aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java61
1 files changed, 51 insertions, 10 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
index 4e45d2f47..60ffb3673 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
@@ -16,10 +16,13 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.eidas;
+import java.util.List;
+
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.slf4j.Logger;
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.Organization;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Service;
@@ -27,12 +30,15 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationInterface;
import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
+import at.gv.egovernment.moa.logging.Logger;
import eu.eidas.auth.engine.EIDASSAMLEngine;
-import eu.eidas.auth.engine.core.eidas.SPType;
+import eu.eidas.auth.engine.metadata.Contact;
import eu.eidas.auth.engine.metadata.MetadataConfigParams;
import eu.eidas.auth.engine.metadata.MetadataGenerator;
import eu.eidas.engine.exceptions.SAMLEngineException;
@@ -43,7 +49,6 @@ import eu.eidas.engine.exceptions.SAMLEngineException;
*/
@Service("EidasMetaDataRequest")
public class EidasMetaDataRequest implements IAction {
- private Logger logger = org.slf4j.LoggerFactory.getLogger(EidasMetaDataRequest.class);
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData)
@@ -53,9 +58,7 @@ public class EidasMetaDataRequest implements IAction {
HttpServletRequest httpReq, HttpServletResponse httpResp,
IAuthData authData) throws MOAIDException {
- try {
- logger.debug("EidasMetaDataServlet GET");
-
+ try {
String pubURLPrefix = req.getAuthURL();
String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA;
@@ -63,7 +66,7 @@ public class EidasMetaDataRequest implements IAction {
String sp_return_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_SP_POST;
String metaData = generateMetadata(metadata_url, sp_return_url);
- logger.trace(metaData);
+ Logger.trace(metaData);
httpResp.setContentType(MediaType.APPLICATION_XML.getType());
httpResp.getWriter().print(metaData);
@@ -105,11 +108,49 @@ public class EidasMetaDataRequest implements IAction {
generator.setConfigParams(mcp);
generator.initialize(engine);
- mcp.setEntityID(metadata_url);
- mcp.setSpType(SPType.DEFAULT_VALUE);
+ mcp.setEntityID(metadata_url);
mcp.setAssertionConsumerUrl(sp_return_url);
- mcp.setAssuranceLevel("http://eidas.europa.eu/LoA/substantial"); // TODO make configurable
+
+ //TODO: make it configurable
+ mcp.setAuthnRequestsSigned(true);
+ mcp.setWantAssertionsSigned(true);
+ mcp.setAssuranceLevel("http://eidas.europa.eu/LoA/substantial");
+
+ //must be set in request, because it could be different for every online-application
+ //mcp.setSpType(SPType.DEFAULT_VALUE);
+
+ mcp.setDigestMethods(Constants.METADATA_ALLOWED_ALG_DIGIST);
+ mcp.setSigningMethods(Constants.METADATA_ALLOWED_ALG_SIGN);
+ mcp.setEncryptionAlgorithms(Constants.METADATA_ALLOWED_ALG_ENCRYPT);
+
+ //add organisation information from PVP metadata information
+ Organization pvpOrganisation = null;
+ try {
+ pvpOrganisation = PVPConfiguration.getInstance().getIDPOrganisation();
+ Contact technicalContact = new Contact();
+
+ List<ContactPerson> contacts = PVPConfiguration.getInstance().getIDPContacts();
+ if (contacts != null && contacts.size() >= 1) {
+ technicalContact.setEmail(contacts.get(0).getEmailAddresses().get(0).getAddress());
+ technicalContact.setGivenName(contacts.get(0).getGivenName().getName());
+ technicalContact.setSurName(contacts.get(0).getSurName().getName());
+ technicalContact.setPhone(contacts.get(0).getTelephoneNumbers().get(0).getNumber());
+ mcp.setTechnicalContact(technicalContact );
+
+ }
+
+ if (pvpOrganisation != null) {
+ mcp.setNodeUrl(pvpOrganisation.getURLs().get(0).getURL().getLocalString());
+ mcp.setCountryName("Austria");
+ technicalContact.setCompany(pvpOrganisation.getDisplayNames().get(0).getName().getLocalString());
+ }
+
+ } catch (ConfigurationException | NullPointerException e) {
+ Logger.warn("Can not load Organisation or Contact from Configuration", e);
+
+ }
+
generator.addSPRole();
generator.addIDPRole();