. - // INSTANCE - for (Map.Entry<String, InstanceEngine> entry : instanceConfs.entrySet()) { - final InstanceEngine iEngine = entry.getValue(); - - final Map<String, Object> intance = new HashMap<String, Object>(); - - // CONFIGURATION - for (ConfigurationEngine configuration : iEngine.getConfiguration()) { - // Properties only for configuration SamlEngine. - if (configuration.getName().equalsIgnoreCase("SamlEngineConf")) { - intance.put(configuration.getName(), getNewInstance(configuration.getParameters().get("fileConfiguration"))); - } else { - intance.put(configuration.getName(), configuration.getParameters()); - } - } - instances.put(entry.getKey(), intance); - } - } catch (STORKSAMLEngineException ex) { - LOGGER.error("Can not create instance from file configuration."); - throw new STORKSAMLEngineException(ex); - } - return instances; - } - - /** - * Gets the new instance. - * - * @param fileName - * the file name - * @return the properties from the new instance - * @throws STORKSAMLEngineException - * the STORKSAML engine runtime exception - */ - private static Properties getNewInstance(final String fileName) throws STORKSAMLEngineException { - LOGGER.info("Create file configuration properties to Stork Saml Engine: " + fileName); - InputStream fileEngineProp = null; - - // fetch base from system properties, give a default if there is nothing configured - String base = System.getProperty("eu.stork.samlengine.config.location"); - if (null != base) { - if (!base.endsWith("/")) { - base += "/"; - } - } else { - base = "/"; - } - - LOGGER.info("Create file configuration properties to Stork Saml Engine: " + base + fileName); - - try { - - if (null != base) - fileEngineProp = new FileInputStream(base + fileName); - else - fileEngineProp = ConfigurationCreator.class.getResourceAsStream(base + fileName); - - final Properties configuration = new Properties(); - configuration.loadFromXML(fileEngineProp); - return configuration; - } catch (InvalidPropertiesFormatException e) { - LOGGER.error("Invalid properties format: " + fileName); - throw new STORKSAMLEngineException(e); - } catch (IOException e) { - LOGGER.error("Error read file: " + fileName); - throw new STORKSAMLEngineException(e); - } finally { - IOUtils.closeQuietly(fileEngineProp); - } - } - - /** - * Instantiates a new instance creator. - */ - private ConfigurationCreator() { - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java deleted file mode 100644 index 9dbed386e..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.util.Map; - -/** - * The Class ConfigurationEngine. - * - * @author fjquevedo - */ -public class ConfigurationEngine { - - /** The name of the configuration file. */ - private String name; - - /** The parameters. */ - private Map<String, String> parameters; - - /** - * Gets the name. - * - * @return the name - */ - public final String getName() { - return name; - } - - /** - * Gets the parameters. - * - * @return the parameters - */ - public final Map<String, String> getParameters() { - return parameters; - } - - /** - * Sets the name. - * - * @param newName - * the new name - */ - public final void setName(final String newName) { - this.name = newName; - } - - /** - * Sets the parameters. - * - * @param newParameters - * the parameters - */ - public final void setParameters(final Map<String, String> newParameters) { - this.parameters = newParameters; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java deleted file mode 100644 index f68060154..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java +++ /dev/null @@ -1,217 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.HashMap; -import java.util.Map; - -import javax.xml.XMLConstants; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; -import org.xml.sax.SAXException; - -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * The Class ConfigurationReader. - * - * @author fjquevedo - */ -public final class ConfigurationReader { - - /** The Constant SAML_ENGINE_CONFIGURATION_FILE. */ - private static final String ENGINE_CONF_FILE = "SamlEngine.xml"; - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory.getLogger(ConfigurationReader.class.getName()); - - /** The Constant NODE_CONFIGURATION. */ - private static final String NODE_CONF = "configuration"; - - /** The Constant NODE_CONFIGURATION_NAME. */ - private static final String NODE_CONF_NAME = "name"; - - /** The Constant NODE_INSTANCE_NAME. */ - private static final String NODE_INST_NAME = "name"; - - /** The Constant NODE_INSTANCE. */ - private static final String NODE_INSTANCE = "instance"; - - /** The Constant NODE_CONFIGURATION_NAME. */ - private static final String NODE_PARAM_NAME = "name"; - - /** The Constant NODE_CONFIGURATION_NAME. */ - private static final String NODE_PARAM_VALUE = "value"; - - /** The Constant NODE_CONFIGURATION_NAME. */ - private static final String NODE_PARAMETER = "parameter"; - - /** - * Generate parameters. - * - * @param configurationNode - * the configuration node - * - * @return the map< string, string> - */ - private static Map<String, String> generateParam(final Element configurationNode) { - - final HashMap<String, String> parameters = new HashMap<String, String>(); - - final NodeList parameterNodes = configurationNode.getElementsByTagName(NODE_PARAMETER); - - String parameterName; - String parameterValue; - - for (int k = 0; k < parameterNodes.getLength(); ++k) { - // for every parameter find, process. - final Element parameterNode = (Element) parameterNodes.item(k); - parameterName = parameterNode.getAttribute(NODE_PARAM_NAME); - parameterValue = parameterNode.getAttribute(NODE_PARAM_VALUE); - - // verified the content. - if (StringUtils.isBlank(parameterName) || StringUtils.isBlank(parameterValue)) { - throw new STORKSAMLEngineRuntimeException("Error reader parameters (name - value)."); - } else { - parameters.put(parameterName.trim(), parameterValue.trim()); - } - } - return parameters; - } - - /** - * Read configuration. - * - * @return the map< string, instance engine> - * - * @throws SAMLEngineException - * the STORKSAML engine runtime exception - */ - public static Map<String, InstanceEngine> readConfiguration() throws SAMLEngineException { - - // fetch base from system properties, give a default if there is nothing configured - String base = System.getProperty("eu.stork.samlengine.config.location"); - if (null != base) - if (!base.endsWith("/")) - base += "/"; - - LOGGER.info("Init reader: " + base + ENGINE_CONF_FILE); - final Map<String, InstanceEngine> instanceConfs = new HashMap<String, InstanceEngine>(); - - Document document = null; - // Load configuration file - final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - DocumentBuilder builder; - - InputStream engineConf = null; - try { - - factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); - - builder = factory.newDocumentBuilder(); - - if (null != base) - engineConf = new FileInputStream(base + ENGINE_CONF_FILE); - else - engineConf = ConfigurationReader.class.getResourceAsStream("/" + ENGINE_CONF_FILE); - - document = builder.parse(engineConf); - - // Read instance - final NodeList list = document.getElementsByTagName(NODE_INSTANCE); - - for (int indexElem = 0; indexElem < list.getLength(); ++indexElem) { - final Element element = (Element) list.item(indexElem); - - final InstanceEngine instanceConf = new InstanceEngine(); - - // read every configuration. - final String instanceName = element.getAttribute(NODE_INST_NAME); - - if (StringUtils.isBlank(instanceName)) { - throw new STORKSAMLEngineRuntimeException("Error reader instance name."); - } - instanceConf.setName(instanceName.trim()); - - final NodeList confNodes = element.getElementsByTagName(NODE_CONF); - - for (int indexNode = 0; indexNode < confNodes.getLength(); ++indexNode) { - - final Element configurationNode = (Element) confNodes.item(indexNode); - - final String configurationName = configurationNode.getAttribute(NODE_CONF_NAME); - - if (StringUtils.isBlank(configurationName)) { - throw new STORKSAMLEngineRuntimeException("Error reader configuration name."); - } - - final ConfigurationEngine confSamlEngine = new ConfigurationEngine(); - - // Set configuration name. - confSamlEngine.setName(configurationName.trim()); - - // Read every parameter for this configuration. - final Map<String, String> parameters = generateParam(configurationNode); - - // Set parameters - confSamlEngine.setParameters(parameters); - - // Add parameters to the configuration. - instanceConf.getConfiguration().add(confSamlEngine); - } - - // Add to the list of configurations. - instanceConfs.put(element.getAttribute(NODE_INST_NAME), instanceConf); - } - - } catch (SAXException e) { - LOGGER.error("Error: init library parser."); - throw new SAMLEngineException(e); - } catch (ParserConfigurationException e) { - LOGGER.error("Error: parser configuration file xml."); - throw new SAMLEngineException(e); - } catch (IOException e) { - LOGGER.error("Error: read configuration file."); - throw new SAMLEngineException(e); - } finally { - IOUtils.closeQuietly(engineConf); - } - - return instanceConfs; - } - - /** - * Instantiates a new configuration reader. - */ - private ConfigurationReader() { - - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java deleted file mode 100644 index 4a382fe99..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.util.Map; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.exceptions.SAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; - -/** - * The Class InstanceCreator. - * - * @author fjquevedo - */ -public final class ConfigurationSingleton { - - /** The instance of every engine SAML. */ - private static Map<String, InstanceEngine> instanceConfigs; - - /** The instances of SAML engine. */ - private static Map<String, Map<String, Object>> instances; - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory.getLogger(ConfigurationSingleton.class.getName()); - - static { - LOGGER.debug("Read all file configurations. (instances of SAMLEngine)"); - try { - instanceConfigs = ConfigurationReader.readConfiguration(); - } catch (SAMLEngineException e) { - LOGGER.error("Error read configuration file."); - throw new STORKSAMLEngineRuntimeException(e); - } - } - - /** - * Gets the new instance. - * - * @param fileName - * the file name - * - * @return the properties from the new instance - * - * @throws STORKSAMLEngineException - * the STORKSAML engine runtime exception - */ - private static Map<String, Map<String, Object>> getInstance(final String fileName) throws STORKSAMLEngineException { - return ConfigurationCreator.createConfiguration(instanceConfigs); - } - - /** - * Instantiates a new instance creator. - */ - private ConfigurationSingleton() { - } - -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java deleted file mode 100644 index 0343d915a..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.configuration; - -import java.util.ArrayList; -import java.util.List; - -/** - * The Class InstanceConfiguration. - * - * @author fjquevedo - */ -public class InstanceEngine { - - /** The configuration. */ - private List<ConfigurationEngine> configuration = new ArrayList<ConfigurationEngine>(); - - /** The name. */ - private String name; - - /** - * Gets the parameters. - * - * @return the parameters - */ - public final List<ConfigurationEngine> getConfiguration() { - return this.configuration; - } - - /** - * Gets the name. - * - * @return the name - */ - public final String getName() { - return name; - } - - /** - * Sets the parameters. - * - * @param newConfiguration - * the new parameters - */ - public final void setConfiguration(final List<ConfigurationEngine> newConfiguration) { - this.configuration = newConfiguration; - } - - /** - * Sets the name. - * - * @param newName - * the new name - */ - public final void setName(final String newName) { - this.name = newName; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java deleted file mode 100644 index e6676342d..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Provides the classes necessary to create a SAML message instance. - */ -package eu.stork.peps.configuration; - diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java deleted file mode 100644 index cc3bf3676..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.exceptions; - -/** - * The Class SAMLEngineException. - * - * @author fjquevedo - */ -public class SAMLEngineException extends Exception { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 2611361164977849837L; - - /** - * Instantiates a new SAMLEngine exception. - * - * @param wrappedException - * the wrapped exception - */ - public SAMLEngineException(final Exception wrappedException) { - super(wrappedException); - } - - /** - * Instantiates a new SAMLEngine exception. - * - * @param message - * the message - */ - public SAMLEngineException(final String message) { - super(message); - } - - /** - * Instantiates a new SAMLEngine exception. - * - * @param message - * the message - * @param wrappedException - * the wrapped exception - */ - public SAMLEngineException(final String message, final Exception wrappedException) { - super(message, wrappedException); - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java deleted file mode 100644 index d0d9d721d..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.exceptions; - -/** - * The Class STORKSAMLEngineException. - * - * @author fjquevedo - */ -public class STORKSAMLEngineException extends Exception { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = -8319723167019122930L; - - /** The error code. */ - private String errorCode; - - /** The error detail. */ - private String errorDetail; - - /** - * Instantiates a new sTORKSAML engine exception. - * - * @param wrappedException - * the wrapped exception - */ - public STORKSAMLEngineException(final Exception wrappedException) { - super(wrappedException); - } - - /** - * Instantiates a new sTORKSAML engine exception. - * - * @param errorMessage - * the error message - */ - public STORKSAMLEngineException(final String errorMessage) { - super(errorMessage); - } - - /** - * Instantiates a new sTORKSAML engine exception. - * - * @param message - * the message - * @param wrappedException - * the wrapped exception - */ - public STORKSAMLEngineException(final String message, final Exception wrappedException) { - super(message, wrappedException); - } - - /** - * Instantiates a new sTORKSAML engine exception. - * - * @param newErrorCode - * the error code - * @param errorMessage - * the error message - * @param newErrorDetail - * the error detail - */ - public STORKSAMLEngineException(final String newErrorCode, final String errorMessage, final String newErrorDetail) { - super(errorMessage); - this.errorCode = newErrorCode; - this.errorDetail = newErrorDetail; - } - - /** - * Gets the error code. - * - * @return the error code - */ - public final String getErrorCode() { - return this.errorCode; - } - - /** - * Gets the error detail. - * - * @return the error detail - */ - public final String getErrorDetail() { - return errorDetail; - } - - /** - * Gets the error message. - * - * @return the error message - */ - public final String getErrorMessage() { - return super.getMessage(); - } - - /** - * Gets the message. - * - * @return the message of the exception. - * - * @see java.lang.Throwable#getMessage() - */ - public final String getMessage() { - return "Error (no. " + errorCode + ") processing request : " + super.getMessage(); - } - - /** - * Sets the error code. - * - * @param newErrorCode - * the new error code - */ - public final void setErrorCode(final String newErrorCode) { - this.errorCode = newErrorCode; - } - - /** - * Sets the error detail. - * - * @param newErrorDetail - * the new error detail - */ - public final void setErrorDetail(final String newErrorDetail) { - this.errorDetail = newErrorDetail; - } - -} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java deleted file mode 100644 index f43c1bd78..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.exceptions; - -/** - * The Class STORKSAMLEngineRuntimeException. - * - * @author fjquevedo - */ -public class STORKSAMLEngineRuntimeException extends RuntimeException { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 5829810358581493517L; - - /** - * Instantiates a new sTORKSAML engine runtime exception. - * - * @param wrappedException - * the wrapped exception - */ - public STORKSAMLEngineRuntimeException(final Exception wrappedException) { - super(wrappedException); - } - - /** - * Creates a new instance of application exception. - * - * @param cause - * the exception cause. - */ - public STORKSAMLEngineRuntimeException(final String cause) { - super(cause); - } - - /** - * Instantiates a new sTORKSAML engine runtime exception. - * - * @param message - * the message - * @param wrappedException - * the wrapped exception - */ - public STORKSAMLEngineRuntimeException(final String message, final Exception wrappedException) { - super(message, wrappedException); - } -}
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java deleted file mode 100644 index 0c7341995..000000000 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Provides the classes for STORK exceptions management. - */ -package eu.stork.peps.exceptions;
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java deleted file mode 100644 index b421dce8c..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java +++ /dev/null @@ -1,173 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.test.simple; - -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; - -import javax.xml.XMLConstants; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.OutputKeys; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.apache.commons.io.IOUtils; -import org.bouncycastle.util.encoders.Base64; -import org.opensaml.Configuration; -import org.opensaml.xml.XMLObject; -import org.opensaml.xml.io.Marshaller; -import org.opensaml.xml.io.MarshallerFactory; -import org.opensaml.xml.io.MarshallingException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -/** - * The Class SSETestUtils. - */ -public final class SSETestUtils { - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(SSETestUtils.class.getName()); - - /** - * Instantiates a new sSE test utils. - */ - private SSETestUtils() { - } - - /** - * Prints the tree DOM. - * - * @param samlToken - * the SAML token - * @param isIndent - * the is indent - * - * @return the string - * @throws TransformerException - * the exception - */ - public static String printTreeDOM(final Element samlToken, final boolean isIndent) throws TransformerException { - // set up a transformer - final TransformerFactory transfac = TransformerFactory.newInstance(); - final Transformer trans = transfac.newTransformer(); - trans.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - trans.setOutputProperty(OutputKeys.INDENT, String.valueOf(isIndent)); - - // create string from XML tree - final StringWriter stringWriter = new StringWriter(); - final StreamResult result = new StreamResult(stringWriter); - final DOMSource source = new DOMSource(samlToken); - trans.transform(source, result); - final String xmlString = stringWriter.toString(); - - return xmlString; - } - - /** - * Marshall. - * - * @param samlToken - * the SAML token - * - * @return the byte[] - * - * @throws MarshallingException - * the marshalling exception - * @throws ParserConfigurationException - * the parser configuration exception - * @throws TransformerException - * the transformer exception - */ - public static byte[] marshall(final XMLObject samlToken) throws MarshallingException, ParserConfigurationException, TransformerException { - - final javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory.newInstance(); - dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); - dbf.setNamespaceAware(true); - dbf.setIgnoringComments(true); - final javax.xml.parsers.DocumentBuilder docBuild = dbf.newDocumentBuilder(); - - // Get the marshaller factory - final MarshallerFactory marshallerFactory = Configuration.getMarshallerFactory(); - - // Get the Subject marshaller - final Marshaller marshaller = marshallerFactory.getMarshaller(samlToken); - - final Document doc = docBuild.newDocument(); - - // Marshall the SAML token - marshaller.marshall(samlToken, doc); - - // Obtain a byte array representation of the marshalled SAML object - final DOMSource domSource = new DOMSource(doc); - final StringWriter writer = new StringWriter(); - final StreamResult result = new StreamResult(writer); - final TransformerFactory transFact = TransformerFactory.newInstance(); - final Transformer transformer = transFact.newTransformer(); - transformer.transform(domSource, result); - - return writer.toString().getBytes(); - } - - /** - * Encode SAML token. - * - * @param samlToken - * the SAML token - * - * @return the string - */ - public static String encodeSAMLToken(final byte[] samlToken) { - return new String(Base64.encode(samlToken)); - } - - /** - * Read stork SAML from file. - * - * @param resource - * the resource - * - * @return the byte[] - * @throws IOException - * the exception - * - */ - public static byte[] readStorkSamlFromFile(final String resource) throws IOException { - InputStream inputStream = null; - byte[] bytes; - - try { - inputStream = StorkAuthRequestTest.class.getResourceAsStream(resource); - - // Create the byte array to hold the data - bytes = new byte[(int) inputStream.available()]; - inputStream.read(bytes); - } catch (IOException e) { - LOG.error("Error read from file: " + resource); - throw e; - } finally { - IOUtils.closeQuietly(inputStream); - } - return bytes; - - } -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java deleted file mode 100644 index bdb8780c3..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.test.simple; - -import org.junit.Test; - -import junit.framework.Assert; -import junit.framework.TestCase; -import eu.stork.peps.auth.engine.STORKSAMLEngine; - -/** - * The Class SimpleBaseTest. Defines a set of test the initialization of the SAML engine. - */ -@SuppressWarnings("deprecation") -public class SimpleBaseTest extends TestCase { - - /** - * Test SAML engine correct configuration name. - */ - - @Test - public final void testSamlEngineCorrectInit() { - Assert.assertNotNull(STORKSAMLEngine.getInstance("CONF1")); - } - - /** - * Test SAML engine error configuration name. - */ - @Test - public final void testSamlEngineErrorNameConf() { - Assert.assertNull(STORKSAMLEngine.getInstance("CONF_ERROR")); - } - - /** - * Test SAML engine error name null. - */ - @Test - public final void testSamlEngineErrorNameNull() { - Assert.assertNull(STORKSAMLEngine.getInstance(null)); - } - - /** - * Test SAML engine correct name configuration with spaces. - */ - @Test - public final void testSamlEngineErrorNameSpaces() { - Assert.assertNotNull(STORKSAMLEngine.getInstance(" CONF1 ")); - } - -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java deleted file mode 100644 index 4f22df7fb..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java +++ /dev/null @@ -1,852 +0,0 @@ -package eu.stork.peps.test.simple; - -import static org.junit.Assert.*; - -import java.io.