aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--MOA.iml13
-rw-r--r--common/moa-common.iml34
-rw-r--r--id/id.iml13
-rw-r--r--id/oa/moa-id-oa.iml61
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java69
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java68
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java24
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java39
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java29
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java75
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java20
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java7
-rw-r--r--id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java2
-rw-r--r--id/templates/moa-id-templates.iml25
14 files changed, 253 insertions, 226 deletions
diff --git a/MOA.iml b/MOA.iml
deleted file mode 100644
index c418d6693..000000000
--- a/MOA.iml
+++ /dev/null
@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
- <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
- <output url="file://$MODULE_DIR$/target/classes" />
- <output-test url="file://$MODULE_DIR$/target/test-classes" />
- <content url="file://$MODULE_DIR$">
- <excludeFolder url="file://$MODULE_DIR$/target" />
- </content>
- <orderEntry type="inheritedJdk" />
- <orderEntry type="sourceFolder" forTests="false" />
- </component>
-</module>
-
diff --git a/common/moa-common.iml b/common/moa-common.iml
deleted file mode 100644
index 46304fcc3..000000000
--- a/common/moa-common.iml
+++ /dev/null
@@ -1,34 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
- <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
- <output url="file://$MODULE_DIR$/target/classes" />
- <output-test url="file://$MODULE_DIR$/target/test-classes" />
- <content url="file://$MODULE_DIR$">
- <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
- <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
- <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
- <excludeFolder url="file://$MODULE_DIR$/target" />
- </content>
- <orderEntry type="inheritedJdk" />
- <orderEntry type="sourceFolder" forTests="false" />
- <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
- <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
- <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
- <orderEntry type="library" scope="TEST" name="Maven: junit:junit:3.8.1" level="project" />
- <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
- <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
- <orderEntry type="library" name="Maven: xalan-bin-dist:xalan:2.7.1" level="project" />
- <orderEntry type="library" name="Maven: xalan:serializer:2.7.1" level="project" />
- <orderEntry type="library" name="Maven: xml-apis:xml-apis:1.3.04" level="project" />
- <orderEntry type="library" name="Maven: xerces:xercesImpl:2.9.0" level="project" />
- <orderEntry type="library" name="Maven: xalan-bin-dist:xml-apis:2.7.1" level="project" />
- <orderEntry type="library" scope="RUNTIME" name="Maven: xalan-bin-dist:serializer:2.7.1" level="project" />
- <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
- </component>
-</module>
-
diff --git a/id/id.iml b/id/id.iml
deleted file mode 100644
index c418d6693..000000000
--- a/id/id.iml
+++ /dev/null
@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
- <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
- <output url="file://$MODULE_DIR$/target/classes" />
- <output-test url="file://$MODULE_DIR$/target/test-classes" />
- <content url="file://$MODULE_DIR$">
- <excludeFolder url="file://$MODULE_DIR$/target" />
- </content>
- <orderEntry type="inheritedJdk" />
- <orderEntry type="sourceFolder" forTests="false" />
- </component>
-</module>
-
diff --git a/id/oa/moa-id-oa.iml b/id/oa/moa-id-oa.iml
deleted file mode 100644
index 0b7bf00de..000000000
--- a/id/oa/moa-id-oa.iml
+++ /dev/null
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
- <component name="FacetManager">
- <facet type="web" name="Web">
- <configuration>
- <descriptors>
- <deploymentDescriptor name="web.xml" url="file://$MODULE_DIR$/src/main/webapp/WEB-INF/web.xml" />
- </descriptors>
- <webroots>
- <root url="file://$MODULE_DIR$/src/main/webapp" relative="/" />
- </webroots>
- </configuration>
- </facet>
- </component>
- <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
- <output url="file://$MODULE_DIR$/target/classes" />
- <output-test url="file://$MODULE_DIR$/target/test-classes" />
- <content url="file://$MODULE_DIR$">
- <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
- <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
- <excludeFolder url="file://$MODULE_DIR$/target" />
- </content>
- <orderEntry type="inheritedJdk" />
- <orderEntry type="sourceFolder" forTests="false" />
- <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:jstl:1.2" level="project" />
