diff options
2 files changed, 72 insertions, 37 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java index 75fc6197f..a2bc664e9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java @@ -55,22 +55,25 @@ public class MetadataAction implements IAction { EntityDescriptor idpEntityDescriptor = SAML2Utils .createSAMLObject(EntityDescriptor.class); - idpEntityDescriptor.setEntityID("https://localhost:8443/moa-id-auth"); - - List<ContactPerson> persons = PVPConfiguration.getInstance().getIDPContacts(); - + idpEntityDescriptor + .setEntityID("https://localhost:8443/moa-id-auth"); + + List<ContactPerson> persons = PVPConfiguration.getInstance() + .getIDPContacts(); + idpEntityDescriptor.getContactPersons().addAll(persons); - idpEntityDescriptor.setOrganization(PVPConfiguration.getInstance().getIDPOrganisation()); - + idpEntityDescriptor.setOrganization(PVPConfiguration.getInstance() + .getIDPOrganisation()); + BasicKeyInfoGeneratorFactory keyInfoFactory = new BasicKeyInfoGeneratorFactory(); keyInfoFactory.setEmitPublicKeyValue(true); keyInfoFactory.setEmitEntityIDAsKeyName(true); KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance(); - + Credential credential = CredentialProvider .getIDPSigningCredential(); - + KeyDescriptor signKeyDescriptor = SAML2Utils .createSAMLObject(KeyDescriptor.class); signKeyDescriptor.setUse(UsageType.SIGNING); @@ -81,38 +84,54 @@ public class MetadataAction implements IAction { idpEntityDescriptor.setSignature(signature); - IDPSSODescriptor idpSSODescriptor = SAML2Utils.createSAMLObject(IDPSSODescriptor.class); - + IDPSSODescriptor idpSSODescriptor = SAML2Utils + .createSAMLObject(IDPSSODescriptor.class); + idpSSODescriptor.setWantAuthnRequestsSigned(true); - - SingleSignOnService postSingleSignOnService = - SAML2Utils.createSAMLObject(SingleSignOnService.class); - - postSingleSignOnService.setLocation("https://enter.post.url"); - postSingleSignOnService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI); - - idpSSODescriptor.getSingleSignOnServices().add(postSingleSignOnService); - - SingleSignOnService redirectSingleSignOnService = - SAML2Utils.createSAMLObject(SingleSignOnService.class); - - redirectSingleSignOnService.setLocation("https://enter.redirect.url"); - redirectSingleSignOnService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); - - ArtifactResolutionService artifactResolutionService = SAML2Utils.createSAMLObject( - ArtifactResolutionService.class); - - artifactResolutionService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI); - artifactResolutionService.setLocation("https://enter.soap.url"); - - idpSSODescriptor.getArtifactResolutionServices().add(artifactResolutionService); - - idpSSODescriptor.getSingleSignOnServices().add(redirectSingleSignOnService); - + + if (PVPConfiguration.getInstance().getIDPSSOPostService() != null) { + SingleSignOnService postSingleSignOnService = SAML2Utils + .createSAMLObject(SingleSignOnService.class); + + postSingleSignOnService.setLocation(PVPConfiguration + .getInstance().getIDPSSOPostService()); + postSingleSignOnService + .setBinding(SAMLConstants.SAML2_POST_BINDING_URI); + + idpSSODescriptor.getSingleSignOnServices().add( + postSingleSignOnService); + } + + if (PVPConfiguration.getInstance().getIDPSSORedirectService() != null) { + SingleSignOnService redirectSingleSignOnService = SAML2Utils + .createSAMLObject(SingleSignOnService.class); + + redirectSingleSignOnService.setLocation(PVPConfiguration + .getInstance().getIDPSSORedirectService()); + redirectSingleSignOnService + .setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI); + + idpSSODescriptor.getSingleSignOnServices().add( + redirectSingleSignOnService); + } + + if (PVPConfiguration.getInstance().getIDPResolveSOAPService() != null) { + ArtifactResolutionService artifactResolutionService = SAML2Utils + .createSAMLObject(ArtifactResolutionService.class); + + artifactResolutionService + .setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI); + artifactResolutionService.setLocation(PVPConfiguration + .getInstance().getIDPResolveSOAPService()); + + idpSSODescriptor.getArtifactResolutionServices().add( + artifactResolutionService); + } + idpSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); - + idpEntityDescriptor.getRoleDescriptors().add(idpSSODescriptor); - + DocumentBuilder builder; DocumentBuilderFactory factory = DocumentBuilderFactory .newInstance(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index 79126416f..1f8dfa153 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -60,6 +60,10 @@ public class PVPConfiguration { public static final String IDP_ORG_DISPNAME = "idp.org.dispname"; public static final String IDP_ORG_URL = "idp.org.url"; + public static final String IDP_POST_SSO_SERVICE = "idp.sso.post"; + public static final String IDP_REDIRECT_SSO_SERVICE = "idp.sso.redirect"; + public static final String IDP_SOAP_RESOLVE_SERVICE = "idp.resolve.soap"; + public static final String IDP_CONTACT_PREFIX = "idp.contact"; public static final String IDP_CONTACT_LIST = "idp.contact_list"; @@ -88,6 +92,18 @@ public class PVPConfiguration { } } + public String getIDPSSOPostService() { + return props.getProperty(IDP_POST_SSO_SERVICE); + } + + public String getIDPSSORedirectService() { + return props.getProperty(IDP_REDIRECT_SSO_SERVICE); + } + + public String getIDPResolveSOAPService() { + return props.getProperty(IDP_SOAP_RESOLVE_SERVICE); + } + public String getIDPKeyStoreFilename() { return props.getProperty(IDP_JAVAKEYSTORE); } |