*; -import java.util.ArrayList; -import java.util.Arrays; - -import org.junit.Ignore; -import org.junit.Test; -import org.opensaml.xml.parse.BasicParserPool; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -public class StorkAttrQueryRequestTest { - - /** The engines. */ - private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); - private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); - private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); - private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); - - /** - * Instantiates a new stork authentication request test. - */ - public StorkAttrQueryRequestTest() { - pal = new PersonalAttributeList(); - - final PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(true); - final ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - pal.add(isAgeOver); - - final PersonalAttribute dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - pal.add(dateOfBirth); - - final PersonalAttribute eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - eIDNumber.setValue(Arrays.asList("ES/IS/1234567890")); - pal.add(eIDNumber); - - final PersonalAttribute givenName = new PersonalAttribute(); - givenName.setName("givenName"); - givenName.setIsRequired(true); - givenName.setValue(Arrays.asList("Sveinbjorn")); - pal.add(givenName); - - final PersonalAttribute fiscalNumber = new PersonalAttribute(); - fiscalNumber.setName("fiscalNumber"); - fiscalNumber.setIsRequired(true); - fiscalNumber.setValue(Arrays.asList("fiscalNumber")); - pal.add(fiscalNumber); - - final PersonalAttribute LPFiscalNumber = new PersonalAttribute(); - LPFiscalNumber.setName("LPFiscalNumber"); - LPFiscalNumber.setIsRequired(true); - LPFiscalNumber.setValue(Arrays.asList("LPFiscalNumber")); - pal.add(LPFiscalNumber); - - destination = "http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest"; - assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; - // spName = "University of Oxford"; - spSector = "EDU001"; - spInstitution = "OXF001"; - spApplication = "APP001"; - spCountry = "IS"; - - spId = "EDU001-OXF001-APP001"; - - } - - /** The destination. */ - private String destination; - - /** The service provider sector. */ - private String spSector; - - /** The service provider institution. */ - private String spInstitution; - - /** The service provider application. */ - private String spApplication; - - /** The service provider country. */ - private String spCountry; - - /** The service provider id. */ - private String spId; - - /** The assertion consumer URL. */ - private String assertConsumerUrl; - - /** The quality authentication assurance level. */ - private static final int QAAL = 3; - - /** The List of Personal Attributes. */ - private IPersonalAttributeList pal; - - /** The attribute query request. */ - private static byte[] attrRequest; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(StorkAttrQueryRequestTest.class.getName()); - - /** Parser manager used to parse XML. */ - private static BasicParserPool parser; - - static { - parser = new BasicParserPool(); - parser.setNamespaceAware(true); - } - - /** - * Test generate authentication request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAttrQueryRequest() throws STORKSAMLEngineException { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - - // new parameters - request.setEIDSectorShare(false); - request.setEIDCrossSectorShare(false); - request.setEIDCrossBorderShare(false); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - request.setSpCountry(spCountry); - - STORKAttrQueryRequest req1 = engine0.generateSTORKAttrQueryRequest(request); - byte[] reqByte = req1.getTokenSaml(); - FileOutputStream output = null; - - try { - output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml")); - } catch (FileNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(reqByte); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); - - request.setCitizenCountryCode("IS"); - LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); - } - - /** - * Test generate authentication request error personal attribute name error. - */ - @Test - public final void testGenerateAttrQueryRequestPALsErr1() { - - final IPersonalAttributeList palWrong = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("attrNotValid"); - worngAttr.setIsRequired(true); - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(palWrong); - - // news parameters - request.setEIDSectorShare(false); - request.setEIDCrossSectorShare(false); - request.setEIDCrossBorderShare(false); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - engine.generateSTORKAttrQueryRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request error personal attribute value error. - */ - @Test - public final void testGenerateAttrQueryRequestPALsErr2() { - - final IPersonalAttributeList palWrong = new PersonalAttributeList(); - - final PersonalAttribute attrNotValid = new PersonalAttribute(); - attrNotValid.setName("attrNotValid"); - attrNotValid.setIsRequired(true); - palWrong.add(attrNotValid); - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(palWrong); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - engine.generateSTORKAttrQueryRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request authentication assurance level negative value. - */ - @Test - public final void testGenerateAttrQueryRequestQaalErr1() { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(-1); - request.setPersonalAttributeList(pal); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - - try { - engine.generateSTORKAttrQueryRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request service provider sector null. - */ - @Test - public final void testGenerateAttrQueryRequestSectorErr() { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(null); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - engine.generateSTORKAttrQueryRequest(request); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - - } - } - - /** - * Test generate authentication request service provider institution null. - */ - @Test - public final void testGenerateAttrQueryRequestDestinationErr() { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(null); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(null); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - engine.generateSTORKAttrQueryRequest(request); - fail("generateSTORKAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!"); - - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request service provider application null. - */ - @Test - public final void testGenerateAttrQueryRequestApplicationErr() { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(null); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - engine.generateSTORKAttrQueryRequest(request); - - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } - } - - /** - * Test generate authentication request service provider country null. - */ - @Test - public final void testGenerateAttrQueryRequestCountryErr() { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(null); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - engine.generateSTORKAttrQueryRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request error with quality authentication assurance level wrong. - */ - @Test - public final void testGenerateAttrQueryRequestQaalErr2() { - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(0); - request.setPersonalAttributeList(pal); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - engine.generateSTORKAttrQueryRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request personal attribute list null value. - */ - @Test - public final void testGenerateAttrQueryRequestPALErr1() { - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(null); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - engine.generateSTORKAttrQueryRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication request null parameter. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAttrQueryRequestNullParam() throws STORKSAMLEngineException { - try { - engine.validateSTORKAttrQueryRequest(null); - fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication request error bytes encode. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAttrQueryRequestErrorEncode() throws STORKSAMLEngineException { - try { - engine.validateSTORKAttrQueryRequest("messageError".getBytes()); - fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAttrQueryRequest() throws STORKSAMLEngineException { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - attrRequest = engine.generateSTORKAttrQueryRequest(request).getTokenSaml(); - - final STORKAttrQueryRequest validatedRequest = engine.validateSTORKAttrQueryRequest(attrRequest); - - assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false); - assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false); - assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false); - - } - - /** - * Test validate data authenticate request. Verified parameters after validation. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateDataAttrQueryRequest() throws STORKSAMLEngineException { - - final STORKAttrQueryRequest request = engine.validateSTORKAttrQueryRequest(attrRequest); - - assertEquals("Sestination incorrect: ", request.getDestination(), destination); - - assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false); - assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false); - assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false); - - assertEquals("QAAL incorrect: ", request.getQaa(), QAAL); - assertEquals("SPSector incorrect: ", request.getSpSector(), spSector); - assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null); - assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication); - assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), null); - - } - - /** - * Test validate file attribute query request. Validate from XML file. - * - * @throws Exception - * the exception - */ - @Test - public final void testValidateFileAttrQueryRequest() throws Exception { - - final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequest1.xml"); - - try { - engine.validateSTORKAttrQueryRequest(bytes); - fail("testValidateFileAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error(e.getMessage()); - } - } - - /** - * Test validate file authentication request tag delete. - * - * @throws Exception - * the exception - */ - @Test - public final void testValidateFileAttrRequestTagDelete() throws Exception { - - final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml"); - - try { - engine.validateSTORKAttrQueryRequest(bytes); - fail("validateSTORKAttrQueryRequest(...) should have thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error(e.getMessage()); - - } - } - - /** - * Test validate authentication request not trusted token. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAttrQueryRequestNotTrustedErr1() throws STORKSAMLEngineException { - - try { - final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine.getInstance("CONF2"); - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - - final byte[] authReqNotTrust = engineNotTrusted.generateSTORKAttrQueryRequest(request).getTokenSaml(); - - engine.validateSTORKAttrQueryRequest(authReqNotTrust); - fail("validateSTORKAttrQueryRequestNotTrusted(...) should have thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication request trusted. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAttrQueryRequestTrusted() throws STORKSAMLEngineException { - - final STORKSAMLEngine engineTrusted = STORKSAMLEngine.getInstance("CONF3"); - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - final byte[] authReqNotTrust = engineTrusted.generateSTORKAttrQueryRequest(request).getTokenSaml(); - - // engine ("CONF1") no have trust certificate from "CONF2" - engine.validateSTORKAttrQueryRequest(authReqNotTrust); - - } - - /** - * Test generate authentication request service provider application null. - */ - @Test - public final void testGenerateAttrQueryRequestNADA() { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - - // news parameters - request.setSpSector(null); - request.setSpInstitution(null); - request.setSpApplication(null); - request.setSpCountry(null); - - try { - - engine.validateSTORKAttrQueryRequest(attrRequest); - - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } - } - - /** - * Test validate authentication request with unknown elements. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAttrQueryRequestWithUnknownElements() throws STORKSAMLEngineException { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - - IPersonalAttributeList pAttList = new PersonalAttributeList(); - - final PersonalAttribute unknown = new PersonalAttribute(); - unknown.setName("unknown"); - unknown.setIsRequired(true); - pAttList.add(unknown); - - final PersonalAttribute eIdentifier = new PersonalAttribute(); - eIdentifier.setName("eIdentifier"); - eIdentifier.setIsRequired(true); - pAttList.add(eIdentifier); - - request.setPersonalAttributeList(pAttList); - - // new parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - STORKAttrQueryRequest req = new STORKAttrQueryRequest(); - - req = engine3.generateSTORKAttrQueryRequest(request); - - req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml()); - - assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown")); - assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier")); - - } - - /** - * Test generate Request with required elements by default - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAttrQueryRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - - IPersonalAttributeList pAttList = new PersonalAttributeList(); - - final PersonalAttribute eIdentifier = new PersonalAttribute(); - eIdentifier.setName("eIdentifier"); - eIdentifier.setIsRequired(true); - pAttList.add(eIdentifier); - - request.setPersonalAttributeList(pAttList); - - // new parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - STORKAttrQueryRequest req = new STORKAttrQueryRequest(); - STORKAttrQueryRequest reqTrue = new STORKAttrQueryRequest(); - STORKAttrQueryRequest reqFalse = new STORKAttrQueryRequest(); - - reqTrue = engine.generateSTORKAttrQueryRequest(request); - reqFalse = engine2.generateSTORKAttrQueryRequest(request); - req = engine3.generateSTORKAttrQueryRequest(request); - - String token = new String(req.getTokenSaml()); - String reqTrueToken = new String(reqTrue.getTokenSaml()); - String reqFalseToken = new String(reqFalse.getTokenSaml()); - - assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired")); - assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired")); - assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired")); - - } - - /** - * Test validating attribute query and getting alias used to save the saml trusted certificate into trustore - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - /* - * @Test public final void testValidateAtrrQueryRequestGettingItsAlias() throws STORKSAMLEngineException { - * - * final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - * - * request.setDestination(destination); request.setQaa(QAAL); request.setPersonalAttributeList(pal); - * - * IPersonalAttributeList pAttList = new PersonalAttributeList(); - * - * final PersonalAttribute eIdentifier = new PersonalAttribute(); eIdentifier.setName("eIdentifier"); eIdentifier.setIsRequired(true); pAttList.add(eIdentifier); - * - * request.setPersonalAttributeList(pAttList); - * - * // new parameters request.setSpSector(spSector); request.setSpInstitution(spInstitution); request.setSpApplication(spApplication); request.setSpCountry(spCountry); request.setSPID(spId); - * request.setCitizenCountryCode("IS"); request.setAssertionConsumerServiceURL(assertConsumerUrl); - * - * STORKAttrQueryRequest req = new STORKAttrQueryRequest(); - * - * req = engine3.generateSTORKAttrQueryRequest(request); req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml()); String prufa = req.getAlias(); - * assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); - * - * req = engine2.generateSTORKAttrQueryRequest(request); req = engine2.validateSTORKAttrQueryRequest(req.getTokenSaml()); assertTrue("The alias should match this value", - * req.getAlias().equals("local-demo2")); } - */ - - @Test - public final void testGenerateAttrQueryRequestSignDoc() throws STORKSAMLEngineException { - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - - request.setDestination(destination); - request.setQaa(QAAL); - PersonalAttributeList pal0 = new PersonalAttributeList(); - - final PersonalAttribute signDoc = new PersonalAttribute(); - signDoc.setName("docRequest"); - signDoc.setIsRequired(true); - signDoc.setValue(Arrays.asList("IS/IS/fbea6e68-0393-401b-b616-f767fff9418c")); - pal0.add(signDoc); - - request.setPersonalAttributeList(pal0); - - // new parameters - /* - * request.setEIDSectorShare(false); request.setEIDCrossSectorShare(false); request.setEIDCrossBorderShare(false); - */ - request.setAssertionConsumerServiceURL(assertConsumerUrl); - request.setSpCountry(spCountry); - - STORKAttrQueryRequest req1 = engine0.generateSTORKAttrQueryRequest(request); - byte[] reqByte = req1.getTokenSaml(); - FileOutputStream output = null; - - STORKAttrQueryRequest req2 = engine0.validateSTORKAttrQueryRequest(reqByte); - // reqByte = req2.getTokenSaml(); - - try { - // output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml")); - FileOutputStream fos; - File outputDir = new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine"); - File saveFile = new File(outputDir, "AttrQueryRequestSdoc.xml"); - fos = new FileOutputStream(saveFile); - fos.write(reqByte); - fos.flush(); - fos.close(); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(reqByte); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); - - request.setCitizenCountryCode("IS"); - LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); - } - -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java deleted file mode 100644 index 0ecca1eab..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java +++ /dev/null @@ -1,988 +0,0 @@ -package eu.stork.peps.test.simple; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; - -import java.io.File; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; - -import org.junit.Ignore; -import org.junit.Test; -import org.opensaml.xml.parse.BasicParserPool; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.commons.STORKStatusCode; -import eu.stork.peps.auth.commons.STORKSubStatusCode; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -public class StorkAttrQueryResponseTest { - - /** The engine. */ - private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); - - /** - * Gets the engine. - * - * @return the engine - */ - public static STORKSAMLEngine getEngine() { - return engine; - } - - /** - * Sets the engine. - * - * @param newEngine - * the new engine - */ - public static void setEngine(final STORKSAMLEngine newEngine) { - StorkAttrQueryResponseTest.engine = newEngine; - } - - /** The destination. */ - private static String destination; - - /** The service provider sector. */ - private static String spSector; - - /** The service provider institution. */ - private static String spInstitution; - - /** The service provider application. */ - private static String spApplication; - - /** The service provider country. */ - private static String spCountry; - - /** The service provider id. */ - private static String spId; - - /** The quality authentication assurance level. */ - private static final int QAAL = 3; - - /** The state. */ - private static String state = "IS"; - - /** The town. */ - private static String town = "Reykjavik"; - - /** The postal code. */ - private static String postalCode = "105"; - - /** The street name. */ - private static String streetName = "Gudrunartun"; - - /** The street number. */ - private static String streetNumber = "10"; - - /** The List of Personal Attributes. */ - private static IPersonalAttributeList pal; - - /** The assertion consumer URL. */ - private static String assertConsumerUrl; - - /** The attribute query request. */ - private static byte[] attrQueryRequest; - - /** The attribute query response. */ - private static byte[] attrQueryResponse; - - /** The attribute query request. */ - private static STORKAttrQueryRequest attrQueryenRequest; - - /** The attribute query response. */ - private static STORKAttrQueryResponse attrQeuryenResponse; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(StorkAttrQueryResponseTest.class.getName()); - - /** - * Instantiates a new stork response test. - */ - public StorkAttrQueryResponseTest() { - super(); - } - - /** The IP address. */ - private static String ipAddress; - - /** The destination URL. */ - private static String destinationUrl; - - /** The is hashing. */ - private final boolean isHashing = Boolean.TRUE; - - /** The is not hashing. */ - private final boolean isNotHashing = Boolean.FALSE; - - /** The ERROR text. */ - private static final String ERROR_TXT = "generateAttrQueryResponse(...) should've thrown an STORKSAMLEngineException!"; - - /** Parser manager used to parse XML. */ - private static BasicParserPool parser; - - static { - parser = new BasicParserPool(); - parser.setNamespaceAware(true); - - pal = new PersonalAttributeList(); - - PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(false); - ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - pal.add(isAgeOver); - - PersonalAttribute dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - pal.add(dateOfBirth); - - PersonalAttribute eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - List<String> eid = Arrays.asList("IS/IS/1234567890"); - eIDNumber.setValue(eid); - eIDNumber.setIsRequired(true); - pal.add(eIDNumber); - - final PersonalAttribute givenName = new PersonalAttribute(); - givenName.setName("givenName"); - givenName.setIsRequired(true); - pal.add(givenName); - - PersonalAttribute canRessAddress = new PersonalAttribute(); - canRessAddress.setName("canonicalResidenceAddress"); - canRessAddress.setIsRequired(true); - pal.add(canRessAddress); - - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName("newAttribute2"); - newAttribute.setIsRequired(true); - pal.add(newAttribute); - - destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; - assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; - spSector = "EDU001"; - spInstitution = "OXF001"; - spApplication = "APP001"; - spCountry = "EN"; - - spId = "EDU001-APP001-APP001"; - - final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); - request.setDestination(destination); - // request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // new parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("IS"); - - try { - attrQueryRequest = getEngine().generateSTORKAttrQueryRequest(request).getTokenSaml(); - - attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); - - } catch (STORKSAMLEngineException e) { - fail("Error create STORKAuthnRequest"); - } - - ipAddress = "111.222.333.444"; - - destinationUrl = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; - - pal = new PersonalAttributeList(); - - isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(true); - ages = new ArrayList<String>(); - - ages.add("16"); - ages.add("18"); - - isAgeOver.setValue(ages); - isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(isAgeOver); - - dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - final ArrayList<String> date = new ArrayList<String>(); - date.add("16/12/2008"); - dateOfBirth.setValue(date); - dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(dateOfBirth); - - eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - final ArrayList<String> idNumber = new ArrayList<String>(); - idNumber.add("123456789IS"); - eIDNumber.setValue(idNumber); - eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(eIDNumber); - - canRessAddress = new PersonalAttribute(); - canRessAddress.setName("canonicalResidenceAddress"); - canRessAddress.setIsRequired(true); - canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - final HashMap<String, String> address = new HashMap<String, String>(); - - address.put("state", state); - address.put("town", town); - address.put("postalCode", postalCode); - address.put("streetName", streetName); - address.put("streetNumber", streetNumber); - - canRessAddress.setComplexValue(address); - pal.add(canRessAddress); - - newAttribute = new PersonalAttribute(); - newAttribute.setName("newAttribute2"); - newAttribute.setIsRequired(true); - newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - final HashMap<String, String> values = new HashMap<String, String>(); - - values.put("value1", "value1"); - values.put("value2", "value2"); - values.put("value3", "value3"); - values.put("value4", "value4"); - - newAttribute.setComplexValue(values); - pal.add(newAttribute); - - } - - /** - * Test generate attribute query request without errors. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAttrQueryResponse() throws STORKSAMLEngineException { - - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setPersonalAttributeList(pal); - - final STORKAttrQueryResponse storkResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing); - - attrQueryResponse = storkResponse.getTokenSaml(); - - FileOutputStream output = null; - - try { - output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml")); - } catch (FileNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(attrQueryResponse); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse)); - - } - - /** - * Test validation id parameter mandatory. - */ - @Test - public final void testResponseMandatoryId() { - final String identifier = attrQueryenRequest.getSamlId(); - attrQueryenRequest.setSamlId(null); - - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setPersonalAttributeList(pal); - - try { - getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isHashing); - fail(ERROR_TXT); - } catch (STORKSAMLEngineException e) { - attrQueryenRequest.setSamlId(identifier); - LOG.error("Error"); - } - } - - /** - * Test generate attribute query response in response to err1. - */ - @Test - public final void testResponseMandatoryIssuer() { - - final String issuer = attrQueryenRequest.getIssuer(); - attrQueryenRequest.setIssuer(null); - - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setPersonalAttributeList(pal); - - try { - getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isHashing); - fail(ERROR_TXT); - } catch (STORKSAMLEngineException e) { - attrQueryenRequest.setIssuer(issuer); - LOG.error("Error"); - } - } - - /** - * Test generate attribute query response assertion consumer null. - */ - /* - * @Test public final void testResponseMandatoryAssertionConsumerServiceURL() { final String asserConsumerUrl = attrQueryenRequest .getAssertionConsumerServiceURL(); - * attrQueryenRequest.setAssertionConsumerServiceURL(null); - * - * final STORKAuthnResponse response = new STORKAuthnResponse(); response.setPersonalAttributeList(pal); try { getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, - * isHashing); fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); } catch (STORKSAMLEngineException e) { - * attrQueryenRequest.setAssertionConsumerServiceURL(asserConsumerUrl); LOG.error("Error"); } } - * - * /** Test generate attribute query response IP address null. - */ - @Test - public final void testResponseValidationIP() { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setPersonalAttributeList(pal); - - try { - getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, null, destinationUrl, isHashing); - fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate attribute query response with personal attribute list null. - */ - @Test - public final void testResponseMandatoryPersonalAttributeList() { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setPersonalAttributeList(null); - - try { - getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isHashing); - fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response token null. - */ - @Test - public final void testResponseInvalidParametersToken() { - try { - getEngine().validateSTORKAttrQueryResponse(null, ipAddress); - fail(ERROR_TXT); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response IP null. - */ - @Test - public final void STORKAttrQueryResponse() { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setPersonalAttributeList(pal); - try { - attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response parameter name wrong. - */ - @Test - public final void testResponseInvalidParametersAttr() { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("AttrWrong"); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response set null value into attribute. - */ - @Test - public final void testResponseInvalidParametersAttrSimpleValue() { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("isAgeOver"); - worngAttr.setValue(null); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response set null value into attribute. - */ - @Test - public final void testResponseInvalidParametersAttrNoValue() { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("isAgeOver"); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response set null value into attribute. - */ - @Test - public final void testResponseInvalidParametersAttrNoName() { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response set null complex value into attribute. - */ - @Test - public final void testResponseInvalidParametersAttrComplexValue() { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("isAgeOver"); - worngAttr.setComplexValue(null); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response IP distinct and disabled validation IP. - */ - @Test - public final void testResponseInvalidParametersIPDistinct() { - try { - // ipAddress origin "111.222.333.444" - // ipAddrValidation = false - // Subject Confirmation Bearer. - - getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, "127.0.0.1"); - } catch (STORKSAMLEngineException e) { - fail("validateAttributeQueryResponse(...) should've thrown an STORKSAMLEngineException!"); - LOG.error("Error"); - } - } - - /** - * Test response invalid parameters invalid token. - */ - @Test - public final void testResponseInvalidParametersTokenMsg() { - try { - // ipAddress origin "111.222.333.444" - // Subject Confirmation Bearer. - getEngine().validateSTORKAttrQueryResponse("errorMessage".getBytes(), ipAddress); - fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate attribute query response is fail. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - /* - * @Test public final void testValidateAuthenticationResponseIsFail() throws STORKSAMLEngineException { attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, - * ipAddress); - * - * assertFalse("Generate incorrect response: ", attrQeuryenResponse.isFail()); } - * - * /** Test validate attribute query response destination. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - @Test - public final void testValidateAuthenticationResponseDestination() throws STORKSAMLEngineException { - attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress); - - assertEquals("Destination incorrect: ", attrQeuryenResponse.getInResponseTo(), attrQueryenRequest.getSamlId()); - } - - /** - * Test validate attribute query response values. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthenticationResponseValuesComplex() throws STORKSAMLEngineException { - attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress); - - assertEquals("Country incorrect:", attrQeuryenResponse.getCountry(), "ES"); - - final Iterator<PersonalAttribute> iterator = attrQeuryenResponse.getPersonalAttributeList().iterator(); - - while (iterator.hasNext()) { - final PersonalAttribute attribute = iterator.next(); - if (attribute.getName().equalsIgnoreCase("canonicalResidenceAddress")) { - assertEquals("State incorrect: ", state, attribute.getComplexValue().get("state")); - assertEquals("Town incorrect: ", town, attribute.getComplexValue().get("town")); - assertEquals("Postal code incorrect: ", postalCode, attribute.getComplexValue().get("postalCode")); - assertEquals("Street name incorrect: ", streetName, attribute.getComplexValue().get("streetName")); - assertEquals("Street number incorrect: ", streetNumber, attribute.getComplexValue().get("streetNumber")); - } - } - } - - /** - * Test generate attribute query response fail in response to it's null. - * - * @throws STORKSAMLEngineException - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - // ( expected=STORKSAMLEngineException.class) - public final void testGenerateAttrQueryResponseFailInResponseToNull() throws STORKSAMLEngineException { - final String identifier = attrQueryenRequest.getSamlId(); - attrQueryenRequest.setSamlId(null); - - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); - response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); - response.setMessage(""); - - try { - attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - fail(ERROR_TXT); - } catch (STORKSAMLEngineException e) { - attrQueryenRequest.setSamlId(identifier); - LOG.error("Error"); - // throw new STORKSAMLEngineException(e); - } - } - - /** - * Test generate attribute query response fail assertion consumer URL err1. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - /* - * @Test public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull() throws STORKSAMLEngineException { - * - * final String assertConsumerUrl = attrQueryenRequest .getAssertionConsumerServiceURL(); attrQueryenRequest.setAssertionConsumerServiceURL(null); - * - * final STORKAuthnResponse response = new STORKAuthnResponse(); response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); - * response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); response.setMessage(""); - * - * try { attrQueryResponse = getEngine().generateSTORKAuthnResponseFail(attrQueryenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - * fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); } catch (STORKSAMLEngineException e) { - * attrQueryenRequest.setAssertionConsumerServiceURL(assertConsumerUrl); LOG.error("Error"); } } - * - * /** Test generate attribute query response fail code error err1. - * - * @throws STORKSAMLEngineException the STORKSAML engine exception - */ - @Test - public final void testGenerateAttrQueryResponseFailCodeErrorNull() throws STORKSAMLEngineException { - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setStatusCode(null); - response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); - response.setMessage(""); - - try { - attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - fail("generateAttrQueryResponseFail(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate attribute query request without errors. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAttrQueryResponse() throws STORKSAMLEngineException { - - IPersonalAttributeList palist = new PersonalAttributeList(); - - PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(true); - ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - palist.add(isAgeOver); - - PersonalAttribute dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - final ArrayList<String> date = new ArrayList<String>(); - date.add("16/12/2008"); - dateOfBirth.setValue(date); - dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - palist.add(dateOfBirth); - - PersonalAttribute eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - - final ArrayList<String> idNumber = new ArrayList<String>(); - idNumber.add("123456789PÑ"); - - final HashMap<String, String> complex = new HashMap<String, String>(); - complex.put("one", "two"); - - // eIDNumber.setValue(null); - // eIDNumber.setValue(idNumber); - // eIDNumber.setComplexValue(complex); - - eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString()); - palist.add(eIDNumber); - - PersonalAttribute canRessAddress = new PersonalAttribute(); - canRessAddress.setName("canonicalResidenceAddress"); - canRessAddress.setIsRequired(true); - canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - final HashMap<String, String> address = new HashMap<String, String>(); - - address.put("state", state); - address.put("town", town); - address.put("postalCode", postalCode); - address.put("streetName", streetName); - address.put("streetNumber", streetNumber); - - canRessAddress.setComplexValue(address); - palist.add(canRessAddress); - - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - - response.setPersonalAttributeList(palist); - - final STORKAttrQueryResponse storkResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing); - - attrQueryResponse = storkResponse.getTokenSaml(); - LOG.info("Request id: " + attrQueryenRequest.getSamlId()); - - LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse)); - - attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress); - - LOG.info("RESPONSE ID: " + attrQeuryenResponse.getSamlId()); - LOG.info("RESPONSE IN_RESPONSE_TO: " + attrQeuryenResponse.getInResponseTo()); - LOG.info("RESPONSE COUNTRY: " + attrQeuryenResponse.getCountry()); - - } - - /** - * Test validate attribute query response fail is fail. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAttrQueryResponseFailIsFail() throws STORKSAMLEngineException { - - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); - response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); - response.setMessage("message"); - - attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); - - LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(attrQueryResponse)); - - attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress); - - LOG.info("COUNTRY: " + attrQeuryenResponse.getCountry()); - assertTrue("Generate incorrect response: ", attrQeuryenResponse.isFail()); - } - - /** - * Test generate/validate response with signedDoc - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAttrQueryResponseWithSignedDoc() throws STORKSAMLEngineException { - - String signedDocResponse = "<dss:SignResponse xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"123456\"> <dss:Result> <dss:ResultMajor>urn:oasis:names:tc:dss:1.0:resultmajor:Success</dss:ResultMajor> </dss:Result> <dss:SignatureObject> <dss:Base64Signature Type=\"urn:ietf:rfc:3275\">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+</dss:Base64Signature> </dss:SignatureObject> </dss:SignResponse>"; - - IPersonalAttributeList palist = new PersonalAttributeList(); - - PersonalAttribute signedDoc = new PersonalAttribute(); - signedDoc.setName("signedDoc"); - signedDoc.setIsRequired(false); - ArrayList<String> signed = new ArrayList<String>(); - signed.add(signedDocResponse); - signedDoc.setValue(signed); - palist.add(signedDoc); - - PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(false); - ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - palist.add(isAgeOver); - - attrQueryenRequest.setPersonalAttributeList(palist); - - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - - response.setPersonalAttributeList(palist); - - final STORKAttrQueryResponse storkResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, destinationUrl, isNotHashing); - - attrQueryResponse = storkResponse.getTokenSaml(); - attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress); - - assertTrue("SignedDoc response should be the same: ", attrQeuryenResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0).equals(signedDocResponse)); - - } - - @Test - public final void testEncodeDecode() { - STORKAttrQueryRequest attrRequest = new STORKAttrQueryRequest(); - STORKAttrQueryRequest request; - IPersonalAttributeList list = null; - boolean outcome = false; - - try { - // STEP 1: Create the STORKAttrQueryRequest and get the SAML bytes - attrRequest.setSpSector("NOT AVAILABLE"); - attrRequest.setSpInstitution("NOT AVAILABLE"); - attrRequest.setSpApplication("NOT AVAILABLE"); - attrRequest.setSpCountry("NOT AVAILABLE"); - - attrRequest.setIssuer("123"); - attrRequest.setDestination("456"); - attrRequest.setAssertionConsumerServiceURL("789"); - attrRequest.setQaa(2); - attrRequest.setPersonalAttributeList(pal); - - System.out.println("Original PAL:"); - System.out.println(pal.toString()); - - attrRequest = engine.generateSTORKAttrQueryRequest(attrRequest); - - byte[] saml = attrRequest.getTokenSaml(); - - // STEP 2: RE-Create the STORKAttrQueryRequest from the SAML bytes - request = engine.validateSTORKAttrQueryRequest(saml); - - System.out.println("STORKAttrQueryRequest Issuer: " + request.getIssuer()); - System.out.println("STORKAttrQueryRequest Destination: " + request.getDestination()); - System.out.println("STORKAttrQueryRequest ServiceURL: " + request.getAssertionConsumerServiceURL()); - System.out.println("STORKAttrQueryRequest Attributes: " + request.getPersonalAttributeList().toString()); - System.out.println("STORKAttrQueryRequest QAA: " + request.getQaa()); - // ------------------------------ - list = request.getPersonalAttributeList(); - - List<String> values = new ArrayList<String>(); - values.add("test1"); - values.add("test2"); - values.add("test3"); - list.get("newAttribute2").setValue(values); - - System.out.println("Values added in newAttribute2 PAL:"); - System.out.println(list.toString()); - - // //////////////////////////////////////////////////////////////////////// - final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); - response.setPersonalAttributeList(list); - - final STORKAttrQueryResponse storkResponse = engine.generateSTORKAttrQueryResponse(request, response, "127.0.0.1", request.getAssertionConsumerServiceURL(), false); - - byte[] samlBytes = storkResponse.getTokenSaml(); - - // STEP 3: RE-Create the STORKAttrQueryResponse from the SAML bytes - STORKAttrQueryResponse attrResponse = null; - attrResponse = engine.validateSTORKAttrQueryResponse(samlBytes, "127.0.0.1"); - - System.out.println("Response decoded PAL:"); - System.out.println(attrResponse.getPersonalAttributeList().toString()); - - values = attrResponse.getPersonalAttributeList().get("newAttribute2").getValue(); - if (values.contains("test1") && values.contains("test2") && values.contains("test3")) - outcome = true; - } catch (final STORKSAMLEngineException e) { - LOG.error("Errror genereating SAML Token for Authentication Request", e); - } - - assertTrue(outcome); - } - - @Test - public final void testGenerateAttrRequestWithMultipleAssertions() throws STORKSAMLEngineException { - STORKAttrQueryRequest req = null; - STORKAttrQueryResponse res0 = null; - STORKAttrQueryResponse res1 = null; - STORKAttrQueryResponse res2 = null; - STORKAttrQueryResponse res = null; - STORKAttrQueryResponse restotal = null; - - try { - req = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); - - attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); - - } catch (STORKSAMLEngineException e) { - fail("Error validating STORKAuthnRequest"); - } - - IPersonalAttributeList pList = req.getPersonalAttributeList(); - for (int i = 0; i < pList.size(); i++) { - PersonalAttribute attr = pList.get("dateOfBirth"); - attr.setValue(Arrays.asList("19820919")); - pList.remove("dateOfBirth"); - pList.add(attr); - PersonalAttribute attr1 = pList.get("givenName"); - attr1.setValue(Arrays.asList("Sveinborn Oskarsson")); - pList.remove("givenName"); - pList.add(attr1); - PersonalAttribute attr2 = pList.get("isAgeOver"); - attr2.setValue(Arrays.asList("true")); - pList.remove("isAgeOver"); - pList.add(attr2); - } - - res = new STORKAttrQueryResponse(); - res.setPersonalAttributeList(pList); - - STORKAttrQueryResponse storkResponse = getEngine().generateSTORKAttrQueryResponse(req, res, ipAddress, destinationUrl, isNotHashing); - - res0 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress); - - storkResponse = getEngine().generateSTORKAttrQueryResponse(req, res, ipAddress, destinationUrl, isNotHashing); - res1 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress); - - storkResponse = getEngine().generateSTORKAttrQueryResponse(req, res, ipAddress, destinationUrl, isNotHashing); - res2 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress); - - List<STORKAttrQueryResponse> responses = new ArrayList(); - responses.add(res0); - responses.add(res1); - responses.add(res2); - - STORKAttrQueryResponse resfinal = new STORKAttrQueryResponse(); - storkResponse = getEngine().generateSTORKAttrQueryResponseWithAssertions(req, resfinal, responses, ipAddress, destinationUrl, isNotHashing); - - attrQueryResponse = storkResponse.getTokenSaml(); - FileOutputStream output = null; - try { - output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryMultiAssertResponse.xml")); - } catch (FileNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(attrQueryResponse); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - res = null; - res = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress); - System.out.println(res.getTotalPersonalAttributeList().toString()); - assertNotNull(res); - } -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java deleted file mode 100644 index d476ad26e..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java +++ /dev/null @@ -1,947 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.test.simple; - -import static org.junit.Assert.*; - -import java.util.ArrayList; - -import org.junit.Ignore; -import org.junit.Test; -import org.opensaml.xml.parse.BasicParserPool; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.*; -import eu.stork.peps.auth.commons.*; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * The Class StorkAuthRequestTest defines a class to . - */ -public class StorkAuthRequestTest { - - /** The engines. */ - private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); - private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); - private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); - - /** - * Instantiates a new stork authentication request test. - */ - public StorkAuthRequestTest() { - pal = new PersonalAttributeList(); - - final PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(true); - final ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - pal.add(isAgeOver); - - final PersonalAttribute dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - pal.add(dateOfBirth); - - final PersonalAttribute eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - pal.add(eIDNumber); - - final PersonalAttribute LPFiscalNumber = new PersonalAttribute(); - LPFiscalNumber.setName("LPFiscalNumber"); - LPFiscalNumber.setIsRequired(true); - pal.add(LPFiscalNumber); - - destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; - assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; - - spName = "University of Oxford"; - spSector = "EDU001"; - spInstitution = "OXF001"; - spApplication = "APP001"; - spCountry = "EN"; - - spId = "EDU001-OXF001-APP001"; - - } - - /** The destination. */ - private String destination; - - /** The service provider name. */ - private String spName; - - /** The service provider sector. */ - private String spSector; - - /** The service provider institution. */ - private String spInstitution; - - /** The service provider application. */ - private String spApplication; - - /** The service provider country. */ - private String spCountry; - - /** The service provider id. */ - private String spId; - - /** The quality authentication assurance level. */ - private static final int QAAL = 3; - - /** The List of Personal Attributes. */ - private IPersonalAttributeList pal; - - /** The assertion consumer URL. */ - private String assertConsumerUrl; - - /** The authentication request. */ - private static byte[] authRequest; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(StorkAuthRequestTest.class.getName()); - - /** Parser manager used to parse XML. */ - private static BasicParserPool parser; - - static { - parser = new BasicParserPool(); - parser.setNamespaceAware(true); - } - - /** - * Test generate authentication request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthnRequest() throws STORKSAMLEngineException { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // new parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - // engine.generateSTORKAuthnRequest(request); - - LOG.info("STORKAuthnRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml())); - request.setCitizenCountryCode("ES"); - LOG.info("STORKAuthnRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml())); - } - - /** - * Test generate authentication request error personal attribute name error. - */ - @Test - public final void testGenerateAuthnRequestPALsErr1() { - - final IPersonalAttributeList palWrong = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("attrNotValid"); - worngAttr.setIsRequired(true); - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(palWrong); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request error personal attribute value error. - */ - @Test - public final void testGenerateAuthnRequestPALsErr2() { - - final IPersonalAttributeList palWrong = new PersonalAttributeList(); - - final PersonalAttribute attrNotValid = new PersonalAttribute(); - attrNotValid.setName("attrNotValid"); - attrNotValid.setIsRequired(true); - palWrong.add(attrNotValid); - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(palWrong); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request error provider name null. - */ - @Test - public final void testGenerateAuthnRequestSPNAmeErr1() { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(null); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request authentication assurance level negative value. - */ - @Test - public final void testGenerateAuthnRequestQaalErr1() { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(-1); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - - try { - engine.generateSTORKAuthnRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request service provider sector null. - */ - @Test - public final void testGenerateAuthnRequestSectorErr() { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(null); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - - } - } - - /** - * Test generate authentication request service provider institution null. - */ - @Test - public final void testGenerateAuthnRequestInstitutionrErr() { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(null); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } - } - - /** - * Test generate authentication request service provider application null. - */ - @Test - public final void testGenerateAuthnRequestApplicationErr() { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(null); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } - } - - /** - * Test generate authentication request service provider country null. - */ - @Test - public final void testGenerateAuthnRequestCountryErr() { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(null); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - LOG.error("Error"); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request error with quality authentication assurance level wrong. - */ - @Test - public final void testGenerateAuthnRequestQaalErr2() { - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(0); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request personal attribute list null value. - */ - @Test - public final void testGenerateAuthnRequestPALErr1() { - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(null); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request error with assertion consumer URL null. - */ - @Test - public final void testGenerateAuthnRequestAssertionConsumerErr1() { - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(null); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - engine.generateSTORKAuthnRequest(request); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication request null parameter. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthnRequestNullParam() throws STORKSAMLEngineException { - try { - engine.validateSTORKAuthnRequest(null); - fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication request error bytes encode. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthnRequestErrorEncode() throws STORKSAMLEngineException { - try { - engine.validateSTORKAuthnRequest("messageError".getBytes()); - fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthnRequest() throws STORKSAMLEngineException { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - authRequest = engine.generateSTORKAuthnRequest(request).getTokenSaml(); - - final STORKAuthnRequest validatedRequest = engine.validateSTORKAuthnRequest(authRequest); - - assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false); - assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false); - assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false); - - } - - /** - * Test validate data authenticate request. Verified parameters after validation. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateDataAuthnRequest() throws STORKSAMLEngineException { - - final STORKAuthnRequest request = engine.validateSTORKAuthnRequest(authRequest); - - assertEquals("Sestination incorrect: ", request.getDestination(), destination); - - assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false); - assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false); - assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false); - - assertEquals("Service provider incorrect: ", request.getProviderName(), spName); - assertEquals("QAAL incorrect: ", request.getQaa(), QAAL); - assertEquals("SPSector incorrect: ", request.getSpSector(), spSector); - assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null); - assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication); - assertEquals("Asserition consumer URL incorrect: ", request.getAssertionConsumerServiceURL(), assertConsumerUrl); - - assertEquals("SP Country incorrect: ", request.getSpCountry(), spCountry); - assertEquals("SP Id incorrect: ", request.getSPID(), spId); - assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), "ES"); - - } - - /** - * Test validate file authentication request. Validate from XML file. - * - * @throws Exception - * the exception - */ - @Test - public final void testValidateFileAuthnRequest() throws Exception { - - final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml"); - - try { - engine.validateSTORKAuthnRequest(bytes); - fail("testValidateFileAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error(e.getMessage()); - } - } - - /** - * Test validate file authentication request tag delete. - * - * @throws Exception - * the exception - */ - @Test - public final void testValidateFileAuthnRequestTagDelete() throws Exception { - - final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml"); - - try { - engine.validateSTORKAuthnRequest(bytes); - fail("validateSTORKAuthnRequest(...) should have thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error(e.getMessage()); - - } - } - - /** - * Test validate authentication request not trusted token. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthnRequestNotTrustedErr1() throws STORKSAMLEngineException { - - try { - final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine.getInstance("CONF2"); - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - - final byte[] authReqNotTrust = engineNotTrusted.generateSTORKAuthnRequest(request).getTokenSaml(); - - engine.validateSTORKAuthnRequest(authReqNotTrust); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - fail("validateSTORKAuthnRequestNotTrusted(...) should not have thrown an STORKSAMLEngineException!"); - } - } - - /** - * Test validate authentication request trusted. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthnRequestTrusted() throws STORKSAMLEngineException { - - final STORKSAMLEngine engineTrusted = STORKSAMLEngine.getInstance("CONF3"); - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - - final byte[] authReqNotTrust = engineTrusted.generateSTORKAuthnRequest(request).getTokenSaml(); - - // engine ("CONF1") no have trust certificate from "CONF2" - engine.validateSTORKAuthnRequest(authReqNotTrust); - - } - - /** - * Test generate authentication request service provider application null. - */ - @Test - public final void testGenerateAuthnRequestNADA() { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(null); - request.setSpInstitution(null); - request.setSpApplication(null); - request.setSpCountry(null); - - try { - - engine.validateSTORKAuthnRequest(authRequest); - - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); - } - } - - /** - * Test validate authentication request with unknown elements. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthnRequestWithUnknownElements() throws STORKSAMLEngineException { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - IPersonalAttributeList pAttList = new PersonalAttributeList(); - - final PersonalAttribute unknown = new PersonalAttribute(); - unknown.setName("unknown"); - unknown.setIsRequired(true); - pAttList.add(unknown); - - final PersonalAttribute eIdentifier = new PersonalAttribute(); - eIdentifier.setName("eIdentifier"); - eIdentifier.setIsRequired(true); - pAttList.add(eIdentifier); - - request.setPersonalAttributeList(pAttList); - - // new parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - STORKAuthnRequest req = new STORKAuthnRequest(); - - req = engine3.generateSTORKAuthnRequest(request); - - req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); - - assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown")); - assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier")); - - } - - /** - * Test generate Request with required elements by default - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthnRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - IPersonalAttributeList pAttList = new PersonalAttributeList(); - - final PersonalAttribute eIdentifier = new PersonalAttribute(); - eIdentifier.setName("eIdentifier"); - eIdentifier.setIsRequired(true); - pAttList.add(eIdentifier); - - request.setPersonalAttributeList(pAttList); - - // new parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - STORKAuthnRequest req = new STORKAuthnRequest(); - STORKAuthnRequest reqTrue = new STORKAuthnRequest(); - STORKAuthnRequest reqFalse = new STORKAuthnRequest(); - - reqTrue = engine.generateSTORKAuthnRequest(request); - reqFalse = engine2.generateSTORKAuthnRequest(request); - req = engine3.generateSTORKAuthnRequest(request); - - String token = new String(req.getTokenSaml()); - String reqTrueToken = new String(reqTrue.getTokenSaml()); - String reqFalseToken = new String(reqFalse.getTokenSaml()); - - assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired")); - assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired")); - assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired")); - - } - - /** - * Test validating request and getting alias used to save the saml trusted certificate into trustore - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthnRequestGettingItsAlias() throws STORKSAMLEngineException { - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - IPersonalAttributeList pAttList = new PersonalAttributeList(); - - final PersonalAttribute eIdentifier = new PersonalAttribute(); - eIdentifier.setName("eIdentifier"); - eIdentifier.setIsRequired(true); - pAttList.add(eIdentifier); - - request.setPersonalAttributeList(pAttList); - - // new parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - STORKAuthnRequest req = new STORKAuthnRequest(); - - req = engine3.generateSTORKAuthnRequest(request); - req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); - assertTrue("The alias should match this value", req.getAlias().equals("local-demo-cert")); - - req = engine2.generateSTORKAuthnRequest(request); - req = engine2.validateSTORKAuthnRequest(req.getTokenSaml()); - assertTrue("The alias should match this value", req.getAlias().equals("local-demo-cert")); - - } - - /** - * Test generating/validating request with signedDoc - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthnRequestWithSignedDoc() throws STORKSAMLEngineException { - - String signedDocRequest = "<dss:SignRequest xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"_d96b62a87d18f1095170c1f44c90b5fd\"><dss:InputDocuments><dss:Document><dss:Base64Data MimeType=\"text/plain\">VGVzdCB0ZXh0</dss:Base64Data></dss:Document></dss:InputDocuments></dss:SignRequest>"; - - final STORKAuthnRequest request = new STORKAuthnRequest(); - - PersonalAttributeList paler = new PersonalAttributeList(); - - final PersonalAttribute eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - paler.add(eIDNumber); - - final PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(true); - final ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - paler.add(isAgeOver); - - final PersonalAttribute signedDoc = new PersonalAttribute(); - signedDoc.setName("signedDoc"); - final ArrayList<String> signedDocs = new ArrayList<String>(); - signedDocs.add(signedDocRequest); - signedDoc.setValue(signedDocs); - signedDoc.setIsRequired(false); - paler.add(signedDoc); - - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(paler); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // new parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - STORKAuthnRequest req = new STORKAuthnRequest(); - - req = engine.generateSTORKAuthnRequest(request); - req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); - - assertTrue("SignedDoc request should be the same: ", req.getPersonalAttributeList().get("signedDoc").getValue().get(0).equals(signedDocRequest)); - - } - -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java deleted file mode 100644 index e05c660ea..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java +++ /dev/null @@ -1,88 +0,0 @@ -package eu.stork.peps.test.simple; - -import java.io.File; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; - -import org.junit.Test; -import org.opensaml.xml.parse.BasicParserPool; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKLogoutRequest; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -public class StorkLogoutRequestTest { - - /** The engines. */ - private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); - private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); - private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); - private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); - - public StorkLogoutRequestTest() { - destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; - spUserId = "IS/IS/1234567890"; - } - - /** The destination. */ - private String destination; - - /** The user id. */ - private String spUserId; - - /** The logout request. */ - private static byte[] logoutRequest; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(StorkLogoutRequestTest.class.getName()); - - /** Parser manager used to parse XML. */ - private static BasicParserPool parser; - - static { - parser = new BasicParserPool(); - parser.setNamespaceAware(true); - } - - /** - * Test generate authentication request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateLogoutRequest() throws STORKSAMLEngineException { - - final STORKLogoutRequest request = new STORKLogoutRequest(); - - request.setDestination(destination); - - request.setSpProvidedId(spUserId); - - STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request); - byte[] reqByte = req1.getTokenSaml(); - FileOutputStream output = null; - - try { - output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutRequest.xml")); - } catch (FileNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(reqByte); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKLogoutRequest(request).getTokenSaml())); - - LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKLogoutRequest(request).getTokenSaml())); - } - -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java deleted file mode 100644 index b9907002a..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java +++ /dev/null @@ -1,141 +0,0 @@ -package eu.stork.peps.test.simple; - -import static org.junit.Assert.*; - -import java.io.File; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; - -import junit.framework.Assert; - -import org.junit.Test; -import org.opensaml.xml.parse.BasicParserPool; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.commons.STORKLogoutRequest; -import eu.stork.peps.auth.commons.STORKLogoutResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -public class StorkLogoutResponseTest { - - /** The engines. */ - private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); - private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); - private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); - private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); - - public StorkLogoutResponseTest() { - destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; - spUserId = "IS/IS/1234567890"; - } - - /** The destination. */ - private String destination; - - /** The user id. */ - private String spUserId; - - /** The logout request. */ - private static byte[] logoutRequest; - - /** The logout response. */ - private static byte[] logoutResponse; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(StorkLogoutResponseTest.class.getName()); - - /** Parser manager used to parse XML. */ - private static BasicParserPool parser; - - static { - parser = new BasicParserPool(); - parser.setNamespaceAware(true); - } - - /** - * Test generate authentication request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateLogoutRequest() throws STORKSAMLEngineException { - - final STORKLogoutRequest request = new STORKLogoutRequest(); - - final STORKLogoutResponse response = new STORKLogoutResponse(); - - request.setDestination(destination); - response.setDestination(destination); - - request.setSpProvidedId(spUserId); - - STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request); - - STORKLogoutResponse res = engine0.generateSTORKLogoutResponse(req1, response); - - byte[] reqByte = res.getTokenSaml(); - FileOutputStream output = null; - - try { - output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutResponse.xml")); - } catch (FileNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(reqByte); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - assertNotNull(reqByte); - } - - /** - * Test generate authentication request. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateLogoutRequestFail() throws STORKSAMLEngineException { - - final STORKLogoutRequest request = new STORKLogoutRequest(); - - final STORKLogoutResponse response = new STORKLogoutResponse(); - - request.setDestination(destination); - response.setDestination(destination); - response.setStatusMessage("User not found."); - response.setStatusCode("1234"); - request.setSpProvidedId(spUserId); - - STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request); - - STORKLogoutResponse res = engine0.generateSTORKLogoutResponseFail(req1, response); - - byte[] reqByte = res.getTokenSaml(); - FileOutputStream output = null; - - try { - output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutResponseFail.xml")); - } catch (FileNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(reqByte); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - assertNotNull(reqByte); - } - -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java deleted file mode 100644 index 876c2c14d..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java +++ /dev/null @@ -1,510 +0,0 @@ -package eu.stork.peps.test.simple; - -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.fail; - -import java.io.File; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; - -import org.junit.Test; -import org.opensaml.xml.parse.BasicParserPool; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.commons.STORKStatusCode; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -public class StorkNewResponseTest { - /** The engine. */ - private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); - private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); - - /** - * Gets the engine. - * - * @return the engine - */ - public static STORKSAMLEngine getEngine() { - return engine; - } - - public static STORKSAMLEngine getEngine2() { - return engine0; - } - - /** - * Sets the engine. - * - * @param newEngine - * the new engine - */ - public static void setEngine(final STORKSAMLEngine newEngine) { - StorkNewResponseTest.engine = newEngine; - } - - /** The destination. */ - private static String destination; - - /** The service provider name. */ - private static String spName; - - /** The service provider sector. */ - private static String spSector; - - /** The service provider institution. */ - private static String spInstitution; - - /** The service provider application. */ - private static String spApplication; - - /** The service provider country. */ - private static String spCountry; - - /** The service provider id. */ - private static String spId; - - /** The quality authentication assurance level. */ - private static final int QAAL = 3; - - /** The state. */ - private static String state = "ES"; - - /** The town. */ - private static String town = "Madrid"; - - /** The municipality code. */ - private static String municipalityCode = "MA001"; - - /** The postal code. */ - private static String postalCode = "28038"; - - /** The street name. */ - private static String streetName = "Marchamalo"; - - /** The street number. */ - private static String streetNumber = "3"; - - /** The apartament number. */ - private static String apartamentNumber = "5º E"; - - /** The List of Personal Attributes. */ - private static IPersonalAttributeList pal; - - /** The List of Personal Attributes. */ - private static IPersonalAttributeList pal2; - - /** The assertion consumer URL. */ - private static String assertConsumerUrl; - - /** The authentication request. */ - private static byte[] authRequest; - - /** The authentication response. */ - private static byte[] authResponse; - - /** The authentication request. */ - private static STORKAuthnRequest authenRequest; - - /** The authentication response. */ - private static STORKAuthnResponse authnResponse; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(StorkResponseTest.class.getName()); - - /** - * Instantiates a new stork response test. - */ - public StorkNewResponseTest() { - super(); - } - - /** The IP address. */ - private static String ipAddress; - - /** The is hashing. */ - private final boolean isHashing = Boolean.TRUE; - - /** The is not hashing. */ - private final boolean isNotHashing = Boolean.FALSE; - - /** The ERROR text. */ - private static final String ERROR_TXT = "generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"; - - /** Parser manager used to parse XML. */ - private static BasicParserPool parser; - - /** The attribute query request. */ - private static STORKAttrQueryRequest attrQueryenRequest; - - /** The attribute query response. */ - private static STORKAttrQueryResponse attrQeuryenResponse; - - /** The attribute query request. */ - private static byte[] attrQueryRequest; - - /** The attribute query response. */ - private static byte[] attrQueryResponse; - - static { - parser = new BasicParserPool(); - parser.setNamespaceAware(true); - - pal = new PersonalAttributeList(); - pal2 = new PersonalAttributeList(); - - PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(false); - ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - pal.add(isAgeOver); - - PersonalAttribute dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - pal.add(dateOfBirth); - - PersonalAttribute eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - pal.add(eIDNumber); - - final PersonalAttribute givenName = new PersonalAttribute(); - givenName.setName("givenName"); - givenName.setIsRequired(true); - pal.add(givenName); - - PersonalAttribute canRessAddress = new PersonalAttribute(); - canRessAddress.setName("canonicalResidenceAddress"); - canRessAddress.setIsRequired(true); - pal.add(canRessAddress); - - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName("newAttribute2"); - newAttribute.setIsRequired(true); - pal.add(newAttribute); - - PersonalAttribute hasDegree = new PersonalAttribute(); - hasDegree.setName("hasDegree"); - List<String> vals = new ArrayList<String>(); - vals.add("Engineering"); - vals.add("Computer Science"); - hasDegree.setValue(vals); - pal2.add(hasDegree); - - PersonalAttribute mandate = new PersonalAttribute(); - mandate.setName("mandateContent"); - List<String> manvalues = new ArrayList<String>(); - manvalues.add("Powers"); - mandate.setValue(manvalues); - pal2.add(mandate); - - destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; - assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; - spName = "University Oxford"; - - spName = "University of Oxford"; - spSector = "EDU001"; - spInstitution = "OXF001"; - spApplication = "APP001"; - spCountry = "EN"; - - spId = "EDU001-APP001-APP001"; - - final STORKAuthnRequest request = new STORKAuthnRequest(); - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - authRequest = getEngine().generateSTORKAuthnRequest(request).getTokenSaml(); - - authenRequest = getEngine().validateSTORKAuthnRequest(authRequest); - - } catch (STORKSAMLEngineException e) { - fail("Error create STORKAuthnRequest"); - } - - ipAddress = "111.222.333.444"; - - pal = new PersonalAttributeList(); - - isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(true); - ages = new ArrayList<String>(); - - ages.add("16"); - ages.add("18"); - - isAgeOver.setValue(ages); - isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(isAgeOver); - - dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - final ArrayList<String> date = new ArrayList<String>(); - date.add("16/12/2008"); - dateOfBirth.setValue(date); - dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(dateOfBirth); - - eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - final ArrayList<String> idNumber = new ArrayList<String>(); - idNumber.add("123456789PA"); - eIDNumber.setValue(idNumber); - eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(eIDNumber); - - canRessAddress = new PersonalAttribute(); - canRessAddress.setName("canonicalResidenceAddress"); - canRessAddress.setIsRequired(true); - canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - final HashMap<String, String> address = new HashMap<String, String>(); - - address.put("state", state); - address.put("municipalityCode", municipalityCode); - address.put("town", town); - address.put("postalCode", postalCode); - address.put("streetName", streetName); - address.put("streetNumber", streetNumber); - address.put("apartamentNumber", apartamentNumber); - - canRessAddress.setComplexValue(address); - pal.add(canRessAddress); - - newAttribute = new PersonalAttribute(); - newAttribute.setName("newAttribute2"); - newAttribute.setIsRequired(true); - newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - final HashMap<String, String> values = new HashMap<String, String>(); - - values.put("value1", "value1"); - values.put("value2", "value2"); - values.put("value3", "value3"); - values.put("value4", "value4"); - - newAttribute.setComplexValue(values); - pal.add(newAttribute); - - final STORKAttrQueryRequest arequest = new STORKAttrQueryRequest(); - arequest.setDestination(destination); - // request.setProviderName(spName); - arequest.setQaa(QAAL); - arequest.setPersonalAttributeList(pal2); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - arequest.setSpSector(spSector); - arequest.setSpInstitution(spInstitution); - arequest.setSpApplication(spApplication); - arequest.setSpCountry(spCountry); - arequest.setSPID(spId); - arequest.setCitizenCountryCode("IS"); - arequest.setAssertionConsumerServiceURL(assertConsumerUrl); - - try { - attrQueryRequest = getEngine().generateSTORKAttrQueryRequest(arequest).getTokenSaml(); - - attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); - - } catch (STORKSAMLEngineException e) { - fail("Error create STORKAuthnRequest"); - } - - } - - /** - * Test generate authentication request without errors. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthnResponseWithSimpleRes() throws STORKSAMLEngineException { - - // Create the response holding pal - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(pal); - - // List of query responses - List<STORKAttrQueryResponse> resList = new ArrayList<STORKAttrQueryResponse>(); - - final STORKAttrQueryResponse aResponse1 = new STORKAttrQueryResponse(); - aResponse1.setPersonalAttributeList(pal2); - - final STORKAttrQueryResponse aStorkResponse1 = getEngine2().generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse1, ipAddress, destination, isNotHashing); - - attrQueryResponse = aStorkResponse1.getTokenSaml(); - - resList.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); - - final STORKAttrQueryResponse aResponse2 = new STORKAttrQueryResponse(); - aResponse2.setPersonalAttributeList(pal2); - - final STORKAttrQueryResponse aStorkResponse2 = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse2, ipAddress, destination, isNotHashing); - - attrQueryResponse = aStorkResponse2.getTokenSaml(); - - resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); - - // Create the final response containing query responses - final STORKAuthnResponse storkResponse = getEngine().generateSTORKAuthnResponseAfterQuery(authenRequest, response, ipAddress, isNotHashing, resList); - - authResponse = storkResponse.getTokenSaml(); - - // Validate, write out and print out the attribute lists a - STORKAuthnResponse finalResponse = getEngine().validateSTORKAuthnResponseWithQuery(authResponse, ipAddress); - System.out.println("The original pal: " + finalResponse.getPersonalAttributeList().toString()); - for (int i = 0; i < finalResponse.getPersonalAttributeLists().size(); i++) { - System.out.println("Pal " + Integer.toString(i) + ": " + finalResponse.getPersonalAttributeLists().get(i).toString()); - } - System.out.println("The total pal: " + finalResponse.getTotalPersonalAttributeList().toString()); - - FileOutputStream output = null; - - try { - output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthAttrQResponse.xml")); - } catch (FileNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(authResponse); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - /** - * Test generate authentication request without errors. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthnResponseWithComplexRes() throws STORKSAMLEngineException { - - // Create the response holding pal - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(pal); - - // Create a list for the attribute query responses we have - List<STORKAttrQueryResponse> resList = new ArrayList<STORKAttrQueryResponse>(); - - // Create the first attribute query response - final STORKAttrQueryResponse aResponse1 = new STORKAttrQueryResponse(); - aResponse1.setPersonalAttributeList(pal2); - - // Generate the first response - final STORKAttrQueryResponse aStorkResponse1 = getEngine2().generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse1, ipAddress, destination, isNotHashing); - - attrQueryResponse = aStorkResponse1.getTokenSaml(); - - // Validate it and add to the response list - resList.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); - - // Create a second response like the first - final STORKAttrQueryResponse aResponse2 = new STORKAttrQueryResponse(); - aResponse2.setPersonalAttributeList(pal2); - - final STORKAttrQueryResponse aStorkResponse2 = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse2, ipAddress, destination, isNotHashing); - - attrQueryResponse = aStorkResponse2.getTokenSaml(); - - resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); - - // Create a attribute query response which contains multiple assertions from an AP - final STORKAttrQueryResponse aResponseMulti = new STORKAttrQueryResponse(); - aResponseMulti.setPersonalAttributeList(pal2); - - // Create a list for the responses which the multiple assertion response will hold - List<STORKAttrQueryResponse> multiResponses = new ArrayList(); - - // Create two more simple responses which the multi assertion response will hold - final STORKAttrQueryResponse aResponse3 = new STORKAttrQueryResponse(); - aResponse3.setPersonalAttributeList(pal2); - - final STORKAttrQueryResponse aStorkResponse3 = getEngine2().generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse3, ipAddress, destination, isNotHashing); - - attrQueryResponse = aStorkResponse3.getTokenSaml(); - // Validate and add to the multi response - multiResponses.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); - - final STORKAttrQueryResponse aResponse4 = new STORKAttrQueryResponse(); - aResponse4.setPersonalAttributeList(pal2); - - final STORKAttrQueryResponse aStorkResponse4 = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse4, ipAddress, destination, isNotHashing); - - attrQueryResponse = aStorkResponse4.getTokenSaml(); - - multiResponses.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); - - // Generate the multi assertion query response - final STORKAttrQueryResponse aStorkResponseMulti = getEngine().generateSTORKAttrQueryResponseWithAssertions(attrQueryenRequest, aResponseMulti, multiResponses, ipAddress, destination, - isNotHashing); - - attrQueryResponse = aStorkResponseMulti.getTokenSaml(); - - // Add to the list of query responses - resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); - - // Generate the stork response with all the query responses - final STORKAuthnResponse storkResponse = getEngine().generateSTORKAuthnResponseAfterQuery(authenRequest, response, ipAddress, isNotHashing, resList); - - authResponse = storkResponse.getTokenSaml(); - - // Validate it, write out and print out the personal attribute lists - STORKAuthnResponse finalResponse = getEngine().validateSTORKAuthnResponseWithQuery(authResponse, ipAddress); - System.out.println("The original pal: " + finalResponse.getPersonalAttributeList().toString()); - for (int i = 0; i < finalResponse.getPersonalAttributeLists().size(); i++) { - System.out.println("Pal " + Integer.toString(i) + ": " + finalResponse.getPersonalAttributeLists().get(i).toString()); - } - System.out.println("The total pal: " + finalResponse.getTotalPersonalAttributeList().toString()); - - FileOutputStream output = null; - - try { - output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthAttrQMultiAssertResponse.xml")); - } catch (FileNotFoundException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - try { - output.write(authResponse); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - assertNotNull(finalResponse); - } -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java deleted file mode 100644 index d09ed7648..