- <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
- <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
- <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
- <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
- <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk15:1.46" level="project" />
- <orderEntry type="library" name="Maven: commons-codec:commons-codec:1.7" level="project" />
- <orderEntry type="library" name="Maven: joda-time:joda-time:2.2" level="project" />
- <orderEntry type="library" name="Maven: ca.juliusdavies:not-yet-commons-ssl:0.3.9" level="project" />
- <orderEntry type="library" name="Maven: commons-httpclient:commons-httpclient:3.1" level="project" />
- <orderEntry type="library" name="Maven: org.apache.santuario:xmlsec:1.5.4" level="project" />
- <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xml-apis:2.10.0" level="project" />
- <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xercesImpl:2.10.0" level="project" />
- <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:serializer:2.10.0" level="project" />
- <orderEntry type="library" scope="RUNTIME" name="Maven: xml-resolver:xml-resolver:1.2" level="project" />
- <orderEntry type="library" scope="RUNTIME" name="Maven: xalan:xalan:2.7.1" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: commons-collections:commons-collections:3.2.1" level="project" />
- <orderEntry type="library" name="Maven: commons-lang:commons-lang:2.6" level="project" />
- <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
- <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
- <orderEntry type="library" name="Maven: jstl:jstl:1.2" level="project" />
- <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
- <orderEntry type="library" name="Maven: iaik:commons-iaik:0.7.1" level="project" />
- <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
- <orderEntry type="module" module-name="moa-common" />
- <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
- <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
- <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
- <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
- <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
- </component>
-</module>
-
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 2735fde68..72dddee88 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -15,6 +15,7 @@ import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.storage.AssertionStorage;
import at.gv.egovernment.moa.logging.Logger;
+<<<<<<< HEAD
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -32,6 +33,21 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest;
import eu.stork.peps.auth.commons.STORKAuthnResponse;
import eu.stork.peps.auth.engine.STORKSAMLEngine;
import eu.stork.peps.exceptions.STORKSAMLEngineException;
+=======
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+>>>>>>> origin/bs_3_fr
/**
* the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.
@@ -54,8 +70,21 @@ public class AttributeCollector implements IAction {
*/
public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
+<<<<<<< HEAD
+=======
+ // - fetch the container
+ String artifactId = (String) httpReq.getParameter(ARTIFACT_ID);
+ DataContainer container;
+ try {
+ container = AssertionStorage.getInstance().get(artifactId, DataContainer.class);
+ } catch (MOADatabaseException e) {
+ Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e);
+ throw new MOAIDException("stork.11", null);
+ }
+
+>>>>>>> origin/bs_3_fr
// read configuration parameters of OA
- OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+ OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL());
if (oaParam == null)
throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
@@ -78,6 +107,7 @@ public class AttributeCollector implements IAction {
Logger.error("No attribute could be retrieved from the response the attribute provider gave us.");
}
+<<<<<<< HEAD
// - fetch the container
String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID);
DataContainer container;
@@ -88,6 +118,8 @@ public class AttributeCollector implements IAction {
throw new MOAIDException("stork.11", null);
}
+=======
+>>>>>>> origin/bs_3_fr
// - insert the embedded attribute(s) into the container
addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes);
@@ -167,7 +199,11 @@ public class AttributeCollector implements IAction {
AssertionStorage.getInstance().put(newArtifactId, container);
// add container-key to redirect embedded within the return URL
+<<<<<<< HEAD
e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
+=======
+ e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam);
+>>>>>>> origin/bs_3_fr
} catch (Exception e1) {
// TODO should we return the response as is to the PEPS?
