diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java')
| -rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java | 341 |
1 files changed, 341 insertions, 0 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java new file mode 100644 index 000000000..e3c869d53 --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -0,0 +1,341 @@ +package at.gv.egovernment.moa.id.config.auth; + +import java.io.BufferedInputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.config.ConfigurationBuilder; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.FileUtils; + +/** + * A class providing access to the Auth Part of the MOA-ID configuration data. + * + * <p>Configuration data is read from an XML file, whose location is given by + * the <code>moa.id.configuration</code> system property.</p> + * <p>This class implements the Singleton pattern. The <code>reload()</code> + * method can be used to update the configuration data. Therefore, it is not + * guaranteed that consecutive calls to <code>getInstance()</code> will return + * the same <code>AuthConfigurationProvider</code> all the time. During the + * processing of a web service request, the current + * <code>TransactionContext</code> should be used to obtain the + * <code>AuthConfigurationProvider</code> local to that request.</p> + * + * @author Patrick Peck + * @author Stefan Knirsch + * + * @version $Id$ + */ +public class AuthConfigurationProvider extends ConfigurationProvider { + + /** DEFAULT_ENCODING is "UTF-8" */ + private static final String DEFAULT_ENCODING="UTF-8"; + /** + * The name of the generic configuration property giving the authentication session time out. + */ + public static final String AUTH_SESSION_TIMEOUT_PROPERTY = + "AuthenticationSession.TimeOut"; + /** + * The name of the generic configuration property giving the authentication data time out. + */ + public static final String AUTH_DATA_TIMEOUT_PROPERTY = + "AuthenticationData.TimeOut"; + + /** + * BKUSelectionType HTMLComplete, according to schema type <code>BKUSelectionType</code> + */ + public static final String BKU_SELECTION_TYPE_HTMLCOMPLETE = + "HTMLComplete"; + + /** + * BKUSelectionType HTMLSelect, according to schema type <code>BKUSelectionType</code> + */ + public static final String BKU_SELECTION_TYPE_HTMLSELECT = + "HTMLSelect"; + + /** Singleton instance. <code>null</code>, if none has been created. */ + private static AuthConfigurationProvider instance; + + // + // configuration data + // + + /** + * configuration files containing transformations for rendering in the + * secure viewer of the security layer implementation; + * multiple files can be given for different mime types + */ + private String[] transformsInfoFileNames; + /** + * transformations for rendering in the secure viewer of the security layer implementation, + * read from {@link transformsInfoFileNames}; + * multiple transformation can be given for different mime types + */ + private String[] transformsInfos; + /** + * parameters for connection to MOA SP component + */ + private ConnectionParameter moaSpConnectionParameter; + /** + * trust profile ID to be used for verifying the identity link signature via MOA ID SP + */ + private String moaSpIdentityLinkTrustProfileID; + /** + * trust profile ID to be used for verifying the AUTH block signature via MOA ID SP + */ + private String moaSpAuthBlockTrustProfileID; + /** + * transformations to be used for verifying the AUTH block signature via MOA ID SP + */ + private String[] moaSpAuthBlockVerifyTransformsInfoIDs; + /** + * X509 SubjectNames which will be trusted + */ + private String[] identityLinkX509SubjectNames; + + /** + * configuration parameters for online applications + */ + private OAAuthParameter[] onlineApplicationAuthParameters; + /** + * the Selection Type of the bku Selection Element + */ + private String bKUSelectionType; + /** + * is the bku Selection Element present? + */ + private boolean bKUSelectable; + /** + * the bku Selection Connection Parameters + */ + private ConnectionParameter bKUConnectionParameter; + /** + * Return the single instance of configuration data. + * + * @return AuthConfigurationProvider The current configuration data. + * @throws ConfigurationException + */ + public static synchronized AuthConfigurationProvider getInstance() + throws ConfigurationException { + + if (instance == null) { + reload(); + } + return instance; + } + + /** + * Reload the configuration data and set it if successful. + * + * @return AuthConfigurationProvider The loaded configuration data. + * @throws ConfigurationException Failure to load the configuration data. + */ + public static synchronized AuthConfigurationProvider reload() + throws ConfigurationException { + String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); + if (fileName == null) { + throw new ConfigurationException("config.01", null); + } + Logger.info("Loading MOA-ID-AUTH configuration " + fileName); + + instance = new AuthConfigurationProvider(fileName); + return instance; + } + + /** + * Constructor for AuthConfigurationProvider. + * @param fileName + * @throws ConfigurationException + */ + public AuthConfigurationProvider(String fileName) + throws ConfigurationException { + + load(fileName); + } + + /** + * Load the configuration data from XML file with the given name and build + * the internal data structures representing the MOA ID configuration. + * + * @param fileName The name of the XML file to load. + * @throws ConfigurationException The MOA configuration could not be + * read/built. + */ + private void load(String fileName) throws ConfigurationException { + InputStream stream = null; + Element configElem; + ConfigurationBuilder builder; + + try { + // load the main config file + stream = new BufferedInputStream(new FileInputStream(fileName)); + configElem = DOMUtils.parseXmlValidating(stream); + } catch (Throwable t) { + throw new ConfigurationException("config.03", null, t); + } + finally { + try { + if (stream != null) { + stream.close(); + } + } catch (IOException e) { + } + } + try { + // build the internal datastructures + builder = new ConfigurationBuilder(configElem); + bKUConnectionParameter = builder.buildAuthBKUConnectionParameter(); + bKUSelectable = (bKUConnectionParameter!