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java +++ /dev/null @@ -1,873 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -package eu.stork.peps.test.simple; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; - -import org.junit.Ignore; -import org.junit.Test; -import org.opensaml.xml.parse.BasicParserPool; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.commons.STORKStatusCode; -import eu.stork.peps.auth.commons.STORKSubStatusCode; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * The Class AuthRequestTest. - */ -public class StorkResponseTest { - - /** The engine. */ - private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); - - /** - * Gets the engine. - * - * @return the engine - */ - public static STORKSAMLEngine getEngine() { - return engine; - } - - /** - * Sets the engine. - * - * @param newEngine - * the new engine - */ - public static void setEngine(final STORKSAMLEngine newEngine) { - StorkResponseTest.engine = newEngine; - } - - /** The destination. */ - private static String destination; - - /** The service provider name. */ - private static String spName; - - /** The service provider sector. */ - private static String spSector; - - /** The service provider institution. */ - private static String spInstitution; - - /** The service provider application. */ - private static String spApplication; - - /** The service provider country. */ - private static String spCountry; - - /** The service provider id. */ - private static String spId; - - /** The quality authentication assurance level. */ - private static final int QAAL = 3; - - /** The state. */ - private static String state = "ES"; - - /** The town. */ - private static String town = "Madrid"; - - /** The municipality code. */ - private static String municipalityCode = "MA001"; - - /** The postal code. */ - private static String postalCode = "28038"; - - /** The street name. */ - private static String streetName = "Marchamalo"; - - /** The street number. */ - private static String streetNumber = "3"; - - /** The apartament number. */ - private static String apartamentNumber = "5º E"; - - /** The List of Personal Attributes. */ - private static IPersonalAttributeList pal; - - /** The assertion consumer URL. */ - private static String assertConsumerUrl; - - /** The authentication request. */ - private static byte[] authRequest; - - /** The authentication response. */ - private static byte[] authResponse; - - /** The authentication request. */ - private static STORKAuthnRequest authenRequest; - - /** The authentication response. */ - private static STORKAuthnResponse authnResponse; - - /** The Constant LOG. */ - private static final Logger LOG = LoggerFactory.getLogger(StorkResponseTest.class.getName()); - - /** - * Instantiates a new stork response test. - */ - public StorkResponseTest() { - super(); - } - - /** The IP address. */ - private static String ipAddress; - - /** The is hashing. */ - private final boolean isHashing = Boolean.TRUE; - - /** The is not hashing. */ - private final boolean isNotHashing = Boolean.FALSE; - - /** The ERROR text. */ - private static final String ERROR_TXT = "generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"; - - /** Parser manager used to parse XML. */ - private static BasicParserPool parser; - - static { - parser = new BasicParserPool(); - parser.setNamespaceAware(true); - - pal = new PersonalAttributeList(); - - PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(false); - ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - pal.add(isAgeOver); - - PersonalAttribute dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - pal.add(dateOfBirth); - - PersonalAttribute eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - pal.add(eIDNumber); - - final PersonalAttribute givenName = new PersonalAttribute(); - givenName.setName("givenName"); - givenName.setIsRequired(true); - pal.add(givenName); - - PersonalAttribute canRessAddress = new PersonalAttribute(); - canRessAddress.setName("canonicalResidenceAddress"); - canRessAddress.setIsRequired(true); - pal.add(canRessAddress); - - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName("newAttribute2"); - newAttribute.setIsRequired(true); - pal.add(newAttribute); - - destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; - assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; - spName = "University Oxford"; - - spName = "University of Oxford"; - spSector = "EDU001"; - spInstitution = "OXF001"; - spApplication = "APP001"; - spCountry = "EN"; - - spId = "EDU001-APP001-APP001"; - - final STORKAuthnRequest request = new STORKAuthnRequest(); - request.setDestination(destination); - request.setProviderName(spName); - request.setQaa(QAAL); - request.setPersonalAttributeList(pal); - request.setAssertionConsumerServiceURL(assertConsumerUrl); - - // news parameters - request.setSpSector(spSector); - request.setSpInstitution(spInstitution); - request.setSpApplication(spApplication); - request.setSpCountry(spCountry); - request.setSPID(spId); - request.setCitizenCountryCode("ES"); - - try { - authRequest = getEngine().generateSTORKAuthnRequest(request).getTokenSaml(); - - authenRequest = getEngine().validateSTORKAuthnRequest(authRequest); - - } catch (STORKSAMLEngineException e) { - fail("Error create STORKAuthnRequest"); - } - - ipAddress = "111.222.333.444"; - - pal = new PersonalAttributeList(); - - isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(true); - ages = new ArrayList<String>(); - - ages.add("16"); - ages.add("18"); - - isAgeOver.setValue(ages); - isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(isAgeOver); - - dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - final ArrayList<String> date = new ArrayList<String>(); - date.add("16/12/2008"); - dateOfBirth.setValue(date); - dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(dateOfBirth); - - eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - final ArrayList<String> idNumber = new ArrayList<String>(); - idNumber.add("123456789PÑ"); - eIDNumber.setValue(idNumber); - eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - pal.add(eIDNumber); - - canRessAddress = new PersonalAttribute(); - canRessAddress.setName("canonicalResidenceAddress"); - canRessAddress.setIsRequired(true); - canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - final HashMap<String, String> address = new HashMap<String, String>(); - - address.put("state", state); - address.put("municipalityCode", municipalityCode); - address.put("town", town); - address.put("postalCode", postalCode); - address.put("streetName", streetName); - address.put("streetNumber", streetNumber); - address.put("apartamentNumber", apartamentNumber); - - canRessAddress.setComplexValue(address); - pal.add(canRessAddress); - - newAttribute = new PersonalAttribute(); - newAttribute.setName("newAttribute2"); - newAttribute.setIsRequired(true); - newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - final HashMap<String, String> values = new HashMap<String, String>(); - - values.put("value1", "value1"); - values.put("value2", "value2"); - values.put("value3", "value3"); - values.put("value4", "value4"); - - newAttribute.setComplexValue(values); - pal.add(newAttribute); - - } - - /** - * Test generate authentication request without errors. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthnResponse() throws STORKSAMLEngineException { - - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(pal); - - final STORKAuthnResponse storkResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing); - - authResponse = storkResponse.getTokenSaml(); - - LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse)); - - } - - /** - * Test validation id parameter mandatory. - */ - @Test - public final void testResponseMandatoryId() { - final String identifier = authenRequest.getSamlId(); - authenRequest.setSamlId(null); - - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(pal); - - try { - getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isHashing); - fail(ERROR_TXT); - } catch (STORKSAMLEngineException e) { - authenRequest.setSamlId(identifier); - LOG.error("Error"); - } - } - - /** - * Test generate authentication response in response to err1. - */ - @Test - public final void testResponseMandatoryIssuer() { - - final String issuer = authenRequest.getIssuer(); - authenRequest.setIssuer(null); - - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(pal); - - try { - getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isHashing); - fail(ERROR_TXT); - } catch (STORKSAMLEngineException e) { - authenRequest.setIssuer(issuer); - LOG.error("Error"); - } - } - - /** - * Test generate authentication response assertion consumer null. - */ - @Test - public final void testResponseMandatoryAssertionConsumerServiceURL() { - final String asserConsumerUrl = authenRequest.getAssertionConsumerServiceURL(); - authenRequest.setAssertionConsumerServiceURL(null); - - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(pal); - try { - getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isHashing); - fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - authenRequest.setAssertionConsumerServiceURL(asserConsumerUrl); - LOG.error("Error"); - } - } - - /** - * Test generate authentication response IP address null. - */ - @Test - public final void testResponseValidationIP() { - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(pal); - - try { - getEngine().generateSTORKAuthnResponse(authenRequest, response, null, isHashing); - fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication response with personal attribute list null. - */ - @Test - public final void testResponseMandatoryPersonalAttributeList() { - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(null); - - try { - getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isHashing); - fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response token null. - */ - @Test - public final void testResponseInvalidParametersToken() { - try { - getEngine().validateSTORKAuthnResponse(null, ipAddress); - fail(ERROR_TXT); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response IP null. - */ - @Test - public final void testResponseInvalidParametersIP() { - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setPersonalAttributeList(pal); - try { - authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAuthnResponse(authResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response parameter name wrong. - */ - @Test - public final void testResponseInvalidParametersAttr() { - final STORKAuthnResponse response = new STORKAuthnResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("AttrWrong"); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAuthnResponse(authResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response set null value into attribute. - */ - @Test - public final void testResponseInvalidParametersAttrSimpleValue() { - final STORKAuthnResponse response = new STORKAuthnResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("isAgeOver"); - worngAttr.setValue(null); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAuthnResponse(authResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response set null value into attribute. - */ - @Test - public final void testResponseInvalidParametersAttrNoValue() { - final STORKAuthnResponse response = new STORKAuthnResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("isAgeOver"); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAuthnResponse(authResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response set null value into attribute. - */ - @Test - public final void testResponseInvalidParametersAttrNoName() { - final STORKAuthnResponse response = new STORKAuthnResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAuthnResponse(authResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response set null complex value into attribute. - */ - @Test - public final void testResponseInvalidParametersAttrComplexValue() { - final STORKAuthnResponse response = new STORKAuthnResponse(); - final IPersonalAttributeList wrongList = new PersonalAttributeList(); - - final PersonalAttribute worngAttr = new PersonalAttribute(); - worngAttr.setName("isAgeOver"); - worngAttr.setComplexValue(null); - wrongList.add(worngAttr); - - response.setPersonalAttributeList(wrongList); - try { - authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - // In Conf1 ipValidate is false - getEngine().validateSTORKAuthnResponse(authResponse, null); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response IP distinct and disabled validation IP. - */ - @Test - public final void testResponseInvalidParametersIPDistinct() { - try { - // ipAddress origin "111.222.333.444" - // ipAddrValidation = false - // Subject Confirmation Bearer. - - getEngine().validateSTORKAuthnResponse(authResponse, "127.0.0.1"); - fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test response invalid parameters invalid token. - */ - @Test - public final void testResponseInvalidParametersTokenMsg() { - try { - // ipAddress origin "111.222.333.444" - // Subject Confirmation Bearer. - getEngine().validateSTORKAuthnResponse("errorMessage".getBytes(), ipAddress); - fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test validate authentication response is fail. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthenticationResponseIsFail() throws STORKSAMLEngineException { - if (authResponse == null) - testGenerateAuthnResponse(); - - authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, ipAddress); - - assertFalse("Generate incorrect response: ", authnResponse.isFail()); - } - - /** - * Test validate authentication response destination. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthenticationResponseDestination() throws STORKSAMLEngineException { - authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, ipAddress); - - assertEquals("Destination incorrect: ", authnResponse.getInResponseTo(), authenRequest.getSamlId()); - } - - /** - * Test validate authentication response values. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - public final void testValidateAuthenticationResponseValuesComplex() throws STORKSAMLEngineException { - authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, ipAddress); - - assertEquals("Country incorrect:", authnResponse.getCountry(), "EN"); - - final Iterator<PersonalAttribute> iterator = authnResponse.getPersonalAttributeList().iterator(); - - while (iterator.hasNext()) { - final PersonalAttribute attribute = iterator.next(); - if (attribute.getName().equalsIgnoreCase("canonicalResidenceAddress")) { - assertEquals("State incorrect: ", state, attribute.getComplexValue().get("state")); - assertEquals("Municipality Code incorrect: ", municipalityCode, attribute.getComplexValue().get("municipalityCode")); - assertEquals("Town incorrect: ", town, attribute.getComplexValue().get("town")); - assertEquals("Postal code incorrect: ", postalCode, attribute.getComplexValue().get("postalCode")); - assertEquals("Street name incorrect: ", streetName, attribute.getComplexValue().get("streetName")); - assertEquals("Street number incorrect: ", streetNumber, attribute.getComplexValue().get("streetNumber")); - assertEquals("Apartament number incorrect: ", apartamentNumber, attribute.getComplexValue().get("apartamentNumber")); - } - } - } - - /** - * Test generate authenticate response fail in response to it's null. - * - * @throws STORKSAMLEngineException - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - // ( expected=STORKSAMLEngineException.class) - public final void testGenerateAuthnResponseFailInResponseToNull() throws STORKSAMLEngineException { - final String identifier = authenRequest.getSamlId(); - authenRequest.setSamlId(null); - - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); - response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); - response.setMessage(""); - - try { - authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - fail(ERROR_TXT); - } catch (STORKSAMLEngineException e) { - authenRequest.setSamlId(identifier); - LOG.error("Error"); - // throw new STORKSAMLEngineException(e); - } - } - - /** - * Test generate authenticate response fail assertion consumer URL err1. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull() throws STORKSAMLEngineException { - - final String assertConsumerUrl = authenRequest.getAssertionConsumerServiceURL(); - authenRequest.setAssertionConsumerServiceURL(null); - - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); - response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); - response.setMessage(""); - - try { - authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - authenRequest.setAssertionConsumerServiceURL(assertConsumerUrl); - LOG.error("Error"); - } - } - - /** - * Test generate authentication response fail code error err1. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthnResponseFailCodeErrorNull() throws STORKSAMLEngineException { - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setStatusCode(null); - response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); - response.setMessage(""); - - try { - authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); - } catch (STORKSAMLEngineException e) { - LOG.error("Error"); - } - } - - /** - * Test generate authentication request without errors. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthnResponse() throws STORKSAMLEngineException { - - IPersonalAttributeList palist = new PersonalAttributeList(); - - PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(true); - ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - palist.add(isAgeOver); - - PersonalAttribute dateOfBirth = new PersonalAttribute(); - dateOfBirth.setName("dateOfBirth"); - dateOfBirth.setIsRequired(false); - final ArrayList<String> date = new ArrayList<String>(); - date.add("16/12/2008"); - dateOfBirth.setValue(date); - dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - palist.add(dateOfBirth); - - PersonalAttribute eIDNumber = new PersonalAttribute(); - eIDNumber.setName("eIdentifier"); - eIDNumber.setIsRequired(true); - - final ArrayList<String> idNumber = new ArrayList<String>(); - idNumber.add("123456789PÑ"); - - final HashMap<String, String> complex = new HashMap<String, String>(); - complex.put("one", "two"); - - // eIDNumber.setValue(null); - // eIDNumber.setValue(idNumber); - // eIDNumber.setComplexValue(complex); - - eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString()); - palist.add(eIDNumber); - - PersonalAttribute canRessAddress = new PersonalAttribute(); - canRessAddress.setName("canonicalResidenceAddress"); - canRessAddress.setIsRequired(true); - canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); - final HashMap<String, String> address = new HashMap<String, String>(); - - address.put("state", state); - address.put("municipalityCode", municipalityCode); - address.put("town", town); - address.put("postalCode", postalCode); - address.put("streetName", streetName); - address.put("streetNumber", streetNumber); - address.put("apartamentNumber", apartamentNumber); - - canRessAddress.setComplexValue(address); - palist.add(canRessAddress); - - final STORKAuthnResponse response = new STORKAuthnResponse(); - - response.setPersonalAttributeList(palist); - - final STORKAuthnResponse storkResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing); - - authResponse = storkResponse.getTokenSaml(); - LOG.info("Request id: " + authenRequest.getSamlId()); - - LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse)); - - authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, ipAddress); - - LOG.info("RESPONSE ID: " + authnResponse.getSamlId()); - LOG.info("RESPONSE IN_RESPONSE_TO: " + authnResponse.getInResponseTo()); - LOG.info("RESPONSE COUNTRY: " + authnResponse.getCountry()); - - } - - /** - * Test validate authentication response fail is fail. - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testValidateAuthenticationResponseFailIsFail() throws STORKSAMLEngineException { - - final STORKAuthnResponse response = new STORKAuthnResponse(); - response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); - response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); - response.setMessage("message"); - - authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, response, ipAddress, isNotHashing).getTokenSaml(); - - LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(authResponse)); - - authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, ipAddress); - - LOG.info("COUNTRY: " + authnResponse.getCountry()); - assertTrue("Generate incorrect response: ", authnResponse.isFail()); - } - - /** - * Test generate/validate response with signedDoc - * - * @throws STORKSAMLEngineException - * the STORKSAML engine exception - */ - @Test - public final void testGenerateAuthenResponseWithSignedDoc() throws STORKSAMLEngineException { - - String signedDocResponse = "<dss:SignResponse xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"123456\"> <dss:Result> <dss:ResultMajor>urn:oasis:names:tc:dss:1.0:resultmajor:Success</dss:ResultMajor> </dss:Result> <dss:SignatureObject> <dss:Base64Signature Type=\"urn:ietf:rfc:3275\">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+</dss:Base64Signature> </dss:SignatureObject> </dss:SignResponse>"; - - IPersonalAttributeList palist = new PersonalAttributeList(); - - PersonalAttribute signedDoc = new PersonalAttribute(); - signedDoc.setName("signedDoc"); - signedDoc.setIsRequired(false); - ArrayList<String> signed = new ArrayList<String>(); - signed.add(signedDocResponse); - signedDoc.setValue(signed); - palist.add(signedDoc); - - PersonalAttribute isAgeOver = new PersonalAttribute(); - isAgeOver.setName("isAgeOver"); - isAgeOver.setIsRequired(false); - ArrayList<String> ages = new ArrayList<String>(); - ages.add("16"); - ages.add("18"); - isAgeOver.setValue(ages); - palist.add(isAgeOver); - - authenRequest.setPersonalAttributeList(palist); - - final STORKAuthnResponse response = new STORKAuthnResponse(); - - response.setPersonalAttributeList(palist); - - final STORKAuthnResponse storkResponse = getEngine().generateSTORKAuthnResponse(authenRequest, response, ipAddress, isNotHashing); - - authResponse = storkResponse.getTokenSaml(); - authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, ipAddress); - - assertTrue("SignedDoc response should be the same: ", authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0).equals(signedDocResponse)); - - } -} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java deleted file mode 100644 index 1c34e2ad5..000000000 --- a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. You may - * obtain a copy of the Licence at: - * - * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * Licence for the specific language governing permissions and limitations under - * the Licence. - */ - -/** - * Provides the classes necessary to create a SAML message. - * @since 1.0 - */ -package eu.stork.peps.test.simple;