@@ -186,15 +222,23 @@ public class AttributeCollector implements IAction {
* @throws MOAIDException the mOAID exception
*/
private void generateSTORKResponse(DataContainer container) throws MOAIDException {
+<<<<<<< HEAD
STORKAuthnResponse authnResponse = container.getResponse();
STORKAuthnRequest authnRequest = container.getRequest();
+=======
+ MOASTORKRequest request = container.getRequest();
+ MOASTORKResponse response = container.getResponse();
+>>>>>>> origin/bs_3_fr
try {
//Get SAMLEngine instance
STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
Logger.debug("Starting generation of SAML response");
- authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false);
-
+ if(response.isAuthnResponse())
+ response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false));
+ else
+ response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false));
+
//generateSAML Token
Logger.info("SAML response succesfully generated!");
} catch (STORKSAMLEngineException e) {
@@ -203,11 +247,14 @@ public class AttributeCollector implements IAction {
}
Logger.info("STORK SAML Response message succesfully generated ");
+<<<<<<< HEAD
Logger.debug("authn saml plain:" + authnResponse.getTokenSaml());
Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml()));
Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()));
container.setResponse(authnResponse);
+=======
+>>>>>>> origin/bs_3_fr
}
/**
@@ -217,17 +264,23 @@ public class AttributeCollector implements IAction {
* @param container the container
*/
private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) {
- STORKAuthnResponse authnResponse = container.getResponse();
- STORKAuthnRequest authnRequest = container.getRequest();
+ MOASTORKResponse authnResponse = container.getResponse();
+ MOASTORKRequest authnRequest = container.getRequest();
// preparing redirection for the client
try {
VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html");
VelocityContext context = new VelocityContext();
-
- context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()).getBytes());
- Logger.debug("SAMLResponse original: " + new String(authnResponse.getTokenSaml()).getBytes());
+
+ byte[] blob;
+ if(authnRequest.isAttrRequest())
+ blob = authnResponse.getStorkAttrQueryResponse().getTokenSaml();
+ else
+ blob = authnResponse.getStorkAuthnResponse().getTokenSaml();
+
+ context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob));
+ Logger.debug("SAMLResponse original: " + new String(blob));
Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL());
context.put("action", authnRequest.getAssertionConsumerServiceURL());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 18d0b479e..619935abe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -44,61 +44,55 @@ public class AuthenticationRequest implements IAction {
Logger.debug("Entering MOASTORKRequest");
httpResp.reset();
+
+ OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+ if (oaParam == null)
+ throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+ MOASTORKResponse moaStorkResponse = new MOASTORKResponse();
+
// check if it is attribute query
if (moaStorkRequest.isAttrRequest()) {
Logger.debug("Starting AttrQueryRequest");
- STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse();
- IPersonalAttributeList personalAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList();
-
- // TODO Check if this instance is eligible to fetch attributes locally, assuming yes
-
- return (new AttributeCollector()).processRequest(req, httpReq, httpResp, moasession);
-
- } else
- // check if we have authentication request
- if (moaStorkRequest.isAuthnRequest()) {
- Logger.debug("Starting AuthenticationRequest");
-
- STORKAuthnResponse authnResponse = new STORKAuthnResponse();
- authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry());
-
- OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
- if (oaParam == null)
- throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
-
- // Get personal attributtes from MOA/IdentityLink
- authnResponse.setPersonalAttributeList(populateAttributes());
+
+ moaStorkResponse.setSTORKAttrResponse(new STORKAttrQueryResponse());
+ }
+ // check if we have authentication request
+ else if (moaStorkRequest.isAuthnRequest()) {
+ Logger.debug("Starting AuthenticationRequest");
- // Prepare extended attributes
- Logger.debug("Preparing data container");
+ moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse());
+ // Get personal attributtes from MOA/IdentityLink
+ moaStorkResponse.setPersonalAttributeList(populateAttributes());
+ }
+
+ moaStorkResponse.setCountry(moaStorkRequest.getSpCountry());
- // create fresh container
- DataContainer container = new DataContainer();
+ // Prepare extended attributes
+ Logger.debug("Preparing data container");
- // - fill in the request we extracted above
- container.setRequest(moaStorkRequest.getStorkAuthnRequest());
+ // create fresh container
+ DataContainer container = new DataContainer();
- // - fill in the partial response created above
- container.setResponse(authnResponse);
+ // - fill in the request we extracted above
+ container.setRequest(moaStorkRequest);
- // - memorize the target url were we have to return the result
- container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL());
+ // - fill in the partial response created above
+ container.setResponse(moaStorkResponse);
- container.setRemoteAddress(httpReq.getRemoteAddr());
+ // - memorize the target url were we have to return the result
+ container.setTarget(moaStorkRequest.getAssertionConsumerServiceURL());
+ container.setRemoteAddress(httpReq.getRemoteAddr());
- Logger.debug("Data container prepared");
- return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
+ Logger.debug("Data container prepared");
- }
+ return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
} else {
Logger.error("Could not recognize request.");
throw new MOAIDException("stork.15", null);
}
-
- return null;
}
public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
index a1c40526d..74239318b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java
@@ -2,10 +2,6 @@ package at.gv.egovernment.moa.id.protocols.stork2;
import java.io.Serializable;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.commons.STORKAuthnResponse;
-
-// TODO: Auto-generated Javadoc
/**
* Holds info about an ongoing but yet incomplete stork authnrequest process.