=null); + bKUSelectionType = builder.buildAuthBKUSelectionType(); + genericConfiguration = builder.buildGenericConfiguration(); + transformsInfoFileNames = builder.buildTransformsInfoFileNames(); + loadTransformsInfos(); + moaSpConnectionParameter = builder.buildMoaSpConnectionParameter(); + moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID(); + moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID(); + moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs(); + onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(); + identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames(); + defaultChainingMode = builder.getDefaultChainingMode(); + chainingModes = builder.buildChainingModes(); + trustedCACertificates = builder.getTrustedCACertificates(); } + catch (Throwable t) { + throw new ConfigurationException("config.02", null, t); + } + } + + /** + * Loads the <code>transformsInfos</code> from files. + * @throws Exception on any exception thrown + */ + private void loadTransformsInfos() throws Exception { + transformsInfos = new String[transformsInfoFileNames.length]; + for (int i = 0; i < transformsInfoFileNames.length; i++) { + String fileURL = transformsInfoFileNames[i]; + String transformsInfo = FileUtils.readURL(fileURL, DEFAULT_ENCODING); + transformsInfos[i] = transformsInfo; + } + } + /** + * Return a string array with all filenames leading + * to the Transforms Information for the Security Layer + * @return String[] of filenames to the Security Layer Transforms Information + */ + public String[] getTransformsInfoFileNames() { + return transformsInfoFileNames; + } + + /** + * Build an array of the OnlineApplication Parameters containing information + * about the authentication component + * @return An OAProxyParameter array containing beans + * with all relevant information for theauthentication component of the online + * application + */ + public OAAuthParameter[] getOnlineApplicationParameters() { + return onlineApplicationAuthParameters; + } + + /** + * Provides configuration information regarding the online application behind + * the given URL, relevant to the MOA-ID Auth component. + * + * @param oaURL URL requested for an online application + * @return an <code>OAAuthParameter</code>, or <code>null</code> + * if none is applicable + */ + public OAAuthParameter getOnlineApplicationParameter(String oaURL) { + OAAuthParameter[] oaParams = getOnlineApplicationParameters(); + for (int i = 0; i < oaParams.length; i++) { + OAAuthParameter oaParam = oaParams[i]; + if (oaURL.indexOf(oaParam.getPublicURLPrefix()) == 0) + return oaParam; + } + return null; + } + + /** + * Return a string with a url-reference to the VerifyAuthBlock trust + * profile id within the moa-sp part of the authentication component + * + * @return String with a url-reference to the VerifyAuthBlock trust profile ID + */ + public String getMoaSpAuthBlockTrustProfileID() { + return moaSpAuthBlockTrustProfileID; + } + + /** + * Return a string array with references to all verify transform info + * IDs within the moa-sp part of the authentication component + * @return A string array containing all urls to the + * verify transform info IDs + */ + public String[] getMoaSpAuthBlockVerifyTransformsInfoIDs() { + return moaSpAuthBlockVerifyTransformsInfoIDs; + } + + /** + * Return a ConnectionParameter bean containing all information + * of the authentication component moa-sp element + * @return ConnectionParameter of the authentication component moa-sp element + */ + public ConnectionParameter getMoaSpConnectionParameter() { + return moaSpConnectionParameter; + } + + /** + * Return a string with a url-reference to the VerifyIdentityLink trust + * profile id within the moa-sp part of the authentication component + * @return String with a url-reference to the VerifyIdentityLink trust profile ID + */ + public String getMoaSpIdentityLinkTrustProfileID() { + return moaSpIdentityLinkTrustProfileID; + } + /** + * Returns the transformsInfos. + * @return String[] + */ + public String[] getTransformsInfos() { + return transformsInfos; + } + + /** + * Returns the identityLinkX509SubjectNames. + * @return String[] + */ + public String[] getIdentityLinkX509SubjectNames() { + return identityLinkX509SubjectNames; + } + + /** + * Returns the bKUConnectionParameter. + * @return ConnectionParameter + */ + public ConnectionParameter getBKUConnectionParameter() { + return bKUConnectionParameter; + } + + /** + * Returns the bKUSelectable. + * @return boolean + */ + public boolean isBKUSelectable() { + return bKUSelectable; + } + + /** + * Returns the bKUSelectionType. + * @return String + */ + public String getBKUSelectionType() { + return bKUSelectionType; + } + +}
\ No newline at end of file |