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml deleted file mode 100644 index fadef82b2..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml +++ /dev/null @@ -1,85 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<instances> - - <!-- Configuration name --> - <instance name="CONF0"> - <!-- Configurations parameters StorkSamlEngine --> - <configuration name="SamlEngineConf"> - <parameter name="fileConfiguration" value="StorkSamlEngine_Conf0.xml" /> - </configuration> - - <!-- Settings module signature --> - <configuration name="SignatureConf"> - <!-- Specific signature module --> - <parameter name="class" - value="eu.stork.peps.auth.engine.core.impl.SignSW" /> - <!-- Settings specific module --> - <parameter name="fileConfiguration" value="SignModule_Conf0.xml" /> - <parameter name="softTrustStoreConfig" value="SignModule_Conf0.xml" /> - </configuration> - </instance> - - <!-- ******************** CONF1 ******************** --> - <!-- Configuration name --> - <instance name="CONF1"> - <!-- Configurations parameters StorkSamlEngine --> - <configuration name="SamlEngineConf"> - <parameter name="fileConfiguration" value="StorkSamlEngine_Conf1.xml" /> - </configuration> - - <!-- Settings module signature --> - <configuration name="SignatureConf"> - <!-- Specific signature module --> - <parameter name="class" - value="eu.stork.peps.auth.engine.core.impl.SignSW" /> - <!-- Settings specific module --> - <parameter name="fileConfiguration" value="SignModule_Conf1.xml" /> - </configuration> - </instance> - - <!-- ******************** CONF2 ******************** --> - - <instance name="CONF2"> - <configuration name="SamlEngineConf"> - <parameter name="fileConfiguration" value="StorkSamlEngine_Conf2.xml" /> - </configuration> - - <configuration name="SignatureConf"> - <parameter name="class" - value="eu.stork.peps.auth.engine.core.impl.SignSW" /> - <parameter name="fileConfiguration" value="SignModule_Conf2.xml" /> - </configuration> - </instance> - - <!-- ******************** CONF3 ******************** --> - - <instance name="CONF3"> - <configuration name="SamlEngineConf"> - <parameter name="fileConfiguration" value="StorkSamlEngine_Conf3.xml" /> - </configuration> - - <configuration name="SignatureConf"> - <parameter name="class" - value="eu.stork.peps.auth.engine.core.impl.SignSW" /> - <parameter name="fileConfiguration" value="SignModule_Conf3.xml" /> - </configuration> - </instance> - - <!-- ******************** CONF4 ******************** --> - <instance name="CONF4"> - <!-- Configurations parameters StorkSamlEngine --> - <configuration name="SamlEngineConf"> - <parameter name="fileConfiguration" value="StorkSamlEngine_Conf0.xml" /> - </configuration> - - <!-- Settings module signature --> - <configuration name="SignatureConf"> - <!-- Specific signature module --> - <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignHW" /> - <!-- Settings specific module --> - <parameter name="fileConfiguration" value="SignModule_P11.xml" /> - <parameter name="softTrustStoreConfig" value="SignModule_Conf0.xml" /> - </configuration> - </instance> - -</instances>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml deleted file mode 100644 index 295258bb2..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml +++ /dev/null @@ -1,21 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<!-- properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">C:\opt\keystores\keyStoreCountry0.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS</entry> - <entry key="serialNumber">524D4C6C</entry> - <entry key="keystoreType">JKS</entry> -</properties--> -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">C:\opt\keystores\storkDemoKeysTest.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">4BA89DB2</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml deleted file mode 100644 index ffd41cb61..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">C:\opt\keystores\storkDemoKeysTest.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">4BA89DB2</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml deleted file mode 100644 index 21b73d49d..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">C:\opt\keystores\keyStoreCountry2.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">4BA89DB2</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml deleted file mode 100644 index f9ebc85cc..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SWModule sign with JKS.</comment> - <entry key="keystorePath">C:\opt\keystores\keyStoreCountry3.jks</entry> - <entry key="keyStorePassword">local-demo</entry> - <entry key="keyPassword">local-demo</entry> - <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> - <entry key="serialNumber">4BA89DB2</entry> - <entry key="keystoreType">JKS</entry> -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml deleted file mode 100644 index 0e95da1f2..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>HWModule sign with interface PKCS11.</comment> - <entry key="configurationFile">p11Conf.cfg</entry> - <entry key="keyPassword">12345</entry> - <entry key="issuer">CN=Test Certificate</entry> - <entry key="serialNumber">147d4b07db8</entry> - <entry key="keystoreType">PKCS11</entry> - <entry key="trustStoreConfig">SignModule_Conf0.xml</entry> -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml deleted file mode 100644 index 2a266a975..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml +++ /dev/null @@ -1,112 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- Types of consent obtained from the user for this authentication and - data transfer. Allow values: 'unspecified'. --> - <entry key="consentAuthnRequest">unspecified</entry> - - <!-- Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', - 'unspecified'. --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier Allow values: - 'entity'. --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS --> - <!--The SOAP binding is only supported for direct communication between - SP-MW and VIdP --> - <entry key="protocolBinding">HTTP-POST</entry> - - - - - <!--URI representing the classification of the identifier Allow values: - 'entity'. <entry key="eIDSectorShare">true</entry> <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> --> - - - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">true</entry> - - <!--PEPS in the Service Provider's country --> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country --> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!-- Format --> - <entry key="format">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive - number) --> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response --> - <entry key="ipAddrValidation">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="placeOfBirth">http://www.stork.gov.eu/1.0/placeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry> - <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> - <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry> - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - - <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry> - <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry> - <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry> - <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry> - <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry> - <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry> - <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry> - <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry> - <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry> - <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry> - - <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry> - <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry> - <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry> - <entry key="type">http://www.stork.gov.eu/1.0/type</entry> - <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry> - <entry key="status">http://www.stork.gov.eu/1.0/status</entry> - <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry> - <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry> - <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry> - <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry> - <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry> - <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry> - <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry> - - -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml deleted file mode 100644 index a65717a05..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml +++ /dev/null @@ -1,111 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- Types of consent obtained from the user for this authentication and - data transfer. Allow values: 'unspecified'. --> - <entry key="consentAuthnRequest">unspecified</entry> - - <!-- Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', - 'unspecified'. --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier Allow values: - 'entity'. --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS --> - <!--The SOAP binding is only supported for direct communication between - SP-MW and VIdP --> - <entry key="protocolBinding">HTTP-POST</entry> - - - - - <!--URI representing the classification of the identifier Allow values: - 'entity'. <entry key="eIDSectorShare">true</entry> <entry key="eIDCrossSectorShare">true</entry> - <entry key="eIDCrossBorderShare">true</entry> --> - - - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="friendlyName">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">true</entry> - - <!--PEPS in the Service Provider's country --> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country --> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!-- Format --> - <entry key="format">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</entry> - - <!--Subject cannot be confirmed on or after this seconds time (positive - number) --> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response --> - <entry key="ipAddrValidation">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="placeOfBirth">http://www.stork.gov.eu/1.0/placeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry> - <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> - <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry> - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - - <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry> - <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry> - <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry> - <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry> - <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry> - <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry> - <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry> - <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry> - <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry> - <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry> - - <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry> - <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry> - <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry> - <entry key="type">http://www.stork.gov.eu/1.0/type</entry> - <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry> - <entry key="status">http://www.stork.gov.eu/1.0/status</entry> - <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry> - <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry> - <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry> - <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry> - <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry> - <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry> - <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml deleted file mode 100644 index a0a5bea10..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml +++ /dev/null @@ -1,101 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- Types of consent obtained from the user for this authentication and - data transfer. Allow values: 'unspecified'. --> - <entry key="consentAuthnRequest">unspecified</entry> - <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', - 'unspecified'. --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier Allow values: - 'entity'. --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS --> - <!--The SOAP binding is only supported for direct communication between - SP-MW and VIdP --> - <entry key="protocolBinding">HTTP-POST</entry> - - <entry key="eIDSectorShare">false</entry> - <entry key="eIDCrossSectorShare">false</entry> - <entry key="eIDCrossBorderShare">false</entry> - - <!--PEPS in the Service Provider's country --> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country --> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!-- Format --> - <entry key="format">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</entry> - - <!--Subject cannot be confirmed on or after this seconds time --> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response --> - <entry key="ipAddrValidation">false</entry> - - <!-- A friendly name for the attribute that can be displayed to a user --> - <entry key="isRequired">false</entry> - - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="placeOfBirth">http://www.stork.gov.eu/1.0/placeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry> - <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> - <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry> - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - - <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry> - <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry> - <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry> - <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry> - <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry> - <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry> - <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry> - <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry> - <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry> - <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry> - - <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry> - <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry> - <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry> - <entry key="type">http://www.stork.gov.eu/1.0/type</entry> - <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry> - <entry key="status">http://www.stork.gov.eu/1.0/status</entry> - <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry> - <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry> - <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry> - <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry> - <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry> - <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry> - <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml deleted file mode 100644 index 61c6cd6d6..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml +++ /dev/null @@ -1,97 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> - -<properties> - <comment>SAML constants for AuthnRequests and Responses.</comment> - - <!-- Types of consent obtained from the user for this authentication and - data transfer. Allow values: 'unspecified'. --> - <entry key="consentAuthnRequest">unspecified</entry> - <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit', - 'unspecified'. --> - <entry key="consentAuthnResponse">obtained</entry> - - <!--URI representing the classification of the identifier Allow values: - 'entity'. --> - <entry key="formatEntity">entity</entry> - - <!--Only HTTP-POST binding is only supported for inter PEPS --> - <!--The SOAP binding is only supported for direct communication between - SP-MW and VIdP --> - <entry key="protocolBinding">HTTP-POST</entry> - - <entry key="eIDSectorShare">false</entry> - <entry key="eIDCrossSectorShare">false</entry> - <entry key="eIDCrossBorderShare">false</entry> - - <!--PEPS in the Service Provider's country --> - <entry key="requester">http://S-PEPS.gov.xx</entry> - - <!--PEPS in the citizen's origin country --> - <entry key="responder">http://C-PEPS.gov.xx</entry> - - <!-- Format --> - <entry key="format">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</entry> - - <!--Subject cannot be confirmed on or after this seconds time --> - <entry key="timeNotOnOrAfter">300</entry> - - <!--Validation IP of the response --> - <entry key="ipAddrValidation">false</entry> - - <!--Subject Attribute Definitions--> - <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> - <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> - <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> - <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> - <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> - <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> - <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> - <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> - <entry key="placeOfBirth">http://www.stork.gov.eu/1.0/placeOfBirth</entry> - <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> - <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> - <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> - <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> - <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> - <entry key="title">http://www.stork.gov.eu/1.0/title</entry> - <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> - <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> - <entry key="age">http://www.stork.gov.eu/1.0/age</entry> - <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> - <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> - <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry> - <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> - <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry> - <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> - <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - - <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry> - <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry> - <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry> - <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry> - <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry> - <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry> - <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry> - <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry> - <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry> - <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> - <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry> - <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry> - - <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry> - <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry> - <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry> - <entry key="type">http://www.stork.gov.eu/1.0/type</entry> - <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry> - <entry key="status">http://www.stork.gov.eu/1.0/status</entry> - <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry> - <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry> - <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry> - <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry> - <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry> - <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry> - <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry> - -</properties>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml deleted file mode 100644 index d4f6f89da..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml +++ /dev/null @@ -1,68 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_bf999e47edabb47770eb406a5d37f24e" IssueInstant="2014-04-25T12:49:39.398Z" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer> - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:SignedInfo> - <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> - <ds:Reference URI="#_bf999e47edabb47770eb406a5d37f24e"> - <ds:Transforms> - <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> - <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> - </ds:Transform> - </ds:Transforms> - <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <ds:DigestValue>NwBXMUys6XjoR7Ddbr6JI5gB+O8=</ds:DigestValue> - </ds:Reference> - </ds:SignedInfo> - <ds:SignatureValue>MFoAC5mncGKFyvZKygSIH7+9JrXWMJ18jolBHZ0WisxpIrDldS+K+Mf6uwOirL5mal2uktpIT2RRiT1Twk+fS5t94wnobaLpktpv+uoZCzd2BAqFpBBHnImwC/UEy7hCF9htsW8CCx97wRXHA4IGx5OX9Fg4f+ZJdPPFLrGpdfJ3bJXvQeQPwGLqhjWio/XnAYwJYQ8YGQvRywZDDodTZDWHsKMHAsrIdmNJz93wmMPceRtgcUceZdN4jDkPE8SPNrApe2ksd3dEKauyyJQ2DR5jryVQpGM7sJzQhP9Z57XIJta+c/nJ7bttw+M+QsZn/E+CLQpcI8MeuuhBb1+mGA==</ds:SignatureValue> - <ds:KeyInfo> - <ds:X509Data> - <ds:X509Certificate>MIIDIjCCAgqgAwIBAgIES6idsjANBgkqhkiG9w0BAQUFADBTMQswCQYDVQQGEwJFUzEOMAwGA1UE - CAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxvY2Fs - LWRlbW8wHhcNMTMwODI4MTY0NzM1WhcNMTUwODI4MTY0NzM1WjBTMQswCQYDVQQGEwJFUzEOMAwG - A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxv - Y2FsLWRlbW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+7zEQUbt8Ot9dByR5TuY - NPmTwaKhECtnkxYAx9tl+Ga3kFiv+dOSeDoQOhxkICG1ZMaG0Gtk0EQWjscC1cLwDXpAOdhOm5xh - ndFHxa3V3Y3zomFZA7A3nwP8wt17wDrc1xi2Ye8VrwO7Vjb/F8Rgutlcrvq+LF4g9nQLoRiKUq8w - NFvDlvhBbLr8hMVBMY/jY7tSQ85qLqKUkWRcoDttJjgWZoO1vpBS4m+FywtYdOoHnN6fv4Dvf1r2 - rNLgebgBvSfwznxiulwW6FBLasYX0rYKP7RfwG8TJ+FumOgAjADj2LdwK25RZNg44XU2V1z1Fp37 - fNXhfo08LpdD1ueFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADMRGTWOmadZyCoJNluV+M7LopjC - 9WpFUj76X0cAoNXmt12zYqYe8hjRmBr6l2V/FXT3/TyWET1nILG46zwwAxslw3b2LvkhU+9QcuB8 - yC8TCJJ0kgsTZ/EUZPSbwUG7Nn2jkMiyjlyKcjSCQOzEKQyR1xYwyZG40+BPeGbYjmRgm6kcmCxY - USWoPwNyfke9gNT80f0pUj7wJ9YwWbTIz1rhf/h7rxoMYypXo+JXwaXW/Ra8v1uDcwfKpE5ZgwAU - nubLXF4A+H7/N7ZvB5XDwJ4W+99nuPsKfwacD8m1sflTXcEPzzhOq6iQ9anJT94/pMctnp827zXA - y66jvDrin5I=</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </ds:Signature> - <saml2p:Extensions> - <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel> - <stork:spCountry>IS</stork:spCountry> - <storkp:eIDSectorShare>false</storkp:eIDSectorShare> - <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare> - <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare> - <storkp:RequestedAttributes> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue> - </stork:RequestedAttribute> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">Sveinbjorn</stork:AttributeValue> - </stork:RequestedAttribute> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/fiscalNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">fiscalNumber</stork:AttributeValue> - </stork:RequestedAttribute> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</stork:AttributeValue> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</stork:AttributeValue> - </stork:RequestedAttribute> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/LPFiscalNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">LPFiscalNumber</stork:AttributeValue> - </stork:RequestedAttribute> - </storkp:RequestedAttributes> - </saml2p:Extensions> - <saml2:Subject> - <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/> - </saml2:Subject> -</saml2p:AttributeQuery>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml deleted file mode 100644 index fadc86d14..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml +++ /dev/null @@ -1,54 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_0b74cf761d490383ac5127629a39a458" IssueInstant="2014-04-25T12:49:39.848Z" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer> - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:SignedInfo> - <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> - <ds:Reference URI="#_0b74cf761d490383ac5127629a39a458"> - <ds:Transforms> - <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> - <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> - <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> - </ds:Transform> - </ds:Transforms> - <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> - <ds:DigestValue>2WMvsIXoH1VpwqbNiXG8lWS2ZPc=</ds:DigestValue> - </ds:Reference> - </ds:SignedInfo> - <ds:SignatureValue>nMfUZiYHyHgSky4NHfDGch8a6UxWupS1Dhk2mu3L065Vq2eKLfDwWjgNkKPDoLcEkgAiDpNlLsS0+nDk8IexAMSq+T54Mlt4AhMRIrDP3SlWya5mqQ0VnxFENGlhi7kSKK2oIMfkiaeIBART7QBZggSZFnk0mw/BzmJM5bJ4Dipymndx7tv98BDlWFZEKH7iSc9uUuMpVygTNDxtEsdMcBKpqYiyVyTln8/xKsqXSL4RA10MYmqfvFsMZWUwQUgdl5tor910/XrAXHXJY50zH0CwekUXszOdvO7s3WvrG4lt3goqq2WDcaeDzizV93+Ih+lVl9PebTtMxCyO4fxw7Q==</ds:SignatureValue> - <ds:KeyInfo> - <ds:X509Data> - <ds:X509Certificate>MIIDIjCCAgqgAwIBAgIES6idsjANBgkqhkiG9w0BAQUFADBTMQswCQYDVQQGEwJFUzEOMAwGA1UE - CAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxvY2Fs - LWRlbW8wHhcNMTMwODI4MTY0NzM1WhcNMTUwODI4MTY0NzM1WjBTMQswCQYDVQQGEwJFUzEOMAwG - A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxv - Y2FsLWRlbW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+7zEQUbt8Ot9dByR5TuY - NPmTwaKhECtnkxYAx9tl+Ga3kFiv+dOSeDoQOhxkICG1ZMaG0Gtk0EQWjscC1cLwDXpAOdhOm5xh - ndFHxa3V3Y3zomFZA7A3nwP8wt17wDrc1xi2Ye8VrwO7Vjb/F8Rgutlcrvq+LF4g9nQLoRiKUq8w - NFvDlvhBbLr8hMVBMY/jY7tSQ85qLqKUkWRcoDttJjgWZoO1vpBS4m+FywtYdOoHnN6fv4Dvf1r2 - rNLgebgBvSfwznxiulwW6FBLasYX0rYKP7RfwG8TJ+FumOgAjADj2LdwK25RZNg44XU2V1z1Fp37 - fNXhfo08LpdD1ueFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADMRGTWOmadZyCoJNluV+M7LopjC - 9WpFUj76X0cAoNXmt12zYqYe8hjRmBr6l2V/FXT3/TyWET1nILG46zwwAxslw3b2LvkhU+9QcuB8 - yC8TCJJ0kgsTZ/EUZPSbwUG7Nn2jkMiyjlyKcjSCQOzEKQyR1xYwyZG40+BPeGbYjmRgm6kcmCxY - USWoPwNyfke9gNT80f0pUj7wJ9YwWbTIz1rhf/h7rxoMYypXo+JXwaXW/Ra8v1uDcwfKpE5ZgwAU - nubLXF4A+H7/N7ZvB5XDwJ4W+99nuPsKfwacD8m1sflTXcEPzzhOq6iQ9anJT94/pMctnp827zXA - y66jvDrin5I=</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </ds:Signature> - <saml2p:Extensions> - <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel> - <stork:spCountry>IS</stork:spCountry> - <storkp:eIDSectorShare>false</storkp:eIDSectorShare> - <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare> - <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare> - <storkp:RequestedAttributes> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/docRequest" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">IS/IS/fbea6e68-0393-401b-b616-f767fff9418c</stork:AttributeValue> - </stork:RequestedAttribute> - </storkp:RequestedAttributes> - </saml2p:Extensions> - <saml2:Subject> - <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/> - </saml2:Subject> -</saml2p:AttributeQuery>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml deleted file mode 100644 index 5c04f5c93..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml +++ /dev/null @@ -1,66 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" - xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" - xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" - Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_f6c8fc355b9f125cb5283f038e1b3cdf" - IssueInstant="2013-10-03T10:28:15.449Z" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer> - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:SignatureValue>hhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==</ds:SignatureValue> - <ds:KeyInfo> - <ds:X509Data> - <ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw - YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v - LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG - A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv - Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab - ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU - 0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n - 6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5 - y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z - 9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F - 6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM - pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT - /NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq - yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7 - Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </ds:Signature> - <saml2p:Extensions> - <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel> - <storkp:eIDSectorShare>false</storkp:eIDSectorShare> - <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare> - <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare> - <storkp:RequestedAttributes> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="false" /> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType">16</stork:AttributeValue> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType">18</stork:AttributeValue> - </stork:RequestedAttribute> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType">Sveinbjörn</stork:AttributeValue> - </stork:RequestedAttribute> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true"> - <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue> - </stork:RequestedAttribute> - </storkp:RequestedAttributes> - </saml2p:Extensions> - <saml2:Subject> - <saml2:SubjectConfirmation - Method="urn:oasis:names:tc:SAML:1.0:cm:sender-vouches" /> - </saml2:Subject> -</saml2p:AttributeQuery>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml deleted file mode 100644 index 79c59f5ed..