*/
@@ -15,10 +11,10 @@ public class DataContainer implements Serializable {
private static final long serialVersionUID = -8765997480582363012L;
/** The incoming request. */
- private STORKAuthnRequest request;
+ private MOASTORKRequest request;
/** The yet incomplete response. */
- private STORKAuthnResponse response;
+ private MOASTORKResponse response;
/** The target. */
private String target;
@@ -31,17 +27,17 @@ public class DataContainer implements Serializable {
*
* @return the request
*/
- public STORKAuthnRequest getRequest() {
+ public MOASTORKRequest getRequest() {
return request;
}
/**
* Sets the request.
*
- * @param request the new request
+ * @param moaStorkRequest the new request
*/
- public void setRequest(STORKAuthnRequest request) {
- this.request = request;
+ public void setRequest(MOASTORKRequest moaStorkRequest) {
+ this.request = moaStorkRequest;
}
/**
@@ -49,17 +45,17 @@ public class DataContainer implements Serializable {
*
* @return the response
*/
- public STORKAuthnResponse getResponse() {
+ public MOASTORKResponse getResponse() {
return response;
}
/**
* Sets the response.
*
- * @param response the new response
+ * @param moaStorkResponse the new response
*/
- public void setResponse(STORKAuthnResponse response) {
- this.response = response;
+ public void setResponse(MOASTORKResponse moaStorkResponse) {
+ this.response = moaStorkResponse;
}
/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
index 758b70f2d..d387bfcea 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java
@@ -8,6 +8,7 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPBody;
@@ -27,6 +28,7 @@ import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -60,7 +62,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
ExternalAttributeRequestRequiredException, MOAIDException {
// break when we cannot handle the requested attribute
- if(!attributes.getFriendlyName().equals("isHCP"))
+ if(!attributes.getName().equals("isHealthCareProfessional"))
throw new UnsupportedAttributeException();
try {
@@ -94,8 +96,9 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
// SOAP Body
SOAPBody requestBody = envelope.getBody();
SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional");
+ requestBodyElem.addAttribute(new QName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService");
SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK");
- requestBodyElem1.addTextNode(moasession.getIdentityLink().getIdentificationValue());
+ requestBodyElem1.addTextNode(new BPKBuilder().buildBPK(moasession.getIdentityLink().getIdentificationValue(), "GH"));
requestMessage.saveChanges();
@@ -153,26 +156,34 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
if (collection.get("IsHealthcareProfessional").equals("false")) {
// the citizen is no HCP
- acquiredAttribute = new PersonalAttribute("isHCP", false, new ArrayList<String>(), "NotAvailable");
+ acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList<String>(), "NotAvailable");
} else {
// go on and parse the data
Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
+
+ // create the root element
+ Element root = doc.createElement("isHealthCareProfessional");
+ doc.appendChild(root);
Element orgname = doc.createElement("nameOfOrganisation");
- orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganization")));
- doc.appendChild(orgname);
+ orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganisation")));
+ root.appendChild(orgname);
Element type = doc.createElement("HCP");
// TODO fix value mapping
- if (collection.get("Type").equals("Medical Doctors"))
+ if (collection.get("Type").equals("Medical doctor"))
type.appendChild(doc.createTextNode("D"));
- doc.appendChild(type);
+ root.appendChild(type);
Element specialization = doc.createElement("specialisation");
- // TODO fix value mapping
- specialization.appendChild(doc.createTextNode(collection.get("Specialization").substring(0, 2)));
- doc.appendChild(specialization);
+ if (collection.get("Specialization").contains("Arzt für Allgemeinmedizin"))
+ specialization.appendChild(doc.createTextNode("GP"));
+ root.appendChild(specialization);
+
+ Element aqaa = doc.createElement("AQAA");
+ aqaa.appendChild(doc.createTextNode("4"));
+ root.appendChild(aqaa);
// get string from dom tree
Source source = new DOMSource(doc);
@@ -186,12 +197,18 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider {