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml +++ /dev/null @@ -1,124 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" - xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" - xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained" - Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_483140d440fc4eef8e949ace49669f2e" - InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" IssueInstant="2013-10-08T09:11:17.255Z" - Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer> - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:SignedInfo> - <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> - <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> - <ds:Reference URI="#_483140d440fc4eef8e949ace49669f2e"> - <ds:Transforms> - <ds:Transform - Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> - <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> - <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" - PrefixList="xs" /> - </ds:Transform> - </ds:Transforms> - <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> - <ds:DigestValue>yMOVS1T/yRiVh3L6IBM9rR9Ie3w=</ds:DigestValue> - </ds:Reference> - </ds:SignedInfo> - <ds:SignatureValue>d8e/RyNNPmnHRIzTIuRSnW6B60oWGBGxjRua/HvNxTuod0qSarYJxEedhY9Wl1Z9WYXlry28FuKjp3DA3HhzNaVd7A7QpFqNC4dnizSVWFjxlhmoE/Uv3Y/ha9P/fk6nbtHCSKW4kHSX7QfFLeggcLmUG0IULRF8UmRdQ0WerCl0aSZZeSp8J3LsFBPeWCRSwXgfiLn+RehggzZmQU6g0ssxrpnsYEAtjAiOli+YVQGuumsZGaJ8zHA/DgJ2FTGovNUyfuSUFLhd9nLlSqFs2Avnx0Ck7Q1dxDO5truOm6e285YLHqLaGdetFyPQAj/Z4w4RJ5u5X6d7rhBjTfRAAw==</ds:SignatureValue> - <ds:KeyInfo> - <ds:X509Data> - <ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw - YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v - LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG - A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv - Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab - ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU - 0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n - 6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5 - y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z - 9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F - 6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM - pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT - /NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq - yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7 - Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </ds:Signature> - <saml2p:Status> - <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /> - <saml2p:StatusMessage>urn:oasis:names:tc:SAML:2.0:status:Success</saml2p:StatusMessage> - </saml2p:Status> - <saml2:Assertion ID="_9ed05849dee5c154e62fa9e3ba53e9f3" - IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer> - <saml2:Subject> - <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" - NameQualifier="http://C-PEPS.gov.xx">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</saml2:NameID> - <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> - <saml2:SubjectConfirmationData - Address="111.222.333.444" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" - NotOnOrAfter="2013-10-08T09:16:17.255Z" /> - </saml2:SubjectConfirmation> - </saml2:Subject> - <saml2:Conditions NotBefore="2013-10-08T09:11:17.255Z" - NotOnOrAfter="2013-10-08T09:16:17.255Z"> - <saml2:AudienceRestriction> - <saml2:Audience>http://S-PEPS.gov.xx</saml2:Audience> - </saml2:AudienceRestriction> - <saml2:OneTimeUse /> - </saml2:Conditions> - <saml2:AuthnStatement AuthnInstant="2013-10-08T09:11:17.255Z"> - <saml2:SubjectLocality Address="111.222.333.444" /> - <saml2:AuthnContext> - <saml2:AuthnContextDecl /> - </saml2:AuthnContext> - </saml2:AuthnStatement> - <saml2:AttributeStatement> - <saml2:Attribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - stork:AttributeStatus="Available"> - <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType">16/12/2008</saml2:AttributeValue> - </saml2:Attribute> - <saml2:Attribute - Name="http://www.stork.gov.eu/1.0/canonicalResidenceAddress" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - stork:AttributeStatus="Available"> - <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType"> - <stork:postalCode xsi:type="xs:anyType">105</stork:postalCode> - <stork:state xsi:type="xs:anyType">IS</stork:state> - <stork:streetNumber xsi:type="xs:anyType">10</stork:streetNumber> - <stork:streetName xsi:type="xs:anyType">Gudrunartun</stork:streetName> - <stork:town xsi:type="xs:anyType">Reykjavik</stork:town> - </saml2:AttributeValue> - </saml2:Attribute> - <saml2:Attribute Name="http://www.stork.gov.eu/1.0/newAttribute2" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - stork:AttributeStatus="Available"> - <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType"> - <stork:value3 xsi:type="xs:anyType">value3</stork:value3> - <stork:value4 xsi:type="xs:anyType">value4</stork:value4> - <stork:value1 xsi:type="xs:anyType">value1</stork:value1> - <stork:value2 xsi:type="xs:anyType">value2</stork:value2> - </saml2:AttributeValue> - </saml2:Attribute> - <saml2:Attribute Name="http://www.stork.gov.eu/1.0/isAgeOver" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - stork:AttributeStatus="Available"> - <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType">16</saml2:AttributeValue> - <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType">18</saml2:AttributeValue> - </saml2:Attribute> - <saml2:Attribute Name="http://www.stork.gov.eu/1.0/eIdentifier" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - stork:AttributeStatus="Available"> - <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:type="xs:anyType">123456789IS</saml2:AttributeValue> - </saml2:Attribute> - </saml2:AttributeStatement> - </saml2:Assertion> -</saml2p:Response>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml deleted file mode 100644 index 93e778113..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml +++ /dev/null @@ -1,72 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" - xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" - AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" - Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" - ForceAuthn="true" ID="_e54eee285e7b8e2772875c406ec39674" IsPassive="false" - IssueInstant="2010-06-08T07:37:54.533Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ProviderName="University of Oxford" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer> - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:SignedInfo> - <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> - <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> - <ds:Reference URI="#_e54eee285e7b8e2772875c406ec39674"> - <ds:Transforms> - <ds:Transform - Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> - <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> - <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" - PrefixList="ds saml2 saml2p stork storkp xs" /> - </ds:Transform> - </ds:Transforms> - <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> - <ds:DigestValue>yzsqaxBNicOrixBUno5cL0CBOpE=</ds:DigestValue> - </ds:Reference> - </ds:SignedInfo> - <ds:SignatureValue> - Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC - wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi - YIN/BUEtXkoYTjPtkmA= - </ds:SignatureValue> - <ds:KeyInfo> - <ds:X509Data> - <ds:X509Certificate>MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw - MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG - 9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu - h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r - /WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk - 3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K - eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq - KAoZgbUK0Zld3Dsheg==</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </ds:Signature> - <saml2p:Extensions> - <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel> - <stork:spSector>EDU001</stork:spSector> - <stork:spInstitution>OXF001</stork:spInstitution> - <stork:spApplication>APP001</stork:spApplication> - <stork:spCountry>EN</stork:spCountry> - <storkp:eIDSectorShare>true</storkp:eIDSectorShare> - <storkp:eIDCrossSectorShare>true</storkp:eIDCrossSectorShare> - <storkp:eIDCrossBorderShare>true</storkp:eIDCrossBorderShare> - <storkp:RequestedAttributes> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true"> - <stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">16</stork:AttributeValue> - <stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">18</stork:AttributeValue> - </stork:RequestedAttribute> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="false" /> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true" /> - </storkp:RequestedAttributes> - </saml2p:Extensions> -</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml deleted file mode 100644 index cca0dbc27..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml +++ /dev/null @@ -1,47 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" - xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" - AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage" - Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://locahost:8080/PEPS/ServiceProvider" - ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false" - IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ProviderName="PT-SP" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer> - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:SignatureValue> - S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR - Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC - Xt8p8tK3EoMocZse2hw= - </ds:SignatureValue> - <ds:KeyInfo> - <ds:X509Data> - <ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw - OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA - A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl - lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK - ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl - r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w - kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS - 3cyl/wz8</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </ds:Signature> - <saml2p:Extensions> - <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel> - <storkp:eIDSectorShare>false</storkp:eIDSectorShare> - <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare> - <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare> - <storkp:RequestedAttributes> - <stork:RequestedAttribute - Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true" /> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true" /> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true" /> - </storkp:RequestedAttributes> - </saml2p:Extensions> -</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml deleted file mode 100644 index db606145c..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml +++ /dev/null @@ -1,47 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" - xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" - xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" - AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage" - Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://localhost:8080/PEPS/ServiceProvider" - ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false" - IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" - ProviderName="PT-SP" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer> - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:SignatureValue> - S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR - Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC - Xt8p8tK3EoMocZse2hw= - </ds:SignatureValue> - <ds:KeyInfo> - <ds:X509Data> - <ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw - OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA - A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl - lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK - ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl - r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w - kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS - 3cyl/wz8</ds:X509Certificate> - </ds:X509Data> - </ds:KeyInfo> - </ds:Signature> - <saml2p:Extensions> - <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel> - <storkp:eIDSectorShare>false</storkp:eIDSectorShare> - <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare> - <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare> - <storkp:RequestedAttributes> - <stork:RequestedAttribute - Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true" /> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true" /> - <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" - NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - isRequired="true" /> - </storkp:RequestedAttributes> - </saml2p:Extensions> -</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/logback-test.xml b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml deleted file mode 100644 index 84d48c00e..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/logback-test.xml +++ /dev/null @@ -1,21 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- Basic configuration used until the IdP can load the real configuration --> -<configuration> - - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <layout class="ch.qos.logback.classic.PatternLayout"> - <Pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - </Pattern> - </layout> - </appender> - - <logger name="eu.stork"> - <level value="DEBUG" /> - </logger> - - <root> - <appender-ref ref="STDOUT" /> - <level value="INFO" /> - </root> - -</configuration>
\ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg deleted file mode 100644 index 84f7050d1..000000000 --- a/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg +++ /dev/null @@ -1,18 +0,0 @@ -name=OpenDNSSEC -library = /usr/lib/softhsm/libsofthsm.so -slot = 0 -attributes(generate, *, *) = { - CKA_TOKEN = true -} -attributes(generate, CKO_CERTIFICATE, *) = { - CKA_PRIVATE = false -} -attributes(generate, CKO_PUBLIC_KEY, *) = { - CKA_PRIVATE = false -} -attributes(*,CKO_PUBLIC_KEY,CKK_RSA)={ - CKA_VERIFY=true -} -attributes(*,CKO_PRIVATE_KEY,CKK_RSA)={ - CKA_SIGN=true -}
\ No newline at end of file @@ -21,35 +21,48 @@ <moa-commons-version>2.0.1</moa-commons-version> --> - <!-- Project Version --> - <moa-commons-version>3.1.0-RC1</moa-commons-version> - <moa-id-version>3.1.0-RC1</moa-id-version> + <!-- Project Version --> + <moa-id-version>3.1.0</moa-id-version> + + <moa-id-version-final>3.1.0</moa-id-version-final> + <moa-id-version-edu>3.2.0-OPB-Snapshot</moa-id-version-edu> + <moa-id-proxy-version>2.0.1-Snapshot</moa-id-proxy-version> - <moa-spss-version>2.0.5-RC1</moa-spss-version> - <configtool-version>2.1.0-RC1</configtool-version> + + <configtool-version>2.2.0-final</configtool-version> <demo-oa-version>2.0.5</demo-oa-version> - + + <moa-id-module-elga_mandate_client>1.0-RC1</moa-id-module-elga_mandate_client> + + <!-- Library Versions --> - <org.springframework.version>4.2.4.RELEASE</org.springframework.version> - <surefire.version>2.18.1</surefire.version> - <opensaml.version>2.6.5</opensaml.version> - <xmltooling.version>1.4.5</xmltooling.version> - <cxf.version>3.1.4</cxf.version> - <struts.version>2.3.24.1</struts.version> + <moa-spss-version>2.0.5</moa-spss-version> + + <org.springframework.version>4.2.5.RELEASE</org.springframework.version> + <surefire.version>2.19.1</surefire.version> + + <opensaml.version>2.6.6</opensaml.version> <!-- update to v3 (v2 is end-of-life in june 2016)--> + <xmltooling.version>1.4.6</xmltooling.version> + <xmlsec.version>2.0.6</xmlsec.version> + + <hibernate.version>5.1.0.Final</hibernate.version> <!-- update to v5 --> + <cxf.version>3.1.6</cxf.version> + <struts.version>2.3.28</struts.version> + <egovutils.version>2.0.0</egovutils.version> - <slf4j.version>1.7.13</slf4j.version> - <hibernate.version>4.3.11.Final</hibernate.version> + + <slf4j.version>1.7.19</slf4j.version> <mysql-connector.java>5.1.38</mysql-connector.java> - <junit.version>4.11</junit.version> + <junit.version>3.8.2</junit.version> <org.apache.commons.io.version>2.4</org.apache.commons.io.version> <org.apache.commons.lang3.version>3.4</org.apache.commons.lang3.version> <org.apache.commons.collections4.version>4.1</org.apache.commons.collections4.version> <org.apache.commons.collections3.version>3.2.2</org.apache.commons.collections3.version> <jodatime.version>2.7</jodatime.version> - <jackson-version>2.7.0</jackson-version> + <jackson-version>2.7.3</jackson-version> <apache-cli-version>1.3.1</apache-cli-version> - <spring-orm-version>3.1.1.RELEASE</spring-orm-version> + <spring-orm-version>${org.springframework.version}</spring-orm-version> </properties> @@ -63,9 +76,11 @@ </property> </activation> <modules> - <module>common</module> - <module>spss</module> +<!-- <module>common</module> --> +<!-- <module>spss</module> --> + <module>id</module> + </modules> <repositories> <repository> @@ -216,10 +231,12 @@ <finalName>moa</finalName> <encoding>UTF-8</encoding> <descriptors> - <descriptor>id/assembly-auth.xml</descriptor> - <descriptor>id/assembly-proxy.xml</descriptor> - <descriptor>spss/assembly.xml</descriptor> - <descriptor>spss/assembly-lib.xml</descriptor> + <descriptor>id/assembly-auth-final.xml</descriptor> + <descriptor>id/assembly-auth-edu.xml</descriptor> + <descriptor>id/assembly-proxy.xml</descriptor> + +<!-- <descriptor>spss/assembly.xml</descriptor> + <descriptor>spss/assembly-lib.xml</descriptor> --> </descriptors> </configuration> </plugin> @@ -269,6 +286,13 @@ <artifactId>xmltooling</artifactId> <version>${xmltooling.version}</version> </dependency> + <dependency> + <groupId>org.apache.santuario</groupId> + <artifactId>xmlsec</artifactId> + <version>${xmlsec.version}</version> + </dependency> + + <dependency> <groupId>org.apache.cxf</groupId> @@ -326,7 +350,7 @@ </dependency> - <dependency> +<!-- <dependency> <groupId>axis</groupId> <artifactId>axis</artifactId> <version>1.0_IAIK_1.2</version> @@ -349,7 +373,8 @@ <artifactId>axis-wsdl4j</artifactId> <version>1.5.1</version> <scope>compile</scope> - </dependency> + </dependency> --> + <dependency> <groupId>jaxen</groupId> <artifactId>jaxen</artifactId> @@ -362,12 +387,20 @@ <scope>compile</scope> </dependency> - <dependency> + <!-- <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId> <version>1.2.17</version> <scope>compile</scope> - </dependency> + </dependency> --> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + <version>2.5</version> + </dependency> + + + <dependency> <groupId>org.postgresql</groupId> <artifactId>postgresql</artifactId> @@ -392,7 +425,7 @@ <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> - <version>4.5.1</version> + <version>4.5.2</version> </dependency> <dependency> <groupId>dav4j</groupId> @@ -413,18 +446,31 @@ </dependency> --> - <dependency> +<!-- <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk16</artifactId> <version>1.46</version> + </dependency> --> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-spring-initializer</artifactId> + <version>${moa-id-version}</version> </dependency> - <dependency> - <groupId>MOA</groupId> - <artifactId>moa-common</artifactId> - <version>${moa-commons-version}</version> - <scope>compile</scope> - </dependency> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-frontend-resources</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id</groupId> + <artifactId>moa-spss-container</artifactId> + <version>${moa-id-version}</version> + <type>pom</type> + </dependency> + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-lib</artifactId> @@ -437,6 +483,14 @@ <version>${moa-id-version}</version> <scope>compile</scope> </dependency> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <version>${moa-id-version}</version> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-module-stork</artifactId> @@ -461,18 +515,41 @@ <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modul-citizencard_authentication</artifactId> <version>${moa-id-version}</version> - </dependency> - - <dependency> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-eIDAS</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-pvp2</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules-federated_authentication</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-elga_mandate_service</artifactId> + <version>${moa-id-module-elga_mandate_client}</version> + </dependency> + + + <dependency> <groupId>MOA.spss.server</groupId> <artifactId>moa-spss-lib</artifactId> <version>${moa-spss-version}</version> <scope>compile</scope> </dependency> - <dependency> - <groupId>MOA</groupId> - <artifactId>moa-common</artifactId> - <version>${moa-commons-version}</version> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> + <version>${moa-id-version}</version> <type>test-jar</type> <scope>test</scope> </dependency> @@ -482,10 +559,11 @@ <version>${moa-spss-version}</version> <scope>test</scope> </dependency> + <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> - <version>3.8.2</version> + <version>${junit.version}</version> <scope>test</scope> </dependency> <dependency> @@ -497,9 +575,9 @@ <dependency> <groupId>javax.servlet</groupId> - <artifactId>servlet-api</artifactId> - <version>2.4</version> - <scope>provide</scope> + <artifactId>javax.servlet-api</artifactId> + <version>3.0.1</version> + <scope>provide</scope> </dependency> <dependency> <groupId>javax.activation</groupId> diff --git a/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1-javadoc.jar b/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1-javadoc.jar Binary files differnew file mode 100644 index 000000000..27f46cda4 --- /dev/null +++ b/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1-javadoc.jar diff --git a/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1.jar b/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1.jar Binary files differnew file mode 100644 index 000000000..aa3999f19 --- /dev/null +++ b/repository/MOA/spss/server/moa-spss-lib/2.0.5-RC1/moa-spss-lib-2.0.5-RC1.jar diff --git a/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5-javadoc.jar b/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5-javadoc.jar Binary files differnew file mode 100644 index 000000000..f166efece --- /dev/null +++ b/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5-javadoc.jar diff --git a/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5.jar b/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5.jar Binary files differnew file mode 100644 index 000000000..f57276444 --- /dev/null +++ b/repository/MOA/spss/server/moa-spss-lib/2.0.5/moa-spss-lib-2.0.5.jar diff --git a/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0-sources.jar b/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0-sources.jar Binary files differnew file mode 100644 index 000000000..9a8ab0b95 --- /dev/null +++ b/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0-sources.jar diff --git a/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0.jar b/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0.jar Binary files differnew file mode 100644 index 000000000..6ffe68b24 --- /dev/null +++ b/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0.jar diff --git a/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0.pom b/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0.pom new file mode 100644 index 000000000..2b2f3f39e --- /dev/null +++ b/repository/eu/eidas/eidas-commons/eidas.1.0/eidas-commons-eidas.1.0.pom @@ -0,0 +1,201 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>eu.eidas</groupId> + <artifactId>eidas-commons</artifactId> + <packaging>${mod.packaging.type}</packaging> + <name>eidas Commons</name> + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + </properties> + <parent> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <version>eidas-1.0</version> + <relativePath>../../eidas-parent/eidas-1.0/pom.xml</relativePath> + </parent> + <version>${project.version}</version> + <description> + The EIDASCommons library provides beans, Java Interfaces and utility classes to integrate EidasNode and SAML Engine. + </description> + <dependencies> + + <!-- Joda --> + <dependency> + <groupId>joda-time</groupId> + <artifactId>joda-time</artifactId> + <version>${joda.time.version}</version> + </dependency> + <!-- SLF4J logging --> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <!-- Log4J --> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + <version>${log4j.version}</version> + <exclusions> + <exclusion> + <groupId>javax.jms</groupId> + <artifactId>jms</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.jdmk</groupId> + <artifactId>jmxtools</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.jmx</groupId> + <artifactId>jmxri</artifactId> + </exclusion> + <exclusion> + <artifactId>mail</artifactId> + <groupId>javax.mail</groupId> + </exclusion> + </exclusions> + <!--scope>provided</scope--> <!-- for jboss build--> + </dependency> + + <!-- Bouncy Castle --> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>${bouncycastle.version}</version> + <scope>provided</scope> + </dependency> + + <!-- Servlet API --> + <!-- provided by Application Server --> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>${servlet.version}</version> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + <version>${commons.lang}</version> + <type>jar</type> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>${junit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.owasp.encoder</groupId> + <artifactId>encoder</artifactId> + <version>${owasp.version}</version> + </dependency> + </dependencies> + + <build> + <finalName>eidas-commons</finalName> + <pluginManagement> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>${compile.plugin.version}</version> + <configuration> + <source>${java.version}</source> + <target>${java.version}</target> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <configuration> + <skip>false</skip> + </configuration> + </plugin> + </plugins> + </pluginManagement> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <version>${javadoc.plugin.version}</version> + <configuration> + <links> + <link>http://commons.apache.org/lang/api/</link> + <link>http://java.sun.com/j2se/1.6.0/docs/api/</link> + <link>http://www.bouncycastle.org/docs/docs1.6/</link> + <link>http://docs.oracle.com/javase/6/docs/api/</link> + </links> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>${source.plugin.version}</version> + <executions> + <execution> + <id>attach-sources</id> + <phase>verify</phase> + <goals> + <goal>jar-no-fork</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + <testResources> + <testResource> + <directory>src/test/resources</directory> + <includes> + <include>log4j.xml</include> + <include>*.properties</include> + </includes> + </testResource> + </testResources> + </build> + <profiles> + <profile> + <id>embedded</id> + <build> + <resources> + <resource> + <directory> ${project.basedir}/src/main/resources</directory> + </resource> + <resource> + <directory> ${project.basedir}/src/main/config/embedded</directory> + </resource> + </resources> + </build> + </profile> + <profile> + <id>metrics</id> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + <version>${cobertura.plugin.version}</version> + <configuration> + <formats> + <format>html</format> + <format>xml</format> + </formats> + </configuration> + </plugin> + </plugins> + </build> + </profile> + </profiles> + <reporting> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + <version>${cobertura.plugin.version}</version> + </plugin> + </plugins> + </reporting> +</project> diff --git a/repository/eu/eidas/eidas-configmodule/eidas.1.0/eidas-configmodule-eidas.1.0.jar b/repository/eu/eidas/eidas-configmodule/eidas.1.0/eidas-configmodule-eidas.1.0.jar Binary files differnew file mode 100644 index 000000000..791e563c4 --- /dev/null +++ b/repository/eu/eidas/eidas-configmodule/eidas.1.0/eidas-configmodule-eidas.1.0.jar diff --git a/repository/eu/eidas/eidas-configmodule/eidas.1.0/eidas-configmodule-eidas.1.0.pom b/repository/eu/eidas/eidas-configmodule/eidas.1.0/eidas-configmodule-eidas.1.0.pom new file mode 100644 index 000000000..00a2ec564 --- /dev/null +++ b/repository/eu/eidas/eidas-configmodule/eidas.1.0/eidas-configmodule-eidas.1.0.pom @@ -0,0 +1,150 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>eu.eidas</groupId> + <artifactId>eidas-configmodule</artifactId> + <packaging>jar</packaging> + <name>EIDAS Configuration Management Module</name> + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + </properties> + <description> + handling of Eidas configuration + </description> + <parent> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <version>eidas-1.0</version> + <relativePath>../../eidas-parent/eidas-1.0/pom.xml</relativePath> + </parent> + <version>${project.version}</version> + <dependencies> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <!-- Log4J --> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + <version>${log4j.version}</version> + <exclusions> + <exclusion> + <groupId>javax.jms</groupId> + <artifactId>jms</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.jdmk</groupId> + <artifactId>jmxtools</artifactId> + </exclusion> + <exclusion> + <groupId>com.sun.jmx</groupId> + <artifactId>jmxri</artifactId> + </exclusion> + <exclusion> + <artifactId>mail</artifactId> + <groupId>javax.mail</groupId> + </exclusion> + </exclusions> + <!--scope>provided</scope--> <!-- for jboss build--> + </dependency> + <dependency> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + <version>${commons.lang}</version> + <type>jar</type> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>${junit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-commons</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-core</artifactId> + <version>${mockito.version}</version> + <scope>test</scope> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + </exclusion> + <exclusion> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-beans</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-context-support</artifactId> + <version>${spring.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <version>${spring.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>${xerces.version}</version> + <scope>test</scope> + </dependency> + </dependencies> + <build> + <finalName>EIDAS-configmodule</finalName> + <pluginManagement> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>${compile.plugin.version}</version> + <configuration> + <source>${java.version}</source> + <target>${java.version}</target> + </configuration> + </plugin> + </plugins> + </pluginManagement> + </build> + <profiles> + <profile> + <id>metrics</id> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + <version>${cobertura.plugin.version}</version> + <configuration> + <formats> + <format>html</format> + <format>xml</format> + </formats> + </configuration> + </plugin> + </plugins> + </build> + </profile> + </profiles> +</project> diff --git a/repository/eu/eidas/eidas-encryption/eidas.1.0/eidas-encryption-eidas.1.0.jar b/repository/eu/eidas/eidas-encryption/eidas.1.0/eidas-encryption-eidas.1.0.jar Binary files differnew file mode 100644 index 000000000..76c27dc52 --- /dev/null +++ b/repository/eu/eidas/eidas-encryption/eidas.1.0/eidas-encryption-eidas.1.0.jar diff --git a/repository/eu/eidas/eidas-encryption/eidas.1.0/eidas-encryption-eidas.1.0.pom b/repository/eu/eidas/eidas-encryption/eidas.1.0/eidas-encryption-eidas.1.0.pom new file mode 100644 index 000000000..52652e8dd --- /dev/null +++ b/repository/eu/eidas/eidas-encryption/eidas.1.0/eidas-encryption-eidas.1.0.pom @@ -0,0 +1,174 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + + <groupId>eu.eidas</groupId> + <artifactId>eidas-encryption</artifactId> + <packaging>jar</packaging> + <name>eidas Encryption</name> + <version>${saml.version}</version> + + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + </properties> + <description> + Encryption for EIDASSAMLEngine + </description> + <parent> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <version>eidas-1.0</version> + <relativePath>../../eidas-parent/eidas-1.0/pom.xml</relativePath> + </parent> + + + <repositories> + <repository> + <id>projectrepo</id> + <name>projectrepo</name> + <url>file://${project.basedir}/src/main/lib</url> + </repository> + <repository> + <id>shib-release</id> + <url> + https://build.shibboleth.net/nexus/content/groups/public + </url> + <snapshots> + <enabled>false</enabled> + </snapshots> + </repository> + </repositories> + + <dependencies> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml</artifactId> + <version>${opensaml.version}</version> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <version>${slf4j.version}</version> + </dependency> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + <version>${commons.logging}</version> + <scope>compile</scope> + </dependency> + + <!-- UNIT TEST Dependencies --> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>${junit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + <version>${commons.io}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>xmlunit</groupId> + <artifactId>xmlunit</artifactId> + <version>${xmlunit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + <version>${logback.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>${xerces.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>${bouncycastle.version}</version> + <scope>test</scope> + </dependency> + <!-- UNIT TEST Dependencies --> + + </dependencies> + + <build> + <pluginManagement> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>${compile.plugin.version}</version> + <configuration> + <source>${java.version}</source> + <target>${java.version}</target> + </configuration> + </plugin> + </plugins> + </pluginManagement> + <plugins> + + </plugins> + </build> + +</project>
\ No newline at end of file diff --git a/repository/eu/eidas/eidas-parent/eidas-1.0/eidas-parent-eidas-1.0.pom b/repository/eu/eidas/eidas-parent/eidas-1.0/eidas-parent-eidas-1.0.pom new file mode 100644 index 000000000..f5652b63f --- /dev/null +++ b/repository/eu/eidas/eidas-parent/eidas-1.0/eidas-parent-eidas-1.0.pom @@ -0,0 +1,86 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 + http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <packaging>pom</packaging> + <name>Eidas Node Parent</name> + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <project.version>eidas.1.0</project.version> + <saml.version>eidas.1.0</saml.version> + + <!-- java version targeted in the compile phase --> + <java.version>1.6</java.version> + + <proj.name>EIDASParent</proj.name> + <proj.name.eidas>EidasNode</proj.name.eidas> + <spring.version>4.1.0.RELEASE</spring.version> + <opensaml.version>2.6.5</opensaml.version> + <commons.version>eidas.1.0</commons.version> + <app.packaging.type>war</app.packaging.type> + <mod.packaging.type>jar</mod.packaging.type> + <samlspec.version>0.5.2</samlspec.version> + <samlspecacept.version>0.5.1</samlspecacept.version> + + <!-- artefacts versions --> + <servlet.version>2.5</servlet.version> + <jsp.api>2.0</jsp.api> + <jstl.version>1.1.2</jstl.version> + <apache.taglibs>1.2.5</apache.taglibs> + <jersey.version>1.18</jersey.version> + <slf4j.version>1.7.10</slf4j.version> + <logback.version>1.1.2</logback.version> + <mockito.version>1.10.19</mockito.version> + <junit.version>4.12</junit.version> + <commons.codec>1.9</commons.codec> + <commons.io>2.4</commons.io> + <commons.lang>2.6</commons.lang> + <commons.logging>1.1.3</commons.logging> + <commons.httpclient>3.1</commons.httpclient> + <commons.lang3>3.1</commons.lang3> + <hazelcast.version>3.2</hazelcast.version> + <bouncycastle.version>1.52</bouncycastle.version> + <owasp.version>1.1.1</owasp.version> + <owasp.esapi.version>2.1.0</owasp.esapi.version> + <cglib.version>2.2.2</cglib.version> + <xmlapis.version>1.4.01</xmlapis.version> + <xerces.version>2.11.0</xerces.version> + <xalan.version>2.7.2</xalan.version> + <joda.time.version>2.6</joda.time.version> + <log4j.version>1.2.17</log4j.version> + <log4j.api>2.3</log4j.api> + <xmlunit.version>1.5</xmlunit.version> + <bdr.econnector.version>1.2.2</bdr.econnector.version> + <struts.version>2.3.16.2</struts.version> + <icu4j.version>55.1</icu4j.version> + <!-- maven plugin versions --> + <javadoc.plugin.version>2.8.1</javadoc.plugin.version> + <compile.plugin.version>2.3.2</compile.plugin.version> + <war.plugin.version>2.0.1</war.plugin.version> + <resources.plugin.version>2.3</resources.plugin.version> + <cobertura.plugin.version>2.6</cobertura.plugin.version> + <remote.resources.plugin.version>1.5</remote.resources.plugin.version> + <source.plugin.version>2.1.2</source.plugin.version> + <install.plugin.version>2.5.2</install.plugin.version> + <clean.plugin.version>2.6.1</clean.plugin.version> + + <timestamp>${maven.build.timestamp}</timestamp> + + <vaadin.version>7.4.2</vaadin.version> + <vaadin.plugin.version>${vaadin.version}</vaadin.plugin.version> + <vaadin-spring.version>1.0.0.beta1</vaadin-spring.version> + <vaadin4spring.version>0.0.5.RELEASE</vaadin4spring.version> + <jetty.plugin.version>9.2.3.v20140905</jetty.plugin.version> + <xmlsec.version>2.0.5</xmlsec.version> + + </properties> + <version>eidas</version> + <description> + The EIDAS-Parent provides artefacts versions for Eidas Node components. + </description> + <dependencies/> + + +</project> diff --git a/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0-sources.jar b/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0-sources.jar Binary files differnew file mode 100644 index 000000000..042b64ae6 --- /dev/null +++ b/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0-sources.jar diff --git a/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0.jar b/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0.jar Binary files differnew file mode 100644 index 000000000..a26066a60 --- /dev/null +++ b/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0.jar diff --git a/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0.pom b/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0.pom new file mode 100644 index 000000000..0d7d905e1 --- /dev/null +++ b/repository/eu/eidas/saml-engine/eidas.1.0/saml-engine-eidas.1.0.pom @@ -0,0 +1,290 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>eu.eidas</groupId> + <artifactId>saml-engine</artifactId> + <packaging>jar</packaging> + <name>EIDASSAMLEngine</name> + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + </properties> + <version>${saml.version}</version> + <description> + The EIDASSAMLEngine library provides tools to support developers working with the Security Assertion Markup Language (SAML). + </description> + <parent> + <groupId>eu.eidas</groupId> + <artifactId>eidas-parent</artifactId> + <version>eidas-1.0</version> + <relativePath>../../eidas-parent/eidas-1.0/pom.xml</relativePath> + </parent> + + <repositories> + <!-- repository OpenSaml --> + <repository> + <id>shib-release</id> + <!--url>https://build.shibboleth.net/nexus/content/repositories/releases</url--> + <url>https://build.shibboleth.net/nexus/content/groups/public</url> + <snapshots> + <enabled>false</enabled> + </snapshots> + </repository> + </repositories> + + <dependencies> + <!-- Compile dependencies --> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-commons</artifactId> + <version>${commons.version}</version> + </dependency> + + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-encryption</artifactId> + <version>${commons.version}</version> + </dependency> + <dependency> + <groupId>eu.eidas</groupId> + <artifactId>eidas-configmodule</artifactId> + <version>${commons.version}</version> + </dependency> + + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml</artifactId> + <version>${opensaml.version}</version> + <exclusions> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + </exclusion> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + </exclusion> + <exclusion> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.santuario</groupId> + <artifactId>xmlsec</artifactId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + <version>${slf4j.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + <scope>compile</scope> + <version>${commons.logging}</version> + </dependency> + + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + <version>${commons.io}</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>${xerces.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>${junit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.owasp.esapi</groupId> + <artifactId>esapi</artifactId> + <version>${owasp.esapi.version}</version> + <exclusions> + <exclusion> + <groupId>commons-configuration</groupId> + <artifactId>commons-configuration</artifactId> + </exclusion> + <exclusion> + <groupId>commons-beanutils</groupId> + <artifactId>commons-beanutils-core</artifactId> + </exclusion> + <exclusion> + <groupId>commons-fileupload</groupId> + <artifactId>commons-fileupload</artifactId> + </exclusion> + <exclusion> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + </exclusion> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + <exclusion> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> + <exclusion> + <groupId>xom</groupId> + <artifactId>xom</artifactId> + </exclusion> + <exclusion> + <groupId>org.beanshell</groupId> + <artifactId>bsh-core</artifactId> + </exclusion> + <exclusion> + <groupId>org.owasp.antisamy</groupId> + <artifactId>antisamy</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + <version>${commons.codec}</version> + </dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>${bouncycastle.version}</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xmlunit</groupId> + <artifactId>xmlunit</artifactId> + <version>${xmlunit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.santuario</groupId> + <artifactId>xmlsec</artifactId> + <version>${xmlsec.version}</version> + </dependency> + </dependencies> + + <build> + <pluginManagement> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>${compile.plugin.version}</version> + <configuration> + <source>${java.version}</source> + <target>${java.version}</target> + </configuration> + </plugin> + + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <configuration> + <skip>false</skip> + </configuration> + </plugin> + </plugins> + </pluginManagement> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <executions> + <execution> + <id>attach-sources</id> + <phase>verify</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jar-plugin</artifactId> + <configuration> + <archive> + <manifestEntries> + <SAMLEngineVersion>${saml.version}</SAMLEngineVersion> + <SAMLSpecVersion-accept>${samlspecacept.version}</SAMLSpecVersion-accept> + <SAMLSpecVersion-send>${samlspec.version}</SAMLSpecVersion-send> + <SAMLSpecKnownIssues>None</SAMLSpecKnownIssues> + <timestamp>${timestamp}</timestamp> + </manifestEntries> + </archive> + </configuration> + </plugin> + </plugins> + </build> + <profiles> + <profile> + <id>metrics</id> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>cobertura-maven-plugin</artifactId> + <version>${cobertura.plugin.version}</version> + <configuration> + <formats> + <format>html</format> + <format>xml</format> + </formats> + </configuration> + </plugin> + </plugins> + </build> + </profile> + </profiles> + <reporting> + </reporting> +</project>
\ No newline at end of file diff --git a/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.jar b/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.jar Binary files differnew file mode 100644 index 000000000..d53fcb398 --- /dev/null +++ b/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.jar diff --git a/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.pom b/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.pom new file mode 100644 index 000000000..21a800dd7 --- /dev/null +++ b/repository/iaik/iaik_eccelerate/2.51/iaik_eccelerate-2.51.pom @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <modelVersion>4.0.0</modelVersion> + <groupId>iaik</groupId> + <artifactId>iaik_eccelerate</artifactId> + <version>2.51</version> + <description>POM was created by Sonatype Nexus</description> +</project>
\ No newline at end of file diff --git a/spss/pom.xml b/spss/pom.xml index 2f1d57446..9780bc5b5 100644 --- a/spss/pom.xml +++ b/spss/pom.xml @@ -18,7 +18,7 @@ <modules> <module>server</module> - <module>handbook</module> + <!-- <module>handbook</module> --> </modules> <build> diff --git a/spss/server/pom.xml b/spss/server/pom.xml index eb37775c1..362f2e1b2 100644 --- a/spss/server/pom.xml +++ b/spss/server/pom.xml @@ -13,7 +13,7 @@ <name>MOA SP/SS Server</name>
<modules>
- <module>tools</module>
+ <!-- <module>tools</module> -->
<module>serverlib</module>
<module>serverws</module>
</modules>
diff --git a/spss/server/serverlib/pom.xml b/spss/server/serverlib/pom.xml index cafd8341b..3437f84db 100644 --- a/spss/server/serverlib/pom.xml +++ b/spss/server/serverlib/pom.xml @@ -9,29 +9,33 @@ <groupId>MOA.spss.server</groupId>
<artifactId>moa-spss-lib</artifactId>
<packaging>jar</packaging>
- <version>${moa-spss-version}</version>
+ <version>2.0.5</version>
<name>MOA SP/SS API</name>
<properties>
<repositoryPath>${basedir}/../../../repository</repositoryPath>
</properties>
- <dependencies>
+ <dependencies>
<dependency>
<groupId>axis</groupId>
<artifactId>axis</artifactId>
+ <version>1.0_IAIK_1.2</version>
</dependency>
<dependency>
<groupId>org.apache.axis</groupId>
<artifactId>axis-jaxrpc</artifactId>
+ <version>1.4</version>
</dependency>
<dependency>
<groupId>org.apache.axis</groupId>
<artifactId>axis-saaj</artifactId>
+ <version>1.4</version>
</dependency>
<dependency>
<groupId>axis</groupId>
<artifactId>axis-wsdl4j</artifactId>
+ <version>1.5.1</version>
</dependency>
<dependency>
<groupId>commons-discovery</groupId>
@@ -56,6 +60,7 @@ <dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
+ <version>1.2.17</version>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
@@ -63,7 +68,7 @@ </dependency>
<dependency>
<groupId>javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
+ <artifactId>javax.servlet-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
@@ -127,8 +132,8 @@ <optional>true</optional>
</dependency>
<dependency>
- <groupId>MOA</groupId>
- <artifactId>moa-common</artifactId>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-commons</artifactId>
<type>jar</type>
</dependency>
<!--
@@ -141,8 +146,8 @@ <dependency>
- <groupId>MOA</groupId>
- <artifactId>moa-common</artifactId>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-commons</artifactId>
<type>test-jar</type>
<scope>test</scope>
</dependency>
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 3d2da8384..3c67ca3ca 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -23,17 +23,6 @@ package at.gv.egovernment.moa.spss.server.config; -import iaik.asn1.structures.Name; -import iaik.ixsil.exceptions.URIException; -import iaik.ixsil.util.URI; -import iaik.pki.pathvalidation.ChainingModes; -import iaik.pki.revocation.RevocationSourceTypes; -import iaik.server.modules.xml.BlackListEntry; -import iaik.server.modules.xml.ExternalReferenceChecker; -import iaik.server.modules.xml.WhiteListEntry; -import iaik.utils.RFC2253NameParser; -import iaik.utils.RFC2253NameParserException; - import java.io.File; import java.io.FileInputStream; import java.io.IOException; @@ -70,6 +59,16 @@ import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.StringUtils; import at.gv.egovernment.moa.util.XPathUtils; +import iaik.asn1.structures.Name; +import iaik.ixsil.exceptions.URIException; +import iaik.ixsil.util.URI; +import iaik.pki.pathvalidation.ChainingModes; +import iaik.pki.revocation.RevocationSourceTypes; +import iaik.server.modules.xml.BlackListEntry; +import iaik.server.modules.xml.ExternalReferenceChecker; +import iaik.server.modules.xml.WhiteListEntry; +import iaik.utils.RFC2253NameParser; +import iaik.utils.RFC2253NameParserException; /** * A class that builds configuration data from a DOM based representation. @@ -1429,7 +1428,7 @@ public class ConfigurationPartsBuilder { private static Element parseXml(InputStream inputStream) throws ParserConfigurationException, SAXException, IOException { return DOMUtils - .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null) + .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null, null) .getDocumentElement(); } diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java index 148be664b..fd7ef8cb2 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java @@ -24,11 +24,6 @@ package at.gv.egovernment.moa.spss.server.invoke; -import iaik.ixsil.util.URI; -import iaik.ixsil.util.XPointerReferenceResolver; -import iaik.server.modules.xml.DataObject; -import iaik.server.modules.xml.XMLDataObject; - import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; @@ -76,6 +71,10 @@ import at.gv.egovernment.moa.util.MOAErrorHandler; import at.gv.egovernment.moa.util.StreamEntityResolver; import at.gv.egovernment.moa.util.StreamUtils; import at.gv.egovernment.moa.util.XPathUtils; +import iaik.ixsil.util.URI; +import iaik.ixsil.util.XPointerReferenceResolver; +import iaik.server.modules.xml.DataObject; +import iaik.server.modules.xml.XMLDataObject; /** * A class to create <code>DataObject</code>s contained in different @@ -259,7 +258,8 @@ public class DataObjectFactory { Constants.ALL_SCHEMA_LOCATIONS, null, entityResolver, - new MOAErrorHandler()); + new MOAErrorHandler(), + null); Logger.trace("<<< parsed"); return new XMLDataObjectImpl(doc.getDocumentElement()); @@ -272,7 +272,7 @@ public class DataObjectFactory { // try to parse non-validating try { ByteArrayInputStream is = new ByteArrayInputStream(contentBytes); - Document doc = DOMUtils.parseDocument(is, false, null, null); + Document doc = DOMUtils.parseDocument(is, false, null, null, null); // Since the parse tree will not contain any post schema validation information, // we need to register any attributes known to be of type xsd:Id manually. NodeList idAttributes = XPathUtils.selectNodeList(doc.getDocumentElement(), XPATH); @@ -765,7 +765,7 @@ public class DataObjectFactory { // try parsing non-validating: this has to succeed or we // bail out by throwing an exception is = resolver.resolve(uri); - doc = DOMUtils.parseDocument(is, false, null, null); + doc = DOMUtils.parseDocument(is, false, null, null, null); dataObject = new XMLDataObjectImpl(doc.getDocumentElement()); } catch (ParserConfigurationException e) { throw new MOASystemException("1106", null, e); @@ -782,7 +782,7 @@ public class DataObjectFactory { try { // try parsing non-validating: need not succeed is = resolver.resolve(uri); - doc = DOMUtils.parseDocument(is, false, null, null); + doc = DOMUtils.parseDocument(is, false, null, null, null); closeInputStream(is); dataObject = new XMLDataObjectImpl(doc.getDocumentElement()); } catch (Exception e) { @@ -981,7 +981,7 @@ public class DataObjectFactory { Document doc; try { - doc = DOMUtils.parseDocument(byteStream, false, null, null); + doc = DOMUtils.parseDocument(byteStream, false, null, null, null); dataObject = new XMLDataObjectImpl(doc.getDocumentElement()); } catch (ParserConfigurationException e) { throw new MOASystemException("1106", null, e); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java index 639a75ab1..b7ce0fa7d 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java @@ -30,7 +30,10 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.security.cert.X509Certificate; +import java.util.Collections; +import java.util.HashMap; import java.util.Iterator; +import java.util.Map; import javax.servlet.http.HttpServletRequest; @@ -100,6 +103,15 @@ public class AxisHandler extends BasicHandler { /** Simple string contains the post part of the enveloping SOAP wrapping */ private static final String SOAP_PART_POST = "</soapenv:Body></soapenv:Envelope>"; + private static final Map<String, Object> parserFeatures = + Collections.unmodifiableMap(new HashMap<String, Object>() { + private static final long serialVersionUID = 1L; + { + put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true); + + } + }); + /** * Handle an invocation of this handler. * @@ -146,7 +158,12 @@ public class AxisHandler extends BasicHandler { Element xmlRequest = null; //log.info(soapMessage.getSOAPPartAsString()); - Element soapPart = DOMUtils.parseDocument(new ByteArrayInputStream(soapMessage.getSOAPPartAsBytes()), false, null, null).getDocumentElement(); + Element soapPart = DOMUtils.parseDocument( + new ByteArrayInputStream(soapMessage.getSOAPPartAsBytes()), + false, + null, + null, + parserFeatures).getDocumentElement(); if (soapPart!=null) { //TODO: check if DOM Version is intolerant when white spaces are between tags (preceding normalization would be necessary) NodeList soapBodies = soapPart.getElementsByTagNameNS(SOAP_NS_URI, "Body"); diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java index d986f7a1b..1114cb7b0 100644 --- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java @@ -85,7 +85,8 @@ public class ServiceUtils { Constants.ALL_SCHEMA_LOCATIONS, null, new MOASPSSEntityResolver(), - new MOAErrorHandler()); + new MOAErrorHandler(), + null); // DOMUtils.parseDocument( // new ByteArrayInputStream(requestBytes), diff --git a/spss/server/serverws/pom.xml b/spss/server/serverws/pom.xml index b90026252..ce665cad0 100644 --- a/spss/server/serverws/pom.xml +++ b/spss/server/serverws/pom.xml @@ -94,8 +94,8 @@ <!--version>${pom.version}</version--> </dependency> <dependency> - <groupId>MOA</groupId> - <artifactId>moa-common</artifactId> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> </dependency> <dependency> <groupId>iaik.prod</groupId> @@ -118,6 +118,7 @@ <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId> + <version>1.2.17</version> </dependency> <!-- <dependency> <groupId>iaik</groupId> |