ArrayList<String> value = new ArrayList<String>();
value.add(out.toString());
- acquiredAttribute = new PersonalAttribute("isHCP", false, value, "Available");
+ acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, "Available");
}
// pack and return the result
PersonalAttributeList result = new PersonalAttributeList();
result.add(acquiredAttribute);
+
+ // add stork id for verification
+ ArrayList<String> value = new ArrayList<String>();
+ value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), "IT"));
+ result.add(new PersonalAttribute("eIdentifier", false, value, "Available"));
+
return result;
} catch (Exception e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index 39a6907c1..e95cfabe2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -1,7 +1,10 @@
package at.gv.egovernment.moa.id.protocols.stork2;
+import java.io.Serializable;
+
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
import eu.stork.peps.auth.commons.STORKAuthnRequest;
@@ -11,8 +14,9 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest;
* @author bsuzic
*/
-public class MOASTORKRequest implements IRequest {
- private String requestID;
+public class MOASTORKRequest implements IRequest, Serializable {
+ private static final long serialVersionUID = 4581953368724501376L;
+ private String requestID;
private String target = null;
String module = null;
String action = null;
@@ -102,4 +106,25 @@ public class MOASTORKRequest implements IRequest {
public String getRequestID() {
return this.requestID;
}
+
+ public IPersonalAttributeList getPersonalAttributeList() {
+ if(isAttrRequest())
+ return this.storkAttrQueryRequest.getPersonalAttributeList();
+ else
+ return this.storkAuthnRequest.getPersonalAttributeList();
+ }
+
+ public String getSpCountry() {
+ if(isAttrRequest())
+ return this.storkAttrQueryRequest.getSpCountry();
+ else
+ return this.storkAuthnRequest.getSpCountry();
+ }
+
+ public String getAssertionConsumerServiceURL() {
+ if(isAttrRequest())
+ return this.storkAttrQueryRequest.getAssertionConsumerServiceURL();
+ else
+ return this.storkAuthnRequest.getAssertionConsumerServiceURL();
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
new file mode 100644
index 000000000..36f5a80b4
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
@@ -0,0 +1,75 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import java.io.Serializable;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+
+/**
+ * Implements MOA request and stores StorkAuthn/Attr-Request related data
+ *
+ * @author bsuzic
+ */
+
+public class MOASTORKResponse implements Serializable {
+ private static final long serialVersionUID = -5798803155055518747L;
+ private STORKAuthnResponse storkAuthnRequest;
+ private STORKAttrQueryResponse storkAttrQueryRequest;
+ private boolean isAttrRequest = false;
+ private boolean isAuthnRequest = false;
+
+ public void setSTORKAuthnResponse(STORKAuthnResponse request) {
+ this.storkAuthnRequest = request;
+ if (request != null) {
+ isAuthnRequest = true;
+ }
+ }
+
+ public void setSTORKAttrResponse(STORKAttrQueryResponse request) {
+ this.storkAttrQueryRequest = request;
+ if (request != null) {
+ isAttrRequest = true;
+ }
+ }
+
+ public boolean isAttrResponse() {
+ return this.isAttrRequest;
+ }
+
+ public boolean isAuthnResponse() {
+ return this.isAuthnRequest;
+ }
+
+
+ public STORKAuthnResponse getStorkAuthnResponse() {
+ return this.storkAuthnRequest;
+ }
+
+ public STORKAttrQueryResponse getStorkAttrQueryResponse() {
+ return this.storkAttrQueryRequest;
+ }
+
+ public IPersonalAttributeList getPersonalAttributeList() {
+ if(isAttrResponse())
+ return this.storkAttrQueryRequest.getPersonalAttributeList();
+ else
+ return this.storkAuthnRequest.getPersonalAttributeList();
+ }
+
+ public void setPersonalAttributeList(PersonalAttributeList populateAttributes) {
+ if(isAttrResponse())
+ this.storkAttrQueryRequest.setPersonalAttributeList(populateAttributes);
+ else
+ this.storkAuthnRequest.setPersonalAttributeList(populateAttributes);
+ }
+
+ public void setCountry(String spCountry) {
+ if(isAttrResponse())
+ this.storkAttrQueryRequest.setCountry(spCountry);
+ else
+ this.storkAuthnRequest.setCountry(spCountry);
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 4806edde6..5e9d50221 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -73,16 +73,17 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
Logger.debug("Request content length: " + request.getContentLength());
Logger.debug("Initiating action: " + action);
+ MOASTORKRequest STORK2Request = new MOASTORKRequest();
+
+ if (AttributeCollector.class.getSimpleName().equals(action))
+ return STORK2Request;
+
HTTPInTransport profileReq = new HttpServletRequestAdapter(request);
HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure());
-
BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext();
samlMessageContext.setInboundMessageTransport(profileReq);
- MOASTORKRequest STORK2Request = new MOASTORKRequest();
-
-
//extract STORK Response from HTTP Request
byte[] decSamlToken;
try {
@@ -104,6 +105,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken);
} catch (STORKSAMLEngineException ex) {
Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
+<<<<<<< HEAD
} catch (ClassCastException e) {
Logger.error("Could not extract authenticaiton request");
}
@@ -116,6 +118,16 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
} catch (ClassCastException e) {
Logger.error("Could not extract attribute request");
+=======
+ } catch(ClassCastException e) {
+ // we do not have a authnRequest
+ // check if a valid attr request is container
+ try {
+ attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
+ } catch (STORKSAMLEngineException ex) {
+ Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
+ }
+>>>>>>> origin/bs_3_fr
}
// if there is no authn or attr request, raise error
if ((authnRequest == null) && (attrRequest == null)) {
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java
index 642b249d4..9a0f87488 100644
--- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java
@@ -13,6 +13,7 @@
*/
package eu.stork.peps.auth.commons;
+import java.io.Serializable;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
@@ -37,7 +38,7 @@ import org.apache.log4j.Logger;
*/
@SuppressWarnings("PMD")
public final class PersonalAttributeList extends
- ConcurrentHashMap<String, PersonalAttribute> implements IPersonalAttributeList{
+ ConcurrentHashMap<String, PersonalAttribute> implements IPersonalAttributeList, Serializable {
/**
* Logger object.
@@ -53,13 +54,13 @@ public final class PersonalAttributeList extends
/**
* Hash with the latest fetched attribute name alias.
*/
- private final transient Map<String, Integer> latestAttrAlias =
+ private final Map<String, Integer> latestAttrAlias =
new HashMap<String, Integer>();
/**
* Hash with mapping number of alias or the attribute name.
*/
- private final transient Map<String, Integer> attrAliasNumber =
+ private final Map<String, Integer> attrAliasNumber =
new HashMap<String, Integer>();
/**
diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java
index dd99cb8f6..cab723837 100644
--- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java
+++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java
@@ -68,7 +68,7 @@ public final class STORKAuthnResponse implements Serializable {
private String country;
/** Citizen's personal attribute list. */
- private transient IPersonalAttributeList attributeList = new PersonalAttributeList();
+ private IPersonalAttributeList attributeList = new PersonalAttributeList();
/** List of all assertions in response *. */
private List<Assertion> assertions;
diff --git a/id/templates/moa-id-templates.iml b/id/templates/moa-id-templates.iml
deleted file mode 100644
index 3b8b05541..000000000
--- a/id/templates/moa-id-templates.iml
+++ /dev/null
@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
- <component name="FacetManager">
- <facet type="web" name="Web">
- <configuration>
- <descriptors>
- <deploymentDescriptor name="web.xml" url="file://$MODULE_DIR$/src/main/webapp/WEB-INF/web.xml" />
- </descriptors>
- <webroots>
- <root url="file://$MODULE_DIR$/src/main/webapp" relative="/" />
- </webroots>
- </configuration>
- </facet>
- </component>
- <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_5" inherit-compiler-output="false">
- <output url="file://$MODULE_DIR$/target/classes" />
- <output-test url="file://$MODULE_DIR$/target/test-classes" />
- <content url="file://$MODULE_DIR$">
- <excludeFolder url="file://$MODULE_DIR$/target" />
- </content>
- <orderEntry type="inheritedJdk" />
- <orderEntry type="sourceFolder" forTests="false" />
- </component>
